Serving Two Masters: The Association between Audit Committee Internal Audit Oversight and Internal Audit Activities

Lawrence J. Abbott; Susan Parker; Gary F. Peters

doi:10.2308/acch.2010.24.1.1

Serving Two Masters: The Association between Audit Committee Internal Audit Oversight and Internal Audit Activities

Accounting Horizons ◽

10.2308/acch.2010.24.1.1 ◽

2010 ◽

Vol 24 (1) ◽

pp. 1-24 ◽

Cited By ~ 99

Author(s):

Lawrence J. Abbott ◽

Susan Parker ◽

Gary F. Peters

Keyword(s):

Audit Committee ◽

Internal Audit ◽

Positive Association ◽

Internal Controls ◽

Fiscal Year ◽

Composite Measure ◽

Internal Auditors ◽

Internal Audit Function ◽

Fortune 1000 ◽

Budgetary Control

SYNOPSIS: In this paper, we investigate the association between the audit committee’s oversight of the internal audit function (IAF) and the nature of IAF activities. The importance of internal controls and of the roles of both the audit committee and the internal audit function in monitoring control activities have grown in recent years. Despite the importance of these topics, relatively little regulatory or best practices guidance addresses the distribution of IAF activities and amount of audit committee involvement with the IAF. We hypothesize that when the balance of oversight over the IAF lies with the audit committee (vis-a`-vis management), the committee will steer the IAF toward a more internal-controls-oriented focus. Our hypothesis is based on the existing practice guidance in this area and the relative incentives of management and the audit committee. To test our hypothesis, we survey 134 chief internal auditors from Fortune 1000 firms regarding the amount of internal audit resources allocated across internal audit activities in fiscal year 2005. We then construct a composite measure of audit committee oversight contingent on the relative control that the audit committee has over IAF vis-a`-vis management. Our composite measure is derived from three key facets of the audit committee/internal audit relationship: reporting duties, termination rights, and budgetary control. Consistent with our hypothesis, we document a strong, positive association between our audit committee oversight variable and the amount of IAF budget allocated to internal-controls-based activities.

Download Full-text

Effects of reporting relationship and type of internal control deficiency on internal auditors’ internal control evaluations

Managerial Auditing Journal ◽

10.1108/maj-07-2017-1606 ◽

2018 ◽

Vol 33 (3) ◽

pp. 318-335 ◽

Cited By ~ 3

Author(s):

Audrey Gramling ◽

Arnold Schneider

Keyword(s):

Internal Control ◽

Audit Committee ◽

Internal Audit ◽

Internal Controls ◽

Material Weakness ◽

Content Type ◽

Internal Auditors ◽

Tone At The Top ◽

Internal Audit Function ◽

Professional Guidance

Purpose This paper aims to explore whether an internal auditor’s evaluation of internal control deficiencies are influenced by the party with primary influence over the internal audit function and by the type of internal control deficiency. Design/methodology/approach A behavioral experiment is conducted with internal auditors as participants in a 2 × 2 between-subjects factorial design. Findings Results indicate that internal auditors are less likely to evaluate a pervasive control deficiency related to “tone at the top” as a material weakness than a process-specific control deficiency. Furthermore, internal auditors are somewhat less likely to evaluate a process-specific internal control deficiency as a material weakness when management has primary influence over the internal audit function than when the audit committee has primary influence. It is also found that the best practice of internal audit oversight (i.e., primary oversight of internal auditors by the audit committee) may lead to potential internal under-reporting of instances where the audit committee represents a material weakness in internal control. Research limitations/implications Limitations of this research include lack of economic consequences (e.g. future pay and job loss) associated with the internal control decisions made by the participants; less concise information provided to the participants than would generally be available to them; and lack of generalizability of the findings beyond the specific company setting and internal control scenario portrayed in the case materials. Practical implications Not evaluating a pervasive control deficiency related to “tone at the top” as a material weakness seems to not fully align with relevant professional guidance and can possibly result in inaccurate internal information about the quality of internal controls. Furthermore, having an internal auditor’s evaluation of a process-specific internal control deficiency influenced by the party with primary influence over the internal audit function would not appear to align with relevant professional guidance. Finally, primary oversight by the audit committee of the internal auditors may lead to potential internal under-reporting of instances where the audit committee represents a material weakness in internal controls and, thus, possible communication of inaccurate internal control information. Originality/value This study is the first to address whether the party with primary influence over the internal audit function influences an internal auditor’s evaluation of internal control deficiencies.

Download Full-text

External Auditors' Involvement in the Internal Audit Function's Work Plan and Subsequent Reliance Before and After a Negative Audit Discovery

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-51486 ◽

2016 ◽

Vol 35 (4) ◽

pp. 159-173 ◽

Cited By ~ 4

Author(s):

Byron J. Pike ◽

Lawrence Chui ◽

Kasey A. Martin ◽

Renee M. Olvera

Keyword(s):

Internal Control ◽

Internal Audit ◽

Internal Controls ◽

Professional Standards ◽

Data Availability ◽

Internal Auditors ◽

External Auditors ◽

Internal Audit Function ◽

Anchoring Bias ◽

Before And After

SUMMARY To reduce redundancies and increase efficiency in the evaluation of internal controls (PCAOB 2007, 402–403), professional standards encourage coordination between external auditors and their clients' internal audit function (IAF). Recent surveys of internal auditors find that a component of this coordination is external auditors' involvement in developing the IAF's audit plans. Nevertheless, it is not known how such involvement affects external auditors' reliance on the internal control test work of the IAF, either before or after a negative audit discovery. Based on an experiment with 107 experienced auditors, we find that external auditors involved in the development of the IAF's audit plan perceive the IAF as more objective and that both objectivity and involvement contribute to these auditors' placing more reliance on the IAF as compared to external auditors with no involvement. This initial reliance results in the involved auditors' proposing reductions to the audit budget and re-performing less of the IAF's work. Consistent with an anchoring bias, we find that involvement leads to external auditors' continuing to place greater reliance on the IAF's work, even after they become aware of a negative audit discovery that should not have occurred had the client's controls been effective. Data Availability: Data are available from the authors on request.

Download Full-text

A versenyképesség és a társaságok belső ellenőrzése (Competitiveness and corporate internal audit)

Vezetéstudomány / Budapest Management Review ◽

10.14267/veztud.2012.11.02 ◽

2012 ◽

pp. 19-33

Author(s):

Mária Bordáné Rabóczki

Keyword(s):

Corporate Governance ◽

Audit Committee ◽

Supervisory Board ◽

Internal Audit ◽

Senior Management ◽

Internal Auditors ◽

Mutual Dependency ◽

Internal Audit Function ◽

External Auditor ◽

The Impact

A cikk a belső ellenőrzésnek a hatékony társaságirányításhoz való hozzájárulását és ennek a versenyképességre gyakorolt hatását vizsgálja. A belső ellenőrzés és a társaságirányítás kölcsönös összefüggésben áll egymással. Nemcsak a belső ellenőrzés hat a társaságirányításra, hanem a releváns társaságirányítási struktúrák, emberi kapcsolatok és magatartásformák jelentős hatást gyakorolnak a belső ellenőrzés színvonalára és hatékonyságára. A cikk ezért különös figyelmet szentel a belső ellenőröknek az igazgatósággal, az auditbizottsággal/felügyelőbizottsággal, a menedzsmenttel és a könyvvizsgálóval való kapcsolatainak vizsgálatára. Rávilágít a belső ellenőrzés legfőbb funkciójára, amely objektív bizonyosságot nyújt az igazgatóság és a felső vezetők számára a kockázatok azonosítására, kezelésére és elfogadható szintre történő csökkentésére szolgáló kontrollfolyamatok megfelelőségéről és hatékonyságáról. A bemutatott belső ellenőrzési modell azt a szemléletet közvetíti, hogy a belső ellenőrzés által nyújtott objektív bizonyosság megszerzése nemcsak a jogszabályoknak vagy az ajánlásoknak való megfelelés, hanem a társaságok versenyképessége szempontjából is kiemelkedő jelentőségű. _________ The purpose of this paper is to consider the contribution of internal audit to the sound corporate governance and the impact of that on the competitiveness of the companies. There is a mutual dependency between internal audit and corporate governance. Not only the internal audit has impact on the corporate governance but the relevant governance structures, relationships and behaviour influence the level and effectiveness of the internal audit. Therefore the present paper is highly concerned with the internal auditors` relationships with the board, audit committee/supervisory board, senior management and the external auditor. It highlights the internal audit function, that provides objective assurance to the board and senior management about the adequacy and effectiveness of the processes by which risks are identified, managed, controlled and mitigated to acceptable levels. The internal audit model demonstrated represents an approach, according to that getting objective assurance provided by internal audit is important not only to be in line with laws and recommendations but to facilitate the corporate competitiveness.

Download Full-text

Factors associated with security/cybersecurity audit by internal audit function

Managerial Auditing Journal ◽

10.1108/maj-07-2017-1595 ◽

2018 ◽

Vol 33 (4) ◽

pp. 377-409 ◽

Cited By ~ 5

Author(s):

Md. Shariful Islam ◽

Nusrat Farah ◽

Thomas F. Stafford

Keyword(s):

Audit Committee ◽

Internal Audit ◽

Mixed Effect ◽

Content Type ◽

Internal Auditors ◽

Factors Associated ◽

Security Breaches ◽

Internal Audit Function ◽

Enterprise Risk

Purpose The purpose of the study is to explore the factors associated with the extent of security/cybersecurity audit by the internal audit function (IAF) of the firm. Specifically, the authors focused on whether IAF/CAE (certified audit executive [CAE]) characteristics, board involvement related to governance, role of the audit committee (or equivalent) and the chief risk officer (CRO) and IAF tasked with enterprise risk management (ERM) are associated with the extent to which the firm engages in security/cybersecurity audit. Design/methodology/approach For analysis, the paper uses responses of 970 CAEs as compiled in the Common Body of Knowledge database (CBOK, 2015) developed by the Institute of Internal Auditors Research Foundation (IIARF). Findings The results of the study suggest that the extent of security/cybersecurity audit by IAF is significantly and positively associated with IAF competence related to governance, risk and control. Board support regarding governance is also significant and positive. However, the Audit Committee (AC) or equivalent and the CRO role are not significant across the regions studied. Comprehensive risk assessment done by IAF and IAF quality have a significant and positive effect on security/cybersecurity audit. Unexpectedly, CAEs with security certification and IAFs tasked with ERM do not have a significant effect on security/cybersecurity audit; however, other certifications such as CISA or CPA have a marginal or mixed effect on the extent of security/cybersecurity audit. Originality/value This study is the first to describe IAF involvement in security/cybersecurity audit. It provides insights into the specific IAF/CAE characteristics and corporate governance characteristics that can lead IAF to contribute significantly to security/cybersecurity audit. The findings add to the results of prior studies on the IAF involvement in different IT-related aspects such as IT audit and XBRL implementation and on the role of the board and the audit committee (or its equivalent) in ERM and the detection and correction of security breaches.

Download Full-text

Internal audit function, audit committee effectiveness and accountability in the Ugandan statutory corporations

Journal of Financial Reporting and Accounting ◽

10.1108/jfra-07-2016-0062 ◽

2018 ◽

Vol 16 (1) ◽

pp. 138-157 ◽

Cited By ~ 12

Author(s):

Juma Bananuka ◽

Stephen Korutaro Nkundabanyanga ◽

Irene Nalukenge ◽

Twaha Kaawaase

Keyword(s):

Audit Committee ◽

Sampling Error ◽

Internal Audit ◽

Hierarchical Regression ◽

Cross Sectional ◽

Content Type ◽

Internal Auditors ◽

Internal Audit Function ◽

Correlational Data ◽

Finance Officers

Purpose The purpose of this study is to investigate the contribution of internal audit function and audit committee effectiveness on accountability in statutory corporations (SCs). Design/methodology/approach This study is cross sectional and correlational. Data have been collected through a questionnaire survey of 52 SCs in Uganda through their Chief Internal Auditors and Chief Finance Officers. Data have been analysed using Statistical Package for Social Sciences. Findings The internal audit function significantly contributes to accountability of SCs in Uganda and audit committee effectiveness is not where effective internal audit is present in such organisations. However, audit committee effectiveness significantly contributes to accountability when an internal audit function is not present. Research limitations/implications The use of hierarchical regression is prone to problems associated with sampling error. However, the likelihood of these problems is mitigated by the interface with data. Originality/value Whereas hitherto both internal audit function and audit committee effectiveness had been viewed as explanations of accountability, this study only confirms the internal audit function as a significant predictor of SCs’ accountability relative to audit committee effectiveness.

Download Full-text

An Examination Of Underreporting Of Time And Premature Signoffs By Internal Auditors

Review of Business Information Systems (RBIS) ◽

10.19030/rbis.v14i4.359 ◽

2010 ◽

Vol 14 (4) ◽

Author(s):

Qianhua (Q) Ling ◽

Michael D. Akers

Keyword(s):

Internal Audit ◽

Internal Controls ◽

Professional Skepticism ◽

Internal Auditors ◽

External Auditors ◽

Considerable Research ◽

Internal Audit Function ◽

Sarbanes Oxley ◽

Audit Team ◽

The Impact

The passage of the Sarbanes-Oxley Act of 2002 (SOX) heightened the importance of internal controls and accordingly, a key control - the internal audit function. Consequently, management and external auditors have both increased their reliance on internal auditors’ work. While there has been considerable research regarding the impact of the underreporting of time and premature sign-offs on the external audit, there has only been one study that has examined the impact of these two items on the internal auditors’ work. Such research is dated (1994) and prior to the passage of SOX. We surveyed members of the Institute of Internal Auditors (IIA) in the Midwest to examine their behavior and perceptions regarding these two items. The respondents in our study believe the underreporting of time is unethical and is supported by their reporting of all time worked, even if such time exceeded the budget. Our findings also show that the respondents feel premature sign-offs are unethical and result primarily from lack of professional skepticism and inadequate training. Increasing training in audit areas and improving communications within the audit team are possible solutions to reduce premature sign-offs. Premature sign-offs are more likely to occur in operational audits and to a lesser degree in financial audits and compliance audits.

Download Full-text

Internal Auditors' Assessment of their Contribution to Financial Statement Audits: The Relation with Audit Committee and Internal Audit Function Characteristics

International Journal of Auditing ◽

10.1111/j.1099-1123.2006.00306.x ◽

2006 ◽

Vol 10 (1) ◽

pp. 1-18 ◽

Cited By ~ 74

Author(s):

Mazlina Mat Zain ◽

Nava Subramaniam ◽

Jenny Stewart

Keyword(s):

Audit Committee ◽

Internal Audit ◽

Financial Statement ◽

Internal Auditors ◽

Internal Audit Function

Download Full-text

Resourcing the Internal Audit Function: How Effective is the Audit Committee?

Asian Journal of Finance & Accounting ◽

10.5296/ajfa.v9i2.11937 ◽

2017 ◽

Vol 9 (2) ◽

pp. 161

Author(s):

Shir Li Ng ◽

Dennis W Taylor

Keyword(s):

Audit Committee ◽

Stock Exchange ◽

Internal Audit ◽

Annual Reports ◽

Comparative Case Study ◽

Working Relationships ◽

Internal Auditors ◽

Internal Audit Function

The aim of this study is to investigate the extent to which an Audit Committee (AC)’s own governance characteristics impact on its role effectiveness in achieving enhanced resourcing and by extension, improved the scope and quality of the Internal Audit Function (IAF). Sample is drawn from top 300 companies listed on the Australian Stock Exchange (ASX). This study combines data from a questionnaire administered to the Internal Audit Executive (IAE) with information from annual reports and financial databases. Hypotheses are developed and tested using multiple regression analysis. This analysis is supplemented by insights from a comparative case study for two companies in the sample. Results reveal that AC size is significantly positively related to the financial resources (budget) allocated to IAF, while both AC financial expertise and AC size are significantly positively related to IAF labour hours. Results also confirm that IAF’s with higher resourcing are able to concentrate those resources on areas expected of a high quality IAF. Further, comparative case study analysis gives insights to the superior ways a larger size AC can be effective in fulfilling its oversight role, building its working relationships and obtaining resources for the IAF. Study contributes to current auditing-related governance literature by introducing a comprehensive empirical model of AC effectiveness in facilitating the scope and quality of the IAF’s work. Also, the findings have implications for regulators and the Institute of Internal Auditors (IIA) in terms of the composition and functioning of ACs.

Download Full-text

A Post-SOX Examination of Factors Associated with the Size of Internal Audit Functions

Accounting Horizons ◽

10.2308/acch-50115 ◽

2012 ◽

Vol 26 (2) ◽

pp. 167-191 ◽

Cited By ~ 64

Author(s):

Urton L. Anderson ◽

Margaret H. Christ ◽

Karla M. Johnstone ◽

Larry E. Rittenberg

Keyword(s):

Leadership Development ◽

Audit Committee ◽

Internal Audit ◽

Data Availability ◽

Private Companies ◽

Public And Private ◽

Internal Auditors ◽

Factors Associated ◽

Internal Audit Function ◽

Prior Literature

SYNOPSIS This study develops and tests a conceptual model articulating factors associated with internal audit function size in the post-SOX era. These factors include audit committee characteristics, internal audit characteristics and mission, internal audit activities performed by others (including outsourced providers and other divisions within the organization), and organization characteristics. Results from a survey of 173 public and private companies reveal that internal audit function size is positively associated with: (1) better audit committee governance, (2) greater organizational experience of the chief audit executive, (3) missions involving IT auditing, (4) the use of sophisticated audit technologies, (5) the use of a staffing model in which internal audit is used for rotational leadership development, (6) organization size, and (7) the number of foreign subsidiaries that the organization possesses. Further, internal audit function size is inversely associated with: (1) the percentage of internal audit employees that are Certified Internal Auditors, and (2) the extent of assurance and compliance activities outsourced to outsiders. These results contribute to prior literature on internal audit function size by considering a variety of factors that are associated with internal audit function size in the contemporary era. Data Availability: Contact the authors.

Download Full-text

A qualitative analysis of the internal audit function in the banking sector

Banks and Bank Systems ◽

10.21511/bbs.11(4-1).2016.07 ◽

2016 ◽

Vol 11 (4) ◽

pp. 161-168 ◽

Cited By ~ 1

Author(s):

Rasoava Rijamampianina

Keyword(s):

Capital Markets ◽

Audit Committee ◽

Success Factors ◽

Banking Sector ◽

Global Financial Crisis ◽

Internal Audit ◽

Financial Sector ◽

Jel Classification ◽

Internal Auditors ◽

Internal Audit Function

In South Africa, the financial sector contributes approximately 10.5% to the country’s gross domestic product (GDP). Although the 2007-2009 global financial crisis did not directly impact the domestic market, it threatened the profitability of the financial sector and triggered changes that affected the role of the internal audit function. In particular, stakeholders’ expectations from the function have significantly increased. Against this background, the study seeks to identify the key success factors of performing internal audit reviews of capital markets business areas within the big four South African banks. For this purpose, in-depth interviews with experienced internal auditors, risk managers and traders were carried out. The study suggests several implications and recommendations for the risk management, internal audit and audit committee functions that can also be adopted by interested parties from non-financial institutions. Keywords: internal audit, value creation, skills, stakeholders, capital markets. JEL Classification: G31, M42

Download Full-text