Risk-based internal audit: factors related to its implementation

Purpose This study aims to investigate the factors associated with the implementation of risk-based internal audit (RBIA). Design/methodology/approach As a first step, a literature review of the relevant literature is performed and five potential factors related to the implementation of RBIA are identified. Based on that, this paper constructs a questionnaire survey sent out to 185 internal auditors, executives and accountants in Greece to receive 90 responses during the period of November 2019–January 2020. Multiple regression analysis is conducted to identify the factors related to the implementation of RBIA. Findings This paper shows that there is a statistically significant positive relationship between the implementation of RBIA and: the provision of risk management training, an active audit committee role and the establishment of a formalized risk management system. Practical implications The results have important implications for internal auditors, chief executive officers and accountants who wish to enhance internal audit effectiveness and the accuracy and quality of financial information. Originality/value Empirical studies on the factors related to the implementation of RBIA are rare. This is the first study to create empirical variables based on a thorough review of the relevant literature to empirically investigate the factors that are related to the implementation of RBIA in an emerging economy. By focusing on the Greek context, this study also sheds light to other countries with similar corporate governance systems, thus providing insights to settings where the Type II agency problem exists (La Porta et al., 1999).

Download Full-text

The perceived scope of internal audit function in Libyan public enterprises

Managerial Auditing Journal ◽

10.1108/maj-10-2014-1109 ◽

2015 ◽

Vol 30 (6/7) ◽

pp. 560-581 ◽

Cited By ~ 6

Author(s):

Wahid Omar Abuazza ◽

Dessalegn Getie Mihret ◽

Kieran James ◽

Peter Best

Keyword(s):

Chief Executive Officers ◽

Internal Audit ◽

Chief Executive ◽

Structured Interviews ◽

Content Type ◽

Factors Affecting ◽

Internal Auditors ◽

Organizational Functions ◽

Scant Attention ◽

Executive Officers

Purpose – The aim of this exploratory study is to examine the perceptions of stakeholders regarding the scope of internal audit (IA) work in Libyan state-owned enterprises. Design/methodology/approach – Data were gathered through semi-structured interviews with chief executive officers, IA directors, administrative affairs managers, financial affairs managers and external auditors, which were supplemented with a review of relevant documentary evidence. Findings – The results of the study show that the scope of IA in Libyan organizations may not be sufficiently wide ranging to be considered as a value-adding service. The scope of the IA function may need to be expanded to cover a broader range of organizational functions if internal auditors are to offer value-adding services to their stakeholders. Practical implications – The IA profession has received scant attention in the literature, especially in the context of developing countries such as Libya. Therefore, such settings offer the potential to enhance the understanding of IA practices. As a study on a developing economy, it enhances understanding of the IA profession’s global configuration beyond the predominantly market-driven, industrialized Western economies. Originality/value – In contrast to most previous studies, this study covers a broad range of IA stakeholders’ views on the role of internal auditors. This coverage enabled an in-depth investigation of the factors affecting IA scope and understanding of stakeholder perceptions on the IA function.

Download Full-text

Effects of board characteristics, audit committee and risk management on corporate performance: evidence from Palestinian listed companies

International Journal of Islamic and Middle Eastern Finance and Management ◽

10.1108/imefm-12-2017-0347 ◽

2020 ◽

Vol 13 (4) ◽

pp. 691-706

Author(s):

Sami R.M. Musallam

Keyword(s):

Risk Management ◽

Audit Committee ◽

Corporate Performance ◽

Emerging Market ◽

Chief Executive ◽

Least Square Method ◽

Listed Companies ◽

Least Square ◽

Content Type ◽

Board Characteristics

Purpose This paper aims to investigate the effects of board characteristics, audit committee and risk management on corporate performance. Design/methodology/approach Using a sample of 31 Palestinian non-financial listed companies from 2010 to 2016, this study uses a generalized least square method. Findings The results show that the effects of board ownership, board independence, audit committee meeting, audit committee size, audit committee financial expertise and risk management are positive and significant on corporate performance while the effects of chief executive officer duality and audit committee size are negative and significant on corporate performance. Practical implications The results of this paper are important to policymakers, shareholders and directors of companies to make appropriate choices about the board, audit committee characteristics and risk management to protect the interest of different stakeholders, increase the flow of capital and foreign investment into non-financial companies. Social implications This paper fills a gap in the corporate governance literature by investigating the effects of board characteristics, audit committee and risk management on corporate performance in Palestine as one of the youngest stock exchanges in a region that assists in testing the validity of agency theory in a young and small emerging market context. Originality/value This paper is the first to investigate the effects of board characteristics, audit committee and risk management collectively on corporate performance in Palestine as prior research on these topics has been investigated separately.

Download Full-text

Corporate governance and internal audit: an institutional theory perspective

Corporate Governance ◽

10.1108/cg-07-2019-0215 ◽

2019 ◽

Vol 20 (1) ◽

pp. 175-190 ◽

Cited By ~ 1

Author(s):

Christina Vadasi ◽

Michalis Bekiaris ◽

Andreas Andrikopoulos

Keyword(s):

Corporate Governance ◽

Institutional Theory ◽

Audit Committee ◽

Internal Audit ◽

Annual Reports ◽

Substantial Impact ◽

Content Type ◽

Internal Auditors ◽

The Impact ◽

Audit Effectiveness

Purpose This paper aims to explore internal audit effectiveness through its contribution to corporate governance. Namely, the authors attempt to investigate the impact of internal audit professionalization on internal audit’s contribution to corporate governance. Design/methodology/approach Using a research framework informed by institutional theory, the authors predict that internal audit’s contribution to corporate governance is associated with factors related to internal audit professionalization. To investigate the arguments, the authors combine data from a survey of 49 listed companies in the Athens Stock Exchange with publicly available information from annual reports. Findings Empirical results indicate that internal audit professionalization affects internal audit effectiveness, as internal audit’s contribution to corporate governance is improved for organizations where internal audit function complies with internal auditing standards and internal auditors hold professional certifications. The findings also suggest that internal audit’s contribution to corporate governance is shaped by some company-specific characteristics, namely, CEO duality and audit committee quality. Practical implications The results have implications for internal auditors who wish to increase the efficiency of their work, corporate governance mechanisms such as the board of directors and the audit committee, which can use the findings of this study to better respond to their responsibilities concerning internal audit and regulators who can also benefit to strengthen areas with substantial impact on internal audit’s contribution to corporate governance. Originality/value This paper contributes to the academic discussion on the role of internal audit in corporate governance and complements the work of other researchers in the field of internal audit professionalization. This study tries to fill a gap in the literature on the effect of internal audit professionalization elements on internal audit’s contribution to corporate governance.

Download Full-text

Factors associated with security/cybersecurity audit by internal audit function

Managerial Auditing Journal ◽

10.1108/maj-07-2017-1595 ◽

2018 ◽

Vol 33 (4) ◽

pp. 377-409 ◽

Cited By ~ 5

Author(s):

Md. Shariful Islam ◽

Nusrat Farah ◽

Thomas F. Stafford

Keyword(s):

Audit Committee ◽

Internal Audit ◽

Mixed Effect ◽

Content Type ◽

Internal Auditors ◽

Factors Associated ◽

Security Breaches ◽

Internal Audit Function ◽

Enterprise Risk

Purpose The purpose of the study is to explore the factors associated with the extent of security/cybersecurity audit by the internal audit function (IAF) of the firm. Specifically, the authors focused on whether IAF/CAE (certified audit executive [CAE]) characteristics, board involvement related to governance, role of the audit committee (or equivalent) and the chief risk officer (CRO) and IAF tasked with enterprise risk management (ERM) are associated with the extent to which the firm engages in security/cybersecurity audit. Design/methodology/approach For analysis, the paper uses responses of 970 CAEs as compiled in the Common Body of Knowledge database (CBOK, 2015) developed by the Institute of Internal Auditors Research Foundation (IIARF). Findings The results of the study suggest that the extent of security/cybersecurity audit by IAF is significantly and positively associated with IAF competence related to governance, risk and control. Board support regarding governance is also significant and positive. However, the Audit Committee (AC) or equivalent and the CRO role are not significant across the regions studied. Comprehensive risk assessment done by IAF and IAF quality have a significant and positive effect on security/cybersecurity audit. Unexpectedly, CAEs with security certification and IAFs tasked with ERM do not have a significant effect on security/cybersecurity audit; however, other certifications such as CISA or CPA have a marginal or mixed effect on the extent of security/cybersecurity audit. Originality/value This study is the first to describe IAF involvement in security/cybersecurity audit. It provides insights into the specific IAF/CAE characteristics and corporate governance characteristics that can lead IAF to contribute significantly to security/cybersecurity audit. The findings add to the results of prior studies on the IAF involvement in different IT-related aspects such as IT audit and XBRL implementation and on the role of the board and the audit committee (or its equivalent) in ERM and the detection and correction of security breaches.

Download Full-text

Internal audit function, audit committee effectiveness and accountability in the Ugandan statutory corporations

Journal of Financial Reporting and Accounting ◽

10.1108/jfra-07-2016-0062 ◽

2018 ◽

Vol 16 (1) ◽

pp. 138-157 ◽

Cited By ~ 12

Author(s):

Juma Bananuka ◽

Stephen Korutaro Nkundabanyanga ◽

Irene Nalukenge ◽

Twaha Kaawaase

Keyword(s):

Audit Committee ◽

Sampling Error ◽

Internal Audit ◽

Hierarchical Regression ◽

Cross Sectional ◽

Content Type ◽

Internal Auditors ◽

Internal Audit Function ◽

Correlational Data ◽

Finance Officers

Purpose The purpose of this study is to investigate the contribution of internal audit function and audit committee effectiveness on accountability in statutory corporations (SCs). Design/methodology/approach This study is cross sectional and correlational. Data have been collected through a questionnaire survey of 52 SCs in Uganda through their Chief Internal Auditors and Chief Finance Officers. Data have been analysed using Statistical Package for Social Sciences. Findings The internal audit function significantly contributes to accountability of SCs in Uganda and audit committee effectiveness is not where effective internal audit is present in such organisations. However, audit committee effectiveness significantly contributes to accountability when an internal audit function is not present. Research limitations/implications The use of hierarchical regression is prone to problems associated with sampling error. However, the likelihood of these problems is mitigated by the interface with data. Originality/value Whereas hitherto both internal audit function and audit committee effectiveness had been viewed as explanations of accountability, this study only confirms the internal audit function as a significant predictor of SCs’ accountability relative to audit committee effectiveness.

Download Full-text

The uncertainties of risk management

Accounting Auditing & Accountability Journal ◽

10.1108/aaaj-09-2012-1106 ◽

2014 ◽

Vol 27 (3) ◽

pp. 489-526 ◽

Cited By ~ 33

Author(s):

Eija Vinnari ◽

Peter Skærbæk

Keyword(s):

Risk Management ◽

Network Theory ◽

Internal Audit ◽

Actor Network Theory ◽

Legal Aspects ◽

Structured Interviews ◽

Management Tools ◽

Content Type ◽

Internal Auditors ◽

Multiple Frames

Purpose – The purpose of this paper is to analyse the implementation of risk management as a tool for internal audit activities, focusing on unexpected effects or uncertainties generated during its application. Design/methodology/approach – Public and confidential documents as well as semi-structured interviews are analysed through the lens of actor-network theory to identify the effects of risk management devices in a Finnish municipality. Findings – The authors found that risk management, rather than reducing uncertainty, itself created unexpected uncertainties that would otherwise not have emerged. These include uncertainties relating to legal aspects of risk management solutions, in particular the issue concerning which types of document are considered legally valid; uncertainties relating to the definition and operationalisation of risk management; and uncertainties relating to the resources available for expanding risk management. More generally, such uncertainties relate to the professional identities and responsibilities of operational managers as defined by the framing devices. Originality/value – The paper offers three contributions to the extant literature: first, it shows how risk management itself produces uncertainties. Secondly, it shows how internal auditors can assume a central role in the risk management system. Thirdly, it develops Callon's framing/overflowing framework with the notion that multiple frames are linked and create unexpected dynamics, and applies it to the study on the effects of risk management tools in an internal audit context. It shows how, despite recurring attempts to refine risk management, further uncertainties are continuously produced, thus providing an empirical illustration of how reframing and overflowing intertwine in a continual process.

Download Full-text

CEO characteristics, management support for internal audit and corporate performance: an analysis of listed Malaysian companies

Managerial Auditing Journal ◽

10.1108/maj-02-2021-3012 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Abdulaziz Alzeban

Keyword(s):

Significant Relationship ◽

Audit Committee ◽

Corporate Performance ◽

Internal Audit ◽

Chief Executive ◽

Annual Reports ◽

Management Support ◽

Content Type ◽

The Relationship ◽

Ceo Characteristics

Purpose This study aims to advance the discussion on internal audit (IA) findings by empirically investigating the relationship between chief executive officer (CEO) characteristics and the IA function, particularly IA findings and implementing IA recommendations and examining whether CEO and management support for IA moderate the effect of the recommendations on corporate performance. Design/methodology/approach Data were gathered from two sources. A survey was conducted, directed at 217 heads of internal audit (HIAs) in listed companies on the Bursa Malaysia, and the annual reports of these companies for the period of 2018–2019 were consulted. A second survey was directed at audit committee chairs to obtain a perspective from other parties. Findings The results indicate that although CEO characteristics are not significantly associated with the number of IA findings, only CEO experience has a significant relationship with the level of the implementation of IA recommendations. The study also demonstrates that management support for IA is positively associated with corporate performance. Further, CEO experience and management support for IA increase the effects of the level to which those recommendations are implemented on corporate performance. However, the effect of management support on corporate performance is eliminated when it interacts with the involvement of CEOs in the HIA appointment and when these HIAs report directly to CEOs. Practical implications These outcomes provide implications for policymakers, regulators and researchers. Malaysia’s regulatory authorities, as well as those in other countries, particularly emerging markets where the institutional and cultural environments have similar characteristics, could consider the evidence of the relationship between the CEO’s financial background, management support for IA and IA recommendations when guiding companies about the mechanisms for appointing HIAs. Simultaneously, the results obtained could be useful when auditors are involved in risk assessment and rely on IA recommendations. Originality/value This study adds to the literature on the significant relationship between CEO characteristics (particularly CEO experience) and the level of implementing IA recommendations. It advances the research efforts on management support for IA by providing empirical evidence of how such support fosters a greater role for IA in improving corporate performance, as well as moderates the effect of IA in that endeavour. Further, the present study contributes to the developing literature on determinants of corporate performance by considering how these variables perform in the Malaysian setting.

Download Full-text

Influence of audit committees on internal audit conformance with internal audit standards

Managerial Auditing Journal ◽

10.1108/maj-12-2014-1132 ◽

2015 ◽

Vol 30 (6/7) ◽

pp. 539-559 ◽

Cited By ~ 22

Author(s):

Abdulaziz Alzeban

Keyword(s):

Audit Committee ◽

Stock Exchange ◽

Middle Eastern ◽

Internal Audit ◽

International Standards ◽

Audit Committees ◽

Content Type ◽

Internal Auditors ◽

The Impact ◽

Audit Standards

Purpose – This study aims to provide empirical evidence of the association between audit committee characteristics and internal audit conformance with the International Standards for the Professional Practice of Internal Auditing (ISPPIA). Design/methodology/approach – Seventy-four usable responses were received from a survey of chief internal auditors (CIAs) from Saudi companies listed on the Saudi Stock Exchange. Findings – The results indicate that audit committee characteristics (the presence of independent members on the committee, members’ expertise in auditing and accounting and meeting with the CIA) influence internal audit conformance with the ISPPIA. Additionally, they demonstrate that such conformance is also influenced by CIA tenure. Practical implications – The findings of this study also have significant implications for audit committees wishing to improve their overall effectiveness, by identifying the impact of the committee’s characteristics on internal audit conformance with the ISPPIA. Originality/value – The results add to the literature on internal audit standards by introducing a Middle Eastern perspective and simultaneously providing insights for companies in their attempts to adhere to the international standards, hence, supporting efforts towards good corporate governance.

Download Full-text

CEO communication: engagement, longevity and founder centrality

Corporate Communications An International Journal ◽

10.1108/ccij-10-2015-0062 ◽

2017 ◽

Vol 22 (3) ◽

pp. 273-291 ◽

Cited By ~ 7

Author(s):

Francesca Conte ◽

Alfonso Siano ◽

Agostino Vollero

Keyword(s):

Chief Executive Officers ◽

Relevant Literature ◽

Chief Executive ◽

Corporate Communication ◽

Exploratory Research ◽

Content Type ◽

Institutional Communication ◽

Italian Context ◽

Executive Officers ◽

Communication Dynamics

Purpose The purpose of this paper is to analyse the engagement of chief executive officers (CEOs) in corporate communication and focus on how their approach to communication develops in relation to the longevity of their tenure. The paper also explores how founder centrality is linked to the objectives of CEO communication and the CEOs’ use of personal social media. Design/methodology/approach The paper brings together the relevant literature from different disciplines, related to leadership communication, CEO longevity and founder centrality, and reveals a number of unexplored issues. Four research questions were defined and an exploratory survey was carried out, involving 93 CEOs from large companies located in Italy. Findings The results show that CEOs are strongly engaged in institutional communication. Short-tenured CEOs seem more engaged in building and consolidating relationship networks with specific stakeholders (customers and employees), while long-tenured CEOs tend to be more involved in institutional and financial communications. Research limitations/implications Due to the exploratory research design and the circumscribed sample from a single country (Italy), further cross-national evidence is needed to substantiate the suggested links between engagement in communication activities and longevity. The study highlights the managerial and communication skills that CEOs must be provided with during their corporate tenure, thus suggesting the need to further examine the “life cycle” of CEO communication activities. Originality/value The paper sheds light on CEO communication dynamics. It is the first of its kind in the Italian context, where some factors, such as longevity of tenure, seem to play an important role in shaping corporate communication objectives and activities.

Download Full-text

Internal audit: from effectiveness to organizational significance

Managerial Auditing Journal ◽

10.1108/maj-01-2019-2162 ◽

2020 ◽

Vol 35 (2) ◽

pp. 322-342 ◽

Cited By ~ 1

Author(s):

Mélanie Roussy ◽

Odile Barbe ◽

Sophie Raimbault

Keyword(s):

Organizational Learning ◽

Multinational Corporations ◽

Audit Committee ◽

Internal Audit ◽

Building Blocks ◽

Positive Change ◽

Content Type ◽

Internal Auditors ◽

The Mean ◽

Eyes On The Prize

Purpose From the perspective of two groups of governance actors, this paper aims to understand how internal audit (IA) achieves and consolidates organizational significance. Design/methodology/approach Interviews were conducted with audit committee chairs and chief audit executives from multinational corporations, and the participating corporations’ registration documents were analyzed. Findings The data indicate that IA achieves and consolidates organizational significance by activating the IA effectiveness “building blocks” (Lenz et al., 2014) all together so as to generate organizational learning and positive change. New IA effectiveness drivers also emerged from the field. Research limitations/implications This research contributes to the IA literature by establishing a connection, through the IA impact on organizational learning, between the constructs of IA effectiveness and organizational significance. It also contributes to the IA literature by identifying new drivers and illustrating the complementarity and interconnections between the IA effectiveness building blocks. Practical implications This paper encourages internal auditors to keep their eyes on the prize (i.e. organizational significance) instead of simply being focused on the mean (i.e IA effectiveness), in order to fight stakeholder disappointment. Originality/value The paper proposes a conceptual model of IA organizational significance and gives key insights for setting up effective IA to stimulate organizational learning and fostering positive change in the whole organization.

Download Full-text