Factors associated with the adoption of data analytics by internal audit function

Purpose The benefits of data analytics in the internal audit function (IAF) are clear; less is known about IAF adoption of analytics. The purpose of this study is to examine the factors driving IAF adoption of analytics. Design/methodology/approach The Common Body of Knowledge of Internal Auditing Database (IIA, 2015) provides auditor responses on key variables of analysis. Findings The results of this study indicate the most critical adoption factor is data-specific IT knowledge in the IAF. Critical thinking skills and business knowledge of chief audit executive (CAEs) also contribute to adoption. IAFs with fraud risk detection responsibly are more likely to adopt. IAFs in technologically advanced cultures are more likely to adopt analytics. Originality/value The results of this study document the critical factors driving adoption of audit analytics, benefitting both industry and research.

Download Full-text

Understanding the internal audit function in a digitalised business environment

Journal of Accounting & Organizational Change ◽

10.1108/jaoc-11-2019-0114 ◽

2020 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Nathanaël Betti ◽

Gerrit Sarens

Keyword(s):

Data Analytics ◽

New Technologies ◽

Internal Audit ◽

Business Environment ◽

Future Research ◽

The European Union ◽

Content Type ◽

Internal Auditors ◽

Internal Audit Function ◽

The Impact

Purpose This paper aims to gain an in-depth understanding of how the internal audit function evolves in an increasingly digitalised business environment. Design/methodology/approach This paper is based on 29 semi-structured interviews with members of management committees and internal auditors based in Belgium. Findings The analysis reveals that a digitalised business environment affects the internal audit function in three respects. First, it impacts its scope. The agility of the internal audit planning and the required digital knowledge are expected to increase and information technology (IT) risks gain importance, especially cybersecurity threats. Second, the demand for consulting activities performed by internal auditors is higher and third, digitalisation modifies the working practices of internal auditors in their day-to-day tasks. New technologies such as data analytics tools are being implemented progressively in internal audit departments and digital skills are considered a critical asset. Research limitations/implications This research was conducted in the European Union and gathers opinions of members of management committees and internal auditors. Future research could focus on other internal auditing stakeholders in other legal contexts. Practical implications The internal audit function needs to integrate IT and data analytics skills. In addition, the internal audit function should develop consulting activities to help organisations deal with the digitalisation of the business environment. Originality/value The impact of digitalisation on the internal audit function and its effect on internal audit practices is an underexplored area.

Download Full-text

Leveling up tech skills in the internal audit profession

Strategic Direction ◽

10.1108/sd-11-2020-0199 ◽

2020 ◽

Vol ahead-of-print (ahead-of-print) ◽

Keyword(s):

Data Analytics ◽

Design Methodology ◽

Internal Audit ◽

Senior Management ◽

Content Type ◽

Internal Audit Function ◽

Digital Skills ◽

Pertinent Information ◽

Practical Implications ◽

Advisory Role

Purpose This paper aims to review the latest management developments across the globe and pinpoint practical implications from cutting-edge research and case studies. Design/methodology/approach This briefing is prepared by an independent writer who adds their own impartial comments and places the articles in context. Findings This research paper unpacks the potential of a business' internal audit function (IAF) to evolve with digitalization. The results reveal three ways that IAFs adapt to emerging technological risks. Firstly, by being agile in extending the scope of internal audit roles to include activities like assessing cybersecurity risks. Secondly, by responding to senior management demands for more consulting-type support by morphing into an advisory role. Thirdly, by modifying IAF practices to incorporate a shift in importance towards digital skills like data analytics. The challenges in executing these adaptations rest in auditors upskilling themselves as digital hybrids, while always maintaining independence. Originality/value The briefing saves busy executives, strategists and researchers hours of reading time by selecting only the very best, most pertinent information and presenting it in a condensed and easy-to-digest format.

Download Full-text

Internal auditors’ perceptions of the function’s ability to investigate fraud

Journal of Applied Accounting Research ◽

10.1108/jaar-09-2017-0098 ◽

2019 ◽

Vol 20 (2) ◽

pp. 134-153 ◽

Cited By ~ 2

Author(s):

Sourour Hazami-Ammar

Keyword(s):

Internal Audit ◽

Future Research ◽

Financial Fraud ◽

Internal Auditing ◽

Content Type ◽

Organizational Variables ◽

Internal Auditors ◽

Fraud Risk ◽

Internal Audit Function ◽

Practical Implications

Purpose The purpose of this paper is to examine the relation between internal audit function (IAF) characteristics and organizational variables and IAF’s self-investigation about fraud and irregularities (SIFI) in the French context. Design/methodology/approach This paper uses the responses of 96 chief audit executives (CAEs) to a global survey of the internal auditing profession carried out by the Institute of Internal Auditors Research Foundation (IIARF) in 2010. A logistic regression model is used to determine factors influencing IAF’s SIFI. Findings The authors’ findings reveal that IAF’s SIFI is positively correlated to independence and objectivity, the number of activities performed by the function, adoption of a systematic approach to evaluate the effectiveness of risk management and the size of the company. Research limitations/implications This study examines the factors associated only to IAF’s investigation rather than assessment of the risk of fraud. It remains for future research to analyze determinants those related to internal auditors’ approaches when they evaluate the risk of fraud. Practical implications The findings have implications for CAEs who wish to improve the IAF’s ability to investigate fraud. Originality/value Even if the IIA has stipulated since 2009 that internal auditors must have knowledge to evaluate the risk of fraud, no disclosure requirement exists, in France, for IAF or its charter. The areas of research related to internal audit behavior in relation to fraud concern fraud risk investigation of financial fraud and management/employee misconduct.

Download Full-text

Adherence to the Internal Audit Core Principles and Threats to Internal Audit Function Effectiveness

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-19-072 ◽

2021 ◽

Author(s):

Christopher G Calvin

Keyword(s):

Corporate Governance ◽

Future Development ◽

Internal Audit ◽

Internal Auditors ◽

The Core ◽

Body Of Knowledge ◽

Internal Audit Function ◽

Lower Likelihood ◽

Practitioner Survey ◽

The Impact

I investigate the impact that adherence to the Institute of Internal Auditors' Core Principles has on the likelihood that an internal auditor's effectiveness is threatened through pressure to modify valid audit findings. I use responses from the Institute of Internal Auditors' 2015 Common Body of Knowledge Practitioner Survey to show that higher adherence to the Core Principles by both internal audit staff and CAEs is associated with a lower likelihood of being pressured to modify audit findings. I also explore which of the ten Core Principles are dominant in explaining these associations to inform the future development of the internal audit profession. Finally, I investigate the sources of pressure to modify audit findings and explore the effect the Core Principles have in mitigating pressure from each source. My findings are relevant to the Institute of Internal Auditors, internal audit practitioners, and academics interested in internal audit or corporate governance.

Download Full-text

Financial fraud detection and big data analytics – implications on auditors’ use of fraud brainstorming session

Managerial Auditing Journal ◽

10.1108/maj-01-2018-1767 ◽

2019 ◽

Vol 34 (3) ◽

pp. 324-337 ◽

Cited By ~ 2

Author(s):

Jiali Tang ◽

Khondkar E. Karim

Keyword(s):

Big Data ◽

Data Analytics ◽

Big Data Analytics ◽

Idea Generation ◽

Fraud Detection ◽

Content Type ◽

Collective Wisdom ◽

Fraud Risk ◽

Collection Data ◽

Audit Team

PurposeThis paper aims to discuss the application of Big Data analytics to the brainstorming session in the current auditing standards.Design/methodology/approachThe authors review the literature related to fraud, brainstorming sessions and Big Data, and propose a model that auditors can follow during the brainstorming sessions by applying Big Data analytics at different steps.FindingsThe existing audit practice aimed at identifying the fraud risk factors needs enhancement, due to the inefficient use of unstructured data. The brainstorming session provides a useful setting for such concern as it draws on collective wisdom and encourages idea generation. The integration of Big Data analytics into brainstorming can broaden the information size, strengthen the results from analytical procedures and facilitate auditors’ communication. In the model proposed, an audit team can use Big Data tools at every step of the brainstorming process, including initial data collection, data integration, fraud indicator identification, group meetings, conclusions and documentation.Originality/valueThe proposed model can both address the current issues contained in brainstorming (e.g. low-quality discussions and production blocking) and improve the overall effectiveness of fraud detection.

Download Full-text

A Framework and Resources to Create a Data Analytics-Infused Accounting Curriculum

Issues in Accounting Education ◽

10.2308/issues-19-071 ◽

2021 ◽

Author(s):

Kevin E Dow ◽

Norman Jacknis ◽

Marcia Weidenmier Watson

Keyword(s):

Critical Thinking ◽

Diffusion Of Innovation ◽

Data Analytics ◽

Thinking Skills ◽

Critical Thinking Skills ◽

Accounting Students ◽

Diffusion Of Innovation Theory ◽

Fully Integrated ◽

Accounting Curriculum ◽

Data Analytic

The technology and Data Analytics developments affecting the accounting profession in turn have a profound effect on accounting curriculum. Accounting programs need fully-integrated accounting curriculum to develop students with strong analytic and critical thinking skills that complement their accounting knowledge. This will meet the profession's expectation that accounting students have expert level skills in both technical accounting knowledge and Data Analytics. This paper provides a framework and the resources for creating a Data Analytics-infused accounting curriculum. Specifically, using the Diffusion of Innovation Theory, we apply the theory's five stages to the infusion of Data Analytics into the accounting curriculum: Knowledge, Persuasion, Decision, Implementation, and Confirmation. We formulate an Analytics Value Cube to guide the use of different analytic techniques as accounting programs integrate. We recommend free tools, questions, and cases for use across the curriculum. While our focus is on accounting programs new to Data Analytics, these resources are also useful to accounting programs and practitioners that wish to expand their data analytic offerings.

Download Full-text

Using Data Analytics to Evaluate Policy Implications of Migration Patterns: Application for Analytics, AIS, and Tax Classes

Issues in Accounting Education ◽

10.2308/issues-19-098 ◽

2020 ◽

Author(s):

Christine Cheng ◽

Anu Varadharajan

Keyword(s):

Data Analytics ◽

Thinking Skills ◽

Critical Thinking Skills ◽

Learning Objectives ◽

Policy Implications ◽

Learning Assessment ◽

State Governments ◽

Accounting Information Systems ◽

Using Data ◽

Career Options

This case uses IRS SOI migration data to help students understand the power of data analysis to identify potential policy issues faced by state governments. The data skills covered in this case are used by entry level accounting professionals in all fields: the Extract, Transform, and Load (ETL) process using Alteryx and creating data visualizations using Tableau. The case learning objectives are: (1) Develop students' ETL skills; (2) Develop students' data visualization skills; (3) Develop student's critical thinking skills, and (4) Enhance students' effective oral and written communications skills. Pre- and post-learning assessment surveys and open-ended responses indicate that the case meets these learning objectives. Students easily related to policy questions surrounding migration as future employees considering their career options. As such, this case is appropriate for stand-alone data analytics courses in business or accounting, accounting information systems courses, undergraduate and graduate level tax classes, and MBA courses.

Download Full-text

E-business internal audit: the elephant is still in the room!

Journal of Applied Accounting Research ◽

10.1108/jaar-10-2012-0072 ◽

2014 ◽

Vol 15 (1) ◽

pp. 43-63 ◽

Cited By ~ 1

Author(s):

Amr Kotb ◽

Alan Sangster ◽

David Henderson

Keyword(s):

Resistance To Change ◽

Internal Audit ◽

Business Environment ◽

Content Type ◽

Internal Auditors ◽

Internal Audit Function ◽

The Usa ◽

The Uk ◽

It Audit ◽

The Impact

Purpose – The purpose of this paper is to explore the impact of technological change on the internal audit practices and skills requirements for internal auditors in an e-business environment. Design/methodology/approach – Generalist internal auditors and specialist information technology (IT) internal auditors were surveyed online in ten countries, including the USA and the UK which, together, provided the majority of responses. Findings – The results suggest a need for advanced IT-audit techniques in conducting the internal audit function, thereby increasing IT audit skill demands on generalist internal auditors. However, the results show a low confidence among internal auditors about their IT training and a continuing reliance upon IT audit specialists, rather than their own training/retraining. Research limitations/implications – The responses obtained in this study provide insight into both the status quo of the internal audit function, and to the changes that are needed to prepare generalist internal auditors for work in an e-business environment and, while the scale of the study limits the extent to which the findings may be generalized, they are consistent with the literature concerning the changing business environment and with the literature on resistance to change, suggesting that the issues revealed should be of concern. Practical implications – The results reported in this paper are useful to internal auditing educators and regulators in their consideration of the skills needed by generalist internal auditors in e-business environment. Originality/value – This study sheds light on a significantly growing area which remains relatively unexplored in the auditing-related literature, e-business audit. The study provides empirical evidence on challenges facing internal auditors in an e-business environment, thereby serving as a wake-up call, to both internal auditors and the professional bodies representing them, to defend their jurisdictional space against rival professional groups.

Download Full-text

Factors associated with security/cybersecurity audit by internal audit function

Managerial Auditing Journal ◽

10.1108/maj-07-2017-1595 ◽

2018 ◽

Vol 33 (4) ◽

pp. 377-409 ◽

Cited By ~ 5

Author(s):

Md. Shariful Islam ◽

Nusrat Farah ◽

Thomas F. Stafford

Keyword(s):

Audit Committee ◽

Internal Audit ◽

Mixed Effect ◽

Content Type ◽

Internal Auditors ◽

Factors Associated ◽

Security Breaches ◽

Internal Audit Function ◽

Enterprise Risk

Purpose The purpose of the study is to explore the factors associated with the extent of security/cybersecurity audit by the internal audit function (IAF) of the firm. Specifically, the authors focused on whether IAF/CAE (certified audit executive [CAE]) characteristics, board involvement related to governance, role of the audit committee (or equivalent) and the chief risk officer (CRO) and IAF tasked with enterprise risk management (ERM) are associated with the extent to which the firm engages in security/cybersecurity audit. Design/methodology/approach For analysis, the paper uses responses of 970 CAEs as compiled in the Common Body of Knowledge database (CBOK, 2015) developed by the Institute of Internal Auditors Research Foundation (IIARF). Findings The results of the study suggest that the extent of security/cybersecurity audit by IAF is significantly and positively associated with IAF competence related to governance, risk and control. Board support regarding governance is also significant and positive. However, the Audit Committee (AC) or equivalent and the CRO role are not significant across the regions studied. Comprehensive risk assessment done by IAF and IAF quality have a significant and positive effect on security/cybersecurity audit. Unexpectedly, CAEs with security certification and IAFs tasked with ERM do not have a significant effect on security/cybersecurity audit; however, other certifications such as CISA or CPA have a marginal or mixed effect on the extent of security/cybersecurity audit. Originality/value This study is the first to describe IAF involvement in security/cybersecurity audit. It provides insights into the specific IAF/CAE characteristics and corporate governance characteristics that can lead IAF to contribute significantly to security/cybersecurity audit. The findings add to the results of prior studies on the IAF involvement in different IT-related aspects such as IT audit and XBRL implementation and on the role of the board and the audit committee (or its equivalent) in ERM and the detection and correction of security breaches.

Download Full-text

Internal audit function, audit committee effectiveness and accountability in the Ugandan statutory corporations

Journal of Financial Reporting and Accounting ◽

10.1108/jfra-07-2016-0062 ◽

2018 ◽

Vol 16 (1) ◽

pp. 138-157 ◽

Cited By ~ 12

Author(s):

Juma Bananuka ◽

Stephen Korutaro Nkundabanyanga ◽

Irene Nalukenge ◽

Twaha Kaawaase

Keyword(s):

Audit Committee ◽

Sampling Error ◽

Internal Audit ◽

Hierarchical Regression ◽

Cross Sectional ◽

Content Type ◽

Internal Auditors ◽

Internal Audit Function ◽

Correlational Data ◽

Finance Officers

Purpose The purpose of this study is to investigate the contribution of internal audit function and audit committee effectiveness on accountability in statutory corporations (SCs). Design/methodology/approach This study is cross sectional and correlational. Data have been collected through a questionnaire survey of 52 SCs in Uganda through their Chief Internal Auditors and Chief Finance Officers. Data have been analysed using Statistical Package for Social Sciences. Findings The internal audit function significantly contributes to accountability of SCs in Uganda and audit committee effectiveness is not where effective internal audit is present in such organisations. However, audit committee effectiveness significantly contributes to accountability when an internal audit function is not present. Research limitations/implications The use of hierarchical regression is prone to problems associated with sampling error. However, the likelihood of these problems is mitigated by the interface with data. Originality/value Whereas hitherto both internal audit function and audit committee effectiveness had been viewed as explanations of accountability, this study only confirms the internal audit function as a significant predictor of SCs’ accountability relative to audit committee effectiveness.

Download Full-text