Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
CITATIONS READS
58 1,899
3 authors, including:
Some of the authors of this publication are also working on these related projects:
The rise and implication of hybrid control processes for the public university sector
View project
All content following this page was uploaded by Joe Christopher on 05 January 2015.
AAAJ
22,2 A critical analysis of the
independence of the internal audit
function: evidence from Australia
200
Joe Christopher
School of Accounting, Curtin University of Technology, Perth, Australia
Received 12 October 2007
Revised 20 March 2008 Gerrit Sarens
Accepted 4 June 2008
Department of Finance, Louvain School of Management,
Université Catholique de Louvain, Louvain-la-Neuve,
Belgium and Department of Accounting and Finance, University of Antwerp,
Antwerp, Belgium, and
Philomena Leung
Faculty of Business and Law, School of Accounting, Economics and Finance,
Deakin University, Burwood, Australia
Abstract
Purpose – This study aims to critically analyse the independence of the internal audit function
through its relationship with management and the audit committee.
Design/methodology/approach – Results are based on a critical comparison of responses from
questionnaires sent out to Australian chief audit executives (CAEs) versus existing literature and best
practice guidelines.
Findings – With respect to the internal audit function’s relationship with management, threats
identified include: using the internal audit function as a stepping stone to other positions; having the
chief executive officer (CEO) or chief finance officer (CFO) approve the internal audit function’s budget
and provide input for the internal audit plan; and considering the internal auditor to be a “partner”,
especially when combined with other indirect threats. With respect to the relationship with the audit
committee, significant threats identified include CAEs not reporting functionally to the audit committee;
the audit committee not having sole responsibility for appointing, dismissing and evaluating the CAE;
and not having all audit committee members or at least one member qualified in accounting.
Originality/value – This study introduces independence threat scores, thereby generating analysis
of the internal audit function’s independence taking into account a combination of threats.
Keywords Internal auditing, Corporate governance, Audit committees, Managers, Australia
Paper type Research paper
The authors wish to acknowledge the contribution by Gordon Woodbine who provided
assistance in the administration and analysis of the survey instrument. In addition, the support
and assistance provided by the IIA Australia in administering the survey and the contribution
Accounting, Auditing & made by the respective CAEs in completing the survey are greatly appreciated. Earlier versions
Accountability Journal
Vol. 22 No. 2, 2009 of this paper have been presented at the 2007 AFAANZ Conference and the First Global
pp. 200-220 Academic Conference on Internal Audit and Corporate Governance (April 2008). The authors
q Emerald Group Publishing Limited
0951-3574
also wish to thank Lee D. Parker (editor) and two anonymous referees for their comments and
DOI 10.1108/09513570910933942 suggestions.
Introduction Analysis of the
This study provides a critical analysis of the independence of the internal audit internal audit
function in Australian companies. Given the growing role of internal auditing in
contemporary corporate governance, independence has gained renewed attention. function
The Institute of Internal Auditors (IIA) has promoted the internal audit function as
an independent function that provides value-added assurance and consulting services.
Through this extended role, the function has been promoted as the cornerstone upon 201
which effective corporate governance is built (IIA Professional Guidance, 2002). This
view has been supported by academic and practitioner research. Ramamoorthi (2003),
in his research on the history and evolution on the internal audit function, indicated
that, over time, there has been a massive shift in focus to one that promotes and
supports effective organisational governance. This has been supported by Ruud (2003)
who noted that, in today’s business environment, the internal audit function has
become a major support function for management, the audit committee, the board of
directors, and other stakeholders.
The increased importance of the internal audit function in enhancing corporate
governance also has been reinforced indirectly through legislation, such as the
Sarbanes Oxley Act (2002) in the USA and the CLERP Act (2004) in Australia. Although
this legislation does not specifically address the corporate governance role of the
internal audit function, it provides for the expanded accountability requirements of
stakeholders, like the board (including the audit committee) and management. This, in
turn, would suggest an expanded role for the internal audit function given that it
comprises an integral component of the network of parties having corporate
governance responsibilities (Gramling, 2004).
This expanded role essentially would involve the provision of additional services,
which are initiated by the board (including the audit committee) and management as a
means of ensuring that accountability requirements are met. This raises the issues of
credibility and integrity, given the close relationship between these two parties.
Mutchler et al. (2001) touched on the importance of independence by suggesting that, as
the responsibilities of internal auditors grow, so does the demand for greater
accountability, independence and objectivity. They suggest that the broadened
responsibilities of the internal audit function within the environment of a changing
business world, coupled with increasing economic competition and globalisation, are
creating pressure on the internal audit function, which can jeopardise its independence.
They emphasise this by stating:
Independence and objectivity are to the profession of internal auditing what the Hippocratic
Oath is to the practice of medicine.
They go on to define independence as:
[. . .] freedom from material conflicts of interest that threaten objectivity. In other words, it is a
state where threats to objectivity are managed to the extent that the risks of ineffective
internal audit services are acceptably controlled.
The tension resulting from the pressure to provide value-added services while
maintaining independence prompts our primary research objective, which is to analyse
critically whether internal audit functions in practice are operating independently, in
line with theoretical best practice guidelines.
AAAJ The remainder of this paper is structured as follows. The first section provides a
22,2 brief outline of the underlying theories upon which this study is based. The second
section provides a background analysis of the components of corporate governance
and their impact upon the internal audit function’s independence. In addition, best
practice guidelines for internal auditing as promulgated by the IIA, academic
researchers and practitioners, are identified and discussed. This section forms the basis
202 for the formulation of two specific research questions. The third section outlines the
research method used, followed by the fourth section that provides the results of the
study and a critical analysis of the results relative to the theoretical position. The final
section presents the conclusions.
Research method
Questionnaire
An e-mail-based questionnaire (Kiesler and Sproull, 1986) was used to collect data. An
e-mail questionnaire was selected over a postal questionnaire, due to the advantages of
rapid distribution and response cycles (Yun and Trumbo, 2000; Swoboda et al., 1997)
and the fact that the former affords the technical ability to track whether the delivered
questionnaire was opened, responded to, deleted, or undeliverable (Paolo et al., 2000).
The questionnaire was prepared in accordance with quality control requirements
for questionnaire design (Dillman, 2000; Oppenheim, 1992; Preece et al., 2002). This
included the format of the e-mail questionnaire, which was designed to accommodate
the principles of paper questionnaire design, such as the development of question
scales and multiple choice answers, minimisation of question bias through proper
wording, confidentiality requirements, and the use of unambiguous and concise
language. The quality control procedures undertaken extended to pretesting that was
done in accordance with established procedures (Dillman, 2000) to ensure question
completeness, efficiency and relevancy, and format appropriateness. It was pre-tested
by a number of colleagues and CAEs, and finally presented to the IIA Australia for
review and approval before distribution.
Data collection
The approved questionnaire was electronically distributed as an attachment to an e-mail
cover letter sent by IIA Australia to their list of CAEs in the corporate sector. This
represented a sample size of 206. A total of 34 responses were received, representing a
response rate of 17 per cent. Relative to typical response rates in surveys of a similar
nature targeting CAEs (Bariff, 2003 (22 per cent); Leung et al., 2004 (21.4 per cent)), this
response rate was deemed fairly reasonable, may be construed as a fair reflection of the
views of CAEs, and is adequate for a critical analysis of the independence of internal
audit functions in Australia. Those who responded belonged to the following sectors:
. Trade, Transport and Logistics – 9 per cent;
.
Production and energy – 22 per cent;
. Utilities – 6 per cent;
.
Telecom, IT and Media – 26 per cent; and
. Financial Services – 37 per cent.
AAAJ Questionnaire items
22,2 The research questions were addressed as follows.
RQ1. To what extent is the internal audit function in Australian companies
independent of management?. To address this research question and identify any direct
or indirect management influences that would impact upon the internal audit
function’s independence, various characteristics were explored through seven specific
206 survey questions (Questions 3-9, Appendix). These characteristics included:
. The organisational positioning of the internal audit function.
.
The management of the internal audit function, which includes staff movement,
budgets, and the impact of CEOs and CFOs on internal audit planning.
.
The perception of people within the organisation regarding internal auditors as
partners.
RQ2. Does the relationship between the audit committee and the internal audit function
in Australian companies provide for independence of internal audit?. Two survey
questions dealt with the reporting relationship between the internal audit function and
the audit committee, as required by existing guidelines (Questions 1 and 2 of the
Appendix). Three survey questions dealt with the composition of the audit committee
(Questions 11-13, Appendix). Five questions (Questions 14-18, Appendix) were posed
to determine if any direct influences exist through the internal audit function’s
relationship with the audit committee that could impact the independence of the
internal audit function. These questions provided insight into the level of audit
committee involvement relative to its role in the internal audit function.
Management
As shown in Table I, all respondents reported that their internal audit function was
placed at the corporate/group level, as opposed to being placed at the intermediate or
local level. This is in line with best practice guidelines. While this indicates that, in
practice, internal audit functions are well placed in the hierarchy with respect to
maintaining independence, the study identified other potential indirect threats to their
independence.
When asked if it is common for internal auditors to move to other functions within
the company, 56 per cent of the respondents stated that there is a culture within the
organisation for internal audit staff to move to other management functions within the
organisation. This is corroborated by 47 per cent of the respondents indicating that, on
average, internal auditors stay between two and four years in the internal audit
function, with 13 per cent indicating that internal auditors stay for less than two years.
A long-term commitment was rare; in 60 per cent of the companies, internal auditors
stay less than four years. In 71 per cent of the cases where it is common to move to
other functions, internal auditors remain within the internal audit function, on average,
for less than four years. It thereby seems that only a small minority aspire to a career in
internal auditing. These results confirm that the internal audit function often is used as
a training ground or a stepping stone for future managers to further their careers. An
argument for this practice is that it also can be seen as an added value of the internal
Analysis of the
Frequency
No. Questionnaire items No % internal audit
3 What is the hierarchical level of your internal audit function? (n ¼ 34)
function
Corporate group level 34 100.00
Intermediate level 0 0
Local level 0 0 207
4 Is it common for internal auditors to move to other functions within the
company? (n ¼ 34)
Yes 19 55.88
No 13 38.24
No comments 2 5.88
5 On average how many years does an internal auditor stay within your
internal audit function? (n ¼ 32)
Less than 2 4 12.50
Between 2-4 15 46.88
Between 5-7 7 21.88
Between 8-10 2 6.25
More than 10 4 12.50
6 Who approves the internal audit budget? (n ¼ 34)
AC 8 23.53
BOD 1 2.94
CEO 6 17.65
CFO 4 11.76
AC and CEO 6 17.65
AC and BOD 1 2.94
AC and CFO 2 5.88
BOD, CEO and CFO 2 5.88
AC and company secretary 2 5.88
Others 2 5.88
7 The CEO gives input for the internal audit planning (n ¼ 34)
Strongly agree 11 32.35
Somewhat agree 11 32.35
Neither agree or disagree 3 8.82
Strongly disagree 1 2.94
Somewhat disagree 5 14.71
No response 3 8.82
8 The CFO gives input for the internal audit planning (n ¼ 34)
Strongly agree 10 29.41
Somewhat agree 12 35.29
Neither agree or disagree 2 5.88
Strongly disagree 2 5.88
Somewhat disagree 5 14.71
No response 3 8.82
9 People within the organisation perceive internal auditors as their
partners (n ¼ 34)
Strongly agree 2 5.88
Somewhat agree 17 50.00 Table I.
Neither agree or disagree 11 32.35 Descriptive statistics –
Somewhat disagree 3 8.82 relationship with
Strongly disagree 1 2.94 management
AAAJ audit function. Internal auditors often are well-trained people, having a profound
22,2 understanding of the different functional domains within the company. Therefore, it is
not surprising that they are viewed as potential candidates for management positions.
What is of concern, however, is the effect that this might have on the independence of
the internal audit function, as it raises the question as to whether the internal auditor
can raise reports against management independently and objectively, knowing that he
208 or she is dependent on management for future career moves. It is reasonable to assume
that internal auditors, to some extent, will be biased when performing an audit
engagement in which the auditee is their potential future boss, given that they already
have specific career plans in mind.
Another noted potential negative influence on the independence of the internal audit
function is the possibility for management to influence the budget of internal audit
function. In 26 per cent of the companies, only the audit committee or the board of
directors approves the internal audit budget. According to IIA Standards, this should
be the best way to guarantee the independence of the internal audit function. On the
other hand, in 29 per cent of the companies, the CEO or CFO is responsible for
approving the internal audit budget. The internal audit function’s independence is
threatened in these companies. It can be assumed that CEOs or CFOs who do not want
the internal audit function to focus on specific areas in their company (e.g. areas in
which they know there are control deficiencies or, even worse, in which they want to
hide fraud) have the power to impose significant budget constraints on the internal
audit function, thus forcing it to reduce its auditing scope.
Another potential threat to the independence of the internal audit function emerges
when senior management becomes too heavily involved in influencing the internal
audit planning. Although it is recommended that input from the CEO and CFO be
solicited, given their ability to identify high risk areas in which audits are warranted,
the CAE and the audit committee should have sufficient autonomy to determine final
priorities. As soon as the CEO and CFO become too heavily involved in determining
the orientation of the internal audit function, its independence is indirectly threatened.
In this study, the survey results indicate that, in 65 per cent of the cases, the CEO
and/or CFO provide input for the internal audit planning. The results suggest that, in
almost one third of the cases, the CEO (32 per cent) and the CFO (29 per cent) have a
strong impact upon the planning. This would indicate a threat to the internal audit
function’s independence, especially if combined with other indirect threats, like the
CAE and audit committee not having the independence to determine final priorities.
It also was found that, in more than half of companies (56 per cent), people within
the organisation perceive internal auditors to be partners. A sufficient degree of
acceptance and appreciation of the internal audit function is crucial to allow for
internal audit findings and recommendations to have an impact. Nevertheless, it can be
argued that a culture in which the internal audit function is considered too much a
“partner” may put additional indirect pressure on internal auditors to work closely
with management to achieve a “common goal” rather than to act as an independent
body providing assurance on risk management, control and governance. A sufficient
degree of independence would prevent the internal audit function from becoming a
consulting partner for management.
In summary, while the results indicate that there is a trend towards internal audit
functions being organisationally positioned to maintain independence, evidence was
found that the independence of the internal audit function is potentially threatened by Analysis of the
management. This includes the indirect ability of management to influence the career internal audit
prospects of internal auditors, as well as the budget and planning of the internal audit
function. This is exacerbated by internal auditors themselves using the function as a function
stepping stone to further their career aspirations. It also can be argued that the
independence concept may be lost in such a culture, especially if it is combined with
people within the organisation perceiving internal auditors as partners, thereby 209
subjecting the internal audit function to pressures threatening its independence, rather
than recognising the internal audit function as an independent assurance function.
In order to obtain an overall perception of potential independence threats resulting
from the relationship between the internal audit function and management, an overall
score was generated, taking into account whether:
.
the internal audit function is a stepping stone to other functions;
.
people stay less than four years in the internal audit function;
.
only the CEO and/or CFO approve(s) the internal audit budget;
.
the CEO and CFO have a strong impact upon the internal audit planning; and
.
people perceive internal auditors as partners.
This score can range from 0 to 5, ranging from no independence threats to significant
independence threats. Table II shows that three independence threats were identified in
29 per cent of the companies, and more than three in 35 per cent of the companies.
Further analysis reveals that this score is significantly higher (F ¼ 8:923; p ¼ 0:006) in
companies wherein the internal audit function report functionally to the CFO instead of
to the audit committee. This confirms that establishing the correct reporting
relationships is a crucial component of safeguarding the independence of the internal
audit function.
Audit committee
Aspects relative to the composition of the audit committee were examined. Table III
shows that all responding companies have an audit committee. According to Table IV,
audit committee membership ranges from 2 to 15 members, with a mean of 4.8
(standard deviation ¼ 2:6). On average, 78 per cent of the audit committee members
are independent (standard deviation ¼ 32:1 per cent). In 60 per cent of companies, all
audit committee members are independent; meanwhile, in 83 per cent, at least half of
the members are independent. In addition to the independence of audit committee
members, prior research has identified that member backgrounds are of importance. It
was found that, on average, 43 per cent of the audit committee members have an
1 7 20.59
2 5 14.71 Table II.
3 10 29.40 Overall score of
4 6 17.65 independence threats at
5 6 17.65 management level
AAAJ
Frequency
22,2 No. Questionnaire items No %
Frequency
No Questionnaire item No %
Similar to the overall score developed for the management level, answers to these
questions provide a summation score, which can range from 0 to 7, meaning from no
independence threats to significant independence threats. Table VI shows that, in more
than half of the cases (56 per cent) no or only one independence threat was identified.
These results are much more favourable, from an independence standpoint, than the
overall independence threat scores observed at the management relationship level, Analysis of the
suggesting that the internal audit function’s relationship with the audit committee is a internal audit
stronger guarantee of independence than its relationship with management.
function
Total number of independence threats
Further analysis suggests that the large number of independence threats at the 213
management relationship level (overall score ¼ 4 or higher) is compensated by a low
number or even the absence of independence threats at the audit committee
relationship level (overall score ¼ 0 or 1). More specifically, in 72 per cent of companies
wherein management creates independence threats, the audit committee compensates
by creating (almost) no independence threats. Moreover, the number of independence
threats at management level is significantly lower (F ¼ 3:586; p ¼ 0:068) in those
companies wherein audit committees impose two or more independence threats. This
could mean that independence threats at the two different levels tend to compensate for
each other, the net result being that companies generally are exposed to a reasonably
low number of independence threats.
Unfortunately, Table VII shows that, in one-quarter (24 per cent) of all companies,
six or more independence threats (at aggregate level) exist. This is the group of
companies in which the independence of the internal audit function is most threatened,
and should become the target for potential new guidelines or legislation with which to
strengthen independence. It should be noted that the aggregate number of
independence threats is not correlated with stock exchange listings, company age or
industry.
0 9 26.47
1 10 29.41 Table VI.
2 8 23.53 Overall score of
3 4 11.76 independence threats at
4 3 8.82 audit committee level
1 1 2.94
2 2 5.89
3 7 20.59
4 7 20.59
5 9 26.47 Table VII.
6 4 11.76 Overall score of
7 3 8.82 independence threats at
8 1 2.94 aggregate level
AAAJ Conclusions
22,2 This study critically examined the independence of the internal audit function, using
data collected from Australian companies. More specifically, this study analysed to
what extent the relationships between the internal audit function and management and
the audit committee create threats to independence.
In addressing the first research question, potential independence threats stemming
214 from the relationship with management were examined.
The first independence threat refers to the well-known practice of using the
internal audit function as a training ground and stepping stone for future managers.
Although there are arguments supporting this practice, it can be argued that internal
auditors will not be able to operate objectively and independently when they are
dependent upon their auditees for future career moves. The second independence
threat identified refers to approval of the internal audit budget. This study revealed
that Australian companies exist at which the CEO or CFO is responsible for
approving the internal audit budget. This may be considered a serious threat to the
independence of the internal audit function, as imposing budget constraints is a
powerful tool with which management can reduce the scope and impact of the
internal audit function. The third independence threat relates to senior management
being heavily involved in developing the internal audit plan. While senior
management’s input is essential for setting internal audit priorities, the CAE and
audit committee should monitor the impact of senior management’s input. If their
requests are considered unconditional priorities, internal auditors are viewed as
management consultants, which invariably threaten the independence of the internal
audit function. This threat can be linked with the fact that, in more than half of the
responding companies, internal auditors are perceived by staff members to be
“partners”. Questions may be raised as to whether this “partner role” imposes
pressure on internal auditors to assume a subservient management role, thus
threatening the independence of the internal audit function.
While some of these individual threats may not necessarily create a major
threat to the internal audit function’s independence on their own, the collective
effect of these practices has the potential to significantly threaten independence.
Based on a global score, taking into account all threats discussed, it can be
concluded that the majority of the internal audit function in this study are
confronted by a combination of indirect independence threats resulting from their
relationship with management.
In addressing the second research question, potential independence threats
stemming from the relationship between the internal audit function and the audit
committee were examined, and a number of independence threats resulting from this
relationship identified.
The first independence threat relates to non-compliance with best practices
recommending the internal audit function to report functionally to the audit committee
and administratively to the CEO. It was found that this practise is not applied
consistently and, hence, can be considered a potential independence threat. The second
indirect independence threat relates to the composition of the audit committee. While it
was identified that the majority of audit committees have the right composition to
guarantee the independence of the internal audit function, it was noted that this also is
not consistently adhered to. The third independence threat relates to management
having the power to appoint and dismiss the head of the internal audit function. In Analysis of the
almost one-quarter of companies, it is not the audit committee, but the CEO and/or CFO internal audit
who is responsible for appointing, dismissing and evaluating the head of the internal
audit function. It is suggested that such practices could impair the internal audit function
function’s independence.
With respect to positive aspects, the analysis revealed that almost all responding
CAEs are regularly invited to audit committee meetings, and that two thirds have 215
regular private meetings with the audit committee chair or individual members. These
regular contacts are important for the independence of the internal audit function, as
they allow internal auditors to discuss their work with an independent party, which
often is necessary to initiate the appropriate corrective action. Another positive aspect
relates to audit committees spending, on average, more than one-third of their annual
working time addressing internal audit topics. It is suggested that having a
relationship with an audit committee that wants to spend a significant part of its
working time addressing internal audit matters enhances the independence of the
internal audit function.
Similar to how it was done at the management level, a global score of potential
independence threats was computed. Relative to management level, lower scores were
found, suggesting that the relationship of the internal audit function with the audit
committee appears to provide a stronger guarantee for its independence.
Further analysis demonstrates that independence threats at the two levels,
management and audit committee, to some extent compensate for each other. Evidence
was found that independence guarantees provided by the audit committee are more
prevalent in companies wherein management imposes more independence threats, and
vice versa. This compensation effect suggests that the independence of the internal
audit function needs to be judged in a broader context, specifically taking into account
the relationship both with management and the audit committee rather than each
individually. The analysis also points towards one-quarter of all companies in the
study having six or more independence threats, which indicates that, despite the
compensation effect, not all internal audit functions are complying with best practice
guidelines.
It can be suggested that the main reason for these findings appears to be a mix of
internal audit function structures, brought about by a lack of statutory backing to
provide consistency in the implementation of best practices. This is exacerbated by
internal auditors being viewed as partners, thus widening the gap between the
advisory role of the internal audit function and its independent status.
216
Suggestions for future research
By introducing the concept of independence threat scores, this study opens new
avenues for future research. It would be interesting, for example, to identify
variables to explain variation in these scores. Furthermore, these scores can be
introduced to internal audit quality assessment practices. In addition, further
research on the independence of the internal audit function may be undertaken in
other countries to identify whether the findings of this study are a worldwide
phenomenon or a localised issue. Findings consistent with this study would help to
assist the IIA to initiate improvements in this area. Future research also is
recommended on specific aspects pertaining to the independence threats identified.
For example, with respect to the threat of using the internal audit function as a
stepping stone for management roles, it may be interesting to study the effects of
this practice on the behaviour of internal auditors, using field observations or even
experimental research methods.
References
Adams, M.B. (1994), “Agency theory and the internal audit”, Managerial Auditing Journal, Vol. 9
No. 8, pp. 8-12.
Bariff, M. (2003), Internal Audit Independence and Corporate Governance, Institute of Internal
Auditors Research Foundation, Altamonte Springs, FL.
Berle, A.A. and Means, G.C. (1932), The Modern Corporation and Private Property, Macmillan,
New York, NY.
Bou-Raad, G. (2000), “Internal auditors and a value added approach: the new business regime”,
Managerial Auditing Journal, Vol. 15 No. 4, pp. 182-6.
Braiotta, L. (1999), The Audit Committee Handbook, 2nd ed., John Wiley & Sons, New York, NY.
Brody, R.G. and Lowe, D.G. (2000), “The new role of the internal auditor: implications for internal
auditor objectivity”, International Journal of Auditing, Vol. 4 No. 2, pp. 169-76.
Chapman, C. (2001), “Raising the BAR- newly revised standards for the professional practice of
internal auditing”, Internal Auditor, Vol. 58 No. 21, pp. 55-61.
Claybrook, C. (2004), Viewing Organisational Trust and Internal Auditing, The Institute of
Internal Auditors Research Foundation, Altamonte Springs, FL.
Cohen, J., Krishnamoorthi, G. and Wright, A.M. (2002), “Corporate governance and the audit
process”, Contemporary Accounting Research, Vol. 19 No. 4, pp. 573-94.
Dillman, D.A. (2000), Mail and Web-based Survey: The Tailored Design Method, John Wiley &
Sons, New York, NY.
Di Maggio, P.J. and Powell, P.W. (1983), “The iron cage revisited: institutional isomorphism and
collective rationality in organisational fields”, American Sociological Review, Vol. 48 No. 2,
pp. 147-60.
Drent, D. (2002), “The duest for increased relevance: internal auditors who successfully Analysis of the
communicate and balance their needs and those of their clients can increase their relevance
to the organisation”, Internal Auditor, Vol. 59 No. 1, pp. 49-54. internal audit
Goodwin, J. (2003), “The relationship between the audit committee and the internal audit function function
– evidence from Australia and New Zealand”, International Journal of Auditing, Vol. 7
No. 3, pp. 263-78.
Goodwin, J. and Yeo, T.Y. (2001), “Two factors affecting internal audit independence and 217
objectivity: evidence from Singapore”, International Journal of Auditing, Vol. 5 No. 2,
pp. 107-25.
Gramling, A.A. (2004), “Role of the internal audit function in corporate governance: a synthesis of
the extant internal auditing literature and directions for future research”, Journal of
Accounting Literature, Vol. 23, pp. 194-244.
Gwilliam, D. and Kilcommins, M. (1998), “The impact of audit firm size and audit committee on
perceptions of audit independence and financial statement reliability in Ireland”, The Irish
Accounting Review, Vol. 5 No. 1, pp. 23-56.
Hansen, S.C. (1997), “Designing internal controls: the interaction between efficiency wages and
monitoring”, Contemporary Accounting Research, Vol. 14 No. 1, pp. 129-63.
IIA (2004), International Standards for the Professional Practice of Internal Auditing, IIA,
London, available at: www.theiia.org/?doc_id ¼ 1499
IIA Professional Guidance (2002), “Recommendation for improving corporate governance”,
Internal Auditor, Vol. 59 No. 3, p. 68.
Jensen, M.C. and Meckling, W.H. (1976), “Theory of the firm: managerial behaviour, agency costs
and ownership structure”, Journal of Financial Economics, Vol. 3 No. 4, pp. 305-60.
Kalbers, L. (1992), “Audit committees and internal auditors”, Internal Auditor, Vol. 49 No. 1,
pp. 24-6.
Kiesler, S. and Sproull, L.S. (1986), “Response effects in the electronic survey”, Public Opinion
Quarterly, Vol. 50 No. 3, pp. 402-13.
Krishnan, J. (2005), “Audit committee quality and internal control: an empirical analysis”,
The Accounting Review, Vol. 80 No. 2, pp. 649-75.
Leung, P., Cooper, B.J. and Robertson, P. (2004), The Role of Internal Audit in Corporate
Governance, RMIT University Press, Melbourne.
McHugh, J. and Raghunandan, K. (1994), “Hiring and firing the chief internal auditor”, Internal
Auditor, Vol. 51 No. 4, pp. 34-40.
Meyer, J.W. and Rowan, B. (1977), “Institutional organisation: formal structure as myth and
ceremony”, American Journal of Sociology, Vol. 83 No. 2, pp. 310-63.
Mutchler, J., Chang, S. and Prawitt, D. (2001), Independence and Objectivity: A Framework for
Internal Auditors, The Institute of Internal Auditors Research Foundation, Altamonte
Springs, FL.
Nagy, A.L. and Cenker, W.J. (2002), “An assessment of the newly defined internal audit function”,
Managerial Auditing Journal, Vol. 17 No. 3, pp. 130-7.
Oppenheim, A.N. (1992), Questionnaire Design, Interviewing and Attitude Measurement, Pinter
Publishers, New York, NY.
Paolo, A.M., Bonamino, G.A., Gibson, D., Patridge, T. and Kallail, K. (2000), “Response rate
comparisons of email and mail distributed student evaluations”, Teaching and Learning in
Medicine, Vol. 12 No. 2, pp. 81-4.
AAAJ Preece, J., Rogers, Y. and Sharp, S. (2002), Interaction Design: Beyond Human-Computer
Interaction, John Wiley & Sons, New York, NY.
22,2
Price Waterhouse Coopers (PWC) (2002), Transforming the Focus for a Changing Environment:
Internal Audit Services, PWC, New York, NY.
Raghunandan, K.R., Read, W.J. and Rama, D.V. (2001), “Audit committee composition, gray
directors, and interactions with internal auditing”, Accounting Horizons, Vol. 15 No. 2,
218 pp. 105-18.
Ramamoorthi, S. (2003), Internal Auditing: History, Evolution and Prospects, The Institute of
Internal Auditors Research Foundation, Altamonte Springs, FL.
Ruud, T.F. (2003), The Internal Audit Function: An Integral Part of Organisational Governance,
The Institute of Internal Auditors Research Foundation, Altamonte Springs, FL.
Sarens, G. and De Beelde, I. (2006), “The relationship between internal audit and senior
management: a qualitative analysis of expectations and perceptions”, International
Journal of Auditing, Vol. 10 No. 3, pp. 219-41.
Scarbrough, D.P., Rama, D.V. and Raghunandan, K. (1998), “Audit committee composition and
interaction with internal auditing: Canadian evidence”, Accounting Horizons, Vol. 12 No. 1,
pp. 51-62.
Schneider, A. and Wilner, N. (1990), “A test of audit deterrent to financial reporting irregularities
using the randomized response technique”, The Accounting Review, Vol. 65 No. 3,
pp. 668-81.
Scott, W.R. (1987), “The adolescence of institutional theory”, Administrative Science Quarterly,
Vol. 32 No. 4, pp. 493-511.
Swoboda, S.J., Muehlberger, N., Weitkunat, R. and Schneeweiss, S. (1997), “Web-based surveys
by direct mailing: an innovative way of collecting data”, Social Science Computer Review,
Vol. 15 No. 3, pp. 242-55.
Turley, S. and Zaman, M. (2004), “The corporate governance effects of audit committees”, Journal
of Management and Governance, Vol. 8 No. 3, pp. 305-32.
Van Gansberghe, C.N. (2005), Internal Audit: Finding Its Place in Public Finance Management,
The International Bank for Reconstruction and Development, The World Bank,
Washington, DC.
Yun, G.W. and Trumbo, C.W. (2000), “Comparative response to a survey executed by post,
e-mail, and web form”, Journal of Computer Mediated Communication, Vol. 6 No. 1,
pp. 1-25.
Further reading
Couper, M.P., Traugott, M.W. and Lamias, M.J. (2001), “Web survey design and administration”,
Public Opinion Quarterly, Vol. 65 No. 2, pp. 230-53.
CPA Australia (2007), Auditing and Assurance Handbook, Pearson Education, Frenchs Forest.
Gramling, A.A. (1999), “External auditors reliance on work performed by internal auditors: the
influence of fee pressure on this reliance decision”, Auditing: A Journal of Practice and
Theory, Vol. 18, Supplement, pp. 117-35.
Krogstad, J., Ridley, A. and Rittenberg, L. (1999), “Where are we going”, Internal Auditor, Vol. 56
No. 5, pp. 27-33.
Raghunandan, K. and McHugh, J.A. (1994), “Internal audit independence and interaction with
audit committees: challenges of form and substance”, Advances in Accounting, Vol. 12,
pp. 313-33.
Appendix. Survey questions Analysis of the
(1) To whom does the internal audit function report functionally? (Five answering internal audit
categories.)
(2) To whom does the internal audit function report administratively? (Five answering
function
categories.)
(3) What is the hierarchical level of your internal audit function? (Three answering
categories.) 219
(4) Is it common for internal auditors to move to other functions within the company? (Yes,
no, no comments.)
(5) On average, how many years does an internal auditor stay within the internal audit
function? (Five answering categories.)
(6) Who approves the internal audit budget? (Five answering categories.)
(7) The CEO gives input for the internal audit planning. (Five-point answering scale.)
(8) The CFO gives input for the internal audit planning. (Five-point answering scale.)
(9) People within the organisation perceive the internal audit function as their partner.
(Five-point answering scale).
(10) Does your company have an audit committee? (Yes, no.)
(11) How many members are there in the audit committee? (Open question.)
(12) How many of the audit committee members are independent members? (Open question.)
(13) How many of the audit committee members have an accounting background? (Open
question.)
(14) Who is mandated to appoint, dismiss and evaluate the head of the internal audit
function? (Five answering categories.)
(15) Is the CAE regularly invited to the audit committee meetings? (Yes, no.)
(16) The CAE has regular private contacts with the audit committee (Chair/or individual
members). (Five-point answering scale.)
(17) The audit committee gives input to the internal audit planning. (Five-point answering
scale.)
(18) On an annual basis, what percentage of the audit committee’s time is spent on internal
audit topics? (Open question.)