An Evidential Reasoning Approach to Sarbanes-Oxley Mandated Internal Control Risk Assessment

This is the peer reviewed version of the following article: Mock, T., L. Sun, R. P. Srivastava, and M. Vasarhelyi. " An Evidential Reasoning Approach to Sarbanes-Oxley Mandated Internal Control Risk Assessment under Dempster-Shafer Theory", 2009, ABACUS, Vol. 45, No. 1, pp. 66-87. , which has been published in final form at http://doi.org/10.1016/j.accinf.2008.10.003. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.In response to the enactment of the Sarbanes-Oxley Act 2002 and of the release of the Public Company Accounting Oversight Board (PCAOB) Auditing Standard No. 5, this study develops a risk-based evidential reasoning approach for assessing the effectiveness of internal controls over financial reporting (ICoFR). This approach provides a structured methodology for assessing the effectiveness of ICoFR by considering relevant factors and their interrelationships. The Dempster-Shafer theory of belief functions is utilized for representing risk. First, we develop a generic ICoFR assessment model based upon a Big 4 audit firm’s approach and apply it to a real-world example. Then, based on this model, we develop a quantitative representation of various levels of ICoFR effectiveness and related risk-assessment as defined by the PCAOB and contrast these representations with levels implied by Auditing Standard No. 5. In doing so, we demonstrate the potential value of formal risk assessment models in both facilitating the assessment of risks in an individual engagement and in assessing the effects of different regulations

PENGENDALIAN INTERN DAN PEMBERIAN KREDIT USAHA: ANALISIS PERANAN DAN EFEKTIFITAS SISTEM

Abstract. Necessary strategic efforts in maintaining the wheels of business that is being run, one business that can be done is to maximize the internal control of the company. Control can be done by this company depends on the type of company, whether for service, commercial or manufacturing. The purpose of this study was to determine the extent of control internal role undertaken by the company in providing business loans to prospective clients effectively and in accordance with a predetermined system. The research methodology used is a descriptive qualitative analysis that provides clear explanations in accordance with the empirical conditions that occur in the field. As for the location of the research in this study is one of the companies engaged in the provision of credit services, using interview techniques, observe, and processing of secondary data derived from the company. The conclusion of the research is that by using a good internal control system in each agency or fields at various levels of management will maximize the performance of the management, particularly in the areas of lending, loans provided are allowed to be provided effectively to customers whom really needs. Recommendations from this study are specifically for the business unit where research was conducted in order to maximize the use of technology-based systems that have / computerization and provide training to the user/users of computerized systems so they can be used more leverage than it already obtained.Keywords: Internal Control; Enterprise Lending; Effectiveness System.Abstrak. Upaya strategis yang diperlukan dalam menjaga roda bisnis yang sedang dijalankan, salah satu bisnis yang bisa dilakukan adalah memaksimalkan pengendalian internal perusahaan. Pengendalian yang bisa dilakukan oleh perusahaan ini tergantung dari jenis perusahaan, baik untuk jasa, komersial maupun manufaktur. Tujuan dari penelitian ini adalah untuk mengetahui sejauh mana kontrol peran intenal yang dilakukan oleh perusahaan dalam memberikan pinjaman usaha kepada calon nasabah secara efektif dan sesuai dengan sistem yang telah ditentukan. Metodologi penelitian yang digunakan adalah analisis kualitatif deskriptif yang memberikan penjelasan yang jelas sesuai dengan kondisi empiris yang terjadi di lapangan. Sedangkan untuk lokasi penelitian dalam penelitian ini adalah salah satu perusahaan yang bergerak dalam penyediaan layanan kredit, dengan menggunakan teknik wawancara, observsi dan pengolahan data sekunder yang berasal dari perusahaan. Kesimpulan penelitian yaitu dengan menggunakan sistem pengendalian internal yang baik di setiap instansi atau bidang pada berbagai tingkat manajemen akan memaksimalkan kinerja manajemen, terutama di bidang pinjaman, pinjaman yang diberikan diberikan secara efektif kepada nasabah yang benar-benar membutuhkan. Rekomendasi penelitian yaitu khusus untuk unit bisnis dimana penelitian dilakukan untuk memaksimalkan penggunaan sistem berbasis teknologi yang memiliki / komputerisasi dan memberikan pelatihan kepada pengguna / pengguna sistem komputerisasi sehingga bisa dimanfaatkan lebih maksimal daripada yang sudah ada. diperoleh.Kata Kunci: Pengendalian Internal; Pemberian Pinjaman Perusahaan; Sistem Efektivitas

An Introduction to Evidential Reasoning for Decision Making under Uncertainty: Bayesian and Belief Functions Perspectives

The main purpose of this article is to introduce the evidential reasoning approach, a research methodology, for decision making under uncertainty. Bayesian framework and Dempster-Shafer theory of belief functions are used to model uncertainties in the decision problem. We first introduce the basics of the DS theory and then discuss the evidential reasoning approach and related concepts. Next, we demonstrate how specific decision models can be developed from the basic evidential diagrams under the two frameworks. It is interesting to note that it is quite efficient to develop Bayesian models of the decision problems using the evidential reasoning approach compared to using the ladder diagram approach as used in the auditing literature. In addition, we compare the decision models developed in this paper with similar models developed in the literature

Establishing an effective internal control system for fraud prevention: a structured literature review / Nor Hafizah Abdul Rahman ... [et al.]

This study presents a structured literature review of an effective internal control system. The purpose of this study is to explore and review articles in the field of internal control effectiveness using the Guthrie, Ricceri and Dumay (2012)’s framework. The literature indicates that effective internal control can reasonably reduce business risks and prevent occurrence of fraud. This paper reports findings, based on articles on internal control effectiveness published from 2000 to 2018. The review process was conducted in five stages, (1) formulation of research objectives to determine the classifications, boundaries, and definition; (2) the selection of journals; (3) the examination of the title and abstract of selected articles; (4) pilot test and adapted classification and (5) the classification to establish a range of descriptive statistics in order to understand the patterns emerging from the reviewed articles. The finding provide a basis for several aspects of future research of internal control effectiveness in assessing business risks for prevention of fraud

An Evidential Reasoning Approach to Fraud Risk Assessment under Dempster-Shafer Theory: A General Framework

This paper develops a general framework under Dempster-Shafer theory for assessing fraud risk in a financial statement audit by integrating the evidence pertaining to the presence of fraud triangle factors (incentives, attitude and opportunities), and evidence concerning both account-based and evidence-based fraud schemes. This framework extends fraud risk assessment models in prior research in three respects. 1) It integrates fraud schemes, both account schemes through which accounts are manipulated, and evidence schemes through which frauds are concealed, into a single framework. 2) It incorporates prior fraud frequency information obtained from the Accounting and Auditing Enforcement Releases issued by the Securities and Exchange Commission into an evidential network which uses Conditional OR relationships among assertions. 3) The framework provides a structured approach for connecting risk assessment, audit planning, and evaluation of audit results. The paper uses a real fraud case to illustrate the application of the framework

Hile üçgeni faktörlerinin kanaat fonksiyonları ile tayini: Bir Türkiye uygulaması

Bu çalışmanın amacı hile üçgeni faktörlerine ait belirsizliklerin gösterimi için matematik tabanlı bir çerçevenin, denetçilerden tarafından nasıl kullanılacağını göstermektir. Çalışmada Dempster-Shafer teorisi kanaat fonksiyonlarına dayalı olarak kurulmuş bir hile risk değerleme modeli kullanılmıştır. Çalışma yedi bölümden oluşmaktadır. Birinci bölümde hile ve kanaat fonksiyonları konularına kısaca değinilmiştir. İkinci bölümde kanaat fonksiyonlarının genel yapısı özetlenmiştir. Üçüncü bölümde çalışmada kullanılan hile risk değerleme modeli açıklanmıştır. Dördüncü bölümde hile üçgeni faktörleri ile genel denetim riski arasındaki ilişki gösterilmiştir. Beşinci bölümde kanaat fonksiyon tabanlı bir hile risk değerleme modeli, Türkiye’deki bir işletmenin stok ve maliyetler döngüsünün denetiminde kullanılmıştır. Altıncı bölümde yapılan uygulamaların sonuçları tartışılmıştır. Son bölümde çalışmanın genel bir değerlendirmesi yapılmıştır

Establishing an effective internal control system for fraud prevention: a structured literature review / Nor Hafizah Abdul Rahman … [et al.]

This study presents a structured literature review of an effective internal control system. The purpose of this study is to explore and review articles in the field of internal control effectiveness using the Guthrie, Ricceri and Dumay (2012)’s framework. The literature indicates that effective internal control can reasonably reduce business risks and prevent occurrence of fraud. This paper reports findings, based on articles on internal control effectiveness published from 2000 to 2018. The review process was conducted in five stages, (1) formulation of research objectives to determine the classifications, boundaries, and definition; (2) the selection of journals; (3) the examination of the title and abstract of selected articles; (4) pilot test and adapted classification and (5) the classification to establish a range of descriptive statistics in order to understand the patterns emerging from the reviewed articles. The finding provide a basis for several aspects of future research of internal control effectiveness in assessing business risks for prevention of fraud

Kurumsal yönetimin finansal başarısında iç kontrol sisteminin moderatör etkisi

In the literature, there are studies investigating whether the internal control system and corporate governance principles have an effect on financial performance. However, there is no study investigating the moderator effect of the internal control system on the financial success of corporate governance. For this purpose, it was examined in this study whether there was a moderator effect of the internal control system on the financial success of corporate governance. The study was conducted on companies in the Borsa Istanbul (BIST) corporate governance index (XKURY). The effectiveness of the internal control system was determined by the survey method, and then corporate governance effectiveness ranking was obtained with corporate governance rating scores. The moderator effect was investigated by regression analysis using the data obtained. As a result of the analysis, it has been determined that the internal control system has a moderator effect on the financial success of corporate governance. On the other hand, it is concluded that although corporate governance is thought to have a moderator effect on the financial performance of the internal control system, it does not. This result indicates that the efficiency of the internal control system should be increased for the financial success of corporate governance in enterprises. The reasons for this theoretically unexpected result were investigated in the study.Literatürde iç kontrol sistemi ile kurumsal yönetim ilkelerinin finansal performans üzerine etkisinin bulunup bulunmadığına yönelik çalışmalar olduğu görülmektedir. Ancak, her bir faktörün finansal başarısında diğer faktörün moderatör etkisinin olup olmadığına veya hangi faktörün daha güçlü bir moderatör etkiye sahip olduğuna dair bir çalışma mevcut değildir. Bu amaçla çalışmada, önce iç kontrol sisteminin daha sonra kurumsal yönetimin finansal performans üzerine etkisinde hem kurumsal yönetimin hem de iç kontrol sisteminin moderatör etkisinin olup olmadığı incelenmiştir. Araştırma, BİST (XKURY) kurumsal yönetim endeksindeki şirketler üzerinde gerçekleştirilmiştir. Anket yöntemi ile iç kontrol sistemi etkinliği tespit edilmiş daha sonra kurumsal yönetim derecelendirme puanları ile kurumsal yönetim etkinlik sıralaması oluşturulmuştur. Elde edilen veriler kullanılarak, moderatör etki, regresyon analizi ile tespit edilmeye çalışılmıştır. Sonuç olarak şirketlerde iç kontrol sisteminin finansal performansı üzerinde, kurumsal yönetimin moderatör etkisinin olmadığı, kurumsal yönetimin finansal başarısında iç kontrol sisteminin moderatör etkisinin güçlü olduğu sonucuna ulaşılmıştır. Bu sonuç işletmelerde kurumsal yönetimin finansal başarısı için iç kontrol sisteminin etkinliğini artırılmaları gerektiğini ifade etmektedir. Çalışmada teorik olarak beklenmeyen bu sonuçların nedenleri araştırılmıştır

A Summary of Ten Years of PCAOB Research: What Have We Learned

For the past 10 years, the Public Company Accounting Oversight Board (PCAOB) has operated as an independent overseer of public company audits. Over 70 percent of PCAOB studies have been published since 2010, evidencing the increasing relevance of PCAOB-related research in recent years. Our paper reviews the existing literature on the PCAOB\u27s four primary functions – registration, standard-setting, inspections, and enforcement. In particular, we examine PCAOB registration trends and evaluate the effects of PCAOB registration requirements on the issuer audit market, as well as discuss the relative costs and benefits (e.g., auditor behavior changes, improvements in audit quality, auditor perceptions) of the 16 auditing standards the PCAOB passed in its first 10 years of operation. Further, we summarize the literature\u27s findings on the effects of the PCAOB inspection process on various facets of audit quality. Finally, we analyze the research concerning the PCAOB\u27s enforcement actions to determine how markets have responded to sanctions against auditors and audit firms. We contend that understanding and reviewing the effects of the PCAOB\u27s activities are important to future audit research because of the PCAOB\u27s authority over and oversight of the issuer audit profession. We also identify PCAOB-related research areas that have not been fully explored and propose several research questions intended to address these research areas