Search results

The work of internal auditors is relevant to their host entities' reporting processes; however, few researchers have examined how internal auditors’ competency and objectivity affect their resistance to pressure from host entities regarding their reports. Thus, the main objective of this study is to examine the influence of internal audit functions' (IAF) quality factors on chief audit executives' (CAEs) ability not to modify internal audit report.

This study uses data from the Global Internal Audit Common Body of Knowledge to investigate the relationship between IAF quality and auditor resistance to pressure related to changes in internal audit reports. IAF quality is calculated using a composite measure comprising four IAF quality components. Auditors' resistance is measured using the extent to which internal auditors experienced a situation wherein they were directed to modify a valid audit finding in a report.

The analyses provide evidence that CAEs experience, certification, training and objectivity were all significantly associated with resistance to pressure. In other words, a greater quality of IAF leads to a greater ability to resist pressure to change their reports.

Despite the statistically significant results that confirm the impact of IAF competence and objectivity on the resistance of CAEs to pressure, some other factors should be considered simultaneously in future research. In addition, the study sample contains 2,193 CAEs from different regions, environments, sectors and business areas. Focussing on a particular environment, sector or organisation size may generate different results.

The following practical implications are proposed: First, internal audit regulators will find this study helpful in formulating strategies for creating balanced relationships between CAEs and other authorities and users. Second, CAEs can be encouraged to undergo constant training and complete professional development (as required by the Institute of Internal Auditors [IIA] standard). Finally, it would be interesting to apply this study to a particular environment, sector and size.

This study builds on the limited research that investigates the relationship between IAFs’ quality and the resistance of CAEs to pressure. It extends Calven’s (2021) study that investigates the impact of adherence to the IIA's Core Principles on the likelihood of IAFs modifying valid audit findings. This study examines the influence of IAF quality factors on CAEs' ability not to modify internal audit report.

This paper aims to investigate the impact of family involvement in ownership and governance on the quality of internal auditing.

Leveraging a hand-collected data set of listed family firms from 2014 to 2020, this study uses regression analyses to investigate the impact of family ownership, family involvement on the board, family CEO and the generational stage of the family business on the quality of internal auditing.

The results provide evidence that family ownership is positively associated with the quality of internal auditing, while later generational stages of family businesses have the opposite effect. Additional analyses reveal that the presence of a sustainability board sub-committee moderates the relationship between generational stages of family businesses and the quality of internal auditing function.

This paper does not consider country-institutional factors and other potentially family-related antecedents or governance factors that may affect the quality of internal auditing.

The results are informative for investors and non-family stakeholders interested in understanding under which conditions family-related factors influence the quality of internal auditing functions.

This study offers fresh evidence regarding the relationship between family-related factors and the quality of internal auditing and board sub-committees that moderate such a relationship in family businesses.

Internal audit is an essential component of the accountability structure in Ghana's local government system. Favourable conditions are required for its operation to assist management bodies to fulfil their responsibilities efficiently and effectively. Using Internal Control-Integrated Framework, this paper investigates the conditions under which internal auditing is carried out in four selected local governments in the Central Region of Ghana.

Based on interpretivism and qualitative approach, purposive sampling technique was used to select 14 key informants at various levels of governance for primary data by the use of key informant interview guide. The data were analysed using pattern matching and content analysis based on themes.

The findings of the study indicate that internal auditors faced unfavourable conditions including intimidation, threats and administrative interference in the course of performing their duties.

This paper is based on qualitative data from four selected local governments in the Central Region of Ghana. Hence these findings are specific to the local governments, internal auditors and management bodies in the country to benefit from them. The implication of the findings is closely related to the efforts to realise the ultimate goal of the recent government reforms and the need for further reforms to enhance independence, objectivity, effectiveness and efficiency.

This study helps management of local governments in finding out conditions under which internal auditing operates. This helps to enhance favourable conditions and minimise the unfavourable conditions for the purpose of efficient and effective utilisation of resources towards improvement of service delivery of local government system to meet the needs of the people.

The study contributes to the understanding and application of Internal Control-Integrated Framework to local government system in the Central Region. It also uses the agency theory to explain the conditions under which internal auditing is carried out in the selected local government institutions.

This study provides new insight into the conditions of carrying out internal auditing in local governments and raises awareness of stakeholders on the need to enhance service delivery to the people. It also introduces a novel idea of placing all internal auditors under a newly established Internal Audit Class to advance independence and objectivity.

This study aims to identify the factors that lead non-financial companies listed in the UK to use an internal audit function (IAF) as a monitoring mechanism. Although the use of an IAF in the UK is voluntary, no prior research has examined the drivers for using one.

Financial and non-financial data were collected from the annual reports of 332 UK non-financial companies listed on the London Stock Exchange (LSE) Main Market. Univariate tests and multivariate logistic regression tests were used to test the research hypotheses. A theoretical framework based on both agency theory and transaction cost economics (TCE) theory was used to explain the economic factors affecting the use of an IAF.

The study provides evidence that firm size, level of internal risks, agency problem between owners and managers and existence of an effective audit committee are associated with the existence of an IAF. Thus, the need to have strong internal control and risk management systems and to reduce both internal and external agency costs drives companies to have an IAF. These results suggest the importance of IAF as an internal corporate governance tool and the effectiveness of UK governance regulations in monitoring the effectiveness of internal control systems.

Given the importance of the IAF’s corporate governance role, the study provides some policy implications. Regulators should pay more attention to the issue of maintaining an IAF, especially by large companies, the relationship between the IAF and other governance parties, especially the audit committee, and the disclosure of more relevant information about the IAF’s characteristics and practices.

This is the first study to examine the factors affecting the existence of the IAF within the UK’s distinctive regulatory approach of “comply or disclose reasons”. Furthermore, it provides a theoretical framework that explains how both the agency theory and TCE theory can interpret the adoption of internal audit.

The purpose of this study is to examine how companies integrate cyber risk into their enterprise risk management practices. Data breaches have become commonplace, with thousands occurring each year, and some costing hundreds of millions of dollars. Consequently, cyber risk has become one of the gravest risks facing organizations, and has attracted boardroom-level attention. On the other hand, companies already manage many kinds of difficult and growing risks, and that firms lose less than 1% of annual revenues as a result of cyber incidents. Therefore, how should firms appropriately address cyber risk? Is it indeed a materially different kind of risk area, or is it simply just one more risk that can seamlessly be integrated into existing enterprise risk management (ERM) practices?

The authors performed thematic analysis based on semi-structured interviews, with non-probabilistic, purposive sampling, to answer two main questions. First, how do firms manage enterprise risks, generally? And second, how are they integrating cyber risk into these existing processes?

The authors find that there is considerable variation in the approach and sophistication in ERM practices, such as whether they are driven more like an auditing function, or as a risk champion. The authors also find that despite the novelty of cyber risk, it can be integrated like other enterprise risks, and that cyber risk is most often seen as an operational risk (similar to workplace accidents or fraud), rather than a strategic risk, emerging from, for example, technology innovation and R&D.

The generalization of the results is limited by the sample size and variation of firms interviewed. While the authors attempted to interview enterprise risk managers across a wide variation of firms, there were clear limitations in the scope. That being said, the authors were fortunate to be able to examine ERM and cyber risk practices across small and large, private and publicly traded companies, from a variety of business sectors.

The authors believe these finding are important because they present evidence that while cyber risk may be new, it does not require specialized handling or processes to track it at the enterprise level. While some firms may choose to provide special accommodations or attention because of their data collection or business practices, this approach is neither necessary nor required of all firms in all situations.

This research is one of the only papers that, to the best of the authors’ knowledge, examines how cyber risk is integrated at an enterprise level.

This study aims to understand the behavior of internal auditors towards quality and analyze if some organizational and individual factors influence internal audit quality.

The sample is constituted by Portuguese internal auditors, and the methodology includes the use of partial least squares – structuring equation model (PLS-SEM) to test the hypothesis under study.

The results show that there is a negative relationship between reduced audit quality practices (RAQP) and organizational commitment and independence. The results found that time pressure positively affect RAQP. There is no evidence that perceived organizational support (POS) and risk profile are determinants of RAQP.

This work contributes by extending the literature about the determinants of internal audit quality, but also to the practice by understanding the factors that influence the behavior of internal auditors and by making recommendations that allow an improvement of the quality of internal auditing.

本研究擬瞭解內部審計師就保持內部審計質量所作出的行為，並探討是否有些組織或個人因素、會影響內部審計的質量。

研究的樣本由葡萄牙內部審計師構成，而研究方法則包括偏最小平方法的結構方程模型 (PLS-SEM) 的使用，以測試正在研究中的假設。

研究結果顯示、降低審計質量的慣常做法與組織承諾及獨立性是成負相關的; 研究結果亦顯示、時間壓力會對降低審計質量的慣常做法產生正面影響，沒有證據證實、組織支持感和風險概況是降低審計質量慣常做法的決定因素。

本研究的貢獻為、就研究內部審計質量決定因素的文獻方面、擴展了有關的學術探討; 研究亦對內部審計作出實務方面的貢獻，因研究結果幫助我們更瞭解影響內部審計師行為的因素，而且，研究人員提出了提升內部審計質量的建議。

內部審計質量、降低審計質量的慣常做法、組織決定因素、個人決定因素.

This study aims to understand independence in internal auditing by investigating how internal auditor independence is constructed when analysed in its corporate governance context.

A critical discourse analysis (CDA) of the corporate governance reports of Swedish large stock market listed non-financial companies, for three consecutive years, is undertaken, using a theoretical lens of organisational embeddedness and operational coupling to understand independence as a situated practice.

The study develops four archetypes of internal auditor independence – autarchic, instrumental, symbiotic and subservient – and discusses each archetype's implications for independence, related to tripartite relations with management and the audit committee, regarding who has the mandate to direct work and how the work is done. It finds that internal auditors always have a capacity to be independent. Although they are not independent in relation to agents in the subservient archetype, they are independent of those down the organisational chain of command, suggesting independence is both situational and relational.

The analysis contributes a novel approach to the literature and develops a conception of independence using the dimensions of embeddedness and coupling. The archetypes offer an analytical framework for future studies on independence.

Internal auditors may understand their practice differently through the archetypes that result from this study.

Internal auditors' power relations within corporate governance further an understanding of the pressures on internal auditors and their role.

This study contributes new knowledge on the situatedness of independence by showing how internal auditors are embedded and coupled helps build their independence.

The purpose of this paper is to explore how internal auditors’ (IAs) roles have changed because of the diffusion of neoliberal ideologies in the Ukrainian public sector.

A qualitative methodological approach was applied. Data were collected from 29 semi-structured interviews with public sector auditors in Ukraine’s central government; secondary data analysis was also performed.

IAs’ role in Ukraine’s central government has changed significantly, with reforms attempting to move to performance auditing. Consequently, Ukrainian central government IAs appeared in the multi-expectation situation, due to the division of the role senders into two different areas. On one hand, IAs are expected to perform new roles set by the Ministry of Finance of Ukraine, while their traditional role as “watchdogs” is still expected by managers (heads of institutions). Diverging expectations resulted in the role conflict that impedes the change in IAs’ role and performance auditing introduction in the Ukrainian central government. Moreover, we identify factors that motivate IAs to prioritise managers’ expectations, while trying to cope with the existing role conflict in Ukraine’s central government.

This study makes a threefold contribution by enriching the understanding of auditors’ roles, role conflicts that public sector auditors may experience and factors that influence how auditors cope with such conflicts, through the lenses of role theory; exploring the change in roles with the emergence of performance auditing; and shedding light on public sector auditing in the less explored context of a post-Soviet country.

This paper aims to examine the effect of the Sarbanes–Oxley Act (SOX), which was signed by President George W. Bush and came into effect on July 30, 2002, on firm productivity.

The authors use the total factor productivity (TFP) as our measure of firm productivity.

Analyzing annual firm-level data from the Compustat database for the period of 1991-2006, the authors find that firm productivity increases at a higher rate in the post-SOX period. The results indicate that, although firms incur significant costs in complying with the requirements of the SOX, they also benefit from these requirements as evidenced by the improved productivity over time post-SOX. There is also a shift in the output elasticities from capital toward labor. The SOX has a positive effect on the output elasticity of labor but a negative impact on that of capital.

The results have the following important implications. The SOX is a value-enhancing regulation in that it not only strengthens a firm’s corporate governance but also improves its productivity. However, compliance with the SOX can impose a long-term cost on firms: the decrease in the capital investment, leading to a decline in the output elasticity of capital. If this decline in the capital investment continues, it can have an adverse effect on firm productivity in the long term.

This paper extends the literature along the line of the actual operational effects of the SOX regulation by examining its effect on the productivity of firms.

This study aims to examine how the legitimacy of internal auditing is reconstructed during enterprise resource planning (ERP)-driven technological change.

The study is based on the comparative analysis of internal auditing and its transformation due to ERP implementations at two case firms operating in the food sector in Egypt – one a major Egyptian multinational corporation (MNC) and the other a major domestic company (DC).

Internal auditors (IAs) at MNC saw ERP implementation as an opportunity to reconstruct the legitimacy of internal auditing work by engaging and partnering with actors involved with the ERP change. In doing so, the IAs acquired system certifications and provided line functions and external auditors with data-driven business insights. The “practical coping mechanism” adopted by the IAs led to the acceptance (and legitimacy) of their work. In contrast, IAs at DC adopted a purposeful strategy of disengaging, blaming and rejecting since they were skeptical of the top management team's (TMT's) sincerity. The “disinterestedness” led to the loss of legitimacy in the eyes of the stakeholders.

The article offers two contributions. First, it extends the literature by highlighting a spectrum of behavior displayed by IAs (coping with impending issues vs strategic purposefulness) during ERP-driven technological change. Second, the article contributes to the literature on legitimacy by highlighting four intertwined micro-processes – participating, socializing, learning and role-forging – that contribute to reconstructing the legitimacy of internal auditing.