Internal Audit Independence and Objectivity: Emerging Research Opportunities
VerifiedAdded on 2023/04/19
|40
|18149
|460
AI Summary
The objective of this paper is to provide a review of the recent literature on internal audit independence and objectivity and discuss opportunities for future research. The topics examined are the organizational status of internal audit, the internal auditor’s dual role as a provider of assurance and consulting activities, internal audit’s involvement in risk management, outsourcing and co-sourcing of internal audit activities, and the use of internal audit as a training ground for managers.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Internal audit independence and objectivity: emerging
research opportunities
Author
Stewart, Jenny, Subramaniam, Nava
Published
2010
Journal Title
Managerial Auditing Journal
DOI
https://doi.org/10.1108/02686901011034162
Copyright Statement
© 2010 Emerald. This is the author-manuscript version of this paper. Reproduced in accordance
with the copyright policy of the publisher. Please refer to the journal's website for access to the
definitive, published version.
Downloaded from
http://hdl.handle.net/10072/34073
Griffith Research Online
https://research-repository.griffith.edu.au
research opportunities
Author
Stewart, Jenny, Subramaniam, Nava
Published
2010
Journal Title
Managerial Auditing Journal
DOI
https://doi.org/10.1108/02686901011034162
Copyright Statement
© 2010 Emerald. This is the author-manuscript version of this paper. Reproduced in accordance
with the copyright policy of the publisher. Please refer to the journal's website for access to the
definitive, published version.
Downloaded from
http://hdl.handle.net/10072/34073
Griffith Research Online
https://research-repository.griffith.edu.au
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
Internal Audit Independence and Objectivity:
Emerging Research Opportunities
JENNY STEWART*
Griffith Business School
Griffith University, Queensland, Australia
and
NAVA SUBRAMANIAM
Faculty of Business and Law
Deakin University, Victoria, Australia
* Contact Author
Acknowledgements: Earlier versions of this paper were presented at a plenary session
of the Sixth European and First Global Academic Conference on Internal Audit and
Corporate Governance at Erasmus University, Rotterdam, April 2008 and at the
Colloquium in Auditing and Governance Celebrating 25 Years of Managerial Auditing
Journal at Deakin University in October 2009. The paper has benefited from the helpful
comments of those present at these events. We also thank two anonymous reviewers for
their suggestions.
January 2010
Internal Audit Independence and Objectivity:
Emerging Research Opportunities
JENNY STEWART*
Griffith Business School
Griffith University, Queensland, Australia
and
NAVA SUBRAMANIAM
Faculty of Business and Law
Deakin University, Victoria, Australia
* Contact Author
Acknowledgements: Earlier versions of this paper were presented at a plenary session
of the Sixth European and First Global Academic Conference on Internal Audit and
Corporate Governance at Erasmus University, Rotterdam, April 2008 and at the
Colloquium in Auditing and Governance Celebrating 25 Years of Managerial Auditing
Journal at Deakin University in October 2009. The paper has benefited from the helpful
comments of those present at these events. We also thank two anonymous reviewers for
their suggestions.
January 2010
2
Autobiographical note:
Professor Jenny Stewart
Department of Accounting, Finance & Economics,
Griffith Business School,
Griffith University,
University Drive, Meadowbrook,
Queensland, 4131
Australia
Ph: 617 33821192
Fax: 617 33821128
Email: j.stewart@griffith.edu.au
(Contact Author)
Professor Nava Subramaniam
Professor of Accounting
School of Accounting, Economics and Finance
Faculty of Business and Law, Building lb4.350
Deakin University, Elgar Road, Burwood Victoria 3125 Australia.
Ph: 613 925 17288
Fax: 613 924 46034
Email: navas@deakin.edu.au
Autobiographical note:
Professor Jenny Stewart
Department of Accounting, Finance & Economics,
Griffith Business School,
Griffith University,
University Drive, Meadowbrook,
Queensland, 4131
Australia
Ph: 617 33821192
Fax: 617 33821128
Email: j.stewart@griffith.edu.au
(Contact Author)
Professor Nava Subramaniam
Professor of Accounting
School of Accounting, Economics and Finance
Faculty of Business and Law, Building lb4.350
Deakin University, Elgar Road, Burwood Victoria 3125 Australia.
Ph: 613 925 17288
Fax: 613 924 46034
Email: navas@deakin.edu.au
3
Internal Audit Independence and Objectivity:
Emerging Research Opportunities
Abstract
Purpose - The objective of this paper is to provide a review of the recent literature on
internal audit independence and objectivity and discuss opportunities for future
research. The topics we examine are the organizational status of internal audit, the
internal auditor’s dual role as a provider of assurance and consulting activities, internal
audit’s involvement in risk management, outsourcing and co-sourcing of internal audit
activities and the use of internal audit as a training ground for managers.
Design/methodology/approach - The approach used in this paper is a review of the
literature followed by an identification of further research opportunities.
Findings -The paper summarizes the existing body of knowledge relating to internal
audit independence and objectivity and identifies gaps in the literature where further
research is needed.
Originality/value - The paper provides researchers with a useful summary of the
literature on internal audit independence and objectivity and stimulates them to engage
in further research in the area.
Keywords - internal audit; independence; objectivity
Paper type - Literature review
Internal Audit Independence and Objectivity:
Emerging Research Opportunities
Abstract
Purpose - The objective of this paper is to provide a review of the recent literature on
internal audit independence and objectivity and discuss opportunities for future
research. The topics we examine are the organizational status of internal audit, the
internal auditor’s dual role as a provider of assurance and consulting activities, internal
audit’s involvement in risk management, outsourcing and co-sourcing of internal audit
activities and the use of internal audit as a training ground for managers.
Design/methodology/approach - The approach used in this paper is a review of the
literature followed by an identification of further research opportunities.
Findings -The paper summarizes the existing body of knowledge relating to internal
audit independence and objectivity and identifies gaps in the literature where further
research is needed.
Originality/value - The paper provides researchers with a useful summary of the
literature on internal audit independence and objectivity and stimulates them to engage
in further research in the area.
Keywords - internal audit; independence; objectivity
Paper type - Literature review
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
Internal Audit Independence and Objectivity:
Emerging Research Opportunities
Introduction
The assurance services provided by auditors derive their value and credibility from the
fundamental assumptions of independence of mind and independence in appearance.
Not surprisingly, a large body of research has examined auditor independence and
objectivity, but this has been predominantly in the context of external audit. In more
recent years, there has been heightened interest in issues associated with the
independence and objectivity of internal audit. The motivation for this growth in
research is related to the evolving and expanding role of internal audit as a key
corporate governance mechanism as well as an internal consultancy service. In this
regard, internal auditors are in a unique situation as providers of both assurance services
within the organization and consultancy services to managers. This dual role has
generated significant debate as it has the potential to place the internal auditor in a
situation of conflict. Furthermore, as employees of the organization, the ability of
internal auditors to exercise true objectivity has also been questioned (Paape, 2007).
The objective of this paper is to provide a review of the evolving literature on internal
auditors’ independence and objectivity in order to highlight gaps in knowledge and
make recommendations for future research. As a basis for our review, we draw on the
current definition of internal audit promulgated by the Institute of Internal Auditors
(IIA), together with the IIA professional standards and guidelines on independence and
objectivity. In order to capture the increased scope of internal audit as a key governance
mechanism, we focus on the literature in this area since the new definition of internal
auditing was released in 1999. Our study contributes to the internal auditing literature
by providing an in-depth analysis of key issues that impact independence and
objectivity in the current governance environment.
Prior literature reviews of internal audit
To date, there have been a limited number of prior reviews of the internal audit
literature. Bailey et al. (2003) edited a monograph published by the IIA Research
Foundation on research opportunities in internal auditing. There were two key
objectives of this monograph. It was intended, first, to inspire academic research on
topics of relevance to internal auditing and, second, to bridge the gap between
academics and practitioners. As such, it is a blend of theory and practice, designed to
familiarize academic researchers with internal audit practice (Editorial Preface, xi – xii).
Each chapter of the monograph raises a series of research questions related to a specific
topic in internal auditing and we refer to these where relevant.
Two previous reviews have examined the literature and future research opportunities
relating to the role of the internal audit function in corporate governance. Gramling et
al. (2004) focus on the relationship between internal audit and the other cornerstones of
governance (i.e. external auditors, the audit committee and management). They also
evaluate the literature on internal audit quality (including objectivity and independence),
with a particular emphasis on external auditors’ evaluations of internal audit and their
Internal Audit Independence and Objectivity:
Emerging Research Opportunities
Introduction
The assurance services provided by auditors derive their value and credibility from the
fundamental assumptions of independence of mind and independence in appearance.
Not surprisingly, a large body of research has examined auditor independence and
objectivity, but this has been predominantly in the context of external audit. In more
recent years, there has been heightened interest in issues associated with the
independence and objectivity of internal audit. The motivation for this growth in
research is related to the evolving and expanding role of internal audit as a key
corporate governance mechanism as well as an internal consultancy service. In this
regard, internal auditors are in a unique situation as providers of both assurance services
within the organization and consultancy services to managers. This dual role has
generated significant debate as it has the potential to place the internal auditor in a
situation of conflict. Furthermore, as employees of the organization, the ability of
internal auditors to exercise true objectivity has also been questioned (Paape, 2007).
The objective of this paper is to provide a review of the evolving literature on internal
auditors’ independence and objectivity in order to highlight gaps in knowledge and
make recommendations for future research. As a basis for our review, we draw on the
current definition of internal audit promulgated by the Institute of Internal Auditors
(IIA), together with the IIA professional standards and guidelines on independence and
objectivity. In order to capture the increased scope of internal audit as a key governance
mechanism, we focus on the literature in this area since the new definition of internal
auditing was released in 1999. Our study contributes to the internal auditing literature
by providing an in-depth analysis of key issues that impact independence and
objectivity in the current governance environment.
Prior literature reviews of internal audit
To date, there have been a limited number of prior reviews of the internal audit
literature. Bailey et al. (2003) edited a monograph published by the IIA Research
Foundation on research opportunities in internal auditing. There were two key
objectives of this monograph. It was intended, first, to inspire academic research on
topics of relevance to internal auditing and, second, to bridge the gap between
academics and practitioners. As such, it is a blend of theory and practice, designed to
familiarize academic researchers with internal audit practice (Editorial Preface, xi – xii).
Each chapter of the monograph raises a series of research questions related to a specific
topic in internal auditing and we refer to these where relevant.
Two previous reviews have examined the literature and future research opportunities
relating to the role of the internal audit function in corporate governance. Gramling et
al. (2004) focus on the relationship between internal audit and the other cornerstones of
governance (i.e. external auditors, the audit committee and management). They also
evaluate the literature on internal audit quality (including objectivity and independence),
with a particular emphasis on external auditors’ evaluations of internal audit and their
5
reliance on internal audit work. Cohen et al. (2004) provide an extensive review of
research on corporate governance and its impact on financial reporting quality. The
authors introduce the notion of a corporate governance mosaic, comprising interactions
among the board of directors and the audit committee, management, external audit and
internal audit. As such, they summarize the research literature relating to internal
auditors’ governance role and suggest opportunities for future research. Both of these
reviews provide an excellent synthesis of the literature in this area, but largely from a
North American perspective. Given the growth in international research on internal
audit independence and objectivity, we extend this work to include studies from Europe,
Australasia and other parts of the world.1
In 2006, the IIA commissioned the global Common Body of Knowledge 2006 (CBOK)
study, engaging researchers from around the world “to better understand the expanding
scope of internal audit practice” (Cooper et al., 2006). This study has resulted in three
related literature reviews. Cooper et al. (2006) examined the internal auditing literature
in the Asia Pacific region, Hass et al. (2006) studied the literature from the Americas,
while Allegrini et al. (2006) performed a similar review of the European literature. The
purpose of these reviews was to document changes in internal audit as a result of shifts
in global business practices. Where relevant, we draw on aspects of these reviews that
relate to internal audit objectivity. We also refer to the findings of the CBOK study
(Burnaby et al., 2007) throughout our discussion of the literature.
Background - professional guidance relating to independence and objectivity
In this section we review the professional guidance pertaining to internal audit
independence and objectivity. We commence with the definition of internal audit put
forward by the IIA (1999) and the definitions of independence and objectivity provided
in the Glossary to the IIA Standards (IIA, 2009a). We then summarize the IIA Code of
Ethics (2000) with respect to objectivity. We follow this with an overview of the
attribute standards and other guidance that the IIA has issued on independence and
objectivity.
The IIA (1999) definition of internal auditing is now familiar and well accepted:
“Internal auditing is an independent, objective assurance and consulting
activity designed to add value and improve an organization’s operations. It
helps an organization accomplish its objectives by bringing a systematic,
disciplined approach to evaluate and improve the effectiveness of risk
management, control, and governance processes.”
This definition highlights the independence and objectivity of internal auditing with
respect to both assurance services and consulting. Independence and objectivity are
closely related. However, the Glossary to the IIA Standards distinguishes between the
two concepts in the following way:
“Independence – The freedom from conditions that threaten objectivity or the
appearance of objectivity. Such threats to objectivity must be managed at the
individual auditor, engagement, functional and organizational levels.”
“Objectivity – An unbiased mental attitude that allows internal auditors to
perform engagements in such a manner that they have an honest belief in their
work product and that no significant quality compromises are made.
Objectivity requires internal auditors not to subordinate their judgment on
audit matters to that of others.”
reliance on internal audit work. Cohen et al. (2004) provide an extensive review of
research on corporate governance and its impact on financial reporting quality. The
authors introduce the notion of a corporate governance mosaic, comprising interactions
among the board of directors and the audit committee, management, external audit and
internal audit. As such, they summarize the research literature relating to internal
auditors’ governance role and suggest opportunities for future research. Both of these
reviews provide an excellent synthesis of the literature in this area, but largely from a
North American perspective. Given the growth in international research on internal
audit independence and objectivity, we extend this work to include studies from Europe,
Australasia and other parts of the world.1
In 2006, the IIA commissioned the global Common Body of Knowledge 2006 (CBOK)
study, engaging researchers from around the world “to better understand the expanding
scope of internal audit practice” (Cooper et al., 2006). This study has resulted in three
related literature reviews. Cooper et al. (2006) examined the internal auditing literature
in the Asia Pacific region, Hass et al. (2006) studied the literature from the Americas,
while Allegrini et al. (2006) performed a similar review of the European literature. The
purpose of these reviews was to document changes in internal audit as a result of shifts
in global business practices. Where relevant, we draw on aspects of these reviews that
relate to internal audit objectivity. We also refer to the findings of the CBOK study
(Burnaby et al., 2007) throughout our discussion of the literature.
Background - professional guidance relating to independence and objectivity
In this section we review the professional guidance pertaining to internal audit
independence and objectivity. We commence with the definition of internal audit put
forward by the IIA (1999) and the definitions of independence and objectivity provided
in the Glossary to the IIA Standards (IIA, 2009a). We then summarize the IIA Code of
Ethics (2000) with respect to objectivity. We follow this with an overview of the
attribute standards and other guidance that the IIA has issued on independence and
objectivity.
The IIA (1999) definition of internal auditing is now familiar and well accepted:
“Internal auditing is an independent, objective assurance and consulting
activity designed to add value and improve an organization’s operations. It
helps an organization accomplish its objectives by bringing a systematic,
disciplined approach to evaluate and improve the effectiveness of risk
management, control, and governance processes.”
This definition highlights the independence and objectivity of internal auditing with
respect to both assurance services and consulting. Independence and objectivity are
closely related. However, the Glossary to the IIA Standards distinguishes between the
two concepts in the following way:
“Independence – The freedom from conditions that threaten objectivity or the
appearance of objectivity. Such threats to objectivity must be managed at the
individual auditor, engagement, functional and organizational levels.”
“Objectivity – An unbiased mental attitude that allows internal auditors to
perform engagements in such a manner that they have an honest belief in their
work product and that no significant quality compromises are made.
Objectivity requires internal auditors not to subordinate their judgment on
audit matters to that of others.”
6
Hence, the IIA’s distinction between the two terms appears to be that objectivity is a
state of mind while independence is the state of affairs that permits an internal auditor to
operate with an objective attitude. While the IIA standards (IIA, 2009a) emphasize
independence at the organizational level, the definition indicates that it is also important
at the individual, engagement and functional levels.
The IIA Code of Ethics (IIA, 2009b) consists of a number of basic principles which
internal auditors are expected to uphold, together with rules of conduct which describe
the norms of behaviour expected of internal auditors. The principle relating to
objectivity requires internal auditors to “exhibit the highest level of professional
objectivity in gathering, evaluating, and communicating information about the activity
or process being examined.” Furthermore, internal auditors are expected to make a
balanced assessment of all the relevant circumstances and they should not be unduly
influenced by their own or others’ interests when forming judgments. The rules of
conduct specify that internal auditors:
(i) shall not participate in any activity or relationship that may impair or be presumed to
impair their unbiased assessment;
(ii) shall not accept anything that may impair or be presumed to impair their
professional judgment; and
(iii) shall disclose all material facts known to them that, if not disclosed, may distort the
reporting of activities under review.
The IIA has issued a number of attribute standards (IIA, 2009a) and associated practice
advisories (IIA, 2009c) relating to independence and objectivity. Standard 1100 states
that “the internal audit activity must be independent, and internal auditors must be
objective in performing their work.” To achieve the required degree of independence,
the chief audit executive (CAE) should have direct and unrestricted access to senior
management and the board and this can be achieved by a dual reporting relationship.
Attribute Standard 1110 further discusses organizational independence based on the
CAE reporting to a level in the organization that permits the internal audit activity to
fulfill its responsibilities. The standard stresses that the CAE must confirm the
organizational independence of internal audit to the board at least annually. The related
Practice Advisory 1110-1 stresses that the CAE should ideally report functionally to the
board and administratively to the chief executive officer (CEO). As a minimum,
administrative reporting should be to an executive with “sufficient authority to promote
independence and to ensure broad audit coverage, adequate consideration of
engagement communications and appropriate action on engagement recommendations”.
Attribute Standard 1120 relates to individual objectivity and requires internal auditors to
“have an impartial, unbiased attitude and avoid any conflict of interest.” The related
Practice Advisory 1120-1 stresses the need to avoid potential and actual conflicts of
interest and bias at the individual level and suggests that staff assignments should be
rotated periodically. Attribute Standard 1130 discusses the need to adequately disclose
to appropriate parties any impairment to independence or objectivity. Examples of
impairment include internal auditors assessing operations for which they were
previously responsible. Other impairments noted in the Glossary to the Standards are
personal conflicts of interest, scope and resource limitations, and restrictions on access
to records, personnel and property.
Hence, the IIA’s distinction between the two terms appears to be that objectivity is a
state of mind while independence is the state of affairs that permits an internal auditor to
operate with an objective attitude. While the IIA standards (IIA, 2009a) emphasize
independence at the organizational level, the definition indicates that it is also important
at the individual, engagement and functional levels.
The IIA Code of Ethics (IIA, 2009b) consists of a number of basic principles which
internal auditors are expected to uphold, together with rules of conduct which describe
the norms of behaviour expected of internal auditors. The principle relating to
objectivity requires internal auditors to “exhibit the highest level of professional
objectivity in gathering, evaluating, and communicating information about the activity
or process being examined.” Furthermore, internal auditors are expected to make a
balanced assessment of all the relevant circumstances and they should not be unduly
influenced by their own or others’ interests when forming judgments. The rules of
conduct specify that internal auditors:
(i) shall not participate in any activity or relationship that may impair or be presumed to
impair their unbiased assessment;
(ii) shall not accept anything that may impair or be presumed to impair their
professional judgment; and
(iii) shall disclose all material facts known to them that, if not disclosed, may distort the
reporting of activities under review.
The IIA has issued a number of attribute standards (IIA, 2009a) and associated practice
advisories (IIA, 2009c) relating to independence and objectivity. Standard 1100 states
that “the internal audit activity must be independent, and internal auditors must be
objective in performing their work.” To achieve the required degree of independence,
the chief audit executive (CAE) should have direct and unrestricted access to senior
management and the board and this can be achieved by a dual reporting relationship.
Attribute Standard 1110 further discusses organizational independence based on the
CAE reporting to a level in the organization that permits the internal audit activity to
fulfill its responsibilities. The standard stresses that the CAE must confirm the
organizational independence of internal audit to the board at least annually. The related
Practice Advisory 1110-1 stresses that the CAE should ideally report functionally to the
board and administratively to the chief executive officer (CEO). As a minimum,
administrative reporting should be to an executive with “sufficient authority to promote
independence and to ensure broad audit coverage, adequate consideration of
engagement communications and appropriate action on engagement recommendations”.
Attribute Standard 1120 relates to individual objectivity and requires internal auditors to
“have an impartial, unbiased attitude and avoid any conflict of interest.” The related
Practice Advisory 1120-1 stresses the need to avoid potential and actual conflicts of
interest and bias at the individual level and suggests that staff assignments should be
rotated periodically. Attribute Standard 1130 discusses the need to adequately disclose
to appropriate parties any impairment to independence or objectivity. Examples of
impairment include internal auditors assessing operations for which they were
previously responsible. Other impairments noted in the Glossary to the Standards are
personal conflicts of interest, scope and resource limitations, and restrictions on access
to records, personnel and property.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7
Various practice advisories are related to impairment of independence and objectivity.
Practice Advisory 1130-1 requires internal auditors to report to the CAE any situations
involving actual or potential impairment and highlights the importance of not accepting
fees, gifts or entertainment from audit clients. Practice Advisory 1130.A1-1 does not
permit staff transferred or temporarily assigned to internal audit to undertake audits of
activities that they previously performed until at least one year has elapsed. Practice
Advisory 1130.A2-1 stresses that internal auditors should not have responsibility for
non-audit functions that are subject to internal audit assessments.
In addition to the standards and advisory statements, the IIA has also published a
framework to guide internal auditors with respect to independence and objectivity
(Mutchler et al., 2001). In this framework independence is recognized as a state where
threats to objectivity are appropriately managed. Hence, internal auditors are required to
identify, assess and manage threats to their objectivity, including the need to consider
safeguards that can mitigate the effects of the threats. An excellent summary of this
framework is provided by Mutchler (2003) 2 in her discussion of research opportunities
related to this framework. To avoid duplication, we provide only a brief overview of
the framework while, in subsequent sections of the paper, we extend and discuss
Mutchler’s suggestions for research in the area.
On an individual level, the framework discusses seven threats to an internal auditor’s
objectivity. These are (i) self-review, where the internal auditor reviews his/her own
work; (ii) social pressure, where the internal auditor is exposed to pressure from, say,
the auditee, or others on the audit team; (iii) economic interest, resulting, for example,
from incentive payments or from auditing the work of someone who has the power to
affect the internal auditor’s employment or salary; (iv) personal relationship, where the
internal auditor is a relative or friend of the auditee; (v) familiarity, resulting from a
long term relationship with the auditee including having worked in the unit being
audited; (vi) cultural, racial and gender biases arising in multinational organizations
when the auditor is biased or lacks an understanding of local culture and customs; and
(vii) cognitive biases resulting from preconceived notions or the adoption of a particular
psychological perspective when performing the audit. These threats can also occur at
the internal audit function level, particularly when the function is involved in both
consulting and assurance activities.
The framework also gives examples of mitigating factors that act as safeguards against
the threats to objectivity. Examples include organizational position and policy
statements which increase the status of internal auditors in the organization, a strong
and supportive governance environment, appropriate incentive schemes which reward
objectivity, the use of teams, and adequate supervision of staff.
In summary, it is apparent that the IIA takes a strong stance on the need for
independence and objectivity within the profession. Burnaby et al. (2007) report that
67% of respondents in the CBOK survey believed that they fully comply with IIA
Standard 1100, while 88% are of the view that the standard provides adequate guidance
with respect to independence and objectivity. However, as Paape (2007) argues, the two
concepts are not well defined and are relative in nature given that internal auditors are
employees of the entity. Hence, in addition to the empirical research opportunities
discussed in the next section, there is also an opportunity for academics to contribute to
Various practice advisories are related to impairment of independence and objectivity.
Practice Advisory 1130-1 requires internal auditors to report to the CAE any situations
involving actual or potential impairment and highlights the importance of not accepting
fees, gifts or entertainment from audit clients. Practice Advisory 1130.A1-1 does not
permit staff transferred or temporarily assigned to internal audit to undertake audits of
activities that they previously performed until at least one year has elapsed. Practice
Advisory 1130.A2-1 stresses that internal auditors should not have responsibility for
non-audit functions that are subject to internal audit assessments.
In addition to the standards and advisory statements, the IIA has also published a
framework to guide internal auditors with respect to independence and objectivity
(Mutchler et al., 2001). In this framework independence is recognized as a state where
threats to objectivity are appropriately managed. Hence, internal auditors are required to
identify, assess and manage threats to their objectivity, including the need to consider
safeguards that can mitigate the effects of the threats. An excellent summary of this
framework is provided by Mutchler (2003) 2 in her discussion of research opportunities
related to this framework. To avoid duplication, we provide only a brief overview of
the framework while, in subsequent sections of the paper, we extend and discuss
Mutchler’s suggestions for research in the area.
On an individual level, the framework discusses seven threats to an internal auditor’s
objectivity. These are (i) self-review, where the internal auditor reviews his/her own
work; (ii) social pressure, where the internal auditor is exposed to pressure from, say,
the auditee, or others on the audit team; (iii) economic interest, resulting, for example,
from incentive payments or from auditing the work of someone who has the power to
affect the internal auditor’s employment or salary; (iv) personal relationship, where the
internal auditor is a relative or friend of the auditee; (v) familiarity, resulting from a
long term relationship with the auditee including having worked in the unit being
audited; (vi) cultural, racial and gender biases arising in multinational organizations
when the auditor is biased or lacks an understanding of local culture and customs; and
(vii) cognitive biases resulting from preconceived notions or the adoption of a particular
psychological perspective when performing the audit. These threats can also occur at
the internal audit function level, particularly when the function is involved in both
consulting and assurance activities.
The framework also gives examples of mitigating factors that act as safeguards against
the threats to objectivity. Examples include organizational position and policy
statements which increase the status of internal auditors in the organization, a strong
and supportive governance environment, appropriate incentive schemes which reward
objectivity, the use of teams, and adequate supervision of staff.
In summary, it is apparent that the IIA takes a strong stance on the need for
independence and objectivity within the profession. Burnaby et al. (2007) report that
67% of respondents in the CBOK survey believed that they fully comply with IIA
Standard 1100, while 88% are of the view that the standard provides adequate guidance
with respect to independence and objectivity. However, as Paape (2007) argues, the two
concepts are not well defined and are relative in nature given that internal auditors are
employees of the entity. Hence, in addition to the empirical research opportunities
discussed in the next section, there is also an opportunity for academics to contribute to
8
the conceptual debate on independence and objectivity. This debate should be directed
at providing further clarification on the distinction between the two concepts.
The extant literature and research opportunities
To avoid replication of previous literature reviews, we do not cover the whole spectrum
of internal audit research. Rather, we focus on specific areas of significance to internal
audit objectivity where we perceive a need for further research. As previously noted,
our emphasis is on work that has engaged internal auditors rather than on work that
examines the perceptions of external auditors.3 In order to address issues of current
relevance, we restrict our discussion of prior studies to those that have been conducted
since the revised definition of internal audit in 1999.
The topics that we discuss are: (i) organizational status; (ii) assurance versus consulting;
(iii) internal audit’s role in risk management; (iv) outsourcing and co-sourcing internal
audit activities; and (v) internal audit as a management training ground. For each topic,
we summarize the key studies, highlight the gaps in knowledge and discuss
opportunities for future research. We conclude our review with a brief discussion of
emerging areas that could provide further research opportunities.
Organizational status
As we discussed earlier, the IIA stresses that the internal audit function should be given
the appropriate status in the organization to enable the function to exercise
organizational independence and individual internal auditors to act objectively. This is
necessary because internal auditors are in a unique position as employees of an
organization with responsibility to assess and monitor decisions made by management
and also to advise management on the adequacy and effectiveness of internal controls
(Sarens and de Beelde, 2006a). It is thus no surprise that internal auditors can face
considerable familiarity and social pressure threats stemming from their relationship
with management. In more recent years, audit committees have undertaken an important
governance role in coordinating and overseeing the communications between
management, internal auditors, and external auditors. Gramling et al. (2004, p.148)
highlight that “a quality relationship between the IAF (internal audit function) and the
audit committee also works towards providing the IAF with an appropriate environment
and support system for carrying out its own governance related activities (e.g. risk
assessment, control assurance and compliance work)”. In addition, corporate
governance guidelines and listing rules explicitly recognize the governance role played
by audit committees in enhancing the relationships between management, external
auditors and internal auditors (Blue Ribbon Committee, 1999; Smith Committee, 2003).
As such, audit committees can be viewed as a key safeguard mechanism for internal
auditors in managing their professional objectivity.
The majority of prior studies relating to the organizational status of internal audit have
focused on internal audit’s relation with the audit committee. Most of these studies
involve surveys or interviews of internal auditors. An exception is the study by Carcello
et al. (2002) which examined audit committee charters and reports of 150 US
companies. Part of this study looks at disclosures relating to auditor oversight. The
authors found that disclosures relating to external audit were much more prevalent than
those relating to internal audit, with less than 50% of companies in their sample
reporting that the audit committee held private meetings with internal audit.
the conceptual debate on independence and objectivity. This debate should be directed
at providing further clarification on the distinction between the two concepts.
The extant literature and research opportunities
To avoid replication of previous literature reviews, we do not cover the whole spectrum
of internal audit research. Rather, we focus on specific areas of significance to internal
audit objectivity where we perceive a need for further research. As previously noted,
our emphasis is on work that has engaged internal auditors rather than on work that
examines the perceptions of external auditors.3 In order to address issues of current
relevance, we restrict our discussion of prior studies to those that have been conducted
since the revised definition of internal audit in 1999.
The topics that we discuss are: (i) organizational status; (ii) assurance versus consulting;
(iii) internal audit’s role in risk management; (iv) outsourcing and co-sourcing internal
audit activities; and (v) internal audit as a management training ground. For each topic,
we summarize the key studies, highlight the gaps in knowledge and discuss
opportunities for future research. We conclude our review with a brief discussion of
emerging areas that could provide further research opportunities.
Organizational status
As we discussed earlier, the IIA stresses that the internal audit function should be given
the appropriate status in the organization to enable the function to exercise
organizational independence and individual internal auditors to act objectively. This is
necessary because internal auditors are in a unique position as employees of an
organization with responsibility to assess and monitor decisions made by management
and also to advise management on the adequacy and effectiveness of internal controls
(Sarens and de Beelde, 2006a). It is thus no surprise that internal auditors can face
considerable familiarity and social pressure threats stemming from their relationship
with management. In more recent years, audit committees have undertaken an important
governance role in coordinating and overseeing the communications between
management, internal auditors, and external auditors. Gramling et al. (2004, p.148)
highlight that “a quality relationship between the IAF (internal audit function) and the
audit committee also works towards providing the IAF with an appropriate environment
and support system for carrying out its own governance related activities (e.g. risk
assessment, control assurance and compliance work)”. In addition, corporate
governance guidelines and listing rules explicitly recognize the governance role played
by audit committees in enhancing the relationships between management, external
auditors and internal auditors (Blue Ribbon Committee, 1999; Smith Committee, 2003).
As such, audit committees can be viewed as a key safeguard mechanism for internal
auditors in managing their professional objectivity.
The majority of prior studies relating to the organizational status of internal audit have
focused on internal audit’s relation with the audit committee. Most of these studies
involve surveys or interviews of internal auditors. An exception is the study by Carcello
et al. (2002) which examined audit committee charters and reports of 150 US
companies. Part of this study looks at disclosures relating to auditor oversight. The
authors found that disclosures relating to external audit were much more prevalent than
those relating to internal audit, with less than 50% of companies in their sample
reporting that the audit committee held private meetings with internal audit.
9
Leung et al. (2004) explored the role of internal audit in corporate governance and
management in Australia using both an on-line survey and in-depth interviews of CAEs.
They report that, while a majority of CAEs had reporting responsibilities to the audit
committee or board level, more than 22% of participants reported only to management
(either to the CEO or the chief financial officer). Globally, the CBOK study (Burnaby et
al., 2007) found that only 47% of CAE respondents reported to the audit committee
level. However, where an audit/oversight committee was present (in 73% of
organizations), 91% of respondents believed that they had appropriate access to the
committee.
Christopher et al. (2009) examined the independence of the internal audit function in a
sample of 34 Australian companies through the function’s relationship with both
management and the audit committee. An e-mail based survey of CAEs identified a
number of threats to independence stemming from internal audit’s relationship with the
audit committee. These threats include CAEs not reporting functionally to the
committee, the audit committee not having sole responsibility for appointing,
dismissing and evaluating the CAE and audit committee members lacking expertise in
accounting.
Other surveys have examined whether the composition of the audit committee is
associated with the strength of the relationship between the internal audit function and
the audit committee. Raghunandan et al. (2001), in a survey of US chief internal
auditors4, assessed the joint effect of audit committee independence and expertise on the
committee’s interaction with internal audit. They found that independent committees
with at least one member with accounting or finance expertise had longer meetings and
more private meetings with the chief internal auditor. Goodwin and Yeo (2001)
surveyed chief internal auditors in Singapore and found that audit committees
comprised solely of independent directors had more frequent meetings and more private
meetings with the chief internal auditor. Goodwin (2003) obtained similar results in a
survey of chief internal auditors from Australia and New Zealand. In contrast, however,
O’Leary and Stewart (2007), in a study of Australian internal auditors’ ethical decision
making, found that the existence of an effective audit committee had little impact on
internal auditors’ perceptions of their willingness to act objectively.
The involvement of the audit committee in decisions to dismiss the chief internal
auditor is another indicator of internal audit independence. Prior studies have obtained
mixed results in this regard. For example, Goodwin and Yeo (2001) report that 72% of
audit committees in their Singapore study were involved in dismissal decisions while
Goodwin (2003) found only 52% of Australian and New Zealand audit committees
were similarly involved. Only Goodwin (2003) found a relationship between dismissal
decisions and the independence of the audit committee.
Studies based on in-depth interviews of internal auditors and audit committee members
suggest that audit committees may strengthen internal auditors’ status and in turn their
ability to remain objective and independent. Turley and Zaman (2007) conducted
interviews with a variety of personnel from a large UK financial services company (of
which one interviewee was the head of group internal audit and another, the audit
committee chair). Based on these interviews, the authors argue that an audit committee
is able to set a ‘tone’ that allows internal audit to have a certain degree of influence in
Leung et al. (2004) explored the role of internal audit in corporate governance and
management in Australia using both an on-line survey and in-depth interviews of CAEs.
They report that, while a majority of CAEs had reporting responsibilities to the audit
committee or board level, more than 22% of participants reported only to management
(either to the CEO or the chief financial officer). Globally, the CBOK study (Burnaby et
al., 2007) found that only 47% of CAE respondents reported to the audit committee
level. However, where an audit/oversight committee was present (in 73% of
organizations), 91% of respondents believed that they had appropriate access to the
committee.
Christopher et al. (2009) examined the independence of the internal audit function in a
sample of 34 Australian companies through the function’s relationship with both
management and the audit committee. An e-mail based survey of CAEs identified a
number of threats to independence stemming from internal audit’s relationship with the
audit committee. These threats include CAEs not reporting functionally to the
committee, the audit committee not having sole responsibility for appointing,
dismissing and evaluating the CAE and audit committee members lacking expertise in
accounting.
Other surveys have examined whether the composition of the audit committee is
associated with the strength of the relationship between the internal audit function and
the audit committee. Raghunandan et al. (2001), in a survey of US chief internal
auditors4, assessed the joint effect of audit committee independence and expertise on the
committee’s interaction with internal audit. They found that independent committees
with at least one member with accounting or finance expertise had longer meetings and
more private meetings with the chief internal auditor. Goodwin and Yeo (2001)
surveyed chief internal auditors in Singapore and found that audit committees
comprised solely of independent directors had more frequent meetings and more private
meetings with the chief internal auditor. Goodwin (2003) obtained similar results in a
survey of chief internal auditors from Australia and New Zealand. In contrast, however,
O’Leary and Stewart (2007), in a study of Australian internal auditors’ ethical decision
making, found that the existence of an effective audit committee had little impact on
internal auditors’ perceptions of their willingness to act objectively.
The involvement of the audit committee in decisions to dismiss the chief internal
auditor is another indicator of internal audit independence. Prior studies have obtained
mixed results in this regard. For example, Goodwin and Yeo (2001) report that 72% of
audit committees in their Singapore study were involved in dismissal decisions while
Goodwin (2003) found only 52% of Australian and New Zealand audit committees
were similarly involved. Only Goodwin (2003) found a relationship between dismissal
decisions and the independence of the audit committee.
Studies based on in-depth interviews of internal auditors and audit committee members
suggest that audit committees may strengthen internal auditors’ status and in turn their
ability to remain objective and independent. Turley and Zaman (2007) conducted
interviews with a variety of personnel from a large UK financial services company (of
which one interviewee was the head of group internal audit and another, the audit
committee chair). Based on these interviews, the authors argue that an audit committee
is able to set a ‘tone’ that allows internal audit to have a certain degree of influence in
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
the organization. As such, an effective audit committee is seen to play a critical role in
supporting the internal auditor’s position and strengthening internal audit independence.
In a similar vein, Mat Zain and Subramaniam’s (2007) study of heads of internal audit
from eleven organizations in Malaysia reflects the importance of the powerful position
of audit committees in enhancing internal audit objectivity. The study reveals that
internal auditors place significant trust in audit committees to take up the key
questioning role in more formal settings. This finding raises the possibility of a cultural
effect stemming from the fact that Malaysia is a high power distance nation (Hofstede,
1981), where the cultural norm emphasizes class distinctions based on the level of
authority.
Finally, the role of audit committees serving as a potential support of internal audit is
also evident in James’ (2003) study. He examined the perceptions of bank lending
officers with respect to the impact of reporting structure on internal audit’s ability to
prevent financial statement fraud. The study found that internal audit functions that
report to senior management are perceived as being less able to prevent fraudulent
reporting compared to those departments that report solely to the audit committee.
Another avenue of research pertaining to organisational status involves the relationship
between internal audit and senior management. Investigations into the impact of this
relationship on internal audit objectivity are very limited. Sarens and De Beelde (2006a)
used a case study approach of five Belgian companies to explore the expectations and
perceptions of both senior management and internal auditors with respect to the
relationship between the two parties. They found that, when internal audit operates
primarily in a management support role, there is a lack of perceived objectivity and the
relationship with the audit committee is weak. They also found that senior
management’s expectations significantly influence internal audit and that the support of
senior management is critical to the acceptance and appreciation of the internal audit
function within the organization. Christopher et al. (2009) found that independence
threats associated with internal audit’s relation with management stem from the
involvement of the CEO or chief financial officer (CFO) in the internal audit function’s
plan and budget, management regarding the internal auditor as a partner and using the
internal audit function as a stepping stone to other positions. 5 Van Peursem (2005), in a
multiple case study of six senior internal auditors in New Zealand, found that internal
auditors’ close relationship with management can place their independence from
management at risk. For example, interviewees recognised a need to balance the
conflicting interests of their managers with the interests of their profession and were
conscious that they have a responsibility to report over their employer’s head if
necessary.
Table I provides a summary of the above studies.
Insert Table I about here
While prior research has provided some insights into the impact of organizational status
on internal audit objectivity, there are a number of avenues for further research. For
instance, although corporate governance guidelines and listing rules recognize the
governance role played by audit committees, we do not know whether audit committees
do in fact play a key role in internal audit independence. Further, very little is known
the organization. As such, an effective audit committee is seen to play a critical role in
supporting the internal auditor’s position and strengthening internal audit independence.
In a similar vein, Mat Zain and Subramaniam’s (2007) study of heads of internal audit
from eleven organizations in Malaysia reflects the importance of the powerful position
of audit committees in enhancing internal audit objectivity. The study reveals that
internal auditors place significant trust in audit committees to take up the key
questioning role in more formal settings. This finding raises the possibility of a cultural
effect stemming from the fact that Malaysia is a high power distance nation (Hofstede,
1981), where the cultural norm emphasizes class distinctions based on the level of
authority.
Finally, the role of audit committees serving as a potential support of internal audit is
also evident in James’ (2003) study. He examined the perceptions of bank lending
officers with respect to the impact of reporting structure on internal audit’s ability to
prevent financial statement fraud. The study found that internal audit functions that
report to senior management are perceived as being less able to prevent fraudulent
reporting compared to those departments that report solely to the audit committee.
Another avenue of research pertaining to organisational status involves the relationship
between internal audit and senior management. Investigations into the impact of this
relationship on internal audit objectivity are very limited. Sarens and De Beelde (2006a)
used a case study approach of five Belgian companies to explore the expectations and
perceptions of both senior management and internal auditors with respect to the
relationship between the two parties. They found that, when internal audit operates
primarily in a management support role, there is a lack of perceived objectivity and the
relationship with the audit committee is weak. They also found that senior
management’s expectations significantly influence internal audit and that the support of
senior management is critical to the acceptance and appreciation of the internal audit
function within the organization. Christopher et al. (2009) found that independence
threats associated with internal audit’s relation with management stem from the
involvement of the CEO or chief financial officer (CFO) in the internal audit function’s
plan and budget, management regarding the internal auditor as a partner and using the
internal audit function as a stepping stone to other positions. 5 Van Peursem (2005), in a
multiple case study of six senior internal auditors in New Zealand, found that internal
auditors’ close relationship with management can place their independence from
management at risk. For example, interviewees recognised a need to balance the
conflicting interests of their managers with the interests of their profession and were
conscious that they have a responsibility to report over their employer’s head if
necessary.
Table I provides a summary of the above studies.
Insert Table I about here
While prior research has provided some insights into the impact of organizational status
on internal audit objectivity, there are a number of avenues for further research. For
instance, although corporate governance guidelines and listing rules recognize the
governance role played by audit committees, we do not know whether audit committees
do in fact play a key role in internal audit independence. Further, very little is known
11
about management’s attitudes towards internal audit objectivity and whether their
ability to act in an unbiased manner is strengthened when they report to the audit
committee. Further, the relationship between internal audit functional independence
(the state of affairs that permits an objective attitude) and objectivity (the individual
internal auditor’s state of mind) is relatively unexplored. In addition, while it is
recognized that reporting to the CFO is likely to compromise internal audit
independence and objectivity, there has been little research that has examined the
impact of reporting to more senior management such as the CEO.
We also do not know whether the results of prior studies are generalizable to other
jurisdictions and cultures. Of note, cultural dimensions such as power distance could be
driving the results of studies in Eastern cultures such as Malaysia and Singapore and
this warrants further exploration. Finally, alternative research designs could add insight
to our understanding of the relation between organizational status and internal audit
objectivity. For example, experimental designs could be undertaken in order to identify
causal relationships more easily. Numerous experimental studies have examined
various aspects of external auditor independence and these could be used as a base to
provide insight into further exploration of internal audit objectivity.
Assurance versus consulting
The IIA definition of internal audit highlights the value-adding role of internal audit as
an assurance and consulting activity. 6 Consulting services as defined by the IIA refer to
“advisory and related client service activities, the nature and scope of which are agreed
with the client, are intended to add value and improve an organization's governance, risk
management, and control processes without the internal auditor assuming management
responsibility” (IIA, 2009). Chapman (2001) argues that involvement in consulting
activities has elevated internal audit to a more strategic role in the organization. She
further suggests that consulting activities are generally of a problem-solving nature,
with internal audit working closely with management to assist management to achieve
its objectives. Further, consulting involves a more pro-active approach whereby internal
audit becomes a partner with management (Bou-Raad, 2000; Christopher et al., 2009).
A number of studies around the world have examined the extent to which internal audit
engages in consulting activities. A study by Nagy and Cenker (2002) examined whether
the new definition actually reflected the activities of internal auditors. The researchers
interviewed 11 US directors of internal audit, addressing issues and highlighting
changes associated with audit scope, organizational structure, risk management and
audit committee expectations. The study found that the change in definition simply
reflected existing practice, with internal auditors having performed consulting services
and other value-added activities for many years.
Hass et al. (2006) report that during the 1990s internal auditors in the US tended to
became consultative partners with management. However, in the early 2000s the
increasing emphasis on compliance surrounding internal control systems in the
immediate post-Sarbanes-Oxley (SOX) era led to a move back towards assurance work
for internal auditors. This signals that the extent of internal audit involvement in
consulting activities is influenced by the economic and regulatory environment and is
therefore likely to vary across time.
about management’s attitudes towards internal audit objectivity and whether their
ability to act in an unbiased manner is strengthened when they report to the audit
committee. Further, the relationship between internal audit functional independence
(the state of affairs that permits an objective attitude) and objectivity (the individual
internal auditor’s state of mind) is relatively unexplored. In addition, while it is
recognized that reporting to the CFO is likely to compromise internal audit
independence and objectivity, there has been little research that has examined the
impact of reporting to more senior management such as the CEO.
We also do not know whether the results of prior studies are generalizable to other
jurisdictions and cultures. Of note, cultural dimensions such as power distance could be
driving the results of studies in Eastern cultures such as Malaysia and Singapore and
this warrants further exploration. Finally, alternative research designs could add insight
to our understanding of the relation between organizational status and internal audit
objectivity. For example, experimental designs could be undertaken in order to identify
causal relationships more easily. Numerous experimental studies have examined
various aspects of external auditor independence and these could be used as a base to
provide insight into further exploration of internal audit objectivity.
Assurance versus consulting
The IIA definition of internal audit highlights the value-adding role of internal audit as
an assurance and consulting activity. 6 Consulting services as defined by the IIA refer to
“advisory and related client service activities, the nature and scope of which are agreed
with the client, are intended to add value and improve an organization's governance, risk
management, and control processes without the internal auditor assuming management
responsibility” (IIA, 2009). Chapman (2001) argues that involvement in consulting
activities has elevated internal audit to a more strategic role in the organization. She
further suggests that consulting activities are generally of a problem-solving nature,
with internal audit working closely with management to assist management to achieve
its objectives. Further, consulting involves a more pro-active approach whereby internal
audit becomes a partner with management (Bou-Raad, 2000; Christopher et al., 2009).
A number of studies around the world have examined the extent to which internal audit
engages in consulting activities. A study by Nagy and Cenker (2002) examined whether
the new definition actually reflected the activities of internal auditors. The researchers
interviewed 11 US directors of internal audit, addressing issues and highlighting
changes associated with audit scope, organizational structure, risk management and
audit committee expectations. The study found that the change in definition simply
reflected existing practice, with internal auditors having performed consulting services
and other value-added activities for many years.
Hass et al. (2006) report that during the 1990s internal auditors in the US tended to
became consultative partners with management. However, in the early 2000s the
increasing emphasis on compliance surrounding internal control systems in the
immediate post-Sarbanes-Oxley (SOX) era led to a move back towards assurance work
for internal auditors. This signals that the extent of internal audit involvement in
consulting activities is influenced by the economic and regulatory environment and is
therefore likely to vary across time.
12
Several European studies provide evidence of the extent of internal audit engagement in
consulting activities in Europe. For example, Arena et al. (2006) undertook a multiple
case study of internal audit functions in six Italian companies and found that only in one
of the firms, the internal audit function had engaged significantly in consulting
activities. Allegrini et al. (2006), in their literature review of European internal auditing,
report that consulting generally forms a relatively small part of internal audit activities
in Europe (e.g. in France, assurance services represent 73% of work (Institut Francais
de l’Audit et du Contrộle Internes, 2005), in Belgium, consulting averages 12 per cent
of annual working time (IIA Belgium, 2006), while in Italy, only a few large companies
(8% of the top 100 firms) use internal audit for consulting activities (Allegrini and
D’Onza, 2003)). However, consulting activities appear to be increasing – for example,
Allegrini and Bandettini (2006) indicate an increase from 7 to 26 per cent of time
allocated to consulting activities in Italian companies. Paape et al. (2003) found that
64% of respondents to their survey of chief internal auditors across fifteen European
nations reported that their function engaged in consultancy and management support
activities. Furthermore, 61% of respondents disagreed with the suggestion that it is
better for internal audit not to accept consultancy assignments in order to protect and
maintain independence.
Selim et al. (2009) in a comparative study of internal auditing and consulting practice
between the UK/Ireland and Italy, found that in both countries there has been a
significant increase in the level of consulting since 1999. In the UK/Ireland, the most
common consulting assignments are risk management7, project management,
governance, and contingency planning and disaster recovery. In Italy, the most common
assignments relate to legislative compliance, governance and risk management. The
study provides mixed support for concern about whether the dual role of consulting and
assurance compromises internal audit objectivity. Some 36% of Italian respondents
reported that involvement in consultancy increases the ability to be independent and
objective while 38% of UK/Ireland respondents reported that such involvement
decreased independence and objectivity. Further, 64% of UK/Ireland respondents
reported an increase in the risk of conflict of interest for internal auditors arising from
involvement in both consulting and assurance while 51% of Italian respondents reported
‘no effect’ (Selim et al., 2009, p.18). The authors suggest that possible reasons for these
different results include (i) the different nature of consulting activities in the two
countries, with more non-traditional types of consulting assignments being undertaken
in the UK/Ireland; (ii) differences in the structure of shareholding, with more family-
owned businesses in Italy lowering the perceived importance of independence; (iii)
traditionally less concern for independence as a governance characteristic in Italy.
Selim et al. (2003) examined the role of internal audit in mergers, acquisitions and
divestitures (M, A & D). The research involved interviewing internal auditors and
senior managers in 22 companies in the US and Europe. They found that internal audit
played a relatively small role in M, A & D activities but that interviewees believed that
opportunities exist for a more pro-active role, notably in the areas of advising
management and providing consulting services. Melville (2003) conducted a global
survey of internal auditors’ contribution to strategic management within their
organization. The study found that internal auditors make a positive contribution to
strategic management and are active in the development of strategic objectives.
Several European studies provide evidence of the extent of internal audit engagement in
consulting activities in Europe. For example, Arena et al. (2006) undertook a multiple
case study of internal audit functions in six Italian companies and found that only in one
of the firms, the internal audit function had engaged significantly in consulting
activities. Allegrini et al. (2006), in their literature review of European internal auditing,
report that consulting generally forms a relatively small part of internal audit activities
in Europe (e.g. in France, assurance services represent 73% of work (Institut Francais
de l’Audit et du Contrộle Internes, 2005), in Belgium, consulting averages 12 per cent
of annual working time (IIA Belgium, 2006), while in Italy, only a few large companies
(8% of the top 100 firms) use internal audit for consulting activities (Allegrini and
D’Onza, 2003)). However, consulting activities appear to be increasing – for example,
Allegrini and Bandettini (2006) indicate an increase from 7 to 26 per cent of time
allocated to consulting activities in Italian companies. Paape et al. (2003) found that
64% of respondents to their survey of chief internal auditors across fifteen European
nations reported that their function engaged in consultancy and management support
activities. Furthermore, 61% of respondents disagreed with the suggestion that it is
better for internal audit not to accept consultancy assignments in order to protect and
maintain independence.
Selim et al. (2009) in a comparative study of internal auditing and consulting practice
between the UK/Ireland and Italy, found that in both countries there has been a
significant increase in the level of consulting since 1999. In the UK/Ireland, the most
common consulting assignments are risk management7, project management,
governance, and contingency planning and disaster recovery. In Italy, the most common
assignments relate to legislative compliance, governance and risk management. The
study provides mixed support for concern about whether the dual role of consulting and
assurance compromises internal audit objectivity. Some 36% of Italian respondents
reported that involvement in consultancy increases the ability to be independent and
objective while 38% of UK/Ireland respondents reported that such involvement
decreased independence and objectivity. Further, 64% of UK/Ireland respondents
reported an increase in the risk of conflict of interest for internal auditors arising from
involvement in both consulting and assurance while 51% of Italian respondents reported
‘no effect’ (Selim et al., 2009, p.18). The authors suggest that possible reasons for these
different results include (i) the different nature of consulting activities in the two
countries, with more non-traditional types of consulting assignments being undertaken
in the UK/Ireland; (ii) differences in the structure of shareholding, with more family-
owned businesses in Italy lowering the perceived importance of independence; (iii)
traditionally less concern for independence as a governance characteristic in Italy.
Selim et al. (2003) examined the role of internal audit in mergers, acquisitions and
divestitures (M, A & D). The research involved interviewing internal auditors and
senior managers in 22 companies in the US and Europe. They found that internal audit
played a relatively small role in M, A & D activities but that interviewees believed that
opportunities exist for a more pro-active role, notably in the areas of advising
management and providing consulting services. Melville (2003) conducted a global
survey of internal auditors’ contribution to strategic management within their
organization. The study found that internal auditors make a positive contribution to
strategic management and are active in the development of strategic objectives.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13
Van Peursem (2004) conducted a survey of New Zealand internal auditors to identify
functions that internal auditors perceive to be essential to their role. The survey also
sought to understand the nature of the internal auditor’s “role dilemma” (p. 379) which
arises from the expectation that internal auditors will both assist management and
independently evaluate management. Comments received from respondents indicated
that internal audit’s role has changed in recent years to one of consultant rather than of
“policeman”. Most of those who commented on this change did not perceive it as a
problem. Van Peursem’s (2005) study, discussed in the previous section, is also
relevant to this issue. The study attempted to explain how internal auditors deal with the
conflict between their audit oversight responsibilities and the provision of support to
management. Van Peursem found that the tension involved in maintaining this dual role
leads to role ambiguity but that this ambiguity is not necessarily undesirable. Three
concepts emerged from the interviews which impact on internal auditors’ ability to
maintain their independence: how they create and establish their own role and duties;
the role of professional status; and the nature of the communications in which they
engage.
A recent study by Ahmad and Taylor (2009) provides evidence of the effect of a
number of dimensions of role ambiguity and role conflict on internal auditors’
commitment to independence. In a survey of 101 Malaysian internal auditors, they do
not find a significant relation between commitment to independence and role conflict
arising from performing both an advisory role and an oversight role. Further, this
dimension of role conflict was found to be relatively low, suggesting that Malaysian
internal auditors do not perceive a conflict between their consulting and assurance roles.
Schneider (2003) suggests that a direct result of internal auditors’ involvement in
business consultancy is their participation in incentive-based compensation schemes
such as bonuses and/or stock ownership. Two studies have confirmed that this practice
is prevalent amongst US internal auditors (DeZoort et al., 2000; Dickins and O’Reilly,
2009). DeZoort et al. (2000) found that almost half of the 179 respondents to their
survey indicated that incentive-based compensation was available to internal auditors in
their organization. The most common incentive-based schemes involved bonuses based
on overall company performance, internal audit function performance and individual
performance. Almost one third of respondents perceived that such schemes could impair
internal audit objectivity and independence. More recently, Dickens and O’Reilly
(2009) likewise found that 89% of the 99 CAEs responding to their survey of US mid-
sized listed companies were eligible to participate in stock-based awards and/or bonuses
based on operating results, indicating a substantial participation of internal auditors in
incentive-based compensation.
Schneider (2003) used an experimental design to explore the impact on internal audit
objectivity of participation in incentive-based reward schemes. His study examined
whether the type of compensation would influence US internal auditors’ willingness to
report the failure to recognize an inventory loss (a GAAP violation). He found that,
when compensation was tied to stock price, a significantly higher percentage of internal
auditors would not report the GAAP violation compared to when the compensation was
tied to earnings or was fixed. However, it is unclear why an incentive payment linked to
stock price had an impact while one linked to earnings did not. Further, there was no
evidence that stock ownership influenced internal auditors’ willingness to report the
GAAP violation.
Van Peursem (2004) conducted a survey of New Zealand internal auditors to identify
functions that internal auditors perceive to be essential to their role. The survey also
sought to understand the nature of the internal auditor’s “role dilemma” (p. 379) which
arises from the expectation that internal auditors will both assist management and
independently evaluate management. Comments received from respondents indicated
that internal audit’s role has changed in recent years to one of consultant rather than of
“policeman”. Most of those who commented on this change did not perceive it as a
problem. Van Peursem’s (2005) study, discussed in the previous section, is also
relevant to this issue. The study attempted to explain how internal auditors deal with the
conflict between their audit oversight responsibilities and the provision of support to
management. Van Peursem found that the tension involved in maintaining this dual role
leads to role ambiguity but that this ambiguity is not necessarily undesirable. Three
concepts emerged from the interviews which impact on internal auditors’ ability to
maintain their independence: how they create and establish their own role and duties;
the role of professional status; and the nature of the communications in which they
engage.
A recent study by Ahmad and Taylor (2009) provides evidence of the effect of a
number of dimensions of role ambiguity and role conflict on internal auditors’
commitment to independence. In a survey of 101 Malaysian internal auditors, they do
not find a significant relation between commitment to independence and role conflict
arising from performing both an advisory role and an oversight role. Further, this
dimension of role conflict was found to be relatively low, suggesting that Malaysian
internal auditors do not perceive a conflict between their consulting and assurance roles.
Schneider (2003) suggests that a direct result of internal auditors’ involvement in
business consultancy is their participation in incentive-based compensation schemes
such as bonuses and/or stock ownership. Two studies have confirmed that this practice
is prevalent amongst US internal auditors (DeZoort et al., 2000; Dickins and O’Reilly,
2009). DeZoort et al. (2000) found that almost half of the 179 respondents to their
survey indicated that incentive-based compensation was available to internal auditors in
their organization. The most common incentive-based schemes involved bonuses based
on overall company performance, internal audit function performance and individual
performance. Almost one third of respondents perceived that such schemes could impair
internal audit objectivity and independence. More recently, Dickens and O’Reilly
(2009) likewise found that 89% of the 99 CAEs responding to their survey of US mid-
sized listed companies were eligible to participate in stock-based awards and/or bonuses
based on operating results, indicating a substantial participation of internal auditors in
incentive-based compensation.
Schneider (2003) used an experimental design to explore the impact on internal audit
objectivity of participation in incentive-based reward schemes. His study examined
whether the type of compensation would influence US internal auditors’ willingness to
report the failure to recognize an inventory loss (a GAAP violation). He found that,
when compensation was tied to stock price, a significantly higher percentage of internal
auditors would not report the GAAP violation compared to when the compensation was
tied to earnings or was fixed. However, it is unclear why an incentive payment linked to
stock price had an impact while one linked to earnings did not. Further, there was no
evidence that stock ownership influenced internal auditors’ willingness to report the
GAAP violation.
14
Two other experimental studies conducted in the US have addressed the concern that
the dual role of assurance provider and consultant can create bias and hence cause
problems for internal audit objectivity. Both Brody and Lowe (2000) and Ahlawat and
Lowe (2004) examined whether internal auditors can remain objective when consulting
to management in a corporate acquisition setting. The two studies involved internal
auditors acting for the buyer or seller in an acquisition. The role that the company was
taking in the negotiation process was found to influence participants’ judgments, with
internal auditors allocated to the buyer condition providing significantly higher
likelihood judgments about inventory obsolescence compared to those allocated to the
seller condition. The researchers conclude that this suggests that internal auditors who
act as consultants may not be able to maintain their objectivity.
Insert Table II about here
The above synthesis (summarized in Table II) indicates that internal auditors are
engaging in a greater amount of consulting activities. It appears that they support this
move as one which adds value to the organization. However, there are role conflict
issues which can create objectivity problems. It is possible that engaging in both
assurance and consulting activities gives rise to a self-review threat and/or a social
pressure threat. Further, if involvement in consultancy leads to participation in incentive
schemes, there is also an economic interest threat.
There are clearly gaps in the literature which indicate opportunities for further research.
We know that internal auditors are generally engaging in more consulting activities and
that they perceive that this is an opportunity to add value to their organization.
However, Selim et al. (2009) is one of the few studies to identify the types of
assignment carried out by internal audit departments, both before and after 1999.
Further examination of varying trends in both the level of consulting and the nature of
consulting activities across different jurisdictions is clearly warranted.
We also know little about the frequency and nature of incentive-based compensation
schemes for internal auditors, particularly outside of the US. We need to determine the
prevalence of incentive-based remuneration in other jurisdictions and whether such
remuneration schemes are based on company performance, performance of the internal
audit function or on individual performance. The impact of these different types of
schemes on internal audit objectivity is clearly an important avenue for further research.
From the small number of experimental studies that have been conducted, it appears
that internal auditors do not act without bias when performing consulting activities.
However, these studies need to be replicated and extended to different situations and
different groups of internal auditors to determine the generalizability of the findings.
For instance, the nature of consulting activities may be important, e.g. involvement in
systems design and implementation may have a different impact on objectivity than
involvement in business valuation, feasibility studies or project management. There
could also be industry differences, with internal auditors in industries that emphasize
compliance, such as the finance sector, being at greater risk of compromising
independence compared to less regulated industries.
Two other experimental studies conducted in the US have addressed the concern that
the dual role of assurance provider and consultant can create bias and hence cause
problems for internal audit objectivity. Both Brody and Lowe (2000) and Ahlawat and
Lowe (2004) examined whether internal auditors can remain objective when consulting
to management in a corporate acquisition setting. The two studies involved internal
auditors acting for the buyer or seller in an acquisition. The role that the company was
taking in the negotiation process was found to influence participants’ judgments, with
internal auditors allocated to the buyer condition providing significantly higher
likelihood judgments about inventory obsolescence compared to those allocated to the
seller condition. The researchers conclude that this suggests that internal auditors who
act as consultants may not be able to maintain their objectivity.
Insert Table II about here
The above synthesis (summarized in Table II) indicates that internal auditors are
engaging in a greater amount of consulting activities. It appears that they support this
move as one which adds value to the organization. However, there are role conflict
issues which can create objectivity problems. It is possible that engaging in both
assurance and consulting activities gives rise to a self-review threat and/or a social
pressure threat. Further, if involvement in consultancy leads to participation in incentive
schemes, there is also an economic interest threat.
There are clearly gaps in the literature which indicate opportunities for further research.
We know that internal auditors are generally engaging in more consulting activities and
that they perceive that this is an opportunity to add value to their organization.
However, Selim et al. (2009) is one of the few studies to identify the types of
assignment carried out by internal audit departments, both before and after 1999.
Further examination of varying trends in both the level of consulting and the nature of
consulting activities across different jurisdictions is clearly warranted.
We also know little about the frequency and nature of incentive-based compensation
schemes for internal auditors, particularly outside of the US. We need to determine the
prevalence of incentive-based remuneration in other jurisdictions and whether such
remuneration schemes are based on company performance, performance of the internal
audit function or on individual performance. The impact of these different types of
schemes on internal audit objectivity is clearly an important avenue for further research.
From the small number of experimental studies that have been conducted, it appears
that internal auditors do not act without bias when performing consulting activities.
However, these studies need to be replicated and extended to different situations and
different groups of internal auditors to determine the generalizability of the findings.
For instance, the nature of consulting activities may be important, e.g. involvement in
systems design and implementation may have a different impact on objectivity than
involvement in business valuation, feasibility studies or project management. There
could also be industry differences, with internal auditors in industries that emphasize
compliance, such as the finance sector, being at greater risk of compromising
independence compared to less regulated industries.
15
We also need to identify and test factors that might mitigate any potential biases, for
example organizational status, supervision and whistle-blowing protection. In addition,
we do not know how the performance of consulting activities impacts assurance
services and whether internal auditors are able to maintain their objectivity when they
provide both types of services to a client. While Van Peursem (2005) provides valuable
insights to our understanding of how internal auditors balance their assurance and
consulting roles, her evidence is drawn from interviews with six New Zealand internal
auditors, only one of whom was employed in a major corporation. Four participants
came from public sector or quasi-public sector organizations while the fifth participant
was an internal audit outsource provider. Hence, further research is needed in other
contexts and jurisdictions to elaborate and extend this work.
Internal audit’s role in risk management
Recent corporate governance developments have raised the profile of risk management
within organizations.8 While the prime responsibility for risk management lies with the
directors and senior management, internal auditors are also seen as key contributors as
consultants and assurance providers on risk management processes and systems. The
CBOK study (Burnaby et al., 2007) found that 67% of respondents currently had a role
in risk management while 25% expected to have a role within the next three years.
Further, almost 80% of respondents believed that risk management audits would
increase within the next three years.
The internal auditing profession has become a key driver of the concept of enterprise
risk management (ERM), defined by the Committee of Sponsoring Organizations of the
Treadway Commission (COSO) (2004, p.2) as:
“ A process, effected by an entity’s board of directors, management and other
personnel, applied in strategy setting and across the enterprise, designed to
identify potential events that may affect the entity, and manage risk to be within
its risk appetite, to provide reasonable assurance regarding the achievement of
entity objectives…”
In 2004, the IIA, in conjunction with COSO, issued a position statement on the role of
internal audit in ERM, suggesting ways for internal auditors to maintain their objectivity
and independence. This position paper, which was updated in 2009 (IIA, 2009d),
outlines the recommended roles of internal audit in ERM, roles that are legitimate with
safeguards, and roles that should not be undertaken. These roles are listed in Table III.
Both COSO and the IIA emphasize that management has the ultimate responsibility for
ERM.
Insert Table III about here
In 2005, the IIA conducted a global online survey of internal auditors regarding their
involvement in ERM (Gramling and Myers, 2006). Responses were received from 361
IIA members. The survey found that internal audit was primarily responsible for ERM
in 36 percent of the respondents’ organizations. Further, the study also found that some
internal auditors were engaged in roles that the IIA has determined internal auditors
should not undertake.
Ernst & Young’s (2006) third Australasian benchmarking survey indicates that 62% of
respondents’ internal audit functions are involved in providing assurance over risk
We also need to identify and test factors that might mitigate any potential biases, for
example organizational status, supervision and whistle-blowing protection. In addition,
we do not know how the performance of consulting activities impacts assurance
services and whether internal auditors are able to maintain their objectivity when they
provide both types of services to a client. While Van Peursem (2005) provides valuable
insights to our understanding of how internal auditors balance their assurance and
consulting roles, her evidence is drawn from interviews with six New Zealand internal
auditors, only one of whom was employed in a major corporation. Four participants
came from public sector or quasi-public sector organizations while the fifth participant
was an internal audit outsource provider. Hence, further research is needed in other
contexts and jurisdictions to elaborate and extend this work.
Internal audit’s role in risk management
Recent corporate governance developments have raised the profile of risk management
within organizations.8 While the prime responsibility for risk management lies with the
directors and senior management, internal auditors are also seen as key contributors as
consultants and assurance providers on risk management processes and systems. The
CBOK study (Burnaby et al., 2007) found that 67% of respondents currently had a role
in risk management while 25% expected to have a role within the next three years.
Further, almost 80% of respondents believed that risk management audits would
increase within the next three years.
The internal auditing profession has become a key driver of the concept of enterprise
risk management (ERM), defined by the Committee of Sponsoring Organizations of the
Treadway Commission (COSO) (2004, p.2) as:
“ A process, effected by an entity’s board of directors, management and other
personnel, applied in strategy setting and across the enterprise, designed to
identify potential events that may affect the entity, and manage risk to be within
its risk appetite, to provide reasonable assurance regarding the achievement of
entity objectives…”
In 2004, the IIA, in conjunction with COSO, issued a position statement on the role of
internal audit in ERM, suggesting ways for internal auditors to maintain their objectivity
and independence. This position paper, which was updated in 2009 (IIA, 2009d),
outlines the recommended roles of internal audit in ERM, roles that are legitimate with
safeguards, and roles that should not be undertaken. These roles are listed in Table III.
Both COSO and the IIA emphasize that management has the ultimate responsibility for
ERM.
Insert Table III about here
In 2005, the IIA conducted a global online survey of internal auditors regarding their
involvement in ERM (Gramling and Myers, 2006). Responses were received from 361
IIA members. The survey found that internal audit was primarily responsible for ERM
in 36 percent of the respondents’ organizations. Further, the study also found that some
internal auditors were engaged in roles that the IIA has determined internal auditors
should not undertake.
Ernst & Young’s (2006) third Australasian benchmarking survey indicates that 62% of
respondents’ internal audit functions are involved in providing assurance over risk
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
16
management practices, while 47% report that internal audit develops and assists in the
oversight of the risk management framework.9 The report also raised concerns over
whether it is best practice for internal audit to be involved in both developing and
assuring risk management frameworks and processes.
Sarens and De Beelde (2006b) interviewed CAEs in four US companies and six Belgian
companies in order to compare how they perceive their current role in risk management.
The study found that, in both countries, internal auditors have a crucial role to play in
enhancing risk assessment and internal control practices. However, differences across
the two jurisdictions were found, with US companies being strongly influenced by the
internal control review requirements of SOX while Belgian internal auditors play a
greater pioneering role in creating a higher level of control awareness and a more
formalized and transparent risk management system. Allegrini and D’Onza (2003), in a
survey of internal auditors in large Italian companies, provide evidence of the
contribution that internal auditors make to the risk assessment process in these
companies. They found that 30% of respondents co-operate with external consultants in
the risk management process while 37% support the risk management process directly
in co-operation with line management by providing methodologies or engaging in
consultancy services in risk management activities.
Fraser and Henry (2007) undertook a series of interviews with the finance director, the
audit committee chair, and, where applicable, the head of internal audit and the director
of risk management in five large UK organizations, as well as an audit partner from
each of the Big Four audit firms. They found that internal audit tends to play a major
role in ERM, particularly in the embedding of risk. More interestingly, they also found
evidence of internal auditors having responsibility for ERM practices, despite the
COSO and IIA position paper stating that responsibility must rest with management.
For example, in one organization the internal auditor had been responsible for setting up
the system, while in another there were concerns that an internal audit function that was
composed predominantly of accountants and at the same time heavily involved in risk
management may not identify certain risks.
De Zwaan et al. (2009) examined whether the extent of (1) internal auditors’
involvement in ERM and (2) their interactions with the audit committee affected the
perceptions of internal auditors’ professional objectivity. Data analysis was based on an
experimental questionnaire survey of 117 certified internal auditors in Australia. The
results indicate that internal auditors’ involvement in ERM is likely to have a significant
and negative effect on their objectivity in terms of their willingness to report on
breakdown of risk procedures to the audit committee. However, the level of internal
auditors’ interactions with their audit committees (i.e. high vs. low) was found to have
only a marginal effect. There was also no significant interaction found between the two
independent variables affecting respondents’ perceptions of internal auditor objectivity.
Insert Table IV about here
The role of internal audit in risk management and its implications for internal auditors’
objectivity is an emerging area on which there is limited empirical evidence. Table IV
summarizes the academic research in this area. With the exception of de Zwaan et al.
(2009), the existing research in the area is generally descriptive. There are numerous
opportunities for future research on the implications of internal auditors’ involvement in
management practices, while 47% report that internal audit develops and assists in the
oversight of the risk management framework.9 The report also raised concerns over
whether it is best practice for internal audit to be involved in both developing and
assuring risk management frameworks and processes.
Sarens and De Beelde (2006b) interviewed CAEs in four US companies and six Belgian
companies in order to compare how they perceive their current role in risk management.
The study found that, in both countries, internal auditors have a crucial role to play in
enhancing risk assessment and internal control practices. However, differences across
the two jurisdictions were found, with US companies being strongly influenced by the
internal control review requirements of SOX while Belgian internal auditors play a
greater pioneering role in creating a higher level of control awareness and a more
formalized and transparent risk management system. Allegrini and D’Onza (2003), in a
survey of internal auditors in large Italian companies, provide evidence of the
contribution that internal auditors make to the risk assessment process in these
companies. They found that 30% of respondents co-operate with external consultants in
the risk management process while 37% support the risk management process directly
in co-operation with line management by providing methodologies or engaging in
consultancy services in risk management activities.
Fraser and Henry (2007) undertook a series of interviews with the finance director, the
audit committee chair, and, where applicable, the head of internal audit and the director
of risk management in five large UK organizations, as well as an audit partner from
each of the Big Four audit firms. They found that internal audit tends to play a major
role in ERM, particularly in the embedding of risk. More interestingly, they also found
evidence of internal auditors having responsibility for ERM practices, despite the
COSO and IIA position paper stating that responsibility must rest with management.
For example, in one organization the internal auditor had been responsible for setting up
the system, while in another there were concerns that an internal audit function that was
composed predominantly of accountants and at the same time heavily involved in risk
management may not identify certain risks.
De Zwaan et al. (2009) examined whether the extent of (1) internal auditors’
involvement in ERM and (2) their interactions with the audit committee affected the
perceptions of internal auditors’ professional objectivity. Data analysis was based on an
experimental questionnaire survey of 117 certified internal auditors in Australia. The
results indicate that internal auditors’ involvement in ERM is likely to have a significant
and negative effect on their objectivity in terms of their willingness to report on
breakdown of risk procedures to the audit committee. However, the level of internal
auditors’ interactions with their audit committees (i.e. high vs. low) was found to have
only a marginal effect. There was also no significant interaction found between the two
independent variables affecting respondents’ perceptions of internal auditor objectivity.
Insert Table IV about here
The role of internal audit in risk management and its implications for internal auditors’
objectivity is an emerging area on which there is limited empirical evidence. Table IV
summarizes the academic research in this area. With the exception of de Zwaan et al.
(2009), the existing research in the area is generally descriptive. There are numerous
opportunities for future research on the implications of internal auditors’ involvement in
17
risk management on their professional objectivity. In particular, further study is needed
on how different types of safeguards may mitigate threats to objectivity. Examples of
safeguards include the roles played by audit committees, by separate risk management
committees and by the external auditors. We encourage further research identifying how
these safeguards are able to assist internal audit to play an optimum role in the
establishment of ERM frameworks while being in a position to monitor and provide
assurance on the frameworks once they are operating. There is also scope for more in-
depth examination of differences in the role played by internal auditors in ERM and its
implications for their objectivity across different sectors, industries and business
structures. Of note, ERM is becoming widely used in public sector entities and early
evidence suggests that internal auditors are playing an important role in this
development (de Zwaan et al., 2009). Further research focused on the public sector is
needed to fully understand this role.
Outsourcing and co-sourcing internal audit activities
Outsourcing and co-sourcing of internal audit services have become widespread in
recent years (Ernst & Young 2006; Caplan and Kirschenheiter 2000). While it is no
longer acceptable for external auditors to provide internal audit services to their audit
clients (Sarbanes-Oxley, 2002), such services are provided by both public accounting
and specialist firms to non-audit clients (Ernst & Young 2006). Globally, the CBOK
study (Burnaby et al., 2007) found that, while less than 10% of internal audit work was
currently outsourced, a third of CAEs expected this percentage to increase during the
next three years. Dickins and O’Reilly (2009) report that 77% of respondents to their
survey of US middle-market companies outsourced some portion of their internal audit
work, with 15% outsourcing more than half of this work. A study of Australian
publicly listed firms by Carey et al. (2006) found that 45% of the 99 respondent firms
using internal audit had outsourced some or all of their internal audit activities. The type
of services outsourced included both traditional financial statement audit-related
services such as review of internal controls and testing of account balances, and also
compliance and performance audit services including risk management and regulatory
compliance evaluations. Further, Sharma and Subramaniam (2005), in their study of 87
Australian publicly listed firms, indicated that only 50 (62.5%) of the respondent firms
utilised internal audit, with 30 (60%) of these either fully outsourcing or co-sourcing
their internal audit activities.
It has been argued that an outsourced provider may be more independent than an in-
house internal audit function as it is difficult for an employee to be truly independent of
management (James, 2003). Research in this area is limited to a few studies and results
are mixed. James (2003) examined lending officers’ perceptions of the impact of
outsourcing on internal audit quality and found that 85% of participants perceived an in-
house internal audit function to be less objective than a Big-5 accounting firm and the
remaining 11% perceived them to be equally objective. In contrast, Dickins and
O’Reilly (2009) found a positive association between the frequency of material
weaknesses in internal control and the percentage of outsourced internal audit work.
They also found that the likelihood of the internal auditor reporting to the audit
committee decreases with a greater level of outsourcing. These findings suggest that the
independence and the quality of the internal audit function may be compromised by
outsourcing.
risk management on their professional objectivity. In particular, further study is needed
on how different types of safeguards may mitigate threats to objectivity. Examples of
safeguards include the roles played by audit committees, by separate risk management
committees and by the external auditors. We encourage further research identifying how
these safeguards are able to assist internal audit to play an optimum role in the
establishment of ERM frameworks while being in a position to monitor and provide
assurance on the frameworks once they are operating. There is also scope for more in-
depth examination of differences in the role played by internal auditors in ERM and its
implications for their objectivity across different sectors, industries and business
structures. Of note, ERM is becoming widely used in public sector entities and early
evidence suggests that internal auditors are playing an important role in this
development (de Zwaan et al., 2009). Further research focused on the public sector is
needed to fully understand this role.
Outsourcing and co-sourcing internal audit activities
Outsourcing and co-sourcing of internal audit services have become widespread in
recent years (Ernst & Young 2006; Caplan and Kirschenheiter 2000). While it is no
longer acceptable for external auditors to provide internal audit services to their audit
clients (Sarbanes-Oxley, 2002), such services are provided by both public accounting
and specialist firms to non-audit clients (Ernst & Young 2006). Globally, the CBOK
study (Burnaby et al., 2007) found that, while less than 10% of internal audit work was
currently outsourced, a third of CAEs expected this percentage to increase during the
next three years. Dickins and O’Reilly (2009) report that 77% of respondents to their
survey of US middle-market companies outsourced some portion of their internal audit
work, with 15% outsourcing more than half of this work. A study of Australian
publicly listed firms by Carey et al. (2006) found that 45% of the 99 respondent firms
using internal audit had outsourced some or all of their internal audit activities. The type
of services outsourced included both traditional financial statement audit-related
services such as review of internal controls and testing of account balances, and also
compliance and performance audit services including risk management and regulatory
compliance evaluations. Further, Sharma and Subramaniam (2005), in their study of 87
Australian publicly listed firms, indicated that only 50 (62.5%) of the respondent firms
utilised internal audit, with 30 (60%) of these either fully outsourcing or co-sourcing
their internal audit activities.
It has been argued that an outsourced provider may be more independent than an in-
house internal audit function as it is difficult for an employee to be truly independent of
management (James, 2003). Research in this area is limited to a few studies and results
are mixed. James (2003) examined lending officers’ perceptions of the impact of
outsourcing on internal audit quality and found that 85% of participants perceived an in-
house internal audit function to be less objective than a Big-5 accounting firm and the
remaining 11% perceived them to be equally objective. In contrast, Dickins and
O’Reilly (2009) found a positive association between the frequency of material
weaknesses in internal control and the percentage of outsourced internal audit work.
They also found that the likelihood of the internal auditor reporting to the audit
committee decreases with a greater level of outsourcing. These findings suggest that the
independence and the quality of the internal audit function may be compromised by
outsourcing.
18
Selim and Yiannakas (2000) explored the extent of internal audit outsourcing in the
United Kingdom. Respondents from the forty organizations that did engage in either
outsourcing or co-sourcing were asked whether the judgment of an outside contractor is
more likely to be impartial. The mean response to this question was 2.3, below the mid-
point on their scale of one to five. This indicates that the majority of respondents did not
perceive an outside provider to be more objective than in-house internal auditors.
Ahlawat and Lowe (2004) explored the outsourcing issue in an experimental study
where both in-house and outside internal audit providers assumed the role of internal
auditor for the buyer or the seller in an acquisition target. They found that advocacy
existed in both groups but that it was more extreme amongst the in-house internal
auditors compared to the outside providers. Finally, Gramling and Vandervelde (2006)
conducted an experimental study with both internal and external auditors. They found
that, while the external auditor respondents assessed internal audit objectivity as higher
when the provider was another accounting firm, the internal auditor respondents
assessed objectivity to be higher when internal audit was provided in-house.
A summary of these studies is provided in Table V.
Insert Table V about here
There are a number of opportunities for further research relating to outsourcing and co-
sourcing. We need to reconcile the differences in the findings of prior studies relating
to both perceptions of objectivity and actual objectivity between in-house internal audit
functions and outside providers. Further, we do not know whether differences in
objectivity are affected by the nature of the activity being undertaken by internal audit.
Ahlawat and Lowe (2004), for example, tested a consultancy situation and found that
outside providers appeared to be more objective than in-house internal auditors.
However, no prior studies have examined objectivity differences in the context of
assurance services.
There are also factors that could affect the objectivity of outsourced providers in the
same way that external auditor independence can be compromised. For example, the
fear of losing a major client, involvement in both consulting and assurance work, and
social and other relationships with the client may all lead to a compromise of
objectivity. However, none of these issues have been explored empirically. Prior
research has also not addressed the issue of co-sourcing, where outside providers are
brought in at peak times or to perform specific tasks. Are these providers more or less
objective than in-house internal auditors?
A further issue identified by Subramaniam et al. (2004), based on their survey of 41
Australian public sector entities, is that audit committee involvement in the decision to
outsource internal audit activities appears to be stronger in entities that adopt full
outsourcing of the internal audit function. However, in situations of co-sourcing, the
head of the in-house internal audit function and other management appear to play a
more active role. Interestingly, when contractual problems arise with external providers,
the audit committee’s involvement in the follow-up and evaluation processes appears to
be minimal. Hence, further enquiry into the role of audit committees as a safeguard
measure in situations when there is risk of loss of internal audit objectivity appears
warranted.
Selim and Yiannakas (2000) explored the extent of internal audit outsourcing in the
United Kingdom. Respondents from the forty organizations that did engage in either
outsourcing or co-sourcing were asked whether the judgment of an outside contractor is
more likely to be impartial. The mean response to this question was 2.3, below the mid-
point on their scale of one to five. This indicates that the majority of respondents did not
perceive an outside provider to be more objective than in-house internal auditors.
Ahlawat and Lowe (2004) explored the outsourcing issue in an experimental study
where both in-house and outside internal audit providers assumed the role of internal
auditor for the buyer or the seller in an acquisition target. They found that advocacy
existed in both groups but that it was more extreme amongst the in-house internal
auditors compared to the outside providers. Finally, Gramling and Vandervelde (2006)
conducted an experimental study with both internal and external auditors. They found
that, while the external auditor respondents assessed internal audit objectivity as higher
when the provider was another accounting firm, the internal auditor respondents
assessed objectivity to be higher when internal audit was provided in-house.
A summary of these studies is provided in Table V.
Insert Table V about here
There are a number of opportunities for further research relating to outsourcing and co-
sourcing. We need to reconcile the differences in the findings of prior studies relating
to both perceptions of objectivity and actual objectivity between in-house internal audit
functions and outside providers. Further, we do not know whether differences in
objectivity are affected by the nature of the activity being undertaken by internal audit.
Ahlawat and Lowe (2004), for example, tested a consultancy situation and found that
outside providers appeared to be more objective than in-house internal auditors.
However, no prior studies have examined objectivity differences in the context of
assurance services.
There are also factors that could affect the objectivity of outsourced providers in the
same way that external auditor independence can be compromised. For example, the
fear of losing a major client, involvement in both consulting and assurance work, and
social and other relationships with the client may all lead to a compromise of
objectivity. However, none of these issues have been explored empirically. Prior
research has also not addressed the issue of co-sourcing, where outside providers are
brought in at peak times or to perform specific tasks. Are these providers more or less
objective than in-house internal auditors?
A further issue identified by Subramaniam et al. (2004), based on their survey of 41
Australian public sector entities, is that audit committee involvement in the decision to
outsource internal audit activities appears to be stronger in entities that adopt full
outsourcing of the internal audit function. However, in situations of co-sourcing, the
head of the in-house internal audit function and other management appear to play a
more active role. Interestingly, when contractual problems arise with external providers,
the audit committee’s involvement in the follow-up and evaluation processes appears to
be minimal. Hence, further enquiry into the role of audit committees as a safeguard
measure in situations when there is risk of loss of internal audit objectivity appears
warranted.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
19
A related issue that warrants further investigation is whether reporting relationships that
strengthen internal audit can be maintained when the activities are outsourced. For
example, internal audit’s interactions with the audit committee can strengthen the
function’s objectivity when internal audit is provided in-house. However, we have little
understanding of the relationships that exist between audit committees and outsourced
internal audit providers and whether the same level of interaction can exist between the
two parties. Dickins and O’Reilly (2009) found that internal auditors in middle-market
US companies were more likely to report to the audit committee when the level of
outsourcing of internal audit work was low. Hence, whether or not an outside internal
audit provider has or needs the same protection from the audit committee as an in-house
function and whether this impacts on internal audit objectivity remain avenues for
future research. Furthermore, given that audit committee structure and role may differ
between public and private sectors, the mechanisms through which internal audit
functions may gain strength or independence is an added interesting issue for further
investigation. For example, audit committees in public sector organizations tend to
entail more executive members (Subramaniam et al., 2004), and as such may restrict
communications between the internal audit function and the audit committee.
Internal audit as a management training ground
The use of internal audit as a training ground for future management personnel is
commonplace. There are two approaches to this practice. First, new graduates can be
hired as internal auditors, with the intent of transferring them to line management
positions after a few years in internal audit. Second, existing employees can be
seconded to the internal audit function for a period of time. At the end of the period,
they are transferred back to line functions, often in a higher operational position
(Goodwin and Yeo, 2001).
This practice has many advantages for the organization but it can pose a threat to
internal audit independence and objectivity (Christopher et al., 2009). Internal auditors
may be reluctant to take strong positions on issues that arise if they know they are likely
to be transferred back to the department they are currently auditing. The problem is
enhanced when the person in charge of the department may become the internal
auditor’s immediate superior once he or she is transferred back to the line position. The
IIA has partially recognized this threat by not permitting staff transferred to internal
audit to audit activities they previously performed until at least one year has elapsed.
However, there is no guidance on the situation where staff may be transferred to the
activity they are currently auditing.
Table VI provides a synthesis of the research to date. Some studies have provided ad
hoc evidence of the prevalence of using internal audit as a training ground in European
organizations. Arena et al. (2006) found that internal audit was seen as a training
function in two of the six companies in their case study. Sarens and de Beelde (2006a)
report that, in one of their cases, the CFO expected internal audit to be a training ground
for future potential managers. The internal audit manager described the function as a
fishing pond full of high potential, suggesting that, as a result, the function lacked
people with both audit experience and company experience. Selim et al. (2003) found
that some companies in their study of both US and European acquisitions and mergers
established rotation programs whereby new employees were offered a rotation through
internal audit as part of their training program. Christopher et al. (2009) report that 56%
of respondents in their Australian study stated that internal audit staff are transferred to
A related issue that warrants further investigation is whether reporting relationships that
strengthen internal audit can be maintained when the activities are outsourced. For
example, internal audit’s interactions with the audit committee can strengthen the
function’s objectivity when internal audit is provided in-house. However, we have little
understanding of the relationships that exist between audit committees and outsourced
internal audit providers and whether the same level of interaction can exist between the
two parties. Dickins and O’Reilly (2009) found that internal auditors in middle-market
US companies were more likely to report to the audit committee when the level of
outsourcing of internal audit work was low. Hence, whether or not an outside internal
audit provider has or needs the same protection from the audit committee as an in-house
function and whether this impacts on internal audit objectivity remain avenues for
future research. Furthermore, given that audit committee structure and role may differ
between public and private sectors, the mechanisms through which internal audit
functions may gain strength or independence is an added interesting issue for further
investigation. For example, audit committees in public sector organizations tend to
entail more executive members (Subramaniam et al., 2004), and as such may restrict
communications between the internal audit function and the audit committee.
Internal audit as a management training ground
The use of internal audit as a training ground for future management personnel is
commonplace. There are two approaches to this practice. First, new graduates can be
hired as internal auditors, with the intent of transferring them to line management
positions after a few years in internal audit. Second, existing employees can be
seconded to the internal audit function for a period of time. At the end of the period,
they are transferred back to line functions, often in a higher operational position
(Goodwin and Yeo, 2001).
This practice has many advantages for the organization but it can pose a threat to
internal audit independence and objectivity (Christopher et al., 2009). Internal auditors
may be reluctant to take strong positions on issues that arise if they know they are likely
to be transferred back to the department they are currently auditing. The problem is
enhanced when the person in charge of the department may become the internal
auditor’s immediate superior once he or she is transferred back to the line position. The
IIA has partially recognized this threat by not permitting staff transferred to internal
audit to audit activities they previously performed until at least one year has elapsed.
However, there is no guidance on the situation where staff may be transferred to the
activity they are currently auditing.
Table VI provides a synthesis of the research to date. Some studies have provided ad
hoc evidence of the prevalence of using internal audit as a training ground in European
organizations. Arena et al. (2006) found that internal audit was seen as a training
function in two of the six companies in their case study. Sarens and de Beelde (2006a)
report that, in one of their cases, the CFO expected internal audit to be a training ground
for future potential managers. The internal audit manager described the function as a
fishing pond full of high potential, suggesting that, as a result, the function lacked
people with both audit experience and company experience. Selim et al. (2003) found
that some companies in their study of both US and European acquisitions and mergers
established rotation programs whereby new employees were offered a rotation through
internal audit as part of their training program. Christopher et al. (2009) report that 56%
of respondents in their Australian study stated that internal audit staff are transferred to
20
other management positions in their organization. In 60% of companies, employees
remain in internal audit for less than four years. The authors conclude that their results
“confirm that the internal audit function often is used as a training ground or a stepping
stone for future managers to further their careers” (Christopher et al., 2009, pp. 206).
Goodwin and Yeo (2001) is the only study that has investigated the impact on
objectivity of using internal audit as a training ground. They surveyed 65 chief internal
auditors in Singapore to explore the extent of the practice and perceptions of whether it
could impair objectivity. The study found that internal auditing was viewed as a
stepping stone to a managerial position in 43% of companies, that internal auditors
would in the future be transferred to line positions in 48% of companies and that an
auditee could be the future boss of an internal auditor in 49% of companies. Some 32%
of respondents believed that using the internal audit function as a management training
ground could impair the work of internal auditors.
Insert Table VI about here
This is clearly an area where more research is needed. We do not know exactly how
prevalent the practice is on a global basis and we do not know whether the practice does
in fact impair internal audit objectivity. There would appear to be social pressure and
economic interest threats to objectivity under both of the approaches to using internal
audit as a management training ground. Further, the second approach of transferring
existing employees to work in internal audit can give rise to familiarity and self-review
threats. These threats could be compounded by a lack of commitment to the internal
audit profession, including an awareness and understanding of the IIA code of ethics.
None of these issues have been explored in depth. Undoubtedly, there are benefits for
the organization from using internal audit as a training ground but no study has weighed
up the costs and benefits of the practice from the perspective of internal audit.
Emerging areas
The above discussion has focused on five topics of significance to internal audit
independence and objectivity where there are clear gaps in knowledge. We now briefly
discuss some emerging areas which could provide avenues for research in the future.
The CBOK study (Burnaby et al., 2007) highlighted a number of activities where
internal audit involvement is expected to increase in the next few years. These key
growth areas include involvement in knowledge management systems development
review, the development of strategic frameworks, the alignment of strategy and
performance measures such as the use of the Balanced Scorecard, benchmarking
activities and corporate social responsibility. In each of these cases, less than 30% of
respondents currently had any role in these activities but more than 30% expected to
have a role within the next three years. Most of these activities involve a blend of
consulting and assurance work and hence may pose some threats to internal audit
objectivity. Of note, 44% of respondents indicated that their organization would be
implementing a knowledge management system within the next three years and hence it
will be interesting to monitor internal audit’s role in this development. As with ERM,
there will be managerial activities that are considered inappropriate for internal audit
and guidance may be needed to ensure that objectivity is not compromised.
A further issue that could impact on the role of internal audit is the provision of non-
financial information by organizations. With the current emphasis on corporate
sustainability and the need to mitigate and adapt to climate change, many organizations
are producing sustainability reports which contain a mix of quantitative and qualitative
other management positions in their organization. In 60% of companies, employees
remain in internal audit for less than four years. The authors conclude that their results
“confirm that the internal audit function often is used as a training ground or a stepping
stone for future managers to further their careers” (Christopher et al., 2009, pp. 206).
Goodwin and Yeo (2001) is the only study that has investigated the impact on
objectivity of using internal audit as a training ground. They surveyed 65 chief internal
auditors in Singapore to explore the extent of the practice and perceptions of whether it
could impair objectivity. The study found that internal auditing was viewed as a
stepping stone to a managerial position in 43% of companies, that internal auditors
would in the future be transferred to line positions in 48% of companies and that an
auditee could be the future boss of an internal auditor in 49% of companies. Some 32%
of respondents believed that using the internal audit function as a management training
ground could impair the work of internal auditors.
Insert Table VI about here
This is clearly an area where more research is needed. We do not know exactly how
prevalent the practice is on a global basis and we do not know whether the practice does
in fact impair internal audit objectivity. There would appear to be social pressure and
economic interest threats to objectivity under both of the approaches to using internal
audit as a management training ground. Further, the second approach of transferring
existing employees to work in internal audit can give rise to familiarity and self-review
threats. These threats could be compounded by a lack of commitment to the internal
audit profession, including an awareness and understanding of the IIA code of ethics.
None of these issues have been explored in depth. Undoubtedly, there are benefits for
the organization from using internal audit as a training ground but no study has weighed
up the costs and benefits of the practice from the perspective of internal audit.
Emerging areas
The above discussion has focused on five topics of significance to internal audit
independence and objectivity where there are clear gaps in knowledge. We now briefly
discuss some emerging areas which could provide avenues for research in the future.
The CBOK study (Burnaby et al., 2007) highlighted a number of activities where
internal audit involvement is expected to increase in the next few years. These key
growth areas include involvement in knowledge management systems development
review, the development of strategic frameworks, the alignment of strategy and
performance measures such as the use of the Balanced Scorecard, benchmarking
activities and corporate social responsibility. In each of these cases, less than 30% of
respondents currently had any role in these activities but more than 30% expected to
have a role within the next three years. Most of these activities involve a blend of
consulting and assurance work and hence may pose some threats to internal audit
objectivity. Of note, 44% of respondents indicated that their organization would be
implementing a knowledge management system within the next three years and hence it
will be interesting to monitor internal audit’s role in this development. As with ERM,
there will be managerial activities that are considered inappropriate for internal audit
and guidance may be needed to ensure that objectivity is not compromised.
A further issue that could impact on the role of internal audit is the provision of non-
financial information by organizations. With the current emphasis on corporate
sustainability and the need to mitigate and adapt to climate change, many organizations
are producing sustainability reports which contain a mix of quantitative and qualitative
21
data. Regardless of whether external assurance is obtained for these reports, internal
audit can play a role in verifying this data for management purposes. However, when
the information they are verifying is not quantifiable, internal auditors can face
objectivity threats arising from social pressure and familiarity.
Finally, the role of internal audit as a key corporate governance mechanism is
continuing to develop and strengthen. Hence there is a need to further explore the
significance of internal audit objectivity in interactions with other governance parties in
order to maximize internal audit’s contribution to strong governance.
Conclusion
This paper has reviewed the recent literature on internal audit objectivity and
independence in the current professional environment. We have focused our review on
issues associated with the organizational status of internal audit, the internal auditor’s
dual role as a provider of both assurance services and consulting activities, internal
audit’s involvement in risk management, outsourcing of internal audit activities and the
use of internal audit as a training ground for managers. In each case, we have discussed
recent studies that have added to the body of knowledge relating to internal audit
objectivity and highlighted opportunities for future research. Overall, our analysis
reveals that a multitude of individual and organizational-related factors potentially
affect and are affected by internal auditors’ independence and objectivity. Future
research will need to pay attention to the use of multi-theory and multi-method
approaches to fully illumine the antecedents and outcomes of internal auditor
independence and objectivity. In conclusion it is clearly evident that internal audit
independence and objectivity is a rich and fruitful area of investigation where
researchers can make a valuable contribution to the on-going development of the
profession.
1 To avoid replication of these previous reviews, we do not provide a detailed discussion of internal
audit’s contribution to sound corporate governance. However, we address governance issues relevant to
objectivity and independence throughout the paper.
2 This work comprises Chapter 7 of Bailey et al. (2003).
3As previously noted, for a detailed review of external auditors’ evaluation of and reliance on the work of
internal audit, particularly from a North American perspective, see Gramling et al. (2004).
4 This study extended an earlier Canadian study by Scarbrough , et al. (1998).
5 The latter two threats are discussed further in later sections of the paper.
6 Anderson (2003) provides a general discussion of research opportunities relating to assurance and
consulting services in Chapter 4 of Bailey et al. (2003). Internal audit objectivity is only a small part of
this discussion.
7 Internal audit involvement in risk management is discussed in more detail in the next section.
8 Internal audit involvement in risk management could be regarded as an assurance versus consulting
issue. However, given the increased involvement of internal audit in risk management, we discuss the
relevant independence and objectivity concerns as a separate topic.
9This survey involved respondents from ASX Top 200, NZX Top 100, and a cross section of federal, state
and local government entities.
data. Regardless of whether external assurance is obtained for these reports, internal
audit can play a role in verifying this data for management purposes. However, when
the information they are verifying is not quantifiable, internal auditors can face
objectivity threats arising from social pressure and familiarity.
Finally, the role of internal audit as a key corporate governance mechanism is
continuing to develop and strengthen. Hence there is a need to further explore the
significance of internal audit objectivity in interactions with other governance parties in
order to maximize internal audit’s contribution to strong governance.
Conclusion
This paper has reviewed the recent literature on internal audit objectivity and
independence in the current professional environment. We have focused our review on
issues associated with the organizational status of internal audit, the internal auditor’s
dual role as a provider of both assurance services and consulting activities, internal
audit’s involvement in risk management, outsourcing of internal audit activities and the
use of internal audit as a training ground for managers. In each case, we have discussed
recent studies that have added to the body of knowledge relating to internal audit
objectivity and highlighted opportunities for future research. Overall, our analysis
reveals that a multitude of individual and organizational-related factors potentially
affect and are affected by internal auditors’ independence and objectivity. Future
research will need to pay attention to the use of multi-theory and multi-method
approaches to fully illumine the antecedents and outcomes of internal auditor
independence and objectivity. In conclusion it is clearly evident that internal audit
independence and objectivity is a rich and fruitful area of investigation where
researchers can make a valuable contribution to the on-going development of the
profession.
1 To avoid replication of these previous reviews, we do not provide a detailed discussion of internal
audit’s contribution to sound corporate governance. However, we address governance issues relevant to
objectivity and independence throughout the paper.
2 This work comprises Chapter 7 of Bailey et al. (2003).
3As previously noted, for a detailed review of external auditors’ evaluation of and reliance on the work of
internal audit, particularly from a North American perspective, see Gramling et al. (2004).
4 This study extended an earlier Canadian study by Scarbrough , et al. (1998).
5 The latter two threats are discussed further in later sections of the paper.
6 Anderson (2003) provides a general discussion of research opportunities relating to assurance and
consulting services in Chapter 4 of Bailey et al. (2003). Internal audit objectivity is only a small part of
this discussion.
7 Internal audit involvement in risk management is discussed in more detail in the next section.
8 Internal audit involvement in risk management could be regarded as an assurance versus consulting
issue. However, given the increased involvement of internal audit in risk management, we discuss the
relevant independence and objectivity concerns as a separate topic.
9This survey involved respondents from ASX Top 200, NZX Top 100, and a cross section of federal, state
and local government entities.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
22
References
Ahlawat, S. S. and Lowe, D. J. (2004), “An examination of internal auditor objectivity: In-house
versus outsourcing”, Auditing: A Journal of Practice and Theory, Vol. 23 No. 2, pp.149-160.
Ahmad, Z. and Taylor, D. (2009), “Commitment to independence by internal auditors: the effects of
role ambiguity and role conflict”, Managerial Auditing Journal, Vol. 24 No. 9, pp. 899-925.
Allegrini, M. and Bandettini, E. (2006), “Internal auditing and consulting assignments in Italy: an
empirical research”, Presented at the Fourth European Conference on Internal Audit and
Corporate Governance.
Allegrini, M. and D’Onza, G. (2003), “Internal auditing and risk assessment in large Italian
companies: an empirical survey”, International Journal of Auditing, Vol. 7 No. 3, pp. 191-208.
Allegrini, M., D’Onza, G., Paape, L., Melville, R. and Sarens, G. (2006), “The European literature
review on internal auditing”, Managerial Auditing Journal, Vol. 21 No. 8, pp. 845-853.
Anderson, U. (2003), “Assurance and consulting services”, in A.D. Bailey , A.A. Gramling and S.
Ramamoorti (Ed.) Research Opportunities in Internal Auditing, Chapter 4, pp. 97-129, The
Institute of Internal Auditors Research Foundation, Altamonte Springs, FL.
Arena, M., Arnaboldi, M. and Azzone, G. (2006), “Internal audit in Italian organizations”,
Managerial Auditing Journal, Vol. 21 No. 3, pp. 275-292.
Bailey, A.D., Gramling, A.A. and Ramamoorti, S. (2003), Research Opportunities in Internal
Auditing, (Altamonte Springs, FL: The Institute of Internal Auditors Research Foundation).
Blue Ribbon Committee (1999), Report and Recommendations of the Blue Ribbon Committee on
Improving the Effectiveness of Corporate Audit Committees, New York Stock Exchange and
the National Association of Security Dealers.
Bou-Raad, G. (2000), “Internal auditors and a value added approach: the new business regime”,
Managerial Auditing Journal, Vol. 15 No. 4, pp. 182-186.
Brody, R. G. and Lowe, D. J. (2000), “The new role of the internal auditor: Implications for internal
auditor objectivity”, International Journal of Auditing, Vol. 4 No. 2, pp. 169-176.
Burnaby, P.A., Abdolmohammadi, M., Hass, S., Melville, R., Allegrini M., D’Onza, G., Paape L.,
Sarens, G., Marais, M., Sadler, E., Fourie, H., Cooper B. and Leung, P. (2007), A Global
Summary of the Common Body of Knowledge 2006, The Institute of Internal Auditors Research
Foundation, Altamonte Springs, FL.
Caplan, D. and Kirschenheiter M. (2000), “The effects of internal audit structure on perceived
financial statement fraud prevention”, Contemporary Accounting Research, Vol. 17 No. 3, pp.
387-428.
Carcello, J.V., Hermanson, D.R. and Neal, T.L. (2002), “Disclosures in audit committee charters and
reports”, Accounting Horizons, Vol. 16 No. 4, pp. 291-304.
Carey, P., Subramaniam, N. and Ching, K.C.W. (2006), “Internal audit outsourcing in Australia”,
Accounting and Finance, Vol. 46 No. 1, pp.11-30.
Chapman, C. (2001), “Raising the bar”, Internal Auditor, April, pp.55-59.
Christopher, J., Sarens, G. and Leung, P. (2009), “A critical analysis of the independence of the
internal audit function: evidence from Australia”, Accounting, Auditing and Accountability
Journal, Vol. 22 No. 2, pp.200-220.
Cohen, J., Krishnamoorthy, G. and Wright, A. (2004), “The corporate governance mosaic and
financial reporting quality”, Journal of Accounting Literature, Vol. 23, pp. 87-152.
Cooper B., Leung, P. and Wong, G. (2006), “The Asia Pacific literature review on internal auditing”,
Managerial Auditing Journal, Vol. 21 No. 8, pp. 822-834.
Committee of Sponsoring Organizations (COSO) (2004), Enterprise Risk Management – Integrated
Framework, AICPA, New York.
References
Ahlawat, S. S. and Lowe, D. J. (2004), “An examination of internal auditor objectivity: In-house
versus outsourcing”, Auditing: A Journal of Practice and Theory, Vol. 23 No. 2, pp.149-160.
Ahmad, Z. and Taylor, D. (2009), “Commitment to independence by internal auditors: the effects of
role ambiguity and role conflict”, Managerial Auditing Journal, Vol. 24 No. 9, pp. 899-925.
Allegrini, M. and Bandettini, E. (2006), “Internal auditing and consulting assignments in Italy: an
empirical research”, Presented at the Fourth European Conference on Internal Audit and
Corporate Governance.
Allegrini, M. and D’Onza, G. (2003), “Internal auditing and risk assessment in large Italian
companies: an empirical survey”, International Journal of Auditing, Vol. 7 No. 3, pp. 191-208.
Allegrini, M., D’Onza, G., Paape, L., Melville, R. and Sarens, G. (2006), “The European literature
review on internal auditing”, Managerial Auditing Journal, Vol. 21 No. 8, pp. 845-853.
Anderson, U. (2003), “Assurance and consulting services”, in A.D. Bailey , A.A. Gramling and S.
Ramamoorti (Ed.) Research Opportunities in Internal Auditing, Chapter 4, pp. 97-129, The
Institute of Internal Auditors Research Foundation, Altamonte Springs, FL.
Arena, M., Arnaboldi, M. and Azzone, G. (2006), “Internal audit in Italian organizations”,
Managerial Auditing Journal, Vol. 21 No. 3, pp. 275-292.
Bailey, A.D., Gramling, A.A. and Ramamoorti, S. (2003), Research Opportunities in Internal
Auditing, (Altamonte Springs, FL: The Institute of Internal Auditors Research Foundation).
Blue Ribbon Committee (1999), Report and Recommendations of the Blue Ribbon Committee on
Improving the Effectiveness of Corporate Audit Committees, New York Stock Exchange and
the National Association of Security Dealers.
Bou-Raad, G. (2000), “Internal auditors and a value added approach: the new business regime”,
Managerial Auditing Journal, Vol. 15 No. 4, pp. 182-186.
Brody, R. G. and Lowe, D. J. (2000), “The new role of the internal auditor: Implications for internal
auditor objectivity”, International Journal of Auditing, Vol. 4 No. 2, pp. 169-176.
Burnaby, P.A., Abdolmohammadi, M., Hass, S., Melville, R., Allegrini M., D’Onza, G., Paape L.,
Sarens, G., Marais, M., Sadler, E., Fourie, H., Cooper B. and Leung, P. (2007), A Global
Summary of the Common Body of Knowledge 2006, The Institute of Internal Auditors Research
Foundation, Altamonte Springs, FL.
Caplan, D. and Kirschenheiter M. (2000), “The effects of internal audit structure on perceived
financial statement fraud prevention”, Contemporary Accounting Research, Vol. 17 No. 3, pp.
387-428.
Carcello, J.V., Hermanson, D.R. and Neal, T.L. (2002), “Disclosures in audit committee charters and
reports”, Accounting Horizons, Vol. 16 No. 4, pp. 291-304.
Carey, P., Subramaniam, N. and Ching, K.C.W. (2006), “Internal audit outsourcing in Australia”,
Accounting and Finance, Vol. 46 No. 1, pp.11-30.
Chapman, C. (2001), “Raising the bar”, Internal Auditor, April, pp.55-59.
Christopher, J., Sarens, G. and Leung, P. (2009), “A critical analysis of the independence of the
internal audit function: evidence from Australia”, Accounting, Auditing and Accountability
Journal, Vol. 22 No. 2, pp.200-220.
Cohen, J., Krishnamoorthy, G. and Wright, A. (2004), “The corporate governance mosaic and
financial reporting quality”, Journal of Accounting Literature, Vol. 23, pp. 87-152.
Cooper B., Leung, P. and Wong, G. (2006), “The Asia Pacific literature review on internal auditing”,
Managerial Auditing Journal, Vol. 21 No. 8, pp. 822-834.
Committee of Sponsoring Organizations (COSO) (2004), Enterprise Risk Management – Integrated
Framework, AICPA, New York.
23
DeZoort, F.T., Houston, R.W. and Reisch, J.T. (2000), “Compensation for internal auditors”,
Internal Auditor, Vol. 57 No. 3, pp. 43-46.
de Zwaan, L., Stewart, J. and Subramaniam, N. (2009), “Internal audit involvement in enterprise risk
management”, Working Paper, Griffith University.
Dickins, D. and O’Reilly, D. (2009), “The qualifications and independence of internal auditors”,
Internal Auditing, Vol. 24 No. 3, pp. 14-21.
Ernst & Young, (2006), Trends in Australian and New Zealand Internal Auditing, Third Annual
Benchmarking Survey 2006, Ernst & Young, Australia.
Fraser, I., and Henry, W. (2007), “Embedding risk management: structures and approaches”,
Managerial Auditing Journal, Vol. 22 No. 4, pp. 392-409.
Goodwin, J. (2003), “The relationship between the audit committee and the internal audit function:
evidence from Australia and New Zealand”, International Journal of Auditing, Vol. 7, pp. 263-
278.
Goodwin, J. and Yeo, T.Y. (2001), “Two factors affecting internal audit independence and
objectivity: Evidence from Singapore”, International Journal of Auditing, Vol. 5, pp. 107-125.
Gramling, A. A. and Myers, P. M. (2006), “Internal Auditing’s Role in ERM”, Internal Auditor, Vol.
63 No. 2, pp. 52-58..
Gramling, A. A., and Vandervelde, S. D. (2006), “Assessing internal audit quality”, Internal
Auditing, Vol. 21 No. 3, pp. 26-33.
Gramling, A.A., Maletta, M.J., Schneider, A. and Church, B.K. (2004), “The role of the internal
audit function in corporate governance: a synthesis of the extant internal auditing literature and
directions for future research”, Journal of Accounting Literature, Vol. 23, pp. 194-244.
Hass, S., Abdolmohammadi, M.J. and Burnaby, P. (2006), “The Americas literature review on
internal auditing”, Managerial Auditing Journal, Vol. 21 No. 8, pp. 835-844.
Hofstede, G. H. (1981), Cultures and Organizations: Software of the Mind, (London: McGraw-Hill).
Institut Francais de l’Audit et du Contrộle Internes. (2005) ,Résultats de l’enquête sur la pratique de
l’audit interne en France en 2005, The Institute of Internal Auditors France, Paris, IFACI,
[Accessed Aug 2008]. Avaliable at www.ifaci.com.
Institute of Internal Auditors (IIA) (1999), Definition of Internal Auditing, [Accessed Oct 2009].
Available at http://www.theiia.org/guidance/standards-and-guidance/ippf/definition-of-internal-
auditing/.
Institute of Internal Auditors (IIA) (2009a), International Standards for the Professional Practice of
Internal Auditing, [Accessed Oct 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/standards/.
Institute of Internal Auditors (IIA) (2009b), Code of Ethics. [Accessed Oct 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/code-of-ethics/.
Institute of Internal Auditors (IIA) (2009c), Practice Advisories. [Accessed Oct 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/practice-advisories/.
Institute of Internal Auditors (IIA) (2009d), IIA Position Paper: The Role of Internal Audit in
Enterprise-wide Risk Management, [issued January 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/standards/standards-
items/index.cfm?i=8269.
Institute of Internal Auditors (IIA) Belgium (2006), Internal Audit in Belgium: The Shaping of
Internal Audit Today and the Future Expectations – Survey Results. The IIA Belgium, Brussels,
[Accessed Aug 2008]. Available at http://www.iiabel.be.
James, K. (2003) “The effects of internal audit structure on perceived financial statement fraud
prevention”, Accounting Horizons, Vol. 17 No. 4, pp. 315-327.
Leung, P., Cooper, B. and Robertson, P. (2004), The Role of Internal Audit in Corporate Governance
& Management, RMIT University and The Institute of Internal Auditors, Melbourne.
Mat Zain, M. and Subramaniam, N. (2007), “Internal auditor perceptions on audit committee
DeZoort, F.T., Houston, R.W. and Reisch, J.T. (2000), “Compensation for internal auditors”,
Internal Auditor, Vol. 57 No. 3, pp. 43-46.
de Zwaan, L., Stewart, J. and Subramaniam, N. (2009), “Internal audit involvement in enterprise risk
management”, Working Paper, Griffith University.
Dickins, D. and O’Reilly, D. (2009), “The qualifications and independence of internal auditors”,
Internal Auditing, Vol. 24 No. 3, pp. 14-21.
Ernst & Young, (2006), Trends in Australian and New Zealand Internal Auditing, Third Annual
Benchmarking Survey 2006, Ernst & Young, Australia.
Fraser, I., and Henry, W. (2007), “Embedding risk management: structures and approaches”,
Managerial Auditing Journal, Vol. 22 No. 4, pp. 392-409.
Goodwin, J. (2003), “The relationship between the audit committee and the internal audit function:
evidence from Australia and New Zealand”, International Journal of Auditing, Vol. 7, pp. 263-
278.
Goodwin, J. and Yeo, T.Y. (2001), “Two factors affecting internal audit independence and
objectivity: Evidence from Singapore”, International Journal of Auditing, Vol. 5, pp. 107-125.
Gramling, A. A. and Myers, P. M. (2006), “Internal Auditing’s Role in ERM”, Internal Auditor, Vol.
63 No. 2, pp. 52-58..
Gramling, A. A., and Vandervelde, S. D. (2006), “Assessing internal audit quality”, Internal
Auditing, Vol. 21 No. 3, pp. 26-33.
Gramling, A.A., Maletta, M.J., Schneider, A. and Church, B.K. (2004), “The role of the internal
audit function in corporate governance: a synthesis of the extant internal auditing literature and
directions for future research”, Journal of Accounting Literature, Vol. 23, pp. 194-244.
Hass, S., Abdolmohammadi, M.J. and Burnaby, P. (2006), “The Americas literature review on
internal auditing”, Managerial Auditing Journal, Vol. 21 No. 8, pp. 835-844.
Hofstede, G. H. (1981), Cultures and Organizations: Software of the Mind, (London: McGraw-Hill).
Institut Francais de l’Audit et du Contrộle Internes. (2005) ,Résultats de l’enquête sur la pratique de
l’audit interne en France en 2005, The Institute of Internal Auditors France, Paris, IFACI,
[Accessed Aug 2008]. Avaliable at www.ifaci.com.
Institute of Internal Auditors (IIA) (1999), Definition of Internal Auditing, [Accessed Oct 2009].
Available at http://www.theiia.org/guidance/standards-and-guidance/ippf/definition-of-internal-
auditing/.
Institute of Internal Auditors (IIA) (2009a), International Standards for the Professional Practice of
Internal Auditing, [Accessed Oct 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/standards/.
Institute of Internal Auditors (IIA) (2009b), Code of Ethics. [Accessed Oct 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/code-of-ethics/.
Institute of Internal Auditors (IIA) (2009c), Practice Advisories. [Accessed Oct 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/practice-advisories/.
Institute of Internal Auditors (IIA) (2009d), IIA Position Paper: The Role of Internal Audit in
Enterprise-wide Risk Management, [issued January 2009]. Available at
http://www.theiia.org/guidance/standards-and-guidance/ippf/standards/standards-
items/index.cfm?i=8269.
Institute of Internal Auditors (IIA) Belgium (2006), Internal Audit in Belgium: The Shaping of
Internal Audit Today and the Future Expectations – Survey Results. The IIA Belgium, Brussels,
[Accessed Aug 2008]. Available at http://www.iiabel.be.
James, K. (2003) “The effects of internal audit structure on perceived financial statement fraud
prevention”, Accounting Horizons, Vol. 17 No. 4, pp. 315-327.
Leung, P., Cooper, B. and Robertson, P. (2004), The Role of Internal Audit in Corporate Governance
& Management, RMIT University and The Institute of Internal Auditors, Melbourne.
Mat Zain, M. and Subramaniam, N. (2007), “Internal auditor perceptions on audit committee
24
interactions: a qualitative study in Malaysian public corporations”, Corporate Governance: An
International Review, Vol. 15 No. 5, pp, 894-908.
Melville, R. (2003), “The contribution internal auditors make to strategic management”,
International Journal of Auditing, Vol. 7, pp. 209-223.
Mutchler, J.F. (2003), “Independence and objectivity: a framework for research opportunities in
internal auditing”, in A.D. Bailey, A.A. Gramling and S. Ramamoorti (Ed.) Research
Opportunities in Internal Auditing, Chapter 7, pp. 231-268, The Institute of Internal Auditors
Research Foundation, Altamonte Springs, FL.
Mutchler, J., Chang, S. and Prawitt, D. (2001), Independence and Objectivity: A Framework for
Internal Auditors, The Institute of Internal Auditors Research Foundation, Altamonte Springs,
FL.
Nagy, A.L. and Cenker, W.J. (2002), “An assessment of the newly defined internal audit function”,
Managerial Auditing Journal, Vol. 17 No. 3, pp. 130-137.
O’Leary, C. and Stewart, J. (2007), “Governance factors affecting internal auditors’ ethical decision-
making: an exploratory study”, Managerial Auditing Journal, Vol. 22 No. 8, pp. 787-808.
Paape, L. (2007), “Corporate governance: the impact on the role, position, and scope of services of
the internal audit function”, Unpublished PhD dissertation, Erasmus Research Institute of
Management, Erasmus University, Netherlands.
Paape, L., Scheffe, J. and Snoep P. (2003), “The relationship between the internal audit function and
corporate governance in the EU – a survey”, International Journal of Auditing, Vol. 7, pp. 247-
262.
Raghunandan, K., Read, W.J. and Rama, D.V. (2001), “Audit committee composition, ‘gray
directors,’ and interaction with internal auditing”, Accounting Horizons, Vol. 15 No. 2, pp. 105-
118.
Sarbanes-Oxley (2002), Sarbanes-Oxley Act of 2002, One Hundred Seventh Congress of the United
States of America, HR 3763.
Sarens, G. and de Beelde, I. (2006a), “The relationship between internal audit and senior
management: a qualitative analysis of expectations and perceptions”, International Journal of
Auditing, Vol. 10, pp. 219-241.
Sarens, G. and de Beelde, I. (2006b), “Internal auditors’ perception about their role in risk
management: A comparison between US and Belgian companies”, Managerial Auditing
Journal, Vol. 21 No. 1, pp. 63-80.
Schneider, A. (2003), “An examination of whether incentive compensation and stock ownership
affect internal auditor objectivity”, Journal of Management Issues, Vol. 15 No. 4, pp. 486-497.
Selim, G., Sudarsanam, S. and Lavine, M. (2003), “The role of internal auditors in mergers,
acquisitions and divestitures: an international study”, International Journal of Auditing, Vol. 7
No. 3, pp. 223-246.
Selim, G., Woodward, S. and Allegrini, M. (2009), “Internal auditing and consulting practice: A
comparison between UK/Ireland and Italy”, International Journal of Auditing, Vol. 13 No. 1,
pp. 9-25.
Selim, G. and Yiannakas, A. (2000), “Outsourcing the internal audit function: a survey of the UK
public and private sectors”, International Journal of Auditing, Vol. 4, pp. 213-226.
Smith Committee (2003) AC Combined Code Guidance. London: Financial Reporting Council.
Sharma, D. and Subramaniam, N. (2005), “Outsourcing of internal audit services in Australian firms:
some preliminary evidence”. Asian Academy of Management Journal of Accounting and
Finance, Vol. 1, pp. 33-52.
Subramaniam, N., Ng, C. and Carey, P. (2004), “Outsourcing internal audit services: an empirical
study on Queensland government entities”, Australian Accounting Review, Vol. 14 No. 3, pp.
86-95.
interactions: a qualitative study in Malaysian public corporations”, Corporate Governance: An
International Review, Vol. 15 No. 5, pp, 894-908.
Melville, R. (2003), “The contribution internal auditors make to strategic management”,
International Journal of Auditing, Vol. 7, pp. 209-223.
Mutchler, J.F. (2003), “Independence and objectivity: a framework for research opportunities in
internal auditing”, in A.D. Bailey, A.A. Gramling and S. Ramamoorti (Ed.) Research
Opportunities in Internal Auditing, Chapter 7, pp. 231-268, The Institute of Internal Auditors
Research Foundation, Altamonte Springs, FL.
Mutchler, J., Chang, S. and Prawitt, D. (2001), Independence and Objectivity: A Framework for
Internal Auditors, The Institute of Internal Auditors Research Foundation, Altamonte Springs,
FL.
Nagy, A.L. and Cenker, W.J. (2002), “An assessment of the newly defined internal audit function”,
Managerial Auditing Journal, Vol. 17 No. 3, pp. 130-137.
O’Leary, C. and Stewart, J. (2007), “Governance factors affecting internal auditors’ ethical decision-
making: an exploratory study”, Managerial Auditing Journal, Vol. 22 No. 8, pp. 787-808.
Paape, L. (2007), “Corporate governance: the impact on the role, position, and scope of services of
the internal audit function”, Unpublished PhD dissertation, Erasmus Research Institute of
Management, Erasmus University, Netherlands.
Paape, L., Scheffe, J. and Snoep P. (2003), “The relationship between the internal audit function and
corporate governance in the EU – a survey”, International Journal of Auditing, Vol. 7, pp. 247-
262.
Raghunandan, K., Read, W.J. and Rama, D.V. (2001), “Audit committee composition, ‘gray
directors,’ and interaction with internal auditing”, Accounting Horizons, Vol. 15 No. 2, pp. 105-
118.
Sarbanes-Oxley (2002), Sarbanes-Oxley Act of 2002, One Hundred Seventh Congress of the United
States of America, HR 3763.
Sarens, G. and de Beelde, I. (2006a), “The relationship between internal audit and senior
management: a qualitative analysis of expectations and perceptions”, International Journal of
Auditing, Vol. 10, pp. 219-241.
Sarens, G. and de Beelde, I. (2006b), “Internal auditors’ perception about their role in risk
management: A comparison between US and Belgian companies”, Managerial Auditing
Journal, Vol. 21 No. 1, pp. 63-80.
Schneider, A. (2003), “An examination of whether incentive compensation and stock ownership
affect internal auditor objectivity”, Journal of Management Issues, Vol. 15 No. 4, pp. 486-497.
Selim, G., Sudarsanam, S. and Lavine, M. (2003), “The role of internal auditors in mergers,
acquisitions and divestitures: an international study”, International Journal of Auditing, Vol. 7
No. 3, pp. 223-246.
Selim, G., Woodward, S. and Allegrini, M. (2009), “Internal auditing and consulting practice: A
comparison between UK/Ireland and Italy”, International Journal of Auditing, Vol. 13 No. 1,
pp. 9-25.
Selim, G. and Yiannakas, A. (2000), “Outsourcing the internal audit function: a survey of the UK
public and private sectors”, International Journal of Auditing, Vol. 4, pp. 213-226.
Smith Committee (2003) AC Combined Code Guidance. London: Financial Reporting Council.
Sharma, D. and Subramaniam, N. (2005), “Outsourcing of internal audit services in Australian firms:
some preliminary evidence”. Asian Academy of Management Journal of Accounting and
Finance, Vol. 1, pp. 33-52.
Subramaniam, N., Ng, C. and Carey, P. (2004), “Outsourcing internal audit services: an empirical
study on Queensland government entities”, Australian Accounting Review, Vol. 14 No. 3, pp.
86-95.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
25
Turley, S and Zaman, M. (2007), “Audit Committee effectiveness: informal processes and
behavioural effects”, Accounting, Auditing & Accountability Journal, Vol. 20 No. 5, pp. 765-
788.
Van Peursem, K. (2004), “Internal auditors’ role and authority: New Zealand evidence”, Managerial
Auditing Journal, Vol. 19 No. 3, pp. 378-393.
Van Peursem, K. (2005), “Conversations with internal auditors: the power of ambiguity”,
Managerial Auditing Journal, Vol. 20 No. 5, pp. 489-512.
Turley, S and Zaman, M. (2007), “Audit Committee effectiveness: informal processes and
behavioural effects”, Accounting, Auditing & Accountability Journal, Vol. 20 No. 5, pp. 765-
788.
Van Peursem, K. (2004), “Internal auditors’ role and authority: New Zealand evidence”, Managerial
Auditing Journal, Vol. 19 No. 3, pp. 378-393.
Van Peursem, K. (2005), “Conversations with internal auditors: the power of ambiguity”,
Managerial Auditing Journal, Vol. 20 No. 5, pp. 489-512.
Table I.
Organizational status
Authors Method Sample Description of study Results
Raghunandan, Read
and Rama (2001)
Survey 114 US Internal
Auditors
Examines the association between AC
composition and the committee's
interaction with internal audit.
Found that AC
at least one me
expertise will h
the CAE provid
and review the
interaction with
empirical supp
impact on over
Goodwin and Yeo
(2001)
Survey 65 Singaporean
Internal
Auditors
Examines whether the relationship
between internal audit and the AC
influences the independence and
objectivity of internal auditors.
Found the leve
AC and interna
AC was compr
directors.
Carcello,
Hermanson and
Neal (2002)
Archival 150 US
Companies
Explores AC activities and identifies
possible areas for further AC reform.
Included disclosures relating to auditor
oversight.
Found disclosu
were more prev
internal audit. L
reported having
internal audit.
Goodwin (2003) Survey 120 Internal
auditors from
Australia and
New Zealand
Explores the separate impact of AC
independence and the proportion of
members with accounting or finance
experience on the AC’s relations with the
internal audit function. It also seeks to
isolate differences between public and
private sector ACs and between Australia
and New Zealand.
Found indepen
experience hav
on AC relation
independence w
associated with
accounting exp
AC reviewing
Organizational status
Authors Method Sample Description of study Results
Raghunandan, Read
and Rama (2001)
Survey 114 US Internal
Auditors
Examines the association between AC
composition and the committee's
interaction with internal audit.
Found that AC
at least one me
expertise will h
the CAE provid
and review the
interaction with
empirical supp
impact on over
Goodwin and Yeo
(2001)
Survey 65 Singaporean
Internal
Auditors
Examines whether the relationship
between internal audit and the AC
influences the independence and
objectivity of internal auditors.
Found the leve
AC and interna
AC was compr
directors.
Carcello,
Hermanson and
Neal (2002)
Archival 150 US
Companies
Explores AC activities and identifies
possible areas for further AC reform.
Included disclosures relating to auditor
oversight.
Found disclosu
were more prev
internal audit. L
reported having
internal audit.
Goodwin (2003) Survey 120 Internal
auditors from
Australia and
New Zealand
Explores the separate impact of AC
independence and the proportion of
members with accounting or finance
experience on the AC’s relations with the
internal audit function. It also seeks to
isolate differences between public and
private sector ACs and between Australia
and New Zealand.
Found indepen
experience hav
on AC relation
independence w
associated with
accounting exp
AC reviewing
Table I. continued
Authors Method Sample Description of study Results
James (2003) Survey 63 US Bank
Loan Officers
Examines whether internal audit
reporting structure affects financial
statement users’ perceptions of ability of
the internal audit function to prevent
financial statement fraud.
Found in-house
that report to se
perceived as le
against fraudul
those that repo
committee.
Leung, Cooper and
Robertson (2004)
Survey /
interviews
85 CAEs
(survey)
16 CAEs
(interviews)
7 senior
business
representatives
(interviews)
Evaluates the role of internal audit in
corporate governance and management,
identifying accountability structures and
objectives of internal audit, the nature of
internal audit, the application of IIA
standards and CAE relationships.
Found a divers
with more than
reporting only
audit work is fo
with most gove
concerned with
Van Peursem (2005) Multiple case
study
6 New Zealand
Organizations
Examines the New Zealand internal
auditor role and addresses how an
effective internal auditor can overcome
the tension of working with management
to improve performance while also
remaining sufficiently distant from
management in order to report on their
performance.
Found internal
with managem
independence f
Sarens and De
Beelde (2006a)
Multiple case
study /
qualitative
assessment
Five Belgian
companies
Aims to understand the expectations and
perceptions of internal audit and senior
management with respect to each other
through semi-structured interviews and
supporting documentation.
Found that, wh
primarily in a m
there is a lack o
the relationship
weak.
Authors Method Sample Description of study Results
James (2003) Survey 63 US Bank
Loan Officers
Examines whether internal audit
reporting structure affects financial
statement users’ perceptions of ability of
the internal audit function to prevent
financial statement fraud.
Found in-house
that report to se
perceived as le
against fraudul
those that repo
committee.
Leung, Cooper and
Robertson (2004)
Survey /
interviews
85 CAEs
(survey)
16 CAEs
(interviews)
7 senior
business
representatives
(interviews)
Evaluates the role of internal audit in
corporate governance and management,
identifying accountability structures and
objectives of internal audit, the nature of
internal audit, the application of IIA
standards and CAE relationships.
Found a divers
with more than
reporting only
audit work is fo
with most gove
concerned with
Van Peursem (2005) Multiple case
study
6 New Zealand
Organizations
Examines the New Zealand internal
auditor role and addresses how an
effective internal auditor can overcome
the tension of working with management
to improve performance while also
remaining sufficiently distant from
management in order to report on their
performance.
Found internal
with managem
independence f
Sarens and De
Beelde (2006a)
Multiple case
study /
qualitative
assessment
Five Belgian
companies
Aims to understand the expectations and
perceptions of internal audit and senior
management with respect to each other
through semi-structured interviews and
supporting documentation.
Found that, wh
primarily in a m
there is a lack o
the relationship
weak.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Table I. continued
Authors Method Sample Description of study Results
O'Leary and Stewart
(2007)
Survey 66 Australian
Internal
Auditors
Exploratory study that assesses the
impact of corporate governance
mechanisms on the ethical decision-
making of internal auditors. Also
explores whether ethical decision-
making is influenced by years of
experience in internal auditing.
Found a higher
function was p
internal auditor
Other governan
appear to influe
making. Also,
auditors adopte
some cases.
Turley and Zaman
(2007)
Case study 1 UK Company Investigates the conditions and processes
affecting the operation and potential
effectiveness of ACs, with particular
focus on the interaction between the AC,
individuals from financial reporting and
internal audit functions and the external
auditors.
Found that the
through inform
significant infl
between organ
perceived perso
organizational
ACs influence
Mat Zain and
Subramaniam
(2007)
Interviews CAEs from 11
publicly listed
companies in
Malaysia
Seeks to provide insights into internal
auditors' perceptions of their interactions
with AC members in Malaysia.
Results indicat
communication
meetings betwe
need for clear r
to be held in hi
and are expecte
leadership in th
decision-makin
Christopher, Sarens,
and Leung (2009)
Survey 34 CAEs from
Australian
corporate sector
Aims to critically analyze the
independence of the internal audit
function through its relationship with
management and the audit committee.
Identified a num
independence i
CFO approve t
being involved
reporting funct
not ,having sol
appointing and
lack of AC acc
Authors Method Sample Description of study Results
O'Leary and Stewart
(2007)
Survey 66 Australian
Internal
Auditors
Exploratory study that assesses the
impact of corporate governance
mechanisms on the ethical decision-
making of internal auditors. Also
explores whether ethical decision-
making is influenced by years of
experience in internal auditing.
Found a higher
function was p
internal auditor
Other governan
appear to influe
making. Also,
auditors adopte
some cases.
Turley and Zaman
(2007)
Case study 1 UK Company Investigates the conditions and processes
affecting the operation and potential
effectiveness of ACs, with particular
focus on the interaction between the AC,
individuals from financial reporting and
internal audit functions and the external
auditors.
Found that the
through inform
significant infl
between organ
perceived perso
organizational
ACs influence
Mat Zain and
Subramaniam
(2007)
Interviews CAEs from 11
publicly listed
companies in
Malaysia
Seeks to provide insights into internal
auditors' perceptions of their interactions
with AC members in Malaysia.
Results indicat
communication
meetings betwe
need for clear r
to be held in hi
and are expecte
leadership in th
decision-makin
Christopher, Sarens,
and Leung (2009)
Survey 34 CAEs from
Australian
corporate sector
Aims to critically analyze the
independence of the internal audit
function through its relationship with
management and the audit committee.
Identified a num
independence i
CFO approve t
being involved
reporting funct
not ,having sol
appointing and
lack of AC acc
Table II.
Assurance versus consulting
Authors Method Sample Description of study Results
Brody and Lowe
(2000)
Experimental
questionnaire
55 US Internal
Auditors
Explores whether internal auditors view
their consulting role as one in which they
are able to provide objective feedback to
management or one in which they are to
provide solutions that they believe are in
the best interests of their company.
Examines whether internal auditors'
judgments are dependent on their
company's role (buyer or seller) in an
acquisition.
Internal audito
position that is
employer. Prov
consulting role
impairing their
DeZoort, Houston
and Reisch (2000)
Survey 179 IIA
members in US
Examines the existence, nature,
frequency and consequences of
incentive- based compensation plans for
internal auditors.
Incentive-base
found to be ava
respondents. T
plans involved
company perfo
performance an
Respondents p
advantages of
remuneration b
impairment of
Nagy and Cenker
(2002)
Interviews 11 internal audit
directors of
large US
publicly traded
companies
Interviews gained an assessment of
internal audit in the following four areas
of audit scope, organizational structure,
risk management and AC. The
assessment was in terms of changes in
the internal audit department over a ten-
year time frame.
Found a defini
audit towards m
the new interna
current practic
Assurance versus consulting
Authors Method Sample Description of study Results
Brody and Lowe
(2000)
Experimental
questionnaire
55 US Internal
Auditors
Explores whether internal auditors view
their consulting role as one in which they
are able to provide objective feedback to
management or one in which they are to
provide solutions that they believe are in
the best interests of their company.
Examines whether internal auditors'
judgments are dependent on their
company's role (buyer or seller) in an
acquisition.
Internal audito
position that is
employer. Prov
consulting role
impairing their
DeZoort, Houston
and Reisch (2000)
Survey 179 IIA
members in US
Examines the existence, nature,
frequency and consequences of
incentive- based compensation plans for
internal auditors.
Incentive-base
found to be ava
respondents. T
plans involved
company perfo
performance an
Respondents p
advantages of
remuneration b
impairment of
Nagy and Cenker
(2002)
Interviews 11 internal audit
directors of
large US
publicly traded
companies
Interviews gained an assessment of
internal audit in the following four areas
of audit scope, organizational structure,
risk management and AC. The
assessment was in terms of changes in
the internal audit department over a ten-
year time frame.
Found a defini
audit towards m
the new interna
current practic
Table II. continued
Authors Method Sample Description of study Results
Melville (2003) Survey 154 internal
auditors from
the US (94),
Canada (34) and
the rest of the
world (28)
Examines the role of internal auditors in
strategic management, in particular their
Use of the Balanced Scorecard.
Internal audito
contribution to
are actively inv
strategic objec
Schneider (2003) Experimental
questionnaire
172 US Internal
Auditors
Exploratory study that attempts to
determine whether incentive
compensation and stock ownership affect
internal auditors' objectivity. This is
assessed through the internal auditors'
decision on whether to report a GAAP
violation.
Stock ownersh
auditors' repor
incentive comp
prices a signifi
internal audito
GAAP violatio
compensation
it was fixed sal
Paape, Scheffe and
Snoep (2003)
Survey 105 Chief Audit
Executives from
European
companies
Examines the relationship between the
internal audit function and corporate
governance among the top listed
companies in the European Union.
Not all top list
IAF or an AC.
respondents re
generally meet
not always inv
dismissal of th
percentage of r
they aren't requ
Standards for t
Internal Auditi
aware of CG re
regulations.
Selim, Sudarsanam
and Lavine (2003)
Survey /
interviews
22 companies
from Europe
and the USA
Determines the role of internal audit in
mergers, acquisitions and divestitures.
Used gap analysis to compare the
normative, observed and preferred
models of internal audit involvement in
M, A & D.
Internal audit's
only moderate.
see themselves
role, a view su
executives in o
Authors Method Sample Description of study Results
Melville (2003) Survey 154 internal
auditors from
the US (94),
Canada (34) and
the rest of the
world (28)
Examines the role of internal auditors in
strategic management, in particular their
Use of the Balanced Scorecard.
Internal audito
contribution to
are actively inv
strategic objec
Schneider (2003) Experimental
questionnaire
172 US Internal
Auditors
Exploratory study that attempts to
determine whether incentive
compensation and stock ownership affect
internal auditors' objectivity. This is
assessed through the internal auditors'
decision on whether to report a GAAP
violation.
Stock ownersh
auditors' repor
incentive comp
prices a signifi
internal audito
GAAP violatio
compensation
it was fixed sal
Paape, Scheffe and
Snoep (2003)
Survey 105 Chief Audit
Executives from
European
companies
Examines the relationship between the
internal audit function and corporate
governance among the top listed
companies in the European Union.
Not all top list
IAF or an AC.
respondents re
generally meet
not always inv
dismissal of th
percentage of r
they aren't requ
Standards for t
Internal Auditi
aware of CG re
regulations.
Selim, Sudarsanam
and Lavine (2003)
Survey /
interviews
22 companies
from Europe
and the USA
Determines the role of internal audit in
mergers, acquisitions and divestitures.
Used gap analysis to compare the
normative, observed and preferred
models of internal audit involvement in
M, A & D.
Internal audit's
only moderate.
see themselves
role, a view su
executives in o
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table II. continued
Authors Method Sample Description of study Results
Ahlawat and Lowe
(2004)
Experimental
questionnaire
66 US Internal
Auditors
Examines whether the consulting role of
internal auditors impacts on their ability
to remain objective.
Significant adv
judgement of b
internal audito
Van Peursem (2004) Survey 161 New
Zealand Internal
Auditors
Determines if internal auditors perceive
the functions they perform as essential
and to what extent. Also explores
whether internal audit exhibits the
characteristics of a true profession with
authority over, and independence from
management.
Characteristics
do not domina
experienced au
influence over
accountancy tr
greater status.
Van Peursem (2005) Multiple case
study
6 New Zealand
Organizations
Examines the New Zealand internal
auditor role and conceptualizes on the
auditor's influence over that role. Also
addresses how an effective internal
auditor can overcome the tension of
working with management to improve
performance while also remaining
sufficiently distant from management in
order to report on their performance.
Found three co
balanced their
external profes
a formal and in
network, and th
determining th
Arena, Arnaboldi
and Azzone (2006)
Multiple case
study
Six Italian
companies
Comparison of internal audit practices in
participating companies through multiple
sources of information including semi-
structured interviews with chief internal
auditors, accounting and finance staff.
The range of si
highlighted the
department cha
relevance of in
providing evid
additional elem
Authors Method Sample Description of study Results
Ahlawat and Lowe
(2004)
Experimental
questionnaire
66 US Internal
Auditors
Examines whether the consulting role of
internal auditors impacts on their ability
to remain objective.
Significant adv
judgement of b
internal audito
Van Peursem (2004) Survey 161 New
Zealand Internal
Auditors
Determines if internal auditors perceive
the functions they perform as essential
and to what extent. Also explores
whether internal audit exhibits the
characteristics of a true profession with
authority over, and independence from
management.
Characteristics
do not domina
experienced au
influence over
accountancy tr
greater status.
Van Peursem (2005) Multiple case
study
6 New Zealand
Organizations
Examines the New Zealand internal
auditor role and conceptualizes on the
auditor's influence over that role. Also
addresses how an effective internal
auditor can overcome the tension of
working with management to improve
performance while also remaining
sufficiently distant from management in
order to report on their performance.
Found three co
balanced their
external profes
a formal and in
network, and th
determining th
Arena, Arnaboldi
and Azzone (2006)
Multiple case
study
Six Italian
companies
Comparison of internal audit practices in
participating companies through multiple
sources of information including semi-
structured interviews with chief internal
auditors, accounting and finance staff.
The range of si
highlighted the
department cha
relevance of in
providing evid
additional elem
Table II. continued
Authors Method Sample Description of study Results
Sarens and De
Beelde (2006a)
Multiple case
study /
qualitative
assessment
Five Belgian
companies
Aims to understand the expectations and
perceptions of internal audit and senior
management with respect to each other
through semi-structured interviews and
supporting documentation.
Senior manage
significant infl
Internal audit i
expectations, w
management su
internal audit i
expectations of
Selim, Woodward
and Allegrini (2009)
Survey 94 UK/Ireland
internal auditors
and 298 Italian
internal auditors
Aims to provide a comparison of the
nature, extent and consequences of
definitional change on internal audit
consulting activities undertaken by
UK/Ireland and Italian internal auditors
Found that inte
jurisdictions ar
management a
internal audito
project manage
while Italians a
legislative com
support for con
involvement in
objectivity.
Christopher, Sarens,
and Leung (2009)
Survey 34 CAEs from
Australian
corporate sector
Aims to critically analyze the
independence of the internal audit
function through its relationship with
management and the audit committee.
Threats to inde
considering the
“partner” with
Dickins and
O’Reilly (2009)
Survey 99 CAEs from
middle-market
US Companies
Explores the extent to which publicly
traded, middle-market companies
employ high quality independent internal
auditors in the post-SOX era.
Found that 89%
compensation
based rewards
operating resul
Ahmad and Taylor
(2009)
Survey 101 Malaysian
internal auditors
Examines the effects of role ambiguity
and role conflict on internal auditors’
commitment to independence.
Role conflict a
and assurance
associated with
independence.
Authors Method Sample Description of study Results
Sarens and De
Beelde (2006a)
Multiple case
study /
qualitative
assessment
Five Belgian
companies
Aims to understand the expectations and
perceptions of internal audit and senior
management with respect to each other
through semi-structured interviews and
supporting documentation.
Senior manage
significant infl
Internal audit i
expectations, w
management su
internal audit i
expectations of
Selim, Woodward
and Allegrini (2009)
Survey 94 UK/Ireland
internal auditors
and 298 Italian
internal auditors
Aims to provide a comparison of the
nature, extent and consequences of
definitional change on internal audit
consulting activities undertaken by
UK/Ireland and Italian internal auditors
Found that inte
jurisdictions ar
management a
internal audito
project manage
while Italians a
legislative com
support for con
involvement in
objectivity.
Christopher, Sarens,
and Leung (2009)
Survey 34 CAEs from
Australian
corporate sector
Aims to critically analyze the
independence of the internal audit
function through its relationship with
management and the audit committee.
Threats to inde
considering the
“partner” with
Dickins and
O’Reilly (2009)
Survey 99 CAEs from
middle-market
US Companies
Explores the extent to which publicly
traded, middle-market companies
employ high quality independent internal
auditors in the post-SOX era.
Found that 89%
compensation
based rewards
operating resul
Ahmad and Taylor
(2009)
Survey 101 Malaysian
internal auditors
Examines the effects of role ambiguity
and role conflict on internal auditors’
commitment to independence.
Role conflict a
and assurance
associated with
independence.
33
Table III.
Roles of internal audit in enterprise risk management
Core internal audit roles in ERM
• Giving assurance on risk management processes
• Giving assurance that risks are correctly evaluated
• Evaluating risk management processes
• Evaluating the reporting of risks
• Reviewing the management of key risks
Legitimate internal auditing roles with safeguards
• Facilitating identification and evaluation of risks
• Coaching management in responding to risks
• Coordinating ERM activities
• Consolidating the reporting on risks
• Maintaining and developing the ERM framework
• Championing establishment of ERM
• Developing risk management strategy for board approval
Roles internal auditing should not undertake
• Setting the risk appetite
• Imposing risk management processes
• Management assurance on risks
• Taking decisions on risk responses
• Implementing risk responses on management’s behalf
• Accountability for risk management
Source: IIA (2009)
Table III.
Roles of internal audit in enterprise risk management
Core internal audit roles in ERM
• Giving assurance on risk management processes
• Giving assurance that risks are correctly evaluated
• Evaluating risk management processes
• Evaluating the reporting of risks
• Reviewing the management of key risks
Legitimate internal auditing roles with safeguards
• Facilitating identification and evaluation of risks
• Coaching management in responding to risks
• Coordinating ERM activities
• Consolidating the reporting on risks
• Maintaining and developing the ERM framework
• Championing establishment of ERM
• Developing risk management strategy for board approval
Roles internal auditing should not undertake
• Setting the risk appetite
• Imposing risk management processes
• Management assurance on risks
• Taking decisions on risk responses
• Implementing risk responses on management’s behalf
• Accountability for risk management
Source: IIA (2009)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Table IV.
Internal audit's role in risk management
Authors Method Sample Description of study Results
Allegrini and
D’Onza (2003)
Survey 52 Chief
internal auditors
of Italian listed
companies
Examines the state of the art of internal
auditing in large Italian companies,
focusing primarily on risk assessment
practices and the execution of a risk-
based approach to internal audit
The study foun
provide some c
management p
Sarens and De
Beelde (2006b)
Interviews 4 US CAEs and
6 Belgian CAEs
Describes and compares how internal
auditors perceive their current role in risk
management with US and Belgian
companies
In the US cases
valuable input
review and disc
SOX. In the Be
play a pioneeri
higher level of
formalized risk
Gramling and Myers
(2006)
Survey 361 global
Internal
Auditors
Examines the extent to which internal
audit functions adhere to the ERM roles
recommended by the IIA.
Survey found i
ERM roles cou
than the depart
found that IA's
inappropriate a
should be.
Internal audit's role in risk management
Authors Method Sample Description of study Results
Allegrini and
D’Onza (2003)
Survey 52 Chief
internal auditors
of Italian listed
companies
Examines the state of the art of internal
auditing in large Italian companies,
focusing primarily on risk assessment
practices and the execution of a risk-
based approach to internal audit
The study foun
provide some c
management p
Sarens and De
Beelde (2006b)
Interviews 4 US CAEs and
6 Belgian CAEs
Describes and compares how internal
auditors perceive their current role in risk
management with US and Belgian
companies
In the US cases
valuable input
review and disc
SOX. In the Be
play a pioneeri
higher level of
formalized risk
Gramling and Myers
(2006)
Survey 361 global
Internal
Auditors
Examines the extent to which internal
audit functions adhere to the ERM roles
recommended by the IIA.
Survey found i
ERM roles cou
than the depart
found that IA's
inappropriate a
should be.
Table IV.
continued
Authors Method Sample Description of study Results
Fraser and Henry
(2007)
Interviews 5 UK listed
companies and
'big four' audit
firms
Examines mechanisms for the
identification and management of critical
risks and also identifies what the role of
internal audit and the audit committee
should be in risk management.
Found that inte
play in risk ma
expertise and in
recommended
should be set u
increasingly in
but also recom
set up with the
risk manageme
de Zwaan,
Subramaniam and
Stewart (2009)
Survey 117 Australian
Certified
Internal
Auditors
Examines whether internal auditor
involvement in ERM, and the
relationship with the AC have an impact
on perceived objectivity.
Found that inte
ERM negativel
objectivity. Th
internal audit a
marginal effect
continued
Authors Method Sample Description of study Results
Fraser and Henry
(2007)
Interviews 5 UK listed
companies and
'big four' audit
firms
Examines mechanisms for the
identification and management of critical
risks and also identifies what the role of
internal audit and the audit committee
should be in risk management.
Found that inte
play in risk ma
expertise and in
recommended
should be set u
increasingly in
but also recom
set up with the
risk manageme
de Zwaan,
Subramaniam and
Stewart (2009)
Survey 117 Australian
Certified
Internal
Auditors
Examines whether internal auditor
involvement in ERM, and the
relationship with the AC have an impact
on perceived objectivity.
Found that inte
ERM negativel
objectivity. Th
internal audit a
marginal effect
Table V.
Outsourcing and co-sourcing internal audit activities
Authors Method Sample Description of study Results
Caplan and
Kirschenheiter
(2000)
Analytical
model
Uses agency theory to examine
incentives for outsourcing the internal
audit function to public accounting firms.
Found public a
levels of testin
expected fee. T
the lower cost
accountant as a
Selim and
Yiannakas (2000)
Survey 165 UK Finance
and/or Audit
Directors
Examines the practice of outsourcing the
internal audit function in the UK public
and private sectors. Also examines how
internal audit is perceived and the likely
impact an outsourcing decision may have
on auditors' independence and the quality
of internal audit service.
Found that mo
house internal
important facto
access to speci
respondents be
compromised w
outsourced to t
James (2003) Survey 63 US Bank
Loan Officers
Examines whether internal
audit sourcing arrangement affects
financial statement users’ perceptions of
ability of the internal audit function to
prevent financial statement fraud.
No difference f
of financial sta
between outsou
audit departme
committee. An
team is perceiv
competence an
limited presenc
ability to prote
Ahlawat and Lowe
(2004)
Experimental
questionnaire
66 US Internal
Auditors
Examines whether the consulting role of
internal auditors impacts on their ability
to remain objective and whether an
outsourced internal audit function is
susceptible to client advocacy.
Found the exte
less severe in t
internal auditor
auditors.
Outsourcing and co-sourcing internal audit activities
Authors Method Sample Description of study Results
Caplan and
Kirschenheiter
(2000)
Analytical
model
Uses agency theory to examine
incentives for outsourcing the internal
audit function to public accounting firms.
Found public a
levels of testin
expected fee. T
the lower cost
accountant as a
Selim and
Yiannakas (2000)
Survey 165 UK Finance
and/or Audit
Directors
Examines the practice of outsourcing the
internal audit function in the UK public
and private sectors. Also examines how
internal audit is perceived and the likely
impact an outsourcing decision may have
on auditors' independence and the quality
of internal audit service.
Found that mo
house internal
important facto
access to speci
respondents be
compromised w
outsourced to t
James (2003) Survey 63 US Bank
Loan Officers
Examines whether internal
audit sourcing arrangement affects
financial statement users’ perceptions of
ability of the internal audit function to
prevent financial statement fraud.
No difference f
of financial sta
between outsou
audit departme
committee. An
team is perceiv
competence an
limited presenc
ability to prote
Ahlawat and Lowe
(2004)
Experimental
questionnaire
66 US Internal
Auditors
Examines whether the consulting role of
internal auditors impacts on their ability
to remain objective and whether an
outsourced internal audit function is
susceptible to client advocacy.
Found the exte
less severe in t
internal auditor
auditors.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table V. continued
Authors Method Sample Description of study Results
Subramaniam, Ng
and Carey (2004)
Survey 52 Australian
Public sector
entities
Examines the practice of outsourcing the
internal audit function in Australian
(Queensland) government entities.
The study foun
and outsourcin
determinants o
relate to non-fi
financial. Whe
is outsourced, a
role in the outs
Sharma and
Subramaniam
(2005)
Survey 87 Australian
Public Listed
companies
Uses Transaction Cost Economics
perspective to examine the influence of
several organizational-level variable on
the decision to outsource or in-house
their internal audit function. Also
identifies the type of internal auditing
(IA) services that were likely to be
outsourced rather than in-housed, the
extent to which incumbent external
financial statement auditors participated
in outsourced arrangements and the level
of interaction between the internal audit
provider and audit committee.
Only environm
to affect IA in-
into the differe
of outsourcing
factors such as
how, service qu
unit-level comm
issues may pla
managerial dec
Gramling and
Vandervelde (2006)
Experimental
questionnaire
21 Internal
Auditors and 23
External
Auditors from
US
Tests the influence of the source of the
internal audit function, whether in-house
or external, on both the internal and
external auditors' evaluation of the
quality of the internal audit function.
Found assessm
quality and ove
influenced by t
arrangement bu
Specifically, th
rate the objecti
function higher
auditors rate th
function higher
Authors Method Sample Description of study Results
Subramaniam, Ng
and Carey (2004)
Survey 52 Australian
Public sector
entities
Examines the practice of outsourcing the
internal audit function in Australian
(Queensland) government entities.
The study foun
and outsourcin
determinants o
relate to non-fi
financial. Whe
is outsourced, a
role in the outs
Sharma and
Subramaniam
(2005)
Survey 87 Australian
Public Listed
companies
Uses Transaction Cost Economics
perspective to examine the influence of
several organizational-level variable on
the decision to outsource or in-house
their internal audit function. Also
identifies the type of internal auditing
(IA) services that were likely to be
outsourced rather than in-housed, the
extent to which incumbent external
financial statement auditors participated
in outsourced arrangements and the level
of interaction between the internal audit
provider and audit committee.
Only environm
to affect IA in-
into the differe
of outsourcing
factors such as
how, service qu
unit-level comm
issues may pla
managerial dec
Gramling and
Vandervelde (2006)
Experimental
questionnaire
21 Internal
Auditors and 23
External
Auditors from
US
Tests the influence of the source of the
internal audit function, whether in-house
or external, on both the internal and
external auditors' evaluation of the
quality of the internal audit function.
Found assessm
quality and ove
influenced by t
arrangement bu
Specifically, th
rate the objecti
function higher
auditors rate th
function higher
Table V. continued
Authors Method Sample Description of study Results
Carey, Subramaniam
and Ching (2006)
Survey 304 Australian
Listed
Companies
Investigates the determinants of internal
audit outsourcing.
Results sugges
outsourcing is
cost savings an
of the external
smaller firms t
audit for the fir
outsource.
Dickins and O’Reilly
(2009)
Survey 99 CAEs from
middle-market
US Companies
Explores the extent to which publicly
traded, middle-market companies
employ high quality independent internal
auditors in the post-SOX era.
Found that 77%
some internal a
outsource more
frequency of m
internal contro
amount of outs
likelihood of re
committee is n
extent of outso
Authors Method Sample Description of study Results
Carey, Subramaniam
and Ching (2006)
Survey 304 Australian
Listed
Companies
Investigates the determinants of internal
audit outsourcing.
Results sugges
outsourcing is
cost savings an
of the external
smaller firms t
audit for the fir
outsource.
Dickins and O’Reilly
(2009)
Survey 99 CAEs from
middle-market
US Companies
Explores the extent to which publicly
traded, middle-market companies
employ high quality independent internal
auditors in the post-SOX era.
Found that 77%
some internal a
outsource more
frequency of m
internal contro
amount of outs
likelihood of re
committee is n
extent of outso
Table VI.
Internal audit as a management training ground
Authors Method Sample Description of study Results
Goodwin and Yeo
(2001)
Survey 65 Singaporean
Internal
Auditors
Examines whether the use of internal
audit as a management training ground
influences the independence and
objectivity of internal auditors.
Found that the
used quite exte
training ground
believed that th
internal audit o
Selim, Sudarsanam
and Lavine (2003)
Survey /
interviews
22 companies
from Europe
and the USA
Determines the role of internal audit in
mergers, acquisitions and divestitures.
Uses gap analysis to compare the
normative, observed and preferred
models of internal audit involvement in
mergers and acquisitions.
Found some co
programs wher
offered a rotati
part of their tra
Arena, Arnaboldi and
Azzone (2006)
Multiple
case study
6 Italian
companies
Comparison of internal audit practices in
participating companies through multiple
sources of information including semi-
structured interviews with chief internal
auditors, accounting and finance staff.
Found that inte
training functio
companies in t
Sarens and De Beelde
(2006a)
Multiple
case study /
qualitative
assessment
5 Belgian
companies
Explores the expectations and
perceptions of internal audit and senior
management with respect to each other
through semi-structured interviews and
supporting documentation.
Found in one c
internal audit t
future potentia
function as a “f
staff.
Christopher, Sarens
and Leung (2009)
Survey 34 CAEs from
Australian
corporate sector
Aims to critically analyze the
independence of the internal audit
function through its relationship with
management and the audit committee.
Found that, in
staff are transfe
positions. In 60
remain in inter
years.
Internal audit as a management training ground
Authors Method Sample Description of study Results
Goodwin and Yeo
(2001)
Survey 65 Singaporean
Internal
Auditors
Examines whether the use of internal
audit as a management training ground
influences the independence and
objectivity of internal auditors.
Found that the
used quite exte
training ground
believed that th
internal audit o
Selim, Sudarsanam
and Lavine (2003)
Survey /
interviews
22 companies
from Europe
and the USA
Determines the role of internal audit in
mergers, acquisitions and divestitures.
Uses gap analysis to compare the
normative, observed and preferred
models of internal audit involvement in
mergers and acquisitions.
Found some co
programs wher
offered a rotati
part of their tra
Arena, Arnaboldi and
Azzone (2006)
Multiple
case study
6 Italian
companies
Comparison of internal audit practices in
participating companies through multiple
sources of information including semi-
structured interviews with chief internal
auditors, accounting and finance staff.
Found that inte
training functio
companies in t
Sarens and De Beelde
(2006a)
Multiple
case study /
qualitative
assessment
5 Belgian
companies
Explores the expectations and
perceptions of internal audit and senior
management with respect to each other
through semi-structured interviews and
supporting documentation.
Found in one c
internal audit t
future potentia
function as a “f
staff.
Christopher, Sarens
and Leung (2009)
Survey 34 CAEs from
Australian
corporate sector
Aims to critically analyze the
independence of the internal audit
function through its relationship with
management and the audit committee.
Found that, in
staff are transfe
positions. In 60
remain in inter
years.
1 out of 40
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.