Auditors' Internal Control over Financial Reporting Decisions: Analysis, Synthesis, and Research Directions

SUMMARY We synthesize the literature on auditors' evaluation of, and reporting on, internal control over financial reporting (ICOFR), as required by the Sarbanes-Oxley Act. The purpose of the synthesis is (1) to provide information on how and how well auditors perform the task, which serves as feedback to the Public Company Accounting Oversight Board on implementation issues and problems related to auditors' application of the professional standards on ICOFR; and (2) to identify gaps in the current literature and fruitful areas of future research. Consistent with Auditing Standard No. 5, we delineate five phases of the ICOFR audit: (1) planning; (2) scoping; (3) testing; (4) evaluation; and (5) reporting. We structure our synthesis using a framework that classifies the determinants of performance in each phase into five broad areas: (a) the auditor's attributes, (b) the client's attributes, (c) the interaction between the auditor and the client, (d) task attributes, and (e) environmental attributes. Key contributions include providing an ICOFR tasks taxonomy, proposing a model of the determinants of performance for each task, evaluating auditors' performance of the tasks in our taxonomy, highlighting findings and gaps of importance to regulators, and providing a road map for future research.

Download Full-text

Controls, Security, and Audit in Online Digital Accounting

Digital Accounting ◽

10.4018/978-1-59140-738-6.ch010 ◽

2011 ◽

pp. 318-383

Author(s):

Ashutosh Deshmukh

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Annual Report ◽

Control Structure ◽

Internal Controls ◽

Section 404 ◽

Checks And Balances ◽

The Public ◽

Sarbanes Oxley ◽

Public Company

Internal controls have existed since the dawn of business activities. Internal controls are basically systems of checks and balances. The purpose is to keep the organization moving along desired lines as per the wishes of the owners and to protect assets of the business. Internal controls have received attention from auditors, managers, accountants, fraud examiners and legislatures. Sarbanes Oxley Act 2002 now requires the annual report of a public company to contain a statement of management’s responsibility for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and management’s assessment of the effectiveness of the company’s internal control structure and procedures for financial reporting. Section 404 of the Act also requires the auditor to attest to and report on management’s assessment of effectiveness of the internal controls in accordance with standards established by the Public Company Accounting Oversight Board (PCAOB).

Download Full-text

Does Recent Academic Research Support Changes to Audit Reporting Standards?

Accounting Horizons ◽

10.2308/acch-51397 ◽

2016 ◽

Vol 30 (2) ◽

pp. 255-275 ◽

Cited By ~ 34

Author(s):

Jean Bédard ◽

Paul Coram ◽

Reza Espahbodi ◽

Theodore J. Mock

Keyword(s):

Financial Reporting ◽

Academic Research ◽

Financial Statements ◽

Future Research ◽

Research Support ◽

The Public ◽

Market Participants ◽

Information Gap ◽

Public Company ◽

Reporting Process

SYNOPSIS The Public Company Accounting Oversight Board (PCAOB), the International Auditing and Assurance Standards Board (IAASB), and the U.K. Financial Reporting Council (FRC) have proposed or approved standards that significantly change the independent auditor's report. These initiatives require the auditor to make additional disclosures intended to close the information gap; that is, the gap between the information users desire and the information available through the audited financial statements, other corporate disclosures, and the auditor's report. They are also intended to improve the relevancy of the auditor's report. We augment prior academic research by providing standard setters with an updated synthesis of relevant research. More importantly, we provide an assessment of whether the changes are likely to close the information gap, which is important to financial market participants and other stakeholders in the audit reporting process. Also, we identify areas where there seems to be a lack of sufficient research. These results are of interest to all stakeholders in the audit reporting process, as the changes to the auditor's report are fundamental. Additionally, our summaries of research on the auditor's report highlight where there is limited research or inconsistent results, which will help academics identify important opportunities for future research.

Download Full-text

Internal Control, Sarbanes-Oxley, and the Public Company Accounting Oversight Board

Internal Control of Fixed Assets ◽

10.1002/9781118269107.ch1 ◽

2011 ◽

pp. 1-12 ◽

Cited By ~ 1

Keyword(s):

Internal Control ◽

The Public ◽

Sarbanes Oxley ◽

Public Company

Download Full-text

Audit Committee Member Support for Proposed Audit Adjustments: Pre-SOX versus Post-SOX Judgments

Auditing A Journal of Practice & Theory ◽

10.2308/aud.2008.27.1.85 ◽

2008 ◽

Vol 27 (1) ◽

pp. 85-104 ◽

Cited By ~ 64

Author(s):

F. Todd DeZoort ◽

Dana R. Hermanson ◽

Richard W. Houston

Keyword(s):

Financial Reporting ◽

Audit Committee ◽

Committee Member ◽

Audit Committees ◽

Future Research ◽

Reporting Accuracy ◽

Sarbanes Oxley ◽

Public Company

This study examines differences in audit committee member judgments before the Sarbanes-Oxley Act (“pre-SOX”) versus after the act was passed (“post-SOX”) as well as audit committee member perceptions of the effects of SOX. Based on experimental materials administered to 372 public company audit committee members (131 pre-SOX from DeZoort et al. [2003a] and 241 post-SOX), we find that audit committee support for an auditor-proposed adjustment is significantly higher in the post-SOX period. Additional analyses reveal that the effect of SOX differs between audit committee members who are CPAs versus non-CPAs. Specifically, the greater audit committee member support for the proposed adjustment post-SOX is attributable to members who are CPAs. In general, audit committee members in the post-SOX period feel more responsible for resolving the accounting issue, perceive that audit committee members have greater expertise to evaluate the accounting issue, and also are more concerned with reporting accuracy and a need for conservative financial reporting than those in the pre-SOX period. We also find that post-SOX respondents who support the auditor's proposed adjustment have more favorable views of the benefits of SOX, and they believe more strongly that audit committees in the post-SOX period are more conservative and have more power than they did pre-SOX. We discuss implications and avenues for future research.

Download Full-text

Determinants of the Persistence of Internal Control Weaknesses

Accounting Horizons ◽

10.2308/acch-10266 ◽

2012 ◽

Vol 26 (2) ◽

pp. 307-333 ◽

Cited By ~ 38

Author(s):

Bonnie K. Klamm ◽

Kevin W. Kobelsky ◽

Marcia Weidenmier Watson

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Management Training ◽

Internal Controls ◽

Senior Management ◽

Data Availability ◽

The Public ◽

Sarbanes Oxley ◽

Material Weaknesses ◽

Specific Control

SYNOPSIS This paper analyzes the degree to which material weaknesses (MWs) in internal control reported under the Sarbanes-Oxley Act of 2002 (SOX) affect the future reporting of MWs. Particularly, we examine information technology (IT) and non-IT MWs and their breakdown into specific IT-related entity-level, non-IT-related entity-level, and account-level deficiencies. Analysis reveals that most account-level and entity-level deficiencies occur at a significantly higher rate in SOX 404 reports with at least one IT MW than in MW reports with only non-IT MWs. Further, the presence and count of both types of MWs and all three types of deficiencies are associated with increased future MWs, as are lower profitability, non-Big 6 auditor, and firm complexity. Specific control deficiencies related to senior management, training, and IT control environment have the strongest impact on future MWs. These results indicate that effective corporate governance of both the IT and non-IT domains is pivotal in establishing and maintaining strong internal controls over financial reporting. Data Availability: Data are available from the public sources identified in the paper.

Download Full-text

Auditor Independence and Auditor-Provided Tax Service: Evidence from Going-Concern Audit Opinions Prior to Bankruptcy Filings

Auditing A Journal of Practice & Theory ◽

10.2308/aud.2008.27.2.31 ◽

2008 ◽

Vol 27 (2) ◽

pp. 31-54 ◽

Cited By ~ 104

Author(s):

Dahlia Robinson

Keyword(s):

Audit Quality ◽

Auditor Independence ◽

The Public ◽

Going Concern ◽

Sarbanes Oxley ◽

Public Company ◽

Reporting Decisions ◽

Going Concern Opinion ◽

Information Spillover

SUMMARY: This study examines whether auditors’ provision of tax services impairs auditor independence by focusing on auditors’ going-concern opinions among a sample of bankruptcy filing firms. The evidence from the bankruptcy setting is particularly salient given that the bankruptcy of corporations such as Enron motivated several provisions of the Sarbanes-Oxley Act (SOX) of 2002. More recently, auditors’ provision of tax service to their audit clients has been the focus of new rules by the Public Company Accounting Oversight Board (PCAOB). Consistent with improved audit quality from information spillover, the study documents a significant positive correlation between the level of tax services fees and the likelihood of correctly issuing a going-concern opinion prior to the bankruptcy filing. One implication of this result is that restricting tax services by auditors of poorly performing firms may diminish the quality of auditors’ reporting decisions without leading to an improvement in auditor independence.

Download Full-text

Audit Partners' Judgments and Challenges in the Audits of Internal Control over Financial Reporting

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-18-088 ◽

2020 ◽

Vol 39 (4) ◽

pp. 57-85

Author(s):

Jeffrey R. Cohen ◽

Jennifer R. Joe ◽

Jay C. Thibodeau ◽

Gregory M. Trompeter

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Data Availability ◽

Audit Committees ◽

Structured Interviews ◽

Material Weakness ◽

The Public ◽

National Office ◽

Evaluation Task ◽

Public Company

SUMMARY Internal control over financial reporting (ICFR) audits have been the subject of intensive examination by the Public Company Accounting Oversight Board (PCAOB) and researchers but the process through which auditors make ICFR judgments is largely a “black box.” To understand ICFR judgments, we conducted semi-structured interviews with 20 audit partners. Common themes in our interviews suggest that the subjectivity inherent in the ICFR evaluation task contributes to resistance against ICFR audit findings and cougnterarguments from management. Moreover, auditors perceive that their judgments are being second-guessed by PCAOB inspectors. Auditors believe that managers have difficulty accepting that material weaknesses can exist without a detected error, that management's reflexive reaction is to deny/avoid a material weakness finding, and managers routinely claim that management review controls (MRCs) would have caught the detected control deficiency. Auditors cope with management's defenses by consulting with their national office and leveraging support from strong audit committees. Data Availability: Requests for the data should be accompanied by a description of intended uses.

Download Full-text

Internal control over financial reporting: opportunities using the COBIT framework

Managerial Auditing Journal ◽

10.1108/maj-03-2014-1016 ◽

2014 ◽

Vol 29 (8) ◽

pp. 736-771 ◽

Cited By ~ 11

Author(s):

Michele Rubino ◽

Filippo Vitolla

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Interdisciplinary Approach ◽

Content Type ◽

Sarbanes Oxley ◽

Public Company ◽

Control Framework ◽

Material Weaknesses ◽

Technical Issues ◽

Or Organization

Purpose – The purpose of this paper is to analyze how the COBIT framework, integrated within the internal control framework, enables improvement in the quality of financial reporting while helping to reduce or eliminate the material weaknesses (MWs) of internal control over financial reporting (ICFR). The Control Objectives for Information and Related Technology (COBIT) model is a framework for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. Preliminarily, the analysis in this paper illustrates how the Committee of Sponsoring Organizations (COSO) framework impacts on the MWs, highlighting strengths and weaknesses. This paper shows how these limits can be overcome with the use of the COBIT framework. Design/methodology/approach – This is a conceptual paper that aims to highlight the relationship between COBIT and COSO, by illustrating how the IT processes reduce or eliminate the main MW categories. Findings – The analysis indicates that the implementation of the COBIT framework, or more generally the adoption of effective IT controls, provides important benefits to the entire company or organization. IT control objectives have a direct impact on the IT control weaknesses and indirectly on the other categories of material weaknesses. Practical implications – The adoption of the framework allows managers to implement effective ICFR. In particular, the COBIT approach provides managers with a more evolved tool in terms of compliance with the Sarbanes–Oxley Act requirements. This framework also improves the reliability of financial reporting in relation to the requirements of Public Company Accounting Oversight Board’s Auditing Standards No. 2 and 5. Originality/value – The analysis provides an interdisciplinary approach, connecting accounting and information systems themes, and suggest solutions and tools than can help managers to address the internal control weaknesses. This paper addresses an area of relevance to both practitioners and academics and expands existing accounting literature.

Download Full-text

Evidence on the Impact of Internal Control over Financial Reporting on Audit Fees

International Journal of Accounting and Financial Reporting ◽

10.5296/ijafr.v9i3.15001 ◽

2019 ◽

Vol 9 (3) ◽

pp. 1

Author(s):

Mohamed Gaber ◽

Samy Garas ◽

Edward J. Lusk

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Public Information ◽

Audit Fees ◽

Stock Trading ◽

Audit Opinion ◽

The Public ◽

Public Company ◽

Effective Group ◽

The Impact

Introduction: Circa 1992, the dot.com sector created an irrational stock-trading market where the usual “financial” profiles of: Liquidity, Cash Flow from Operations, and Revenue generation were replaced by Ponzi-esque mayhem. To stabilize the markets, the Public Company Accounting Oversight Board [PCAOB] required a second audit opinion: the COSO Opinion on the adequacy of management’s system of Internal Control over Financial Reporting: [ICoFR].Study Focus: Three COSO-[ICoFR] designations are now required as public information: (i) A “clean” opinion [Is Effective], (ii) Deficiencies are noted, and (iii) Weaknesses reported. Our research interest is to determine, for a panel of randomly selected firms traded on the S&P500 for a eleven-year period: 2005 to 2015, the nature of the effect that the COSO deficiency reporting protocol has on (i) Audit Fees and (ii) the Market Cap of traded firms.Method: To this end we collected, using the Audit Analytics Ô[WRDSÔ] database, various categories of reported Audit Fees and also Market Cap information. This random sample was classified into two sets: the first group: Is Effective SEC 302 Designation and No COSO issues & the second group: Is Not 100% Effective for which there were SEC 302 Deficiencies or Weaknesses noted.Results: Inferential testing indicates that failure to attend to the PCAOB-COSO imperatives results in a relational where there are higher Audit Fees and a slippage of the firm’s Market Cap compared to the Is Effective Group. The PCAOB’s protocol to require the Audit of the firm’s ICoFR system and make that evaluation public information seems to be an excellent corrective “Carrot and Stick”.

Download Full-text

Behind the Numbers: Insights into Large Audit Firm Sampling Policies

Accounting Horizons ◽

10.2308/acch-50921 ◽

2014 ◽

Vol 29 (1) ◽

pp. 61-81 ◽

Cited By ~ 10

Author(s):

Brant E. Christensen ◽

Randal J. Elder ◽

Steven M. Glover

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Data Availability ◽

Future Research ◽

Accounting Firms ◽

Sarbanes Oxley ◽

Big 4 ◽

National Office ◽

Current Sampling ◽

Audit Sampling

SYNOPSIS Changes in the audit industry after the Sarbanes-Oxley Act, including mandatory audits of internal control over financial reporting and PCAOB oversight and inspection of audit work, have potentially changed the nature and extent of audit sampling in the largest accounting firms. However, little academic evidence exists on these firms' current audit sampling policies (Elder, Akresh, Glover, Higgs, and Liljegren 2013). As such, we administer an extensive, open-ended survey to the national office of the Big 4 and two other international accounting firms regarding their firm's audit sampling policies. We find variation among the largest auditing firms' policies in their use of statistical and nonstatistical sampling methods and in inputs used in the sampling applications that could result in different sample sizes. Sampling experts' internal reviews indicate that projecting and resolving identified misstatements is one of the biggest difficulties that audit engagement teams face when using sampling techniques. Finally, we present evidence that some firms have significantly changed their approach to revenue testing due to PCAOB inspections. This evidence provides important insights into current sampling policies and presents opportunities for future research. Data Availability: Please contact the authors.

Download Full-text