E-business internal audit: the elephant is still in the room!

Purpose – The purpose of this paper is to explore the impact of technological change on the internal audit practices and skills requirements for internal auditors in an e-business environment. Design/methodology/approach – Generalist internal auditors and specialist information technology (IT) internal auditors were surveyed online in ten countries, including the USA and the UK which, together, provided the majority of responses. Findings – The results suggest a need for advanced IT-audit techniques in conducting the internal audit function, thereby increasing IT audit skill demands on generalist internal auditors. However, the results show a low confidence among internal auditors about their IT training and a continuing reliance upon IT audit specialists, rather than their own training/retraining. Research limitations/implications – The responses obtained in this study provide insight into both the status quo of the internal audit function, and to the changes that are needed to prepare generalist internal auditors for work in an e-business environment and, while the scale of the study limits the extent to which the findings may be generalized, they are consistent with the literature concerning the changing business environment and with the literature on resistance to change, suggesting that the issues revealed should be of concern. Practical implications – The results reported in this paper are useful to internal auditing educators and regulators in their consideration of the skills needed by generalist internal auditors in e-business environment. Originality/value – This study sheds light on a significantly growing area which remains relatively unexplored in the auditing-related literature, e-business audit. The study provides empirical evidence on challenges facing internal auditors in an e-business environment, thereby serving as a wake-up call, to both internal auditors and the professional bodies representing them, to defend their jurisdictional space against rival professional groups.

Download Full-text

Understanding the internal audit function in a digitalised business environment

Journal of Accounting & Organizational Change ◽

10.1108/jaoc-11-2019-0114 ◽

2020 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Nathanaël Betti ◽

Gerrit Sarens

Keyword(s):

Data Analytics ◽

New Technologies ◽

Internal Audit ◽

Business Environment ◽

Future Research ◽

The European Union ◽

Content Type ◽

Internal Auditors ◽

Internal Audit Function ◽

The Impact

Purpose This paper aims to gain an in-depth understanding of how the internal audit function evolves in an increasingly digitalised business environment. Design/methodology/approach This paper is based on 29 semi-structured interviews with members of management committees and internal auditors based in Belgium. Findings The analysis reveals that a digitalised business environment affects the internal audit function in three respects. First, it impacts its scope. The agility of the internal audit planning and the required digital knowledge are expected to increase and information technology (IT) risks gain importance, especially cybersecurity threats. Second, the demand for consulting activities performed by internal auditors is higher and third, digitalisation modifies the working practices of internal auditors in their day-to-day tasks. New technologies such as data analytics tools are being implemented progressively in internal audit departments and digital skills are considered a critical asset. Research limitations/implications This research was conducted in the European Union and gathers opinions of members of management committees and internal auditors. Future research could focus on other internal auditing stakeholders in other legal contexts. Practical implications The internal audit function needs to integrate IT and data analytics skills. In addition, the internal audit function should develop consulting activities to help organisations deal with the digitalisation of the business environment. Originality/value The impact of digitalisation on the internal audit function and its effect on internal audit practices is an underexplored area.

Download Full-text

The impact of internal audit function characteristics on internal control quality

Managerial Auditing Journal ◽

10.1108/maj-06-2017-1579 ◽

2018 ◽

Vol 33 (5) ◽

pp. 450-469 ◽

Cited By ~ 8

Author(s):

Ahmed Atef Oussii ◽

Neila Boulila Taktak

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Audit Quality ◽

Internal Audit ◽

Audit Committees ◽

Content Type ◽

Internal Auditors ◽

Control Quality ◽

Internal Audit Function ◽

The Impact

Purpose This paper aims to investigate the association between internal audit function (IAF) characteristics and internal control quality. Design/methodology/approach Using data gathered from 59 chief audit executives from Tunisian listed companies, this paper uses a regression model to examine research hypothesis related to the association between IAF characteristics and internal control quality. Findings The findings of the current study reveal that internal control quality is significantly and positively associated with IAF competence, internal audit quality control assurance level, follow-up process and audit committee’s involvement in reviewing the internal audit program and results. Practical implications The findings have significant implications for IAF wishing to enhance their effectiveness, by recognizing the impact of the IAF’s characteristics on internal control quality. The findings of this study also have significant implications for regulatory bodies who are concerned with the internal control quality, managers and audit committees who determine IAF investment, oversight IAF activities and assess internal auditors’ performance. Originality/value This study helps fill a gap in the extant literature where existing empirical evidence of how the IAF characteristics influences the quality of the financial reporting process in emerging markets is scant.

Download Full-text

Adherence to the Internal Audit Core Principles and Threats to Internal Audit Function Effectiveness

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-19-072 ◽

2021 ◽

Author(s):

Christopher G Calvin

Keyword(s):

Corporate Governance ◽

Future Development ◽

Internal Audit ◽

Internal Auditors ◽

The Core ◽

Body Of Knowledge ◽

Internal Audit Function ◽

Lower Likelihood ◽

Practitioner Survey ◽

The Impact

I investigate the impact that adherence to the Institute of Internal Auditors' Core Principles has on the likelihood that an internal auditor's effectiveness is threatened through pressure to modify valid audit findings. I use responses from the Institute of Internal Auditors' 2015 Common Body of Knowledge Practitioner Survey to show that higher adherence to the Core Principles by both internal audit staff and CAEs is associated with a lower likelihood of being pressured to modify audit findings. I also explore which of the ten Core Principles are dominant in explaining these associations to inform the future development of the internal audit profession. Finally, I investigate the sources of pressure to modify audit findings and explore the effect the Core Principles have in mitigating pressure from each source. My findings are relevant to the Institute of Internal Auditors, internal audit practitioners, and academics interested in internal audit or corporate governance.

Download Full-text

Organizational identity, professional identity salience and internal auditors’ assessments of the severity of internal control concerns

Managerial Auditing Journal ◽

10.1108/maj-02-2020-2566 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Ian Burt ◽

Theresa Libby

Keyword(s):

Professional Identity ◽

Internal Control ◽

Organizational Identity ◽

Internal Audit ◽

Identity Salience ◽

Content Type ◽

Internal Auditors ◽

Internal Control Weaknesses ◽

The Impact ◽

Benefits And Costs

Purpose This paper aims to examine whether increasing the salience of the internal auditor’s professional identity, defined by the expectations of their professional group, increases internal auditors’ judgments of the severity of internal control concerns when their organizational identity is high. Design/methodology/approach This paper tests the hypothesis using a laboratory experiment with internal auditors as participants. Findings The results support the hypothesis that professional identity salience moderates the relation between organizational identity and the assessed severity of identified internal control weaknesses. Increasing the salience of professional identity results in a more severe assessment of identified internal control weaknesses when organizational identity is high than when it is low. Originality/value Prior research in the lab and in the field provides mixed results about the impact of organizational identity on internal auditors’ judgments of the severity of identified internal control concerns. This paper contributes to the discussion on this issue. In addition, the results have implications for the debate about the benefits and costs of in-house versus out-sourced internal audit functions.

Download Full-text

A versenyképesség és a társaságok belső ellenőrzése (Competitiveness and corporate internal audit)

Vezetéstudomány / Budapest Management Review ◽

10.14267/veztud.2012.11.02 ◽

2012 ◽

pp. 19-33

Author(s):

Mária Bordáné Rabóczki

Keyword(s):

Corporate Governance ◽

Audit Committee ◽

Supervisory Board ◽

Internal Audit ◽

Senior Management ◽

Internal Auditors ◽

Mutual Dependency ◽

Internal Audit Function ◽

External Auditor ◽

The Impact

A cikk a belső ellenőrzésnek a hatékony társaságirányításhoz való hozzájárulását és ennek a versenyképességre gyakorolt hatását vizsgálja. A belső ellenőrzés és a társaságirányítás kölcsönös összefüggésben áll egymással. Nemcsak a belső ellenőrzés hat a társaságirányításra, hanem a releváns társaságirányítási struktúrák, emberi kapcsolatok és magatartásformák jelentős hatást gyakorolnak a belső ellenőrzés színvonalára és hatékonyságára. A cikk ezért különös figyelmet szentel a belső ellenőröknek az igazgatósággal, az auditbizottsággal/felügyelőbizottsággal, a menedzsmenttel és a könyvvizsgálóval való kapcsolatainak vizsgálatára. Rávilágít a belső ellenőrzés legfőbb funkciójára, amely objektív bizonyosságot nyújt az igazgatóság és a felső vezetők számára a kockázatok azonosítására, kezelésére és elfogadható szintre történő csökkentésére szolgáló kontrollfolyamatok megfelelőségéről és hatékonyságáról. A bemutatott belső ellenőrzési modell azt a szemléletet közvetíti, hogy a belső ellenőrzés által nyújtott objektív bizonyosság megszerzése nemcsak a jogszabályoknak vagy az ajánlásoknak való megfelelés, hanem a társaságok versenyképessége szempontjából is kiemelkedő jelentőségű. _________ The purpose of this paper is to consider the contribution of internal audit to the sound corporate governance and the impact of that on the competitiveness of the companies. There is a mutual dependency between internal audit and corporate governance. Not only the internal audit has impact on the corporate governance but the relevant governance structures, relationships and behaviour influence the level and effectiveness of the internal audit. Therefore the present paper is highly concerned with the internal auditors` relationships with the board, audit committee/supervisory board, senior management and the external auditor. It highlights the internal audit function, that provides objective assurance to the board and senior management about the adequacy and effectiveness of the processes by which risks are identified, managed, controlled and mitigated to acceptable levels. The internal audit model demonstrated represents an approach, according to that getting objective assurance provided by internal audit is important not only to be in line with laws and recommendations but to facilitate the corporate competitiveness.

Download Full-text

Earnings quality and the cost of equity capital: evidence on the impact of legal background

International Journal of Accounting and Information Management ◽

10.1108/ijaim-05-2021-0092 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Ahmed Hassan Ahmed ◽

Yasean Tahat ◽

Yasser Eliwa ◽

Bruce Burton

Keyword(s):

Earnings Quality ◽

Institutional Ownership ◽

Equity Capital ◽

Cost Of Equity Capital ◽

Cost Of Equity ◽

Content Type ◽

The Usa ◽

The Uk ◽

The Cost ◽

The Impact

Purpose Earnings quality is of great concern to corporate stakeholders, including capital providers in international markets with widely varying regulatory pedigrees and ownership patterns. This paper aims to examine the association between the cost of equity capital and earnings quality, contextualised via tests that incorporate the potential for moderating effects around institutional settings. The analysis focuses on and compares evidence relating to (common law) UK/US firms and (civil law) German firms over the period 2005–2018 and seeks to identify whether, given institutional dissimilarities, significant differences exist between the two settings. Design/methodology/approach First, the authors undertake a review of the extant literature on the link between earnings quality and the cost of capital. Second, using a sample of 948 listed companies from the USA, the UK and Germany over the period 2005 to 2018, the authors estimate four implied cost of equity capital proxies. The relationship between companies’ cost of equity capital and their earnings quality is then investigated. Findings Consistent with theoretical reasoning and prior empirical analyses, the authors find a statistically negative association between earnings quality, evidenced by information relating to accruals and the cost of equity capital. However, when they extend the analysis by investigating the combined effect of institutional ownership and earnings quality on financing cost, the impact – while negative overall – is found to vary across legal backdrops. Research limitations/implications This paper uses institutional ownership as a mediating variable in the association between earnings quality and the cost of equity capital, but this is not intended to suggest that other measures may be of relevance here and additional research might usefully expand the analysis to incorporate other forms of ownership including state and foreign bases. Second, and suggestive of another avenue for developing the work presented in the study, the authors have used accrual measures of earnings quality. Practical implications The results are shown to provide potentially important insights for policymakers, creditors and investors about the consequences of earnings quality variability. The results should be of interest to firms seeking to reduce their financing costs and retain financial viability in the wake of the impact of the Covid-19 pandemic. Originality/value The reported findings extends the single-country results of Eliwa et al. (2016) for the UK firms and Francis et al. (2005) for the USA, whereby both reported that the cost of equity capital is negatively associated with earnings quality attributes. Second, in a further increment to the extant literature (particularly Francis et al., 2005 and Eliwa et al., 2016), the authors find the effect of institutional ownership to be influential, with a significantly positive impact on the association between earnings quality and the cost of equity capital, suggesting in turn that institutional ownership can improve firms’ ability to secure cheaper funding by virtue of robust monitoring. While this result holds for the whole sample (the USA, the UK and Germany), country-level analysis shows that the result holds only for the common law countries (the UK and the USA) and not for Germany, consistent with the notion that extant legal systems are a determining factor in this context. This novel finding points to a role for institutional investors in watching and improving the quality of financial reports that are valued by the market in its price formation activity.

Download Full-text

Corporate governance and internal audit: an institutional theory perspective

Corporate Governance ◽

10.1108/cg-07-2019-0215 ◽

2019 ◽

Vol 20 (1) ◽

pp. 175-190 ◽

Cited By ~ 1

Author(s):

Christina Vadasi ◽

Michalis Bekiaris ◽

Andreas Andrikopoulos

Keyword(s):

Corporate Governance ◽

Institutional Theory ◽

Audit Committee ◽

Internal Audit ◽

Annual Reports ◽

Substantial Impact ◽

Content Type ◽

Internal Auditors ◽

The Impact ◽

Audit Effectiveness

Purpose This paper aims to explore internal audit effectiveness through its contribution to corporate governance. Namely, the authors attempt to investigate the impact of internal audit professionalization on internal audit’s contribution to corporate governance. Design/methodology/approach Using a research framework informed by institutional theory, the authors predict that internal audit’s contribution to corporate governance is associated with factors related to internal audit professionalization. To investigate the arguments, the authors combine data from a survey of 49 listed companies in the Athens Stock Exchange with publicly available information from annual reports. Findings Empirical results indicate that internal audit professionalization affects internal audit effectiveness, as internal audit’s contribution to corporate governance is improved for organizations where internal audit function complies with internal auditing standards and internal auditors hold professional certifications. The findings also suggest that internal audit’s contribution to corporate governance is shaped by some company-specific characteristics, namely, CEO duality and audit committee quality. Practical implications The results have implications for internal auditors who wish to increase the efficiency of their work, corporate governance mechanisms such as the board of directors and the audit committee, which can use the findings of this study to better respond to their responsibilities concerning internal audit and regulators who can also benefit to strengthen areas with substantial impact on internal audit’s contribution to corporate governance. Originality/value This paper contributes to the academic discussion on the role of internal audit in corporate governance and complements the work of other researchers in the field of internal audit professionalization. This study tries to fill a gap in the literature on the effect of internal audit professionalization elements on internal audit’s contribution to corporate governance.

Download Full-text

Factors associated with security/cybersecurity audit by internal audit function

Managerial Auditing Journal ◽

10.1108/maj-07-2017-1595 ◽

2018 ◽

Vol 33 (4) ◽

pp. 377-409 ◽

Cited By ~ 5

Author(s):

Md. Shariful Islam ◽

Nusrat Farah ◽

Thomas F. Stafford

Keyword(s):

Audit Committee ◽

Internal Audit ◽

Mixed Effect ◽

Content Type ◽

Internal Auditors ◽

Factors Associated ◽

Security Breaches ◽

Internal Audit Function ◽

Enterprise Risk

Purpose The purpose of the study is to explore the factors associated with the extent of security/cybersecurity audit by the internal audit function (IAF) of the firm. Specifically, the authors focused on whether IAF/CAE (certified audit executive [CAE]) characteristics, board involvement related to governance, role of the audit committee (or equivalent) and the chief risk officer (CRO) and IAF tasked with enterprise risk management (ERM) are associated with the extent to which the firm engages in security/cybersecurity audit. Design/methodology/approach For analysis, the paper uses responses of 970 CAEs as compiled in the Common Body of Knowledge database (CBOK, 2015) developed by the Institute of Internal Auditors Research Foundation (IIARF). Findings The results of the study suggest that the extent of security/cybersecurity audit by IAF is significantly and positively associated with IAF competence related to governance, risk and control. Board support regarding governance is also significant and positive. However, the Audit Committee (AC) or equivalent and the CRO role are not significant across the regions studied. Comprehensive risk assessment done by IAF and IAF quality have a significant and positive effect on security/cybersecurity audit. Unexpectedly, CAEs with security certification and IAFs tasked with ERM do not have a significant effect on security/cybersecurity audit; however, other certifications such as CISA or CPA have a marginal or mixed effect on the extent of security/cybersecurity audit. Originality/value This study is the first to describe IAF involvement in security/cybersecurity audit. It provides insights into the specific IAF/CAE characteristics and corporate governance characteristics that can lead IAF to contribute significantly to security/cybersecurity audit. The findings add to the results of prior studies on the IAF involvement in different IT-related aspects such as IT audit and XBRL implementation and on the role of the board and the audit committee (or its equivalent) in ERM and the detection and correction of security breaches.

Download Full-text

Internal audit function, audit committee effectiveness and accountability in the Ugandan statutory corporations

Journal of Financial Reporting and Accounting ◽

10.1108/jfra-07-2016-0062 ◽

2018 ◽

Vol 16 (1) ◽

pp. 138-157 ◽

Cited By ~ 12

Author(s):

Juma Bananuka ◽

Stephen Korutaro Nkundabanyanga ◽

Irene Nalukenge ◽

Twaha Kaawaase

Keyword(s):

Audit Committee ◽

Sampling Error ◽

Internal Audit ◽

Hierarchical Regression ◽

Cross Sectional ◽

Content Type ◽

Internal Auditors ◽

Internal Audit Function ◽

Correlational Data ◽

Finance Officers

Purpose The purpose of this study is to investigate the contribution of internal audit function and audit committee effectiveness on accountability in statutory corporations (SCs). Design/methodology/approach This study is cross sectional and correlational. Data have been collected through a questionnaire survey of 52 SCs in Uganda through their Chief Internal Auditors and Chief Finance Officers. Data have been analysed using Statistical Package for Social Sciences. Findings The internal audit function significantly contributes to accountability of SCs in Uganda and audit committee effectiveness is not where effective internal audit is present in such organisations. However, audit committee effectiveness significantly contributes to accountability when an internal audit function is not present. Research limitations/implications The use of hierarchical regression is prone to problems associated with sampling error. However, the likelihood of these problems is mitigated by the interface with data. Originality/value Whereas hitherto both internal audit function and audit committee effectiveness had been viewed as explanations of accountability, this study only confirms the internal audit function as a significant predictor of SCs’ accountability relative to audit committee effectiveness.

Download Full-text

Does the chief audit executive gender matter to internal audit effectiveness? Evidence from Tunisia

African Journal of Economic and Management Studies ◽

10.1108/ajems-12-2018-0404 ◽

2019 ◽

Vol 10 (4) ◽

pp. 424-439

Author(s):

Ahmed Atef Oussii ◽

Mohamed Faker Klibi

Keyword(s):

Quality Assurance ◽

Internal Audit ◽

Internal Auditing ◽

Content Type ◽

Internal Auditors ◽

Positive Effects ◽

Internal Audit Function ◽

Management Positions ◽

African Perspective ◽

Executive Gender

Purpose The purpose of this paper is to investigate whether chief audit executive (CAE) gender has a significant impact on the internal audit function (IAF) effectiveness as proxied by the extent to which the internal audit function uses quality assurance techniques. Design/methodology/approach This study uses a multivariate regression model to analyze the association between CAE gender and the use of quality assurance techniques in fieldwork as a proxy for IAF effectiveness. Data were collected using a survey of 74 internal auditors from Tunisian listed companies. Findings The results indicate that IAFs run by a female CAE are more likely to incorporate quality assurance techniques into fieldwork than IAFs run by male CAEs. Therefore, internal audit departments managed by women tend to be more effective. Practical implications Findings highlight to regulators and reform advocates the importance of having women on the CAE position will improve internal audit practices’ quality. Thus, the gender difference in internal auditing should be more strongly emphasized in different cultural and economic contexts. Originality/value This study provides new insights which add to the existing gender literature by introducing a North African perspective and simultaneously providing new insights that highlight the importance of having women on top management positions in internal auditing and the positive effects which come with it.

Download Full-text