Posts

Posts

  • Jennifer M Mueller-Phillips
    How a Systems Perspective Improves Knowledge Acquisition and...
    research summary posted September 19, 2013 by Jennifer M Mueller-Phillips, tagged 08.0 Auditing Procedures – Nature, Timing and Extent, 08.01 Substantive Analytical Review – Effectiveness, 11.0 Audit Quality and Quality Control, 11.05 Training and General Experience in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    How a Systems Perspective Improves Knowledge Acquisition and Performance in Analytical Procedures
    Practical Implications:

    This experiment provides evidence that training in a systems perspective could help auditors analyze complex relationships between accounting data. This could be used to set appropriate analytics expectations and, more importantly, provide a credible way to determine whether management’s representations are well-grounded or not.  This method also appears to require less mental effort to implement, since it moves the complicated relationship structure out of memory and onto a model.  Given the added complexity of many estimates in today’s companies, systematic methods of processing information like a systems perspective may help to simplify the analysis of the estimates.

    For more information on this study, please contact Billy Brewster.
     

    Citation:

    Brewster, B. E.  2011.  How a systems perspective improves knowledge acquisition and performance in analytical procedures.  The Accounting Review 86 (3), 915-943.

    Keywords:
    analytical procedures; knowledge organization; learning; mental models
    Purpose of the Study:

    Understanding complicated relationships with multiple links between information is difficult, as people have limited memory to keep all the relationships straight.  This problem is evident in setting analytics expectations, as there are many reasons why accounting numbers change from year to year (and the reasons are often related to each other in varying, nonlinear ways).  In order to avoid a “reductionist” perspective where pieces of information are considered in isolation and linearly, auditors may be able to construct a better mental model of the situation by using a “systems perspective”.  This involves considering how all the parts of a system are related as well as their behavior from how they interact.  Using a systems perspective (compared to a reductionist perspective) is predicted to be more accurate, more efficient, better able to detect management representations that are inconsistent with the evidence, and better able to integrate new information into their expectations accurately.

    Design/Method/ Approach:

    In an experiment conducted prior to 2008, undergraduate accounting students (juniors/seniors) are given training in evaluating stocks and flows (systems perspective) or business risks (reductionist perspective).  They then learn about an audit client and its industry which has a particularly complicated relationship between multiple factors over time and the resulting product price.  Using the technique they were taught, they then graph the product price over time.  The students are then provided management’s estimate of the price and evaluate its credibility.  Finally, the participants learn new information about the industry and are asked to factor it into their price evaluation.

    Findings:
    • When compared to a computer simulation of how the product price should change over time, participants who used a systems perspective were closer to the simulation than those using a reductionist perspective
    • Those using a systems perspective did not need to exert as much mental effort to perform their evaluations
    • Using a systems perspective made it more likely to identify inconsistent management representations of the product price
    • When encountering new information, a systems perspective allows participants to incorporate the information more appropriately than a reductionist perspective
       
    Category:
    Audit Quality & Quality Control, Auditing Procedures - Nature - Timing and Extent
    Sub-category:
    Substantive Analytical Review – Effectiveness, Sustainability ServicesTraining & General Experience
  • Jennifer M Mueller-Phillips
    How Do Audit Seniors Respond to Heightened Fraud Risk?
    research summary posted October 22, 2013 by Jennifer M Mueller-Phillips, tagged 06.0 Risk and Risk Management, Including Fraud Risk, 06.01 Fraud Risk Assessment, 08.0 Auditing Procedures – Nature, Timing and Extent in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    How Do Audit Seniors Respond to Heightened Fraud Risk?
    Practical Implications:

    Less-experienced auditors tend to respond to risk by indiscriminately increasing sample size; when management utilizes a specific scheme to commit fraud, this method is far less effective than tailoring procedures to target a particular sample where fraud is more likely to occur.  The authors suggest that training on recognizing cues that may suggest specific fraud schemes (especially early in an auditor’s career) and when targeting a particular high-risk sample is appropriate (as opposed to simply increasing sample size) would help auditors to recognize when aspects of an engagement imply higher risk of a particular fraud method or scheme and address it properly by targeting their testing to directly address the fraud risk.

    For more information on this study, please contact Jacqueline Hammersley.
     

    Citation:

    Hammersley, J. S., K. M. Johnstone, and K. Kadous.  2011.  How Do Audit Seniors Respond to Heightened Fraud Risk?  Auditing: A Journal of Practice & Theory 30 (3), 81-101.

    Keywords:
    audit planning; fraud detection; fraud risk factors; audit seniors; risk assessments.
    Purpose of the Study:

    A number of studies have looked at methods of improving the assessment of fraud risk and the resulting selection of audit procedures to address this risk.  However, most of these studies use managers, whereas seniors are often responsible for putting together the audit plan.  Although managers review this plan, the initial selection of procedures by seniors can significantly impact the final audit plan.  Therefore, this study examines seniors’ assessment of fraud risk and how they modify a standard audit plan to combat this risk.

    In addition, this study looks at multiple levels of fraud risk. Although all the seniors are given a case based on an actual fraud from an SEC Accounting and Auditing Enforcement Release, some of them are informed that a material weakness in the revenue recognition cycle (although unrelated to the fraud) was detected in the current year in order to determine whether seniors responded to this risk in terms of an elevated risk assessment.  Finally, this study not only investigates the effectiveness of the procedures selected, but also their efficiency; this is able to capture whether the seniors’ procedures may not only be ineffective at catching the fraud, but also inefficient (procedures that add time to the audit, but would not catch the fraud).
     

    Design/Method/ Approach:

    The authors conduct an experiment using seniors from a Big 4 firm.  Evidence was collected prior to 2010.  The seniors were given a case with background and financial information on the company as well as auditing assessments of materiality and the control environment.  The background information included a description of a marketing plan that management was using to fraudulently recognize revenue.  About half of the participants were informed that a material weakness had been identified in the revenue recognition cycle, while the other half were informed that internal controls testing was ongoing, but had not detected anything yet.  All participants were then asked to identify risk factors from the case, judge the revenue cycle risks, modify a standard audit plan to respond to the risks, and assess the need to consult with a risk management partner.

    Findings:
    • Auditors who receive information about a material weakness assess both fraud risk and the need to consult with a risk management partner higher than auditors who receive no information about a material weakness.
    • However, auditors receiving information about a material weakness do not identify more risk factors focused on the fraud than auditors in the control condition.
    • In addition, auditors receiving information about a material weakness develop audit programs that are no more effective for fraud detection purposes but are more inefficient than those who do not receive this information.  This appears to be due to the general implication of risk causing auditors to increase sample size indiscriminately, but not targeting the specific fraud.
    • Auditors who identified more fraud risks were more likely to modify procedures in a way that would have a better chance at detecting the fraud.
       
    Category:
    Auditing Procedures - Nature - Timing and Extent, Risk & Risk Management - Including Fraud Risk
    Sub-category:
    Fraud Risk Assessment
  • Jennifer M Mueller-Phillips
    How Do Auditors Address Control Deficiencies that Bias...
    research summary posted July 28, 2015 by Jennifer M Mueller-Phillips, tagged 07.0 Internal Control, 07.01 Scope of Testing, 07.02 Assessing Material Weaknesses, 08.0 Auditing Procedures – Nature, Timing and Extent, 08.01 Substantive Analytical Review – Effectiveness in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    How Do Auditors Address Control Deficiencies that Bias Accounting Estimates?
    Practical Implications:

    For practice, the authors provide evidence about the relation between control deficiencies and substantive tests in the integrated audit. A significant minority of senior auditors attempt to identify bias in an accounting estimate with increased sampling from the biased estimation process, though they have been told that the estimation process is biased. The authors provide theory consistent empirical evidence that auditors often reach questionable, optimistic judgments about the capability of audit evidence to address control deficiencies. Auditors will often revert to what they know best, and it is difficult to get people to look beyond the familiar, regardless of experience level.

    Citation:

    Mauldin, E. G., & Wolfe, C. J. 2014. How Do Auditors Address Control Deficiencies that Bias Accounting Estimates? Contemporary Accounting Research 31 (3): 658-680.

    Keywords:
    accounting estimates, scarcity, control deficiencies, internal control
    Purpose of the Study:

    According to professional standards, auditors must integrate the internal control and financial statement audits. Revised risk assessment standards were issued, in part, to improve the integration of controls into the financial statement audit. However, PCAOB inspections find that auditors sometimes do not appropriately change the nature, timing, and/or extent of their substantive tests in response to clients’ internal controls. Auditors often have difficulty modifying substantive tests when responding to identified control deficiencies.

    To shed light on the underlying reasons for this difficulty, the authors of this design a contextually rich experimental case and examine how auditors map a control deficiency into modifications of substantive tests. The authors examine control deficiencies that cause errors of omission in an estimation process, resulting in an incomplete and biased estimation process. The focus is on whether auditors recognize the insufficiency of reviewing the biased estimation process and how they select alternative tests to replace or supplement such review.

    Design/Method/ Approach:

    Eighty-seven auditors attending one Big 4 firm’s national training for experienced audit seniors participated in the study. The authors employ a between-participants experimental design with two treatments. The authors describe the treatments in sequence within the experimental task. They then randomly assign participants to experimental treatments and ask them to complete a case study. The evidence was collected prior to September of 2014.

    Findings:
    • A significant minority of senior auditors (33 percent) attempt to identify bias in an accounting estimate with increased sampling from the biased estimation process. Further, they do this after being told that the estimation process is biased.
    • Seeing the falsely favorable substantive test results, on average, does not influence auditors’ tendency to increase sample size.
    • A supplemental sample of 14 managers produces a pattern of responses similar to the main results.
    • When the bias is from externally prepared documents, the authors find that about one-half the auditors (54 percent) choose the more efficient alternative test, adjusting the estimate using documents.
    • When the bias is from management judgment inputs, the authors find that most auditors (63 percent) choose to adjust the estimate using documents, even though this alternative is less effective than developing an auditor-generated estimate.
    • The observed results are not driven by lack of experience with percentage-of-completion accounting.
    • Together, the results suggest that auditors often make inefficient or ineffective alternative test choices depending on the source of omission caused by the control deficiency.
    Category:
    Auditing Procedures - Nature - Timing and Extent, Internal Control
    Sub-category:
    Assessing Material Weaknesses, Scope of Testing, Substantive Analytical Review – Effectiveness
  • Jennifer M Mueller-Phillips
    How Do Auditors Behave During Periods of Market Euphoria?...
    research summary posted April 17, 2014 by Jennifer M Mueller-Phillips, tagged 02.0 Client Acceptance and Continuance, 02.05 Business Risk Assessment - e.g., industry, IPO, complexity, 08.0 Auditing Procedures – Nature, Timing and Extent, 08.04 Auditors’ Professional Skepticism, 09.0 Auditor Judgment, 09.04 Going Concern Decisions in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    How Do Auditors Behave During Periods of Market Euphoria? The Case of Internet IPOs
    Practical Implications:

    Due to the potential for future market bubbles, the findings of this study may be of interest to audit regulators and standard setters. These finding suggest mixed conclusions regarding the Big 5’s behavior during periods of market euphoria. The presence of going concern opinions varies inversely with variables that represent client viability and auditor self-interest. Evidence that points to a decrease in the predictive value of Big 5 opinions signed during the Internet IPO bubble may also have consequences for investors.
     
    For more information on this study, please contact Andrew J. Leone.
     

    Citation:

    Leone, A. J., S. Rice, J. P. Weber, and M. Willenborg. 2013. How Do Auditors Behave During Periods of Market Euphoria? The Case of Internet IPOs. Contemporary Accounting Research 30 (1).

    Keywords:
    auditors’ opinions; going concerns; initial public offerings; online information services
    Purpose of the Study:

    The study of periods of market euphoria is a long-standing topic of interest to economists. Theorists specify conditions under which market participants and institutions cause bubbles to form. This study looks at how auditors behave during these periods of euphoric market conditions, specifically around the time of the wave of Internet companies’ IPOs in the late 1990s and early 2000s. The goal was to discover how audit decisions change with fluctuations in the external marketplace. The authors address whether auditors are maintaining their responsibility to act in the public’s best interest during these unique market conditions, and how going concern decisions of these Internet IPO companies might vary based on these conditions.

    Design/Method/ Approach:

    The authors obtained a sample of 756 Internet IPO filings from 1996 to 2000 using an online database, as well as a sample of non- Internet IPO registrants. Using descriptive statistics, the authors tested these samples for determinants that could lead auditors to shift their going concern decision criteria during euphoric market conditions.

    Findings:
    • The presence of going concern opinions varies with variables that proxy for both economic reasons and for less independence and skepticism by the Big 5.
    • Some evidence points to associations between costs to investors and a decrease in Big 5 going concern opinions during the bubble.
    • Big 5 firms were not a major cause of the Internet IPO bubble, but large audit firms did little to slow it from inflating.
       
    Category:
    Auditing Procedures - Nature - Timing and Extent, Auditor Judgment, Client Acceptance and Continuance
    Sub-category:
    Auditors’ Professional Skepticism, Business Risk Assessment (e.g. industry - IPO - complexity), Going Concern Decisions
  • Jennifer M Mueller-Phillips
    Individual Auditors’ Identification of Relevant Fraud S...
    research summary posted October 22, 2013 by Jennifer M Mueller-Phillips, tagged 06.0 Risk and Risk Management, Including Fraud Risk, 06.01 Fraud Risk Assessment, 08.0 Auditing Procedures – Nature, Timing and Extent in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    Individual Auditors’ Identification of Relevant Fraud Schemes
    Citation:

    Simon, C. A. 2012.  Individual auditors’ identification of relevant fraud schemes.  Auditing: A Journal of Practice & Theory 31 (1), 1-16.

    Keywords:
    fraud schemes; management’s goals
    Purpose of the Study:

    Previous research has identified that auditors often have difficulty either assessing fraud risk or responding to it properly through effective audit procedures.  This study investigates two methods that are expected to reduce these difficulties. The first method, consideration of management’s goals, is predicted to allow auditors to integrate the effects of these goals with gathered audit evidence (such as analytic procedures) in order to determine whether they are consistent.  The second method, forming expectations independent of client’s current numbers, prevents auditors from “anchoring” their expectations on the current numbers and considering fraudulent activities that contribute these numbers.  In addition, utilizing both methods is predicted to have a joint effect beyond each method’s individual effect, since independently setting expectations after considering management’s goals will result in expectations that are even more likely to reflect consideration of potential fraudulent activity.

    Design/Method/ Approach:

    An experiment was conducted prior to 2011 using auditors with an average of 32 months of experience (most of who were from a single Big 4 firm).  Participants were first given background information about a client (based on an actual fraud investigated by the SEC) followed by fraud red flags that were present or absent and financial ratios for the company’s prior year-end and current year third quarter.  About half of the participants were asked to form expectations before they see the current year-end ratios, while the other half are not asked to form expectations.  Also, half of the participants (randomized differently than for the previous manipulation) were asked to write goals that could lead management to commit fraud, then to list the fraud red flags and analytic results that were consistent with these goals.  Participants then assess overall fraud risk, list potential fraud schemes, then list audit procedures to address the schemes they listed.

    Findings:
    • Auditors who were instructed to focus on management’s goals identified more schemes that were relevant to the fraud (those the SEC noted in its enforcement action)
    • Documenting expectations did not contribute to the identification of relevant schemes
    • Identification of relevant schemes lead to procedures that would be more effective in catching the fraud
       
    Category:
    Auditing Procedures - Nature - Timing and Extent, Risk & Risk Management - Including Fraud Risk
    Sub-category:
    Fraud Risk Assessment
  • Jennifer M Mueller-Phillips
    Infer, Predict, and Assure: Accounting Opportunities in Data...
    research summary posted September 21, 2015 by Jennifer M Mueller-Phillips, tagged 08.0 Auditing Procedures – Nature, Timing and Extent, 08.09 Impact of Technology on Audit Procedures in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    Infer, Predict, and Assure: Accounting Opportunities in Data Analytics.
    Practical Implications:

    This article is important to practitioners as well as academics because they will be using data analytics in accounting and auditing tasks and will need to specify system design characteristics needed to effectively accomplish these tasks. The authors identify several research questions for further study.

    Citation:

    Schneider, G. P., J. Dai, D. J. Janvrin, K. Ajayi, and R. L. Raschke. 2015. Infer, Predict, and Assure: Accounting Opportunities in Data Analytics. Accounting Horizons 29 (3): 719-742.

    Keywords:
    AIS meta-theory, data analytics, task processes
    Purpose of the Study:

    The objective of this paper is to examine how data analytics will impact the accounting and auditing environment, identify emerging management and regulatory challenges, and outline new research opportunities. To incorporate and process both structured and unstructured data to support decisions, accountants are working with a new set of sophisticated tools known as data analytics. Data analytics is the process of using structured and unstructured data through the applications of various analytic techniques such as statistical and quantitative analysis and explanatory and predictive models to provide useful information to decision-makers. Data analytics involves complex procedures that extract useful knowledge from large data repositories. Compared with conventional approaches, data analytics offer advantages in terms of cost-effectiveness), scalability, and capability to identify new patterns in real time.

    Several challenges and risks may arise with data analytics. First, how can voluminous data stored in heterogeneous and differently organized data sources be converted into structured, hence well interpretable, format? In doing so, uncorrelated data needs to be filtered out. The challenge is to identify what data needs to be filtered out. Further, how can structured data repositories be managed, processed, and transformed in order to derive needed information for decision-making purposes? Finally, data analytics applications often are highly scalable.

    Design/Method/ Approach:

    This article is a commentary. 

    Findings:

    The authors expand upon the challenges and risks via adopting the organizing principles of the metatheory of AIS and apply it to data analytics. The first principle states that data analytics research should be task-focused. Their analysis concentrated on three tasks to which accountants often apply data analytics: infer, predict, and assure. The second organizing principle notes that task requirements are the start of the process that establishes the set of system design characteristics needed. They note that the lack of accepted models of data analytics and related perceptions is a significant challenge that should be considered. The third principle suggests that the impact of data analytics on task performance should be examined within the context of cognitive, technological, and organizational contingency factors. They identify several research questions related to each of these contingency factors. Finally, the fourth principle states that the outcome of data analytics is task performance. The authors discuss how evaluating the infer, predict, and assure tasks completed with data analytics may occur at either the individual or organizational level. In addition, often the outcome of data analytics contains private and/or confidential information and more research is needed to examine how organizations can address their responsibilities to maintain privacy and confidentiality.

    Category:
    Auditing Procedures - Nature - Timing and Extent
    Sub-category:
    Impact of Technology on Audit Procedures Confirmation – Process and Evaluation of Responses
  • The Auditing Section
    Internal Audit Quality and Earnings Management
    research summary posted May 7, 2012 by The Auditing Section, tagged 08.0 Auditing Procedures – Nature, Timing and Extent, 08.11 Reliance on Internal Auditors, 13.0 Governance, 13.07 Internal auditor role and involvement in controls and reporting in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    Internal Audit Quality and Earnings Management
    Practical Implications:

    This study develops an empirical measure of internal audit quality, and provides evidence supporting companies’ use and  development of an IAF as part of improvements to its overall governance environment.  Regulators and other parties interested in corporate governance may find it helpful to more explicitly consider the role of internal auditor in the evaluation of the firm. 

    Citation:

    Prawitt, D., J. Smith, D. A. Wood 2009. Internal Audit Quality and Earnings Management. The Accounting Review 84 (4): 1255-1280.

    Keywords:
    corporate governance; internal audit function; internal audit quality; earnings management; abnormal accruals; analyst forecasts
    Purpose of the Study:

    Standards promulgated by the AICPA and PCAOB recognize the impact that a high-quality internal audit function (IAF) can have on reducing control risk, and by extension, audit risk.  As such, regulators permit and encourage external auditors to rely on the work of others if that work is deemed to be performed by “competent and objective persons” (PCAOB 2007).  Similarly, the Institute of Internal Auditors (IIA) recognizes the IAF as one of the four cornerstones of corporate governance, along with the audit committee, executive management, and the external auditor.  However, while several prior studies establish a negative association between the quality of firm’s corporate governance mechanisms and management’s tendency and ability to manipulate reported financial results, there is little evidence that relies on archival data concerning the impact of a quality IAF on firms’ earnings manipulation activities.

    The purpose of this study is to examine archival data to determine whether differences in the quality of firms’ IAF impact firms’ earnings management activities.

    Design/Method/ Approach:

    The authors rely on the IIA maintained GAIN database (a proprietary database), that is composed of survey responses from chief audit executives associated with IIA member organizations.  Member organizations responding to the survey include publicly traded and private companies, educational and governmental institutions, as well as individual divisions within companies.  The study covers the fiscal years of 2000-2005. 

    The authors create an index based on six factors that SAS No. 65 suggests external auditors should consider when evaluating whether to rely on the work of the internal auditors, and therefore differentiate IAF quality.  Those factors include the IAF’s professional experience, professional certifications, training, objectivity, relevance of their work to the financial reporting function, and the IAF’s relevance to the organization based on how much resources the corporation invests in the IAF group.  To capture management’s earnings management activities, the authors rely on measures of abnormal accruals and whether the firm just misses or beats analysts’ forecasts.

    Findings:
    • Overall, the results suggest that higher quality IAFs reduce management’s ability to manipulate earnings.
    • Specifically, higher quality IAFs appear to be associated with smaller negative abnormal accruals.
    • Companies with higher quality IAFs appear more likely to just miss analysts’ earnings forecasts, a measure of less earnings management.
    Category:
    Auditing Procedures - Nature - Timing and Extent, Governance
    Sub-category:
    Reliance on Internal Auditors, Internal auditor role and involvement in controls and reporting
    Home:
    home button
  • Jennifer M Mueller-Phillips
    Internal Audit Quality and Financial Reporting Quality: The...
    research summary posted October 12, 2016 by Jennifer M Mueller-Phillips, tagged 08.0 Auditing Procedures – Nature, Timing and Extent, 08.11 Reliance on Internal Auditors, 13.0 Governance, 13.07 Internal auditor role and involvement in controls and reporting in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    Internal Audit Quality and Financial Reporting Quality: The Joint Importance of Independence and Competence
    Practical Implications:

     This study is the first to establish IAF characteristics as separate, distinct constructs that act jointly in creating IAF quality; therefore, it contributes to the overall understanding of IAF quality and the determinants of the IAF as an effective internally based financial reporting monitor.

    Citation:

     Abbott, L. J., B. Daugherty, S. Parker and G. F. Peters. 2016. Internal Audit Quality and Financial Reporting Quality: The Joint Importance of Independence and Competence. Journal of Accounting Research 54 (1): 3-40.

    Purpose of the Study:

     In 2013, the NASDAQ Stock Market LLC (NASDAQ) proposed a rule change that would require all NASDAQ registrants to maintain an internal audit function (IAF). The New York Stock Exchange (NYSE) has required all registrants to maintain an IAF since 2006. The thinking behind these requirements is that an effective IAF provides the audit committee and other financial reporting stakeholders with critical information pertaining to a company’s risks and internal controls. Corporate governance proponents also emphasize the IAF’s role in enhancing financial reporting quality; however, despite having many proponents the IAF’s role in the financial reporting process is not yet fully understood and empirical evidence concerning the impact of IAF quality is minimal. As a result of this lack of evidence, the authors investigate the potential impact of IAF quality as a joint function of the IAF’s competence and independence. They base this view upon theoretical work stating that external audit quality is a function of the external auditor’s ability (competence) to detect accounting misstatements and willingness (independence) to oblige proper accounting treatments.

    Design/Method/ Approach:

    In this paper, the authors develop and test a two-factor model of IAF quality as a function of the IAF’s ability to prevent/detect financial misstatements (competence) and its inclination to report the misstatements to the audit committee and/or external auditor (independence). The study uses survey evidence from 189 Chief Internal Auditors from Fortune 1000 companies during fiscal 2009.

    Findings:
    • The authors’ overall results provide evidence consistent with the hypothesis that the combined presence of both competence and independence is a necessary antecedent to effective IAF financial reporting.
    • The authors find results consistent with independence being enhanced by relatively greater degrees of audit committee oversight of the IAF, as opposed to management oversight.
    • The authors find that enhanced independence interacts with IAF competence as a means of curtailing financial reporting discretion in both income-increasing and income-decreasing environments. A similar set of relationships were documented when the authors interact IAF competence and the relative lack of IAF outsourcing.
    Category:
    Auditing Procedures - Nature - Timing and Extent, Governance
    Sub-category:
    Internal auditor role and involvement in controls and reporting, Reliance on Internal Auditors
  • The Auditing Section
    Internal Audit Reporting Lines, Fraud Risk Decomposition,...
    research summary posted May 4, 2012 by The Auditing Section, tagged 06.0 Risk and Risk Management, Including Fraud Risk, 06.01 Fraud Risk Assessment, 08.0 Auditing Procedures – Nature, Timing and Extent, 08.11 Reliance on Internal Auditors, 13.0 Governance, 13.07 Internal auditor role and involvement in controls and reporting in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    Internal Audit Reporting Lines, Fraud Risk Decomposition, and Assessments of Fraud Risk
    Practical Implications:

    The results of this study are important for audit firms to consider when determining the extent of reliance on internal auditor’s fraud risk assessments.  Internal auditor judgments may be influenced by pressures to decrease risk assessments when reporting to the audit committee.  Thus, the recent suggested improvements for improving audit practice and risk assessment processes by reporting to the audit committee may have adverse and unexpected consequences.  Additionally, internal auditor judgments may be influenced by an over-reliance on attitude cues, even when decomposing fraud risk assessments.  Thus, decomposition may amplify the problem that prompted its use.

    Citation:

    Norman, C.S., A.M. Rose, and J.M. Rose. 2010. Internal audit reporting lines, fraud risk decomposition, and assessments of fraud risk. Accounting, Organizations and Society 35: 546-557.

    Keywords:
    internal audit, fraud risk assessment, audit committee
    Purpose of the Study:

    The internal auditor function is one of the four cornerstones of corporate governance along with senior management, the board, and external auditors.  External auditors frequently rely on the work of internal auditors, including firm risk assessments per AS5, An Audit of Internal Control over Financial Reporting that is Integrated with an Audit of Financial Statements.  Internal auditors may report to management or to the audit committee.  Many investors and regulators have suggested that internal auditors should report directly to the audit committee to minimize the threats to independence and objectivity that may potentially occur when internal auditors report to management.  However, if the audit committee is given power over the internal audit function, this may create potential new threats to internal auditor independence not previously considered.  For example, many audit committees now have the authority to hire or fire the Chief Audit Executive.  This paper addresses the effects of internal audit reporting lines on the fraud risk assessment judgments of internal auditors.  Below are two objectives that the authors address in their study: 

    • Examine the extent that internal auditors may be subconsciously motivated to avoid reporting higher levels of fraud risk to the audit committee, relative to when the risks are reported to management.
    • Examine whether decomposition of fraud risk into the components of the fraud triangle (management attitude, incentives, and opportunities) improves the internal auditor’s sensitivity to opportunity and incentive cues.
    Design/Method/ Approach:

    The authors collected their evidence from highly experienced internal auditors (mean experience of 15.3 years) via survey instruments. The authors then collected additional evidence using an experiment where participants were asked to complete a simulated task. Experiment participants were experienced internal auditors with mean experience of 9.6 years.  Survey participants were asked five questions about risk assessment discussions, reporting lines, and reactions.  In the simulated task participants were asked to assess the level of fraud risk in a hypothetical firm.  Participants were assigned to either a higher or lower level of fraud risk and to a reporting line of either audit committee or management.  The research was conducted in the mid- to late-2000s time period.

    Findings:
    • The authors find that internal auditors perceive greater personal threats when reporting high levels of fraud risk to the audit committee than when reporting to management.  Internal auditors fear overreaction from the audit committee, potentially leading to increased workload and management reprisals.   
    • The perception of greater perceived threats leads internal auditors to reduce assessed levels of fraud risk when reporting to the audit committee relative to reporting to management.  This finding is contrary to expectations and reveals additional unexpected threats created by having internal audit report to the audit committee.
    • Internal auditors increase attention to management attitude when risk assessments are decomposed, without a corresponding increase to incentive or opportunity cues.  Thus, unlike external auditors, fraud decomposition does not appear to mitigate perceived problems associated with insensitivity to incentive and opportunity cues.    
    Category:
    Risk & Risk Management - Including Fraud Risk, Auditing Procedures - Nature - Timing and Extent, Governance
    Sub-category:
    Fraud Risk Assessment, Reliance on Internal Auditors, Internal auditor role and involvement in controls and reporting
    Home:
    home button
  • Jennifer M Mueller-Phillips
    Internal Audit Sourcing Arrangements and Reliance by...
    research summary posted September 26, 2013 by Jennifer M Mueller-Phillips, tagged 07.0 Internal Control, 07.01 Scope of Testing, 08.0 Auditing Procedures – Nature, Timing and Extent, 08.11 Reliance on Internal Auditors, 13.0 Governance, 13.07 Internal auditor role and involvement in controls and reporting in Auditing Section Research Summary Database > Auditing Section Research Summaries Space public
    Title:
    Internal Audit Sourcing Arrangements and Reliance by External Auditors
    Practical Implications:

    The authors note a couple of implications for practitioners resulting from this study.  First, given the fact that external auditors assess internal audit quality and rely upon the work similarly for outsourced and cosourced internal audit functions, it may be worthwhile for companies to consider engaging some level of independent outside service provider to work along with their in-house internal auditors for high risk areas. 
        Second, having the same 3rd party internal audit service provider also provide tax services results in less reliance upon the work performed by internal audit, even though those services are approved by the audit committee and performed by different individuals.  Therefore, external audit increases their audit effort, thereby implying that external audit must see this additional service provision to be detrimental to the internal audit service provider’s objectivity. 
     
    For more information on this study, please contact Naman K. Desai.
     

    Citation:

    Desai, N. K., G. J. Gerard, and A. Tripathy. 2011. Internal Audit Sourcing Arrangements and Reliance by External Auditors. Auditing: A Journal of Practice & Theory 30 (1):149-171.

    Keywords:
    cosourcing; external auditor reliance; internal audit; sourcing
    Purpose of the Study:

      The purpose of this study is to investigate potential internal audit (IA) sourcing arrangements (in-house, outsource, and cosource) and to determine how that impacts an external auditor’s evaluation of the IA function’s competency, objectivity, and technical skills. The extent to which the audit team will rely upon work performed by the internal auditors can also be determined this way.  This study also looks at whether tax services provided by the IA service provider impacts the extent of reliance for outsourced or cosourced IA.
    This study is important because the Institute of Internal Auditors makes no preference between any of these sourcing arrangements.  Prior research has shown that outsourcing the IA function results in higher ratings of objectivity and more reliance upon their work when inherent risk is high (but no differences when inherent risk is low).  However, no studies test how cosourcing arrangements are evaluated.  This question is important to answer since a cosourced arrangement is a blend of in-house and outsourced internal auditors, which indicates that results could go either way. 
     

    Design/Method/ Approach:

    The authors conducted an experiment including experienced CPAs from Big 4 and regional firms prior to October 2007.  The design results in only 5 groups – in-house, outsource, or cosource without mention of tax services and outsource or cosource with the service firm also providing tax services.  External auditors were asked to provide ratings related to internal audit’s quality, reliance on internal audit work, audit risk, planned external audit effort, and likelihood that IA would give in to management regarding potential findings.

    Findings:
    • The authors find that in high risk areas, external auditors’ rate outsourced and cosourced internal auditors as having higher levels of quality than in-house internal audit.
    • They similarly find that external audit is more likely to rely upon the internal audit work performed if it is performed by outsourced or cosourced IA.
    • Further, the authors find no differences in quality or reliance ratings between outsourced and cosourced IA. 
    • However, when outsourced or cosourced internal audit service providers also provide tax services (which are performed by individuals other than those who perform the internal audit work) external auditors perceive the quality of the internal audit work to be lower.  As a consequence, they rely less upon the internal auditor’s work and instead increase their own external audit efforts. 
       
    Category:
    Auditing Procedures - Nature - Timing and Extent, Governance, Internal Control
    Sub-category:
    Internal auditor role and involvement in controls and reporting, Reliance on Internal Auditors, Scope of Testing