Search results

Internal Control – Integrated Framework (COSO Report, 1992) defines internal control, suggests a framework for internal control, and presents criteria to use in evaluating controls. The document also provides guidance to management developing a report on controls for use by external parties. SSAE 2, “Reporting on an Entity′s Internal Control Structure over Financial Reporting” (1993) offers assistance to the practitioner reporting on management′s assertion regarding internal control over financial reporting. Discusses and provides an example of management′s report on internal control prepared according to COSO. Also discusses the accountant′s examination under SSAE guidance of management′s assertions and subsequent report and provides an example of the accountant′s report. Concludes by discussing the new business opportunities for the accountant which may result from external reporting on internal controls over financial reporting.

There have been new interests in internal control and the COSO report represents a milestone in the evolution of internal control. The business community and accounting profession reactions to the COSO report have been positive in the USA. The provisions of the COSO report help organizations to understand and appreciate better the value and importance of internal control; they also expand the elements and components of internal control, and provide guidelines for establishing criteria against which all entities can assess the adequacy and effectiveness of their internal control systems. The COSO report should provide a great implication for organizations′ internal audit functions and have a significant positive impact on the better recognition of the proactive role of internal auditors.

Professional accounting associations in various countries and governmental and other quasi‐official bodies have played an important role not only in the evolution of internal control reporting on a global scale, but also in educating management, investors, financial institutions, accountants, auditors, and other interested parties highlighting the pervasiveness of the effects of a sound internal control structure in corporate reporting as well as other aspects of an organization′s success. These associations include the Institute of Internal Auditors (IIA), the American Institute of Certified Public Accountants (AICPA), the General Accounting Office (GAO), the Securities and Exchange Commission (SEC), the Cadbury Committee, the Institute of Chartered Accountants of England and Wales (ICAEW), the Scottish Institute of Chartered Accountants (SICA), the Canadian Institute of Chartered Accountants (CICA), and others. Business failures, management fraud, corporate misconduct, international bribery, and notorious business scandals in all sectors of business have prompted the US government to take drastic action on internal control reporting to safeguard public interest. Several professional and government committees were formed to study this precarious situation: the Treadway Commission, the Committee of Sponsoring Organizations (COSO) of the Treadway Commission, the Packard Commission, the Cohen Commission, the Adams Commission in Canada, the Cadbury Committee in the UK, and others. The principal motivation for the changing dynamics has been growing public pressure for greater corporate accountability. The government′s pressure on the accounting profession and management of public corporations has been pivotal in spearheading internal control reporting. Examines the role of professional associations, governmental agencies, and others in promulgating standards for internal control reporting, and the impact of legislation on this aspect of internal auditing in the USA and worldwide.

The purpose of this paper is to investigate the relationship between internal controls weakness and financial reporting quality and the effect of family ownership on the mentioned relationship in Iranian listed firms.

In this way, the authors included the number of 139 firms from 2013 to 2017, of which 28 were family firms. The hypotheses are analyzed based on panel data and means comparison.

The results illustrated that weakness in internal controls has a significant negative relationship with financial reporting quality. In other words, internal controls weakness decreases the quality of financial reporting quality. Moreover, the results showed that being familial does not affect the aforementioned relationship.

Consequently, there is no suitable criteria to distinguish family firms and there is a need to take them into serious consideration because very few studies have been conducted focusing on this issue in Iran, as it is considered an argumentative subject to be discussed in the Iranian market.

The purpose of this paper is to analyze how the COBIT framework, integrated within the internal control framework, enables improvement in the quality of financial reporting while helping to reduce or eliminate the material weaknesses (MWs) of internal control over financial reporting (ICFR). The Control Objectives for Information and Related Technology (COBIT) model is a framework for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. Preliminarily, the analysis in this paper illustrates how the Committee of Sponsoring Organizations (COSO) framework impacts on the MWs, highlighting strengths and weaknesses. This paper shows how these limits can be overcome with the use of the COBIT framework.

This is a conceptual paper that aims to highlight the relationship between COBIT and COSO, by illustrating how the IT processes reduce or eliminate the main MW categories.

The analysis indicates that the implementation of the COBIT framework, or more generally the adoption of effective IT controls, provides important benefits to the entire company or organization. IT control objectives have a direct impact on the IT control weaknesses and indirectly on the other categories of material weaknesses.

The adoption of the framework allows managers to implement effective ICFR. In particular, the COBIT approach provides managers with a more evolved tool in terms of compliance with the Sarbanes–Oxley Act requirements. This framework also improves the reliability of financial reporting in relation to the requirements of Public Company Accounting Oversight Board’s Auditing Standards No. 2 and 5.

The analysis provides an interdisciplinary approach, connecting accounting and information systems themes, and suggest solutions and tools than can help managers to address the internal control weaknesses. This paper addresses an area of relevance to both practitioners and academics and expands existing accounting literature.

The perception of the relevance of risk management reports and the system of internal controls permeates the risk management of multinational companies. Shedding light on perceived relevance, on the one hand, can serve as a guide for improvements in communication between headquarters and subsidiaries; on the other hand, it can lead to greater involvement of subsidiaries in company policies. Thus, this study aims to analyze the relevance of internal controls for risk management in the perception of its executors and reviewers in a multinational company.

A survey was conducted with the executors and reviewers of the internal controls of a multinational company. To the collected data, structural equation modeling was applied.

The perceived relevance of internal controls by the subsidiaries directly and positively influences the perceived relevance of the reporting of their specific and standardized reports for all subsidiaries. In addition, the perception of the relevance of standardized reports for all subsidiaries demonstrates a direct and positive influence on the familiarity with the regulations regarding the reporting of internal controls.

To the best of the authors’ knowledge, this paper is the first to examine the relevance of internal controls for risk management in the perception of its executors and reviewers of subsidiaries of a multinational company. In this way, it provides a useful contribution to the literature and insights to promote improvements in the communication process between headquarters and subsidiaries of different countries regarding risk management reports and the system of internal controls.

With computer technology fast becoming the engine that drives productivity, IT systems have become more pervasive in the daily operations of many businesses. Large, as well as small, businesses in the USA now rely heavily on IT systems to function effectively and efficiently. However, past studies have shown CEOs do not always understand how reliant their business is on IT systems. To the authors’ knowledge, no research has not yet examined if financial markets understand how IT affects the performance of businesses. The paper aims to discuss these issues.

In this study, the authors utilize the event study method to examine how financial markets interpret weaknesses in businesses IT systems. The authors examine this in the context of the Sarbanes-Oxley Act – Section 404 requirements and utilize the internal reporting requirement in the annual financial statement filing with the Securities Exchange Commission as a proxy to evaluate how the financial markets interpret IT weaknesses.

Using an event study, the authors show that the market does not necessarily understand and respond to the effects of IT weaknesses on overall financial performance of firms and thus challenge the efficient market hypothesis theory.

A second contribution is methodological in nature. IS researchers thus far have been using limited market benchmarks, statistical tests, and event windows in their respective event studies of market performance. This study shows shortcomings of that approach and the necessity of expanding usage of available event analysis tools. The authors show that using more than one market benchmark and statistical test across multiple time frames uncovers the effects that using a single benchmark and test over a single window would have overlooked.

In 2001, the US moved to regulate internal control reporting by management and auditors. While some jurisdictions have followed the lead of the US, many others have not. An important question, therefore, is the relevance of internal control to stakeholders. The more specific issue of the benefits of US-style regulation of internal control reporting is also topical. We review studies on the determinants of internal control quality and its economic consequences for stakeholders including investors, creditors, managers, auditors and financial analysts. We extend previous reviews by focusing on US studies published since 2013 as well as all non-US studies investigating IC quality including countries regulating IC disclosure as well as unregulated settings and both developed and developing economies. In doing so, we identify research questions where evidence remains mixed and new directions in which there are research opportunities.

Three main insights arise from our analysis. First, evidence on the economic consequences of internal control quality suggests that the quality of internal control can have a significant effect on decision making by users of financial information. Second, the results of research on the empirical association between ownership structure, certain board characteristics and internal control quality is generally mixed. Empirical evidence concerning the association between audit committee characteristics and internal control quality generally supports a positive and significant association. Finally, while studies in non-US jurisdictions are increasing, opportunities remain to explore the determinants and consequences of internal control in other jurisdictions. Our review provides evidence for policy makers of whether there are benefits from requiring management and auditors to report on internal control over financial reporting.

This paper examines the role of professional associations, governmental agencies, and international accounting and auditing bodies in promulgating standards to deter and detect fraud, domestically and abroad. Specifically, it focuses on the role played by the US Securities and Exchange Commission (SEC), the American Institute of Certified Public Accountants (AICPA), the Institute of Internal Auditors (IIA), the Institute of Management Accountants (IMA), the Association of Certified Fraud Examiners (ACFE), the US Government Accounting Office (GAO), and other national and foreign professional associations, in promulgating auditing standards and procedures to prevent fraud in financial statements and other white‐collar crimes. It also examines several fraud cases and the impact of management and employee fraud on the various business sectors such as insurance, banking, health care, and manufacturing, as well as the role of management, the boards of directors, the audit committees, auditors, and fraud examiners and their liability in the fraud prevention and investigation.

The purpose of this paper is to examine whether external auditor traits influenced the reporting of internal control deficiencies (ICDs) prior to SOX‐mandated audits, holding constant the existence of a control weakness.

Data are collected from publicly available sources such as Securities and Exchange Commission filings and Audit Analytics database.

Companies that were audited by industry leading auditors were more likely to disclose ICDs prior to SOX‐mandated audits and that companies with longer client‐auditor tenure were less likely to disclose ICDs prior to SOX‐mandated audits.

These findings suggest that while external auditors were not required to participate in internal control evaluation and certifications prior to their audit of internal control for the 2004 fiscal year, they nevertheless influence the likelihood of ICD disclosure prior to their initial audit.