THE ROLE OF INTERNAL AUDIT IN THE FIGHT AGAINST CYBER CRIME

The internet is constantly changing the way we live and conduct business. Global business surroundings impose all organizations across to have a secure digital infrastructure for fighting against cybercrime. Cyber crime is on the raise in this decade. Cyber crime is a criminal activity that is focused against compromising security of information systems in enterprises, in order to acquire certain profits, or to incur damage, theft or loss. Types of cyber crime include theft, evasion, or using information in order to unlawfully obtain profits from them. This paper will present certain information about cyber crime and most common types of it. According to international standards for internal audits, internal auditors are authorized for fight against fraud, which means authorization for fight against cyber crime. Main purpose of this paper is to find model for organizing internal audit for purpose of fighting cyber crime. Therefore, it is necessary to determine: internal audit standards that your organization must adhere to in fight against cybercrime, identify security requirements for standards, determine the goals, risks and security policy of the organization, raise employee awareness of the dangers of cybercrime, involve top management in the orbit against cybercrime, conduct employee training on data security and the like. Cyber security is basically about managing future risk, and requires insight into current and future vulnerabilities and how to prevent or reduce them, the likelihood of threats and costs associated with potential outcomes, and how to mitigate them. Internal auditors must be aware of impending regulatory changes based on IIA standards (The International Standards for the Professional Practice of Internal Auditing) related to computer security. Internal auditors should understand the impact of cyber threats on the organization. In particular, they should include this in their internal audit plan based on the risk of cybercrime. Internal auditors should have a strong partnership with the CIO (Chief Information Officer) and CISO (Chief Information Security Officer), for the sake of a trusted advisor in the fight against cybercrime. Internal auditors should provide an independent overview of the cyber security strategy. Modal will be based on COSO (The Committee of Sponsoring Organizations of the Treadway Commission’s) Internal Control — Integrated Framework and will feature five core principles: 1) creating control environment for fighting against cyber crime, 2) risk assessment for cyber crime, 3) projecting and implementing activities for fighting against cyber crime, and 5) monitoring activities. Research results will show new scientific facts and knowledge about methods for fighting cyber crime worldwide. Managers and internal auditors will have practical benefit from research results for implementing cyber crime prevention programs.

Download Full-text

Organizational identity, professional identity salience and internal auditors’ assessments of the severity of internal control concerns

Managerial Auditing Journal ◽

10.1108/maj-02-2020-2566 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Ian Burt ◽

Theresa Libby

Keyword(s):

Professional Identity ◽

Internal Control ◽

Organizational Identity ◽

Internal Audit ◽

Identity Salience ◽

Content Type ◽

Internal Auditors ◽

Internal Control Weaknesses ◽

The Impact ◽

Benefits And Costs

Purpose This paper aims to examine whether increasing the salience of the internal auditor’s professional identity, defined by the expectations of their professional group, increases internal auditors’ judgments of the severity of internal control concerns when their organizational identity is high. Design/methodology/approach This paper tests the hypothesis using a laboratory experiment with internal auditors as participants. Findings The results support the hypothesis that professional identity salience moderates the relation between organizational identity and the assessed severity of identified internal control weaknesses. Increasing the salience of professional identity results in a more severe assessment of identified internal control weaknesses when organizational identity is high than when it is low. Originality/value Prior research in the lab and in the field provides mixed results about the impact of organizational identity on internal auditors’ judgments of the severity of identified internal control concerns. This paper contributes to the discussion on this issue. In addition, the results have implications for the debate about the benefits and costs of in-house versus out-sourced internal audit functions.

Download Full-text

The importance of considering internal audit as a decision-making by top-management of an agricultural company

Oditor - casopis za Menadzment finansije i pravo ◽

10.5937/oditor2003123j ◽

2020 ◽

Vol 6 (3) ◽

pp. 123-136

Author(s):

Miloš Jokić

Keyword(s):

Decision Making ◽

Internal Control ◽

Internal Audit ◽

International Standards ◽

Top Management ◽

Internal Auditing ◽

Internal Auditors ◽

Agricultural Enterprises ◽

Agricultural Enterprise ◽

Valid Information

The top management's decision-making in an agricultural enterprise should be based on valid information gathered within the enterprise itself. Collecting timely business information is done daily by all sectors of the enterprise. Merely improving the security of information gathering and the safety of all parts of the enterprise is a task performed by trained internal control and internal audit personnel in the company, appointed by top management. In performing their duties on a regular basis, internal auditors should apply procedures and methodologies that are consistent with International Standards on the Professional Practice of Internal Auditing in their work. The aim of the paper is to emphasize the importance of implementing the adopted methodology of work of internal auditors in agricultural companies. The author points out those standards that are in line with best audit practice should be applied in internal audit work. The contribution of the study authors is to emphasize the importance of applying the internal audit profession in the regular operation of agricultural enterprises, which is in line with the general objective of improving the regular business operation.

Download Full-text

The Impact of the Standards Implementation of Internal Audit Attributes on the Internal Control System Effectiveness: A Field Study of Banks in Yemen

مجلة الدراسات الاجتماعية ◽

10.20428/jss.26.4.5 ◽

2021 ◽

Vol 26 (4) ◽

pp. 111-132

Author(s):

Mohammed Ali M. Al-Rubaidi ◽

Abdulelah Ahmed Khobah

Keyword(s):

Control System ◽

Internal Control ◽

Positive Impact ◽

Internal Audit ◽

International Standards ◽

Audit Committees ◽

Continuous Training ◽

Internal Control System ◽

Audit Activity ◽

The Impact

This study aimed to investigate the impact of the implementation of internal audit characteristics on the effectiveness of the internal control system in banks in Yemen. To achieve the objective of this study, a questionnaire was designed as a tool for collecting the data from the study community which consisted of (18) banks in Yemen, (14) of which, in Sana'a city, were taken as a sample. The sample consisted of 190 employees selected from the internal auditors, internal audit committees and finance managers. The SPSS was used to analyze 155 questionnaires that were valid for analysis. The results of the study revealed that there is a statistically significant positive impact on the implementation of all standards of internal audit characteristics on the effectiveness of the internal control system. In the light of the findings, the study recommends that the Yemeni banks should adopt procedures to enhance the effectiveness of the internal control system, including providing sufficient authority for the internal audit activity The team of internal audit should have absolute independence and continuous training in line with international standards and developments; in addition, conducting a periodic and continuous evaluation of the internal audit activity is recommended to enhance the effectiveness of the internal control system.

Download Full-text

Influence of audit committees on internal audit conformance with internal audit standards

Managerial Auditing Journal ◽

10.1108/maj-12-2014-1132 ◽

2015 ◽

Vol 30 (6/7) ◽

pp. 539-559 ◽

Cited By ~ 22

Author(s):

Abdulaziz Alzeban

Keyword(s):

Audit Committee ◽

Stock Exchange ◽

Middle Eastern ◽

Internal Audit ◽

International Standards ◽

Audit Committees ◽

Content Type ◽

Internal Auditors ◽

The Impact ◽

Audit Standards

Purpose – This study aims to provide empirical evidence of the association between audit committee characteristics and internal audit conformance with the International Standards for the Professional Practice of Internal Auditing (ISPPIA). Design/methodology/approach – Seventy-four usable responses were received from a survey of chief internal auditors (CIAs) from Saudi companies listed on the Saudi Stock Exchange. Findings – The results indicate that audit committee characteristics (the presence of independent members on the committee, members’ expertise in auditing and accounting and meeting with the CIA) influence internal audit conformance with the ISPPIA. Additionally, they demonstrate that such conformance is also influenced by CIA tenure. Practical implications – The findings of this study also have significant implications for audit committees wishing to improve their overall effectiveness, by identifying the impact of the committee’s characteristics on internal audit conformance with the ISPPIA. Originality/value – The results add to the literature on internal audit standards by introducing a Middle Eastern perspective and simultaneously providing insights for companies in their attempts to adhere to the international standards, hence, supporting efforts towards good corporate governance.

Download Full-text

An examination of the impact of compliance with internal audit standards on financial reporting quality

Journal of Financial Reporting and Accounting ◽

10.1108/jfra-09-2018-0085 ◽

2019 ◽

Vol 17 (3) ◽

pp. 498-518 ◽

Cited By ~ 2

Author(s):

Abdulaziz Alzeban

Keyword(s):

Financial Reporting ◽

Middle Eastern ◽

Internal Audit ◽

Reporting Quality ◽

International Standards ◽

Financial Reporting Quality ◽

Annual Reports ◽

Content Type ◽

Internal Auditors ◽

The Impact

Purpose The purpose of this study is to explore the impact of internal audit (IA) compliance with the International Standards for the Professional Practice of Internal Auditing (ISPPIA) on financial reporting quality (FRQ). Design/methodology/approach Data were gathered from 142 chief audit executive from Saudi listed companies, and also from the annual reports of the participating companies. Two proxies are used to measure FRQ, namely, discretionary accruals and accruals quality. Findings The findings reveal that companies demonstrating higher IA compliance with standards have better FRQ. They also indicate that the interaction between IA competency and its compliance with standards has an impact on FRQ. Further, the findings provide evidence that FRQ is higher in companies where IA departments have formal documentation, that is, entirely consistent with the ISPPIA. These results retain their robustness after further analysis. Originality/value In offering these findings, the paper contributes to the existing IA literature by introducing evidence from a Middle Eastern context, namely, Saudi Arabia, of the link between IA compliance with the ISPPIA and FRQ. It confirms the role of IA in FRQ, and hence, as an element of corporate governance, information, which is valuable for both the institute of internal auditors and companies.

Download Full-text

ДОКУМЕНТУВАННЯ РЕЗУЛЬТАТІВ ДІЯЛЬНОСТІ ВНУТРІШНЬОГО АУДИТУ БАНКУ

TIME DESCRIPTION OF ECONOMIC REFORMS ◽

10.32620/cher.2019.2.06 ◽

2019 ◽

pp. 54-60

Author(s):

О. М. Долінська

Keyword(s):

Internal Control ◽

Internal Audit ◽

Evidence Base ◽

International Standards ◽

Practical Significance ◽

Basic Material ◽

Professional Judgment ◽

Internal Auditor ◽

Internal Auditors ◽

Audit Evidence

The article deals with the need to document of an assurance engagement of internal auditors of the bank and the organization of this process by the internal audit department. The purpose of the research is to analyze the latest requirements for documenting the results of the internal audit work in accordance with the International Standards for the Professional Practice of Internal Auditing. The object of research – the documents of an assurance engagement of internal auditors. The methods used of the research: analysis and synthesis, induction, methods of scientific knowledge. The hypothesis of research: a professional judgment is formed on documented provides receiving audit evidence for individuals who use an assessment of the activities of the internal audit department for specific purposes. The statement of basic material: the results of the analysis identify the documents used by the internal auditor to substantiate the findings of the audit findings. On the basis of the organization of the documentation process, the documents that selected to the implementation of an assurance engagement of internal auditors at each stage of the internal audit are selected and grouped. The originality and practical significance of the research is to develop of documents that will improve the organization and execution of an assurance engagement of internal auditors and will provide an evidence base for the results in the audit report. Conclusions of the research. Established that the implementation of documentation provides receiving audit evidence for the development of recommendations for decrease of risk and risk management, improving the system of internal control of banking activities and promoting the improvement of governance.

Download Full-text

The impact of internal audit function characteristics on internal control quality

Managerial Auditing Journal ◽

10.1108/maj-06-2017-1579 ◽

2018 ◽

Vol 33 (5) ◽

pp. 450-469 ◽

Cited By ~ 8

Author(s):

Ahmed Atef Oussii ◽

Neila Boulila Taktak

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Audit Quality ◽

Internal Audit ◽

Audit Committees ◽

Content Type ◽

Internal Auditors ◽

Control Quality ◽

Internal Audit Function ◽

The Impact

Purpose This paper aims to investigate the association between internal audit function (IAF) characteristics and internal control quality. Design/methodology/approach Using data gathered from 59 chief audit executives from Tunisian listed companies, this paper uses a regression model to examine research hypothesis related to the association between IAF characteristics and internal control quality. Findings The findings of the current study reveal that internal control quality is significantly and positively associated with IAF competence, internal audit quality control assurance level, follow-up process and audit committee’s involvement in reviewing the internal audit program and results. Practical implications The findings have significant implications for IAF wishing to enhance their effectiveness, by recognizing the impact of the IAF’s characteristics on internal control quality. The findings of this study also have significant implications for regulatory bodies who are concerned with the internal control quality, managers and audit committees who determine IAF investment, oversight IAF activities and assess internal auditors’ performance. Originality/value This study helps fill a gap in the extant literature where existing empirical evidence of how the IAF characteristics influences the quality of the financial reporting process in emerging markets is scant.

Download Full-text

The Development of Internal Auditing as a Profession in the U.S. During the Twentieth Century

Accounting Historians Journal ◽

10.2308/aahj-10549 ◽

2017 ◽

Vol 44 (2) ◽

pp. 47-67 ◽

Cited By ~ 3

Author(s):

Susan Parker ◽

Lynn A. Johnson

Keyword(s):

Professional Identity ◽

Internal Control ◽

Self Regulation ◽

Internal Audit ◽

Professional Community ◽

Internal Auditing ◽

Internal Auditor ◽

Business World ◽

Internal Auditors ◽

The Impact

ABSTRACT This paper traces the development of internal auditing from the standpoint of its professional identity. The question of how internal auditors have historically seen themselves bears on how they function as integral parts of internal control systems, and may help researchers formulate future empirical studies of internal auditing. Over the years, the self-perception of the internal audit profession's function has varied greatly. Internal auditing has lived, to some extent, in the shadow of the public accounting profession, while struggling to achieve public recognition, status in the business world, and a defined role separate from that of an internal monitor, subsidiary to the external auditor. While there have been many changes in terms of the formation of a professional community, belief in the importance of the work, and the growth of a system of self-regulation, the demands of various constituents and the desires of internal auditors for professional status have led to a persistent struggle to define the appropriate functions and organizational placement of internal audit. This struggle continues up to the present time. Several things stand in the way of a complete professional identity for internal auditing. Internal auditing cannot lay claim to a clearly defined role that is uniquely its own. The internal audit function (IAF) does not own a skill set or knowledge base that is not shared by the external auditors. The impact on the ability to distinguish the internal auditor from the external consultant is detrimental to the profession. Neither has the internal auditor been able to attain complete autonomy. While the IAF now reports to the Board of Directors or its audit committee more frequently than in the past, its continuing strong connection with management hinders its ability to be truly self-determining. On the other hand, the contributions that internal auditors make to their organizations are very real, and the lack of an externally mandated role allows them to be utility players. For management, the availability of a utility player who can provide internal consulting or assistance that saves overall compliance costs is valuable, as is the ability for boards to rely on an IAF with a deep knowledge of the organization.

Download Full-text

The Impact of Internal Audit Function Quality and Contribution on Audit Delay

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-50848 ◽

2014 ◽

Vol 34 (1) ◽

pp. 25-58 ◽

Cited By ~ 47

Author(s):

Mina Pizzini ◽

Shu Lin ◽

Douglas E. Ziegenfuss

Keyword(s):

Financial Reporting ◽

Internal Control ◽

House Of Representatives ◽

Internal Audit ◽

Financial Statement ◽

Internal Auditors ◽

External Auditors ◽

Sarbanes Oxley ◽

The Impact ◽

Relevant Work

SUMMARY The number of days required to complete financial statement audits (i.e., audit delay) increased significantly with the implementation of Section 404 of the Sarbanes-Oxley Act (SOX, U.S. House of Representatives 2002). As firms' in-house experts on internal control, Internal Audit Functions (IAFs) can substantially affect financial reporting processes and, thus, audit delay. Internal auditors can help management maintain strong internal controls and assist external auditors with financial statement audits. Accordingly, we investigate whether IAF quality and the IAF's contribution to financial statement audits affect audit delay in a sample of 292 firm-year observations drawn from the pre-SOX 404 period. Using survey data from the Institute of Internal Auditors (IIA), we develop a comprehensive proxy for IAF quality; we measure different aspects of IAF quality (e.g., competence, objectivity, fieldwork rigor); and we measure the nature of the IAF's contribution to financial statement audits (independently performed work and direct assistance). Results indicate audit delay is decreasing in IAF quality, and this decrease is driven by IAF competence and fieldwork quality. Delay is four days shorter when IAFs contribute to external audits by independently performing relevant work. High-quality IAFs contribute to financial statement audits by independently performing relevant work, while low-quality IAFs provide direct assistance.

Download Full-text

The impact of COSO control components on internal control effectiveness: An internal audit perspective

Journal of Economic and Financial Sciences ◽

10.4102/jef.v6i2.272 ◽

2013 ◽

Vol 6 (2) ◽

pp. 495-518 ◽

Cited By ~ 2

Author(s):

Houdini Fourie ◽

Christo Ackermann

Keyword(s):

Control System ◽

Internal Control ◽

Boards Of Directors ◽

Internal Audit ◽

Western Cape ◽

Eastern Cape ◽

Best Interest ◽

Internal Auditors ◽

Internal Control System ◽

The Impact

Boards of directors have the ultimate responsibility for governance – including internal control – in their organisations. Management is tasked with the design, implementation and maintenance of internal control systems. Internal auditors play a key role in independently evaluating these controls, acting as agents on behalf of the board of directors in order to mitigate the possibility of management not acting in the best interest of the organization, leaving gaps in the internal control system, and, in some instances, doing so in order to enable unlawful personal gain. The Committee of Sponsoring Organisations’ Integrated Framework for Internal Control (hereafter referred to as the COSO framework) is used as a recognised framework, which, if implemented, could result in an effective internal control system and served as the basis for the design of the research instrument of the research. The questionnaire was distributed to internal audit practitioners. Responses were obtained from 31 participants from the Eastern Cape and Western Cape regions in South Africa. The majority of the participants provide internal audit services to the local government sphere of the South African government. This article identifies which characteristics should exist in an organization’s control system that, in the opinion of internal auditors, improve the effectiveness of the internal control system. This study concludes that internal auditors are of the opinion that control characteristics as outlined in the COSO framework for ‘risk assessment’, ‘information and communication’, ‘control activities’ and ‘monitoring’ components of internal control, do contribute to an effective internal control system.

Download Full-text