The purpose of this paper is to analyse company‐specific factors associated with adoption of risk‐based auditing. It seeks to explore the role of internal auditing in enterprise risk management (ERM).
Findings are drawn from a questionnaire survey, sent in 2006, to all 96 chief internal auditors who were members of the Institute of Portuguese Internal Auditors.
In planning an annual schedule of audits, the adoption of a risk‐based approach is statistically significant in international firms (p≤0.05) and companies listed on the Portuguese stock market (p≤0.10). There is a strong (but not significant) association between risk‐based annual audit planning and entities which are private, in the finance sector, and large. In planning each audit engagement, adoption of a risk‐based approach is correlated positively with entity size. Internal auditing is more proactive in the implementation of ERM in smaller organisations, and is more important in the finance industry and the private sector.
A better understanding emerges of factors associated with the adoption of risk‐based auditing, together with an enhanced appreciation of the role of internal auditing in ERM.
The paper reveals the specific characteristics of companies that are associated with the adoption of risk‐based approaches in the internal audit process. It is the first paper published about risk‐based internal auditing in Portugal.
Castanheira, N., Lima Rodrigues, L. and Craig, R. (2010), "Factors associated with the adoption of risk‐based internal auditing", Managerial Auditing Journal, Vol. 25 No. 1, pp. 79-98. https://doi.org/10.1108/02686901011007315Download as .RIS
Emerald Group Publishing Limited
Copyright © 2010, Emerald Group Publishing Limited