Search results

With computer technology fast becoming the engine that drives productivity, IT systems have become more pervasive in the daily operations of many businesses. Large, as well as small, businesses in the USA now rely heavily on IT systems to function effectively and efficiently. However, past studies have shown CEOs do not always understand how reliant their business is on IT systems. To the authors’ knowledge, no research has not yet examined if financial markets understand how IT affects the performance of businesses. The paper aims to discuss these issues.

In this study, the authors utilize the event study method to examine how financial markets interpret weaknesses in businesses IT systems. The authors examine this in the context of the Sarbanes-Oxley Act – Section 404 requirements and utilize the internal reporting requirement in the annual financial statement filing with the Securities Exchange Commission as a proxy to evaluate how the financial markets interpret IT weaknesses.

Using an event study, the authors show that the market does not necessarily understand and respond to the effects of IT weaknesses on overall financial performance of firms and thus challenge the efficient market hypothesis theory.

A second contribution is methodological in nature. IS researchers thus far have been using limited market benchmarks, statistical tests, and event windows in their respective event studies of market performance. This study shows shortcomings of that approach and the necessity of expanding usage of available event analysis tools. The authors show that using more than one market benchmark and statistical test across multiple time frames uncovers the effects that using a single benchmark and test over a single window would have overlooked.

The purpose of this study is to investigate the relationship of weaknesses in IT‐related internal controls to companies' overall financial performance and health.

The study examines four accounting measures: liquidity, solvency, profitability, and market value. During the four‐year period of 2004‐2007, the authors identified companies that reported at least one material IT weakness and matched them with a similar set of companies with no reported material weaknesses. Additionally, for a subset of the companies in which a good match could be identified, a second data set was developed for comparison of companies reporting only material non‐IT weaknesses.

As expected, companies reporting IT weaknesses experienced less of an ability to pay short‐term and long‐term debts, earned lower profits, and possessed lower market value than companies with no weaknesses. Companies reporting IT weaknesses experienced worse financial performance and health than companies with non‐IT weaknesses.

At the time of this study, most foreign registrants listed on US stock exchanges had not completed and filed their initial SOX 404 assessment with the SEC. Furthermore, small public companies (i.e. under a $75 million market capitalization) were not required to comply with 404 reporting requirements at the time of this study. In addition, Compustat provides information only on publicly traded companies.

The current study builds on IT governance research in two key ways. First, academia and industry must move past the discussion of IT governance design to examine the performance of IT governance efforts (i.e. effectiveness of controls audited by an independent third party) in relation to key financial performance and health indicators. Second, this study uses more objective measures of IT governance than were available in the past (i.e. the internal control and financial data reported in companies' audited financial statements). The results provide insight into the relationship of IT governance to overall financial well‐being.

In 2001, the US moved to regulate internal control reporting by management and auditors. While some jurisdictions have followed the lead of the US, many others have not. An important question, therefore, is the relevance of internal control to stakeholders. The more specific issue of the benefits of US-style regulation of internal control reporting is also topical. We review studies on the determinants of internal control quality and its economic consequences for stakeholders including investors, creditors, managers, auditors and financial analysts. We extend previous reviews by focusing on US studies published since 2013 as well as all non-US studies investigating IC quality including countries regulating IC disclosure as well as unregulated settings and both developed and developing economies. In doing so, we identify research questions where evidence remains mixed and new directions in which there are research opportunities.

Three main insights arise from our analysis. First, evidence on the economic consequences of internal control quality suggests that the quality of internal control can have a significant effect on decision making by users of financial information. Second, the results of research on the empirical association between ownership structure, certain board characteristics and internal control quality is generally mixed. Empirical evidence concerning the association between audit committee characteristics and internal control quality generally supports a positive and significant association. Finally, while studies in non-US jurisdictions are increasing, opportunities remain to explore the determinants and consequences of internal control in other jurisdictions. Our review provides evidence for policy makers of whether there are benefits from requiring management and auditors to report on internal control over financial reporting.

The complexity of computerized information systems increases the complexity of the external auditor's assessment of the reliability of a client's internal control systems. The purpose of this paper is to investigate the impact of weaknesses in IT related internal controls on the cost of a SOX 404 audit of internal controls over financial reporting.

The paper considers the impact on audit fees through three dimensions: percentage increase in audit fees; amount of change in audit fees per outstanding common share; and actual dollar amount of audit fees. Examination of first year reports by accelerated filers yields 131 companies with material IT‐control weaknesses. These 131 companies are matched with a similar set of companies with no reported material weaknesses, and for a subset of 54 from the 131 companies in which a good match could be identified, a set of companies having only material non‐IT‐based control weaknesses are compared.

As expected, substantial fee differentials were identified for companies reporting material IT‐based control weaknesses as compared to both companies without any material weaknesses and those companies with only non‐IT related material weaknesses.

Preliminary evidence in regard to the costs of SOX 404 compliance for stockholders is provided. The cost of SOX 404 compliance has often been cited in criticisms of SOX, yet the focus of SOX is not on corporate wealth, but rather on enhancing corporate governance to protect the interest of stockholders. The cost of SOX compliance across the number of reported outstanding common shares for the companies studied is factored. It is found that the increased cost of audit fees on a per share basis is higher for companies reporting IT material weaknesses.

The purpose of this paper is to analyze how the COBIT framework, integrated within the internal control framework, enables improvement in the quality of financial reporting while helping to reduce or eliminate the material weaknesses (MWs) of internal control over financial reporting (ICFR). The Control Objectives for Information and Related Technology (COBIT) model is a framework for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. Preliminarily, the analysis in this paper illustrates how the Committee of Sponsoring Organizations (COSO) framework impacts on the MWs, highlighting strengths and weaknesses. This paper shows how these limits can be overcome with the use of the COBIT framework.

This is a conceptual paper that aims to highlight the relationship between COBIT and COSO, by illustrating how the IT processes reduce or eliminate the main MW categories.

The analysis indicates that the implementation of the COBIT framework, or more generally the adoption of effective IT controls, provides important benefits to the entire company or organization. IT control objectives have a direct impact on the IT control weaknesses and indirectly on the other categories of material weaknesses.

The adoption of the framework allows managers to implement effective ICFR. In particular, the COBIT approach provides managers with a more evolved tool in terms of compliance with the Sarbanes–Oxley Act requirements. This framework also improves the reliability of financial reporting in relation to the requirements of Public Company Accounting Oversight Board’s Auditing Standards No. 2 and 5.

The analysis provides an interdisciplinary approach, connecting accounting and information systems themes, and suggest solutions and tools than can help managers to address the internal control weaknesses. This paper addresses an area of relevance to both practitioners and academics and expands existing accounting literature.

This paper aims to determine whether there is a relationship between intellectual capital and social capital and internal control weaknesses and assess the relationship between the variables of intellectual capital and social capital and internal control weaknesses.

The statistical population consists of 1,309 firm-year observations from 2014 to 2020. The research hypothesis is tested using statistical methods, including multivariate, least-squares and fixed-effects regression.

The results demonstrate a negative and significant relationship between intellectual capital, social capital and internal control weaknesses. The study also finds that increased intellectual and social capital quality improves human resource utilization, control mechanism, creativity and firm performance. The results also show that intellectual capital and social capital enhancement will reduce internal control weaknesses in the upcoming years.

This paper is the pioneer study on the relationship between intellectual capital and social capital and internal control weaknesses in Iran, carried out separately and in exploratory factor analysis. This paper considers intellectual capital components for theoretical factor analysis, including human capital, structural capital and customer capital. Internal control weakness is assessed based on financial, non-financial and information technology (IT) weaknesses.

The purpose of this paper is to investigate the relationship between internal controls weakness and financial reporting quality and the effect of family ownership on the mentioned relationship in Iranian listed firms.

In this way, the authors included the number of 139 firms from 2013 to 2017, of which 28 were family firms. The hypotheses are analyzed based on panel data and means comparison.

The results illustrated that weakness in internal controls has a significant negative relationship with financial reporting quality. In other words, internal controls weakness decreases the quality of financial reporting quality. Moreover, the results showed that being familial does not affect the aforementioned relationship.

Consequently, there is no suitable criteria to distinguish family firms and there is a need to take them into serious consideration because very few studies have been conducted focusing on this issue in Iran, as it is considered an argumentative subject to be discussed in the Iranian market.

The purpose of this paper is to examine information technology (IT) control deficiencies and their affect on financial reporting.

This study examines 278 companies reporting IT control deficiencies in the first three years of the SOX 404 requirements (2004‐2006). Using quantitative analysis, the study evaluates the impact of IT deficiencies on financial reporting and determines significant differences between companies that report IT deficiencies and companies that do not report IT deficiencies.

Four accounting errors: revenue recognition issues; receivables, investments and cash issues; inventory, vendor and cost of sales issues; and financial statement, footnote, US GAAP, and segment disclosures issues stand out as common financial reporting problems in companies reporting weak IT controls. This study also suggests that companies with IT control deficiencies report more internal control (IC) deficiencies, are smaller, pay higher audit fees, and are typically audited by smaller accounting firms.

This research is limited in scope since only SOX accelerated filers are included in the analysis. As of this study, smaller, non‐accelerated filers are not required to report IC control weaknesses under SOX.

As of this research, no analysis exists to support or refute the relationship of IT controls and accounting errors. This study re‐affirms the widespread impact that deficient IT controls can have on the overall IC structure of the business. Our study reveals some of the important issues associated with IT in the financial reporting process. The role of IT in financial reporting systems is destined to escalate. Studies, like ours, can help managers and auditors identify IT problems that affect financial reporting and take remedial steps to correct these weaknesses.

This paper aims to investigate whether the stock market reacts to presentation options available to auditors under AS 2 (providing separate financial statement audit and internal control over financial reporting [ICOFR] audit reports, or presenting a combined report with both audit opinions).

Drawing on psychology theory, the authors hypothesize that presenting material weaknesses in ICOFR with an unqualified financial statement audit in a combined report effectively dilutes the weight placed on the material weaknesses perceived by investors. The authors further hypothesize the presentation format effect to vary by type of material weaknesses since some material weaknesses are considered more serious than others. The authors examine ICOFR and audit reporting and cumulative abnormal return data from 2007 to 2017 using two-stage least squares regression analysis.

The results show that a combined report of ineffective ICOFR and unqualified financial statement audit reduces the negative impact of material weakness disclosures on stock price reactions, but only when the weaknesses involve more serious entity-wide controls, as opposed to controls over specific accounts.

The findings help inform preparers, auditors, regulators and investors about the potentially unintended consequences of reporting format choice.

The findings contribute to the literature on internal control disclosures by demonstrating that market reactions to these disclosures depend not only on the types of material weaknesses disclosed but also on their presentation format.

The purpose of this paper is to examine the association between corporate governance attributes in the form of board and ownership characteristics and the remediation of internal control material weaknesses (ICMW) reported under Section 404 of the Sarbanes‐Oxley Act (SOX) of 2002.

The paper employs multivariate logistic regression models for a sample of 528 firms having ICMW as per their auditors' attestation reports during the fiscal periods of 2004, 2005 and 2006 to investigate the empirical relationships between board and ownership characteristics, and remediation of control weaknesses in subsequent fiscal years.

The board diligence, CEO‐independent board, and managerial, institutional and dominant shareholdings are all positively and significantly associated with the ICMW remediation of the sample firms in the presence of other firm‐specific variables in the analysis. The results also suggest that, in general, the ownership characteristics play a greater role in the firms' remediation action than the board‐related factors except board diligence. The separate sub‐sample tests demonstrate that board diligence and several stock ownership characteristics are positively and significantly associated with a firm's action to remediate both the systematic and non‐systematic internal control weaknesses though the results are more robust for non‐systematic control weaknesses.

A useful extension is to conduct a detailed analysis of the effect of audit committee characteristics in conjunction with board and ownership characteristics on firms' remediation action in a setting where ICMW firms take such action at a differential pace that may continue over two or more fiscal periods. Further, the present study examines the empirical associations between variables of interest, and does not, by virtue of its results, establish any cause‐and‐effect relationship between governance attributes and timeliness in ICMW remediation. Finally, this research can be extended to a detailed analysis of the types of systematic and non‐systematic control weaknesses, their probable effect on firms' financial reporting process and the role of corporate governance in timeliness of management's remediation action for different types of internal control problems.

The paper adds to the existing literature on corporate governance and financial reporting quality by documenting the association between a firm's board and ownership characteristics and management's immediate action to remediate internal control problems that ultimately impacts the quality of reported accounting information. The study complements prior studies on ICMW remediation and accrual quality by demonstrating that the effective monitoring by board and large, sophisticated shareholders as well as greater alignment of manager‐shareholder interests ensures more timeliness in remediation of internal control weaknesses and improves financial reporting quality.