Search results

Internal auditors are struggling to maintain their identity and purpose as the organizations they audit undergo drastic changes. Total quality management, business process reengineering, globalization, and self‐directed teams are dismantling hierarchical command and control structures. Advances in information technology continuously render control procedures obsolete. The ‘value’ of traditional internal audit is seriously questioned from the board room to the show room. CoActive audit is an internal audit model designed for team/technology based organization cultures, where the focus is on process enhancement rather than assessment and reporting. It provides synergistic solutions to real problems, rather than a quasi‐independent appraisal offering recommendations of potentially marginal value. Auditing has its origins in antiquity, apparently when rulers with wealth had the objective of maintaining their wealth by detecting fraud on the part of their servants. While external auditing was originally formulated with the same objective, through the years it changed its primary objective to emphasize the ‘professional review of financial statements by an independent expert, so that a professional opinion indicating that financial condition and results of operation have been fairly presented can be given.’ While internal auditing formulated its objective to ‘assist members of the organization in the effective discharge of their responsibilities,’ it continued the basic doctrine that auditing is an expert, independent, appraisal function. While many internal auditors today keep auditing as they have in the past, the organizations they are auditing are undergoing drastic changes. Total Quality Management, Self Directed Teams, and Business Process Reengineering are dismantling the old hierarchical command and control systems that depended on auditors to verify compliance. Advances in Information Technology have rendered manual control procedures obsolete. While most internal auditors have successfully made the transition from a reactive audit process that basically reported on history to a proactive approach based on risk assessment and focused on the present, the changes occurring within our organizations demand even more fundamental changes. Contemporary internal auditors openly acknowledge that they feel change must occur within the internal auditing community, and these leaders are venturing forward trying new philosophies and approaches. CoActive Audit is a combination of these new philosophies and methodologies, with its roots in the teachings of the primary management visionaries of the times. It is a vehicle to help internal audit grow, to re‐energize, to expand both its reach and grasp. It is about change, about recognizing the world has drastically changed, about realizing that some of our most basic assumptions are no longer valid, about understanding that some of our codified standards may hinder rather than help, and about replacing the old that is no longer appropriate with a new that is. It is time to focus on enhancing internal control, not merely reporting on it. It is time to build control into business processes, not simply assessing compliance with policies and procedures. It is time to recognize that the traditional internal audit methodology may be counterproductive to the goal of ensuring a reliable internal control system. It is time for CoActive Audit: the next critical step for internal audit. CoActive Audit enhances management control processes using today's management philosophies and methodologies. It represents a fundamental transformation of traditional internal audit philosophy, a 180 shift in mental models and paradigms. The essential components are an audit approach that is: Concurrent — rather than historical; Collaborative — rather than autonomous; Consultative — rather than judgmental; Client‐based — rather than standards‐based; A Catalyst — rather than an inhibitor.

Describes how systems theory, and in particular “hard” and “soft” systems modelling, can provide a framework for the study of internal control and auditing inside organizations. Concludes that useful empirical research and case study work can be carried out using “hard” and “soft” systems modelling. Such research should make a positive contribution to the body of knowledge concerning the nature of the internal control and the practice of internal audit in organizations.

There have been new interests in internal control and the COSO report represents a milestone in the evolution of internal control. The business community and accounting profession reactions to the COSO report have been positive in the USA. The provisions of the COSO report help organizations to understand and appreciate better the value and importance of internal control; they also expand the elements and components of internal control, and provide guidelines for establishing criteria against which all entities can assess the adequacy and effectiveness of their internal control systems. The COSO report should provide a great implication for organizations′ internal audit functions and have a significant positive impact on the better recognition of the proactive role of internal auditors.

There is an increased emphasis on internal control in the governmental sector. We compare finance officer assessments of internal control to auditor assessments for a sample of Michigan municipalities. On average, the finance officers' assessments of their control systems were more favorable than the assessments made by auditors from a regional CPA firm with a large governmental practice, suggesting that auditor reports on internal control may result in a more conservative evaluation of the control system than reports provided by management. One measure of the effectiveness of the internal control system is its ability to prevent errors. We compare the finance officer and auditor assessments of internal control to the number of audit adjustments as an objective measure of the accuracy of the control assessments. The internal control assessments made by auditors were significantly more highly correlated with the number of audit adjustments than those made by finance officers. This suggests that the accuracy of internal control reports may be improved if the reports are prepared by auditors.

This study’s purpose is to examine whether providing prior consulting services influences internal auditors’ subsequent assessments when providing assurance services to assist management in its assessment of internal control over financial reporting. A behavioral experiment is used, with internal auditors as participants. We provide some evidence that internal auditors who perform prior consulting services are less likely than others to conclude that an identified control deficiency is a material weakness, but only when the deficiency is directly related to the prior consulting services performed. Limitations include relatively small sample sizes and manipulation check failure rates that, although consistent with several prior studies, are somewhat high. If internal auditors have provided consulting services, they may want to consider limiting the assurance services provided to management that are more directly related to their consulting services. While prior studies have examined the effects of internal auditors’ role in designing internal controls on subsequent services, this is the first study to focus on the impact of providing internal audit consulting services on subsequent assurance services.

Internal control mechanisms are fundamental to organizational governance; particularly, to the agency relationship associated with decentralization of decision rights. Management accounting and organizational literatures provide conflicting predictions on the association between decentralization and internal controls, with some research arguing that internal controls be tightened to mitigate the risks associated with greater decentralization of decision rights while other work avers that tighter internal controls defeat the purposes of decentralization. In this chapter, we argue that managers choose these two organizational design variables jointly. Capitalizing on a unique database of control practices in the purchasing and payment process within the procurement function, this chapter examines the relationship between control tightness – a critical characteristic of internal controls – and decentralization. Using a simultaneous equation model, the study finds that decentralization and internal control design are endogenously determined. Tight control is negatively associated with the level of decentralization, while decentralization has a positive effect on the tightness of control. These results reconcile the apparently contradictory results relating these two variables. The chapter also finds that decentralization and tight control mechanisms operate both independently and synergistically to improve performance.

The Public Sector is usually assumed to have a risk avoidance culture, with a reactive rather than proactive approach towards the management. However, an improved holistic approach seems to be required, especially when considering the complexity and size of the Public Sector, and the challenges it faces to connect the services, clients and the different levels of governance.

Within this chapter, the authors lay out a maturity level evaluation of Governance, Risk Management and Compliance (GRC) within the Maltese Public Sector. Through documentation analysis of the available literature on the subject, the authors determine the principal themes required to develop an effective GRC practice across the Public Sector. The authors then design statements based on the identified GRC themes and administer it using an online survey tool to Public employees across different Ministries, Departments, Agencies and Entities, in order to obtain their perception. This is in order to determine gaps, weaknesses or limiting factors towards the implementation of an effective GRC.

The results show that, although, there is a substantial percentage of scepticism and few disagreements towards some of the statements, especially those which related to Risk Management (RM) and Internal Auditing (IA), the majority of Public Sector bodies do in fact show high standards of GRC practices integrated and present in their day-to-day operations and internal environment, showing that there is a well-developed Governance, Compliance and Control structure and Internal Audit function across the Sector.

However, the perception of participants is that the RM function is the least developed area. IA needs some improvement especially where trust on advice is involved.

The purpose of this paper is to investigate the relationship between internal controls weakness and financial reporting quality and the effect of family ownership on the mentioned relationship in Iranian listed firms.

In this way, the authors included the number of 139 firms from 2013 to 2017, of which 28 were family firms. The hypotheses are analyzed based on panel data and means comparison.

The results illustrated that weakness in internal controls has a significant negative relationship with financial reporting quality. In other words, internal controls weakness decreases the quality of financial reporting quality. Moreover, the results showed that being familial does not affect the aforementioned relationship.

Consequently, there is no suitable criteria to distinguish family firms and there is a need to take them into serious consideration because very few studies have been conducted focusing on this issue in Iran, as it is considered an argumentative subject to be discussed in the Iranian market.

This study aims to investigate the relationship between information technology and internal controls of state agencies in Iran.

The research population includes all auditors and managers working in public sector. Data collection instrument is a questionnaire designed by the researcher and administrated during March 5, 2016. The collected data are analyzed through descriptive and inferential statistics (binomial test).

The findings of the research show that there is a significant relationship between information technology and internal controls (administrative, financial and accounting controls, risk assessment, information and communication, control activities and monitoring). Moreover, the alteration of data collection methods (from traditional to modern) and the written instructions (in information technology) have a positive effect on the internal control and its subscales.

With regard to the emphasis on the development of computer application and the use of new processing facilities and the exchange of information and its specific controlling consequences, this is an innovative research.

Professional accounting associations in various countries and governmental and other quasi‐official bodies have played an important role not only in the evolution of internal control reporting on a global scale, but also in educating management, investors, financial institutions, accountants, auditors, and other interested parties highlighting the pervasiveness of the effects of a sound internal control structure in corporate reporting as well as other aspects of an organization′s success. These associations include the Institute of Internal Auditors (IIA), the American Institute of Certified Public Accountants (AICPA), the General Accounting Office (GAO), the Securities and Exchange Commission (SEC), the Cadbury Committee, the Institute of Chartered Accountants of England and Wales (ICAEW), the Scottish Institute of Chartered Accountants (SICA), the Canadian Institute of Chartered Accountants (CICA), and others. Business failures, management fraud, corporate misconduct, international bribery, and notorious business scandals in all sectors of business have prompted the US government to take drastic action on internal control reporting to safeguard public interest. Several professional and government committees were formed to study this precarious situation: the Treadway Commission, the Committee of Sponsoring Organizations (COSO) of the Treadway Commission, the Packard Commission, the Cohen Commission, the Adams Commission in Canada, the Cadbury Committee in the UK, and others. The principal motivation for the changing dynamics has been growing public pressure for greater corporate accountability. The government′s pressure on the accounting profession and management of public corporations has been pivotal in spearheading internal control reporting. Examines the role of professional associations, governmental agencies, and others in promulgating standards for internal control reporting, and the impact of legislation on this aspect of internal auditing in the USA and worldwide.