Research Opportunities in Internal Auditing

https://ecommons.udayton.edu/books/1029/thumbnail.jp

Assessing Internal Audit Quality

Internal audit quality is an issue of great importance to both the internal and external audit professions. PCAOB Auditing Standard No 2 highlights this importance when addressing the reliance that the external auditor can place on the internal audit work product. The study discussed here experimentally tests the influence of the source of the internal audit function on both the internal and external auditors\u27 evaluation of the quality of the internal audit function. To assess the importance of the internal audit function\u27s sourcing arrangement in the internal audit function\u27s quality assessment, the researchers employ a case study approach, modifying a case that has been used in prior research. The researchers find that for three of the four measured internal audit function quality characteristics, there was no difference in the assessment of the internal audit function between internal and external auditors, regardless of whether or not the internal audit function was provided in-house or was outsourced to a CPA firm other than the external auditor\u27s firm

Audit Committee Material Weaknesses in Smaller Reporting Companies

One of the critical elements of internal control over financial reporting is an effectively functioning audit committee. The Sarbanes-Oxley Act of 2002 (SOX) defines an audit committee as committee (or equivalent body) established by and amongst the board of directors of an issuer for the purpose of overseeing the accounting and financial reporting processes of the issuer and audits of the financial statements of the issuer. Recent SOX section 404 filings by smaller reporting companies ( nonaccelerated filers, or registrants with less than $75 million of public float), however, indicate that some small companies still are struggling to develop effective audit committees. Examining the disclosures made by smaller reporting companies and then analyzing the available resources can be useful for small businesses seeking to establish and maintain effective audit committees. The SEC rules public companies to issue an annual report on the company\u27s internal control over financial reporting and to include an auditor\u27s opinion on their effectiveness

The Foreign Corrupt Practices Act: Insights for Internal Auditors

Douglas Faggioli, president and CEO of Nature\u27s Sunshine Products (NSP) made the above remarks as he accepted, on behalf of NSP, a 2004 100 Best Corporate Citizens award from Business Ethics magazine. NSP received the award two years in a row. Less than two years later, NSP would discover a bribery scheme in its Brazil operations that would expose it to Securities and Exchange Commission (SEC) enforcement under the Foreign Corrupt Practices Act (FCPA). Faggioli and the company\u27s CFO, Craig Huff, along with NSP, would be plaintiffs in a class action lawsuit, and the SEC would fine each officer $25,000. In order to register and import more products in Brazil, NSP made undocumented cash payments to Brazilian customs brokers, some of which were ultimately paid to Brazilian customs officials. NSP\u27s Brazilian subsidiary falsified its books and hid the nature of these payments in its filings with the SEC. NSP\u27s internal investigation revealed internal control weaknesses, which likely led to the violations

A Review of Academic Literature on Internal Control Reporting Under SOX

Section 404 of the Sarbanes-Oxley Act of 2002 (SOX) mandates reporting on the effectiveness of internal control over financial reporting (ICFR) by public company management and auditors. Such reporting began for fiscal years ended Nov 15, 2004 for accelerated filers and is scheduled to be fully implemented for non-accelerated filers in mid-2010. Section 404(a) of SOX requires public company management to include an assessment of the effectiveness of the company\u27s ICFR in its annual internal control report, and Section 404(b) requires attestation by the company\u27s auditor. The authors review the literature on internal control reporting under both Sections 302 and 404 in the post-SOX period. The internal control literature has grown substantially since the passage of SOX due to the availability of data regarding ICFR effectiveness that were not previously available. They conducted a literature search through mid-2009 resulting in the inclusion of many published papers and working papers that address ICFR issues covered in our taxonomy

Auditor Independence: A Focus on the SEC Independence Rules

Auditor independence is an important underpinning of the federal securities laws. These laws require that registrants\u27 financial statements filed with the Securities and Exchange Commission (SEC) be audited by independent public accountants. The focus on independence for public company auditors was increased in light of the requirements of the Sarbanes-Oxley Act of 2002 to strengthen auditor independence. These instructional resources provide background information on the current SEC auditor independence rules. After becoming familiar with these rules, you will have the opportunity to complete several case scenarios that address: (1) hypothetical settings that may represent violations of the SEC independence rules, (2) possible actions that an audit committee might take when it determines that the SEC independence rules may have been violated, and (3) possible alternatives to the current SEC independence rules that could achieve the desired public policy goals of objective audits and investor confidence

Internal Auditing\u27s Role in ERM

Internal audit departments have played a variety of roles in their organization\u27s enterprise risk management (ERM) activities since The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its Enterprise Risk Management -- Integrated Framework in Sep 2004. According to the IIA position paper issued in the wake of COSO ERM, The Role of Internal Auditing in Enterprise-wide Risk Management, internal auditors should have a core role in five ERM-related assurance activities: giving assurance on risk management processes, giving assurance that risks are evaluated correctly, evaluating risk management processes, evaluating the reporting of key risks, and reviewing the management of key risks. The perceived current and ideal ERM roles for the internal audit function may vary across organizations. With appropriate planning, communication, and education, internal auditors, management, the board, and external auditors should be ready to work together to achieve the many benefits of ERM

Analysis of Peer Review Reports: A Focus on Deficiencies of the Top 20 Triennially Inspected Firms

This descriptive study analyzes deficiency data disclosed in peer review reports of the AICPA\u27s Center for Public Company Audit Firms Peer Review Program (CPCAF PRP). We analyze the reports of the largest 20 triennially inspected firms that have both a PCAOB inspection report and a CPCAF peer review report. The CPCAF focuses on audits of non-public companies, while the PCAOB focuses on public company audits. Our analysis identifies a number of interesting points. First, about 60 percent of the reports issued by the CPCAF and PCAOB identify at least one deficiency. Second, both CPCAF and PCAOB reports highlight the pervasiveness of insufficient documentation. Third, other common deficiencies in the CPCAF reports relate to incomplete or inaccurate management representation letters, incomplete financial statements and inaccurate audit reports, incomplete performance of analytical procedures, and insufficient review procedures