Search results

This study aims to examine how the legitimacy of internal auditing is reconstructed during enterprise resource planning (ERP)-driven technological change.

The study is based on the comparative analysis of internal auditing and its transformation due to ERP implementations at two case firms operating in the food sector in Egypt – one a major Egyptian multinational corporation (MNC) and the other a major domestic company (DC).

Internal auditors (IAs) at MNC saw ERP implementation as an opportunity to reconstruct the legitimacy of internal auditing work by engaging and partnering with actors involved with the ERP change. In doing so, the IAs acquired system certifications and provided line functions and external auditors with data-driven business insights. The “practical coping mechanism” adopted by the IAs led to the acceptance (and legitimacy) of their work. In contrast, IAs at DC adopted a purposeful strategy of disengaging, blaming and rejecting since they were skeptical of the top management team's (TMT's) sincerity. The “disinterestedness” led to the loss of legitimacy in the eyes of the stakeholders.

The article offers two contributions. First, it extends the literature by highlighting a spectrum of behavior displayed by IAs (coping with impending issues vs strategic purposefulness) during ERP-driven technological change. Second, the article contributes to the literature on legitimacy by highlighting four intertwined micro-processes – participating, socializing, learning and role-forging – that contribute to reconstructing the legitimacy of internal auditing.

This study aims to explore the effectiveness and reliability of the performance of internal auditor by the stakeholders for their decision making. The absence of rules and regulations generates the debate that the non-standard reporting of the assessment of the internal controls system’s assessment by internal auditor and reliance by the external auditor.

The study used the mixed-method (triangulation) for the analysis quantitative data was used for regression with Smart PLS 3.2.8, and the qualitative data was used to prove and strengthen the results. The data is collected for five IVs (Objectivity of IAF, Work Performance, Competence, Internal Control System’s Assessment and Sourcing of IAF) and their impact on two DVs (Effectiveness and Reliance). This study used five areas as the target audience (Internal Auditor, External Auditor, Professional bodies, Shareholders, SECP and SBP). A total of 150 respondents were approached and received a valid response of 98 respondents.

The study explores the positive relationship between Objectivity of IAF, Work Performance, Competence, Sourcing of IAF on Effectiveness and Reliance. Internal Control System’s Assessment having significant relation with Effectiveness and non-significant with reliance because the absence of rules makes it unreliable for stakeholders.

The study found that the system for reporting the internal control needs rules and regulations advancement on the immediate basis for the betterment and safeguard of stakeholders to avoid the events like WorldCom and ENRON.

This study aims to respond to calls for more research to understand how sustainability control systems (SCSs) feature (or do not feature) in short-term operational and long-term strategic decision-making.

An in-depth case study of a large multinational organisation undertaking several rounds of sustainability reporting is presented. Data collection was extensive including 26 semi-structured interviews with a range of employees from senior management to facility employees, access to confidential reports and internal documents and attendance of company meetings, including an external stakeholder engagement meeting and the attendance of the company’s annual environmental meeting. A descriptive, analytical and explanatory analysis is performed on the case context (Pfister et al., 2022).

Simon’s (1995) levers of control framework structures our discussion. The case company has sophisticated and formalised diagnostic controls and strong belief and boundary systems. Conventional management controls and SCSs are used in short-term operational decision-making, although differences between financial imperatives and other aspects such as environmental concerns are difficult to reconcile. SCSs also provided information to justify company actions in short-term decisions that impacted stakeholders. However, SCSs played a very limited role in the long-term strategic decision. Tensions between social, environmental and economic factors are more reconcilable in the long-term strategic decision, where holistic risks and opportunities need to be fully identified. External reporting is seen in a “constraining” light (Tessier and Otley, 2012), and intentionally de-coupled from SCSs.

This paper responds to recent calls for rich, holistic and contextually-grounded perspectives of sustainability processes at an extractives company. The study provides novel insight into how SCSs are used (or not used) in short-term or long-term decision-making and external reporting. The paper illustrates how a large company is responding to sustainability pressures within the unique contextual setting of New Zealand. The study outlines the imitations of existing practice and provides implications for how sustainability-based internal controls can be better embedded into organisations.

This study aims to evaluate the moderating impact of corporate governance on the relationship between internal control mechanisms and financial performance.

The study employs a structured questionnaire to collect data from 250 top managers of rural banks in the capital of Ghana. Cronbach alpha value and Fornell-Larcker tests were performed to assess the reliability and validity of the data used. The study adopted a partial least square structural equation model (PLS-SEM).

The results show that internal control and corporate governance both have a direct positive and significant impact on financial performance. Furthermore, the interaction of internal control and corporate governance also has a positive and significant impact on financial performance, thus confirming the moderating role of corporate governance in the relationship between internal control mechanisms and financial performance.

This implies that organizations need to strengthen their corporate governance procedures to increase the efficiency of their internal control systems, which would ultimately lead to an improvement in their financial performance.

The present study innovates by assessing the moderating role of corporate governance in the nexus between internal control mechanisms and financial performance. This moderating effect assessment implies that corporate governance may not only affect the technical implementation of the internal control structures but will subsequently make an impact on the overall performance of the organization.

This study investigates internal control implementation contribution to quality management at higher education institutions (HEIs).

This study employed a qualitative method by conducting semi-structured interviews. The research respondents (interviewees) consisted of internal auditors, HEI management members and accreditation assessors of Indonesian HEIs. A total of 15 respondents were successfully interviewed to collect the data; 12 were from different HEIs, and 3 were from the HEI accreditation board.

This study deduced that internal control implementation could contribute to HEI quality management and improvement if integrated with other control policies, such as internal quality assurance, performance measurement systems and performance-based budgeting. By doing so, internal control corroborates total quality management (TQM) implementation within HEIs since it promotes employee empowerment and supervision, reduces budget wastage, increases the achievement of budget targets on output and outcome of programs and activities, enhances strategic and integrated system practices, provides reliable information for better decision-making, and promotes effective communication and coordination and good leadership culture.

The current study presents beneficial suggestions for HEI management on how internal control contributes to quality management at HEIs.

As suggested by Chalmers et al. (2019), most studies related to internal control were conducted in profit-oriented organisation settings, i.e. companies, and focused on their impact on economic aspects, such as profitability, cost efficiency and fraud mitigation. Meanwhile, internal control-related studies in the context of non-profit-oriented organisations, such as HEIs, and their role in non-economic aspects, in this case, the quality management in HEIs, is still lacking.

During a pandemic, with businesses implementing social distancing protocols and work-from-home strategies, the use of continuous controls monitoring (CCM) may add value to the internal audit function. This study aims to examine the use of CCM technologies and the impact on the internal audit function during a pandemic.

This study adopted a case study approach for this study because it focuses on questions of “how” and “what.” Case studies provided an opportunity for an in-depth analysis of the phenomena being investigated. Semi-structured interviews were used to collect data. This study did not use sampling. Instead, multiple case studies were used for data collection.

Based on the findings, this study makes several contributions to the literature, for example, in health-care evidence suggests the pandemic has caused internal audit to focus on risk areas. Other industries, such as retail, have invested in CCM. However, in all cases, education and preparedness (or the lack thereof) appeared to significantly influence uptake of CCM. Organizations that made prior investments in CCM technologies experienced greater acceptance in the face of changing demands. Training in emerging technologies is a key competency in supporting audit operations in changing environments.

As the study was conducted with a small sample of cases, findings cannot be extrapolated nor generalized beyond the case study organizations.

This study found that several factors limit adoption, exploitation and further development of CCM technologies, such as lack of top management support, acceptance of CCM technologies and suitable education and training of internal audit staff.

This study addresses the issue of the value that CCM offers organizations and whether it is a silver bullet that the internal audit profession needs, particularly when physical access to organizations may be restricted. The COVID-19 pandemic placed considerable focus on digital access. Better IT systems and more data will allow organizations to better support employees, inform strategic and financial decisions and engage stakeholders. During the recovery phase, leveraging investments in CCM technologies will contribute to internal audits’ ability to help clients to manage organizational risk.

This study examines the relationship between internal control and corporate environmental responsibility.

Unlike US studies that concentrate solely on internal control over financial reporting, this study uses a comprehensive index that encompasses internal control over financial reporting, operations, and compliance. Corporate environmental responsibility is measured by environmental investments. Our research sample comprises Chinese listed firms from 2010 to 2018.

The results demonstrate a positive correlation between internal control and corporate environmental investments. Furthermore, we find that firms with high-quality internal control can improve their financial and environmental performance through environmental investments. After decomposing internal control into its five components, we show that the control environment, control activities, and information and communication components exhibit stronger effects on environmental investments than the risk assessment and monitoring components. Finally, the cross-sectional analyses reveal that the positive effect of internal control is more pronounced in private firms and in firms that are subject to weaker environmental regulation.

By focusing on the effect of a comprehensive internal mechanism on corporate environmental responsibility in China, this study contributes to the literature in developed-country settings that overwhelmingly focuses on the impact of external stakeholders and regulations.

This study aims to examine the mediating effects of corporate governance mechanisms like the board of directors on the association between disruptive technology adoption by audit clients and the risk of material misstatements, including inherent risk and control risk. In particular, the authors study the mediating effects of board characteristics such as board size, independence and gender diversity.

Based on a sample of 100 audit clients listed on the FTSE 100 from 2015 to 2021, this study uses structural equation modelling to test the research objectives.

The findings indicate a significant and negative association between disruptive technology adoption by audit clients and inherent risk. However, there is no significant evidence observed for control risk. The utilisation of disruptive technology by the audit client has a significant impact on the board characteristics, resulting in an increase in board size, greater independence and gender diversity. The authors also find strong evidence that board independence mediates the association between disruptive technology usage and both inherent risk and control risk. In addition, board size and gender exhibit distinct and differential mediating effects on the association and across the two types of risks.

The study reveals that the significant role of using disruptive technology by audit clients in reducing the risk of material misstatements is closely associated with the board of directors, which makes audit clients place greater emphasis on the construction of effective corporate governance.

This study offers essential primary evidence that can assist policymakers and standard setters in formulating guidance and recommendations for board size, independence and gender quotas, ensuring the enhancement of effective governance and supporting the future of audit within the next generation of digital services.

With respect to relevant stakeholders, it is imperative for audit clients to recognise that corporate governance represents a fundamental means of addressing the ramifications of applying disruptive technology, particularly as they pertain to inherent and control risks within the audit client.

This study contributes to the existing literature by investigating the joint impact of corporate governance and the utilisation of disruptive technology by audit clients on inherent risk and control risk, which has not been investigated by previous research.

This study aims to understand independence in internal auditing by investigating how internal auditor independence is constructed when analysed in its corporate governance context.

A critical discourse analysis (CDA) of the corporate governance reports of Swedish large stock market listed non-financial companies, for three consecutive years, is undertaken, using a theoretical lens of organisational embeddedness and operational coupling to understand independence as a situated practice.

The study develops four archetypes of internal auditor independence – autarchic, instrumental, symbiotic and subservient – and discusses each archetype's implications for independence, related to tripartite relations with management and the audit committee, regarding who has the mandate to direct work and how the work is done. It finds that internal auditors always have a capacity to be independent. Although they are not independent in relation to agents in the subservient archetype, they are independent of those down the organisational chain of command, suggesting independence is both situational and relational.

The analysis contributes a novel approach to the literature and develops a conception of independence using the dimensions of embeddedness and coupling. The archetypes offer an analytical framework for future studies on independence.

Internal auditors may understand their practice differently through the archetypes that result from this study.

Internal auditors' power relations within corporate governance further an understanding of the pressures on internal auditors and their role.

This study contributes new knowledge on the situatedness of independence by showing how internal auditors are embedded and coupled helps build their independence.

While the three lines model (TLM) provides an organizational structure to execute risk and control duties, research and practice show limitations in the model's implementation. These limitations result in governance issues. Such issues, together with control weaknesses, could be addressed by leveraging properties of distribution, transparency, and immutability of blockchain technology. To this end, in this paper the authors propose a conceptual control framework based on blockchain technology to augment control practice.

The design of the resulting blockchain-based control framework (BBCF) and its prototype, based on the design science research methodology (DSRM), is presented and discussed in terms of the potential impact in the context of the identified problems within the TLM.

One potential outcome of BBCF could be to redefine the scope and boundaries of some of the activities in audit and control practices from a more static to a more dynamic and prospective role. In a larger context of improving governance practices, the BBCF could set the path for a more inclusive and participatory interaction between the different governance actors of an organization.

However, this assumes that blockchain is more widely adopted despite its complexity and rigidity.

BBCF covering both a conceptual model design and a reference implementation provides an innovation in audit and control. BBCF could include all relevant stakeholders who have an interest in corporate governance and control activities, including the regulators.

The contribution intends to serve both as a starting point for discussing the evolution of audit and control practice based on blockchain technology, as well as an initial actionable prototype for experimentation and further development.