Professional Documents
Culture Documents
Artikel W7 - Internal Auditors' Perceptions of The Function's Ability To Investigate Fraud
Artikel W7 - Internal Auditors' Perceptions of The Function's Ability To Investigate Fraud
www.emeraldinsight.com/0967-5426.htm
JAAR
20,2 Internal auditors’ perceptions
of the function’s ability
to investigate fraud
134 Sourour Hazami-Ammar
Department of Accounting and Taxation,
Received 24 September 2017
Revised 21 March 2018 Institute of The Higher Business Studies (IHEC) of Sfax,
24 June 2018 University of Sfax, Sfax, Tunisia
27 September 2018
Accepted 4 October 2018
Abstract
Purpose – The purpose of this paper is to examine the relation between internal audit function (IAF)
characteristics and organizational variables and IAF’s self-investigation about fraud and irregularities (SIFI)
in the French context.
Design/methodology/approach – This paper uses the responses of 96 chief audit executives (CAEs) to a
global survey of the internal auditing profession carried out by the Institute of Internal Auditors Research
Foundation (IIARF) in 2010. A logistic regression model is used to determine factors influencing IAF’s SIFI.
Findings – The authors’ findings reveal that IAF’s SIFI is positively correlated to independence and
objectivity, the number of activities performed by the function, adoption of a systematic approach to evaluate
the effectiveness of risk management and the size of the company.
Research limitations/implications – This study examines the factors associated only to IAF’s investigation
rather than assessment of the risk of fraud. It remains for future research to analyze determinants those related to
internal auditors’ approaches when they evaluate the risk of fraud.
Practical implications – The findings have implications for CAEs who wish to improve the IAF’s ability to
investigate fraud.
Originality/value – Even if the IIA has stipulated since 2009 that internal auditors must have knowledge to
evaluate the risk of fraud, no disclosure requirement exists, in France, for IAF or its charter. The areas of research
related to internal audit behavior in relation to fraud concern fraud risk investigation of financial fraud and
management/employee misconduct.
Keywords Investigation, Internal control, Internal auditor
Paper type Research paper
1. Introduction
The advent of large-scale scandals in the world has resulted in a loss of confidence among
investors in the business world, a questioning of the reliability of financial information and
especially the disappearance of Anderson. Three main shortcomings were reconciled to the
conduct of Anderson being an external auditor of Worldcom (Ratdavone et al., 2012). First,
the potential for fraud on the part of managers has been poorly assessed. In addition, strong
reliance was given to the managers’ “statements” without corroborating the information
obtained. Finally, the auditors did not take into account the fact that managers had been
able to manipulate the figures to eliminate unexplained variations in the financial
statements. Whereas Caplan (1999) conducted research in order to examine the external
auditor’s decision to investigate for fraud, the purpose of our paper is to analyze internal
auditors’ decision. The increasing complexity of organizations means that the function of
financial auditing is no longer limited to an external mission but rather a complex process
integrating the work of internal audit services. The expansion and multiplication of fraud
types motivate us to consider internal auditors’ ultimate determinants to investigate for
Journal of Applied Accounting
Research
fraud, even if we are conscious that the exact motive leading to fraud will not be known by
Vol. 20 No. 2, 2019
pp. 134-153
© Emerald Publishing Limited The author is grateful to the IIARF for access to the CBOK 2010 database. She also thanks the
0967-5426
DOI 10.1108/JAAR-09-2017-0098 anonymous reviewers for their careful reading and the relevance of their remarks.
internal auditors since they are required to identify opportunities for fraud and to The function’s
understand fraud schemes and scenarios, as well as be aware of the signs that point to fraud ability to
and knowing how to prevent it (IIA, 2009; Wilks and Zimbelman, 2004). It is important to investigate
study the relation between internal audit function (IAF) characteristics and organizational
variables and internal audit’s self-investigation about fraud and irregularities (SIFI) because fraud
knowledge about this relation helps companies to perform better regarding fraud detection
and to maintain an effective control system (Figure 1). 135
Fraud prevention consists of all the procedures that aim to prevent fraud and limit the
exposure to fraud when it occurs, such as controls related to the selection of customers and
providers. Fraud detection includes measures to discover that fraud or misconduct is ongoing
or has occurred. The preventive and detective procedures provided for in the context of
internal control must be flexible and up-to-date to respond to changes in the risk environment.
Internal audit’s SIFI aims to investigate fraud risks which are not prevented by preventive
procedures, nor discovered by detective procedures. For example, misappropriation of funds
or property followed by falsification of accounts to conceal this act may make it more difficult
to detect and investigation is necessary. In this case, despite monitoring, some residual friction
in the form of residual agency costs may exist ( Jensen and Meckling, 1976) and its
investigation lies with the internal auditor. If the fraud under investigation actually exists,
then the necessary measures must be taken by the internal auditor to update the detection and
prevention procedures. IAF’s SIFI improves the efficiency of the internal control system,
which, in turn, protects the company against the risk of fraud. The purpose of our paper is to
examine the relation between IAF’s characteristics and organizational variables and internal
audit’s SIFI. We attach importance to this task for several reasons. First, the investigation of
fraud represents judgments and the internal auditors may be exposed to the pressure exerted
on them by management, since internal auditors must estimate if management is carrying out
fraud. It should be noted that the management is responsible for the evaluation and promotion
of internal auditors and the temptation of the latter to soften the management can compromise
their independence. Second, knowledge about this relation helps companies to perform better
regarding fraud detection. Since managers can easily access to confidential information, they
are able to modify preventive and/or detective procedures and display more damage to the
organization than lower-level staff members. Third, knowing the most important factors
which are significantly related to the IAF’s SIFI is also important for external auditors who
remain unable to investigate fraud and irregularities and have been involved in expensive
litigations. The objective of this work is to address why and how IAF investigates the risk of
fraud and irregularities. We analyzed the responses of 96 chief audit executive (CAE) to
questions specifically designed to evaluate the background of the investigation decision. This
sample was based on the 2010 global survey of the internal auditing profession that the
Institute of Internal Auditors Research Foundation (IIARF) carried out. Only the respondents
who have CAE positions have been retained out of a total of 301 internal auditors with a
Update of preventive
procedures
Risk of fraud
Risk of fraud Risk of fraud
Preventive Detective
IAF’s SIFI Figure 1.
procedures procedures
Waste – abuse Red – flags IAF’S SIFI
Waste – abuse maintains an effective
control system
Source: Adapted from IIA (2009)
JAAR percentage of 32 percent. CAEs make decisions and are leaders of their IAF. Our research
20,2 examines the relationship between IAF’s SIFI and various characteristics of both IAF and
organization, taken from the literature. IAF characteristics include both independence and
objectivity and the number of activities performed by the respondent. Organizational
characteristics incorporate the existence of an internal control report, sound risk management
assurance and if IAF adopts a particular approach to assess the risk of fraud. Several studies
136 relating to IAF roles have been conducted and include two different areas: consulting to
management, i.e. performance of quality, health, safety and environmental audits and
monitoring roles involved in corporate governance, i.e. risk assessment, control assurance and
compliance work (Gramling et al., 2004). IAF’s role related to the risk of fraud investigation,
part of its monitoring role, has not been studied. We are conscious that the role of the internal
audit activity in fraud investigation must be defined in the internal audit charter but we have
not been able to verify such inclusion in the internal audit charts of our respondents. We can
justify this by the fact that no disclosure requirements exist in France for IAF or its charter
(Soh and Bennie, 2011). Our results indicate that the independence and objectivity variable is
significant and positively associated with the IAF’s SIFI. The number of activities executed by
the IAF is positively related to the predisposition to investigate for fraud and irregularities.
Our results attest also that the IAF’s adoption of a systematic approach to evaluate the
effectiveness of risk management promote sits predisposition to investigate. Finally, the size
of the company is negatively correlated with IAF’s SIFI. The remainder of this paper is
structured as follows: Section 2 envisages a synthetic discussion of literature and regulations
related to fraud risk investigation. It also provides the development of hypotheses. Section 3
presents the methodology adopted, comprising the model specification and source of data.
Section 4 supplies the statistical analysis and discussion of study results. Section 5 contains
the conclusion and synthesis of the research with propositions for future research.
3. Methodology
3.1 Model specification
We created a logistic regression model to investigate the association between the IAF’s SIFI
and both IAF and organization’s characteristics. The model above serves to underline the
relationship between the dependent and independent variables for testing purposes:
I NV ESTI GATI ON ¼ b0 þb1 IND&OBJECT index þb2 ACTI V I TI ES
þb3 ORGAN I Z ATI ON I C þb4 ASSU RAN CE
þb5 RI SKM AN AGEM EN T þb6 Y EAREX þb7 SI Z E þe;
where the dependent variable (INVESTIGATION) is related to the IAF’s SIFI. The
dependent variable and independent ones are described in Table I. We assume that the
JAAR Independent
H3 H4 H5
YEAREX SIZE
Figure 2.
Hypotheses
Control variable Control variable
of research
number of years the IAF has existed, as a first control variable, can estimate the IAF’s
experience in accounting and auditing, and a positive association is argued between
YEAREX and IAF’s SIFI. We also suggest that there may be a positive association between
the size of the organization (SIZE), as a second control variable, and the IAF’s SIFI. We
perform analysis at two levels. At the beginning, we take into account all the answers apart
from the business sector of the company. The results of logistic regression will be used to
test our research hypotheses. Second, the significant differences due to the nature of the
industry will be highlighted in order to test the robustness of our research model.
In this panel, we are collecting the respondents according to whether they are
investigating the risk of fraud depending on the sector of activity of the company to which
they belong. We have respected the identification of 23 industries as defined by the Common
Body of Knowledge (CBOK) study. Table II only has 18 industries as indicated in the
database. It is obvious that approximately 31.25 percent of survey respondents do not
investigate fraud and irregularities. This percentage is not far from the world average, since
it is around 28 percent (Selim et al., 2014). Like D’onza et al. (2015), we decide to associate
these industries into two groups: financial services comprising banks, insurance companies
and other financial services, and non-financial services, including the rest of the industries.
The results are shown in Table III.
This table shows that, in the financial sector, the regulatory and institutional
framework and the supervisory role exercised by the competent authorities reinforce the
IAF’s predisposition to investigate fraud and promote the development of this function.
The same result was found in the 2006 global CBOK study (Burnaby and Hass, 2009). In
non-financial sectors, even if this finding is less evident, it is obvious that when
regulations evolve and corporate governance issues become more acute, internal auditors’
perceptions about their investigation of fraud shows that organizations and their boards
increasingly recognize the impotence of their intervention (Burnaby and Hass, 2009).
We want to know if these percentages of absence of investigations can be explained by
both IAF’s and organizations’ characteristics. It is important to clarify what the dependent
variable really captures. The key dependent variable IAF’s SIFI is a dummy based on
the answer of respondents to the question whether “Your IA activity investigates fraud
Variable Definition Measurement
The function’s
ability to
Dependent investigate
INVESTIGATION IAF’s SIFI A Binary variable with value ¼ 1 if respondents choose the
response “today” to the statement “your IA activity fraud
investigates fraud and irregularities”; ¼ 0 otherwise
Independent 141
IND&OBJECT index Independence and
A Composite score measuring independence and objectivity
objectivity and ranging between 0 and 3, with 0 indicating lowest
independence and 3 indicating highest independence, the
scores are formed by aggregating the composite score
obtained from following three broad constructs: 1
independence and objectivity (respondents were asked to
use a 1–5 scale, strongly disagree to strongly agree, to
indicate their agreement with the statement “your
internal audit activity is an independent objective
assurance and consulting activity”); 2 accessibility to
audit committee (a binary variable with value ¼ 1 if
respondents choose the response “Yes” to the question
“Do you have appropriate access to the audit committee?”
and 0 otherwise); and 3 administrative reporting
(a variable with value ¼ 1 if IAF provides administrative
reporting to the audit committee, (2) if it reports to the
CEO and (3) if not
ACTIVITIES Number of activities A Variable which assumes a value from 1 to 24.
Respondents were asked to select the activities they
performed in 2010 from a list of 24 activities
ORGANIZATIONIC Organization report A Variable with value ¼ 1 if organization provides a report
on internal control on internal control in its annual report, and (0) otherwise
ASSURANCE Assurance of the A Variable with value ¼ 1 if internal audit activity
internal control performance is measured by the assurance of sound risk
system management/internal control, and (0) otherwise
RISKMANAGEMENT Effectiveness of risk A Variable which assumes a value from 1 to 5. Respondents
management indicate their agreement with the statement “your
internal audit activity brings a systematic approach to
evaluate the effectiveness of risk management”
YEAREX Number of years the A Variable which assumes a value from 1 to 3. We use 1
IAF has existed if IAF’s existence is 10 years or less; 2 ¼ 11–50; 3 ¼
more than 51 years
SIZE Size of the A Variable which assumes a value from 1 to 4. We use 1 if
organization the value of the total assets (in US$) is 500m or less; Table I.
2 ¼ 501m–5bn; 3 ¼ 6–25bn; 4 ¼ over 25bn Description of
ε Error term the variables
and irregularities.” CBOK deliberately integrates this question. When this body did not
specify the requirement (Board, audit committee, lenders or specific regulations applied to
the firm) of the investigation, it is aimed at self-investigation. We assume, conforming to
CBOK, that this question is related to a self-investigation to study the opportunity of fraud
(IFACI, 2000) and justified by the existence of red flags especially in cash management,
unusual activity of a supplier and the lifestyle of employees. The internal auditor
carries out the self-investigation of the risk of fraud with a view to ensure the existence or
non-existence of the fraud. The risk of fraud is defined by audit standards as “the
probability that an event or action will have a negative impact on the company” (Standard
410.01.1b). An Internal Auditor’s Guide to Detect and Prevent Fraud says “Internal
auditors are required to review the risks of fraud as part of each engagement. This is an
JAAR Fraud
20,2 Number of Percent of investigation
Industry classification firms firms Yes No
Fraud investigation
Financial/non-financial classification Number of firms Percent of firms Yes No
integral part of the Standards, but the auditors do not apply this rule very effectively”
(Araj, 2015). The elements discovered as a result of the self-investigation will be
transmitted verbally or through a written report and will motivate the conduct of an
investigation required by the parties named above.
4. Results
In this section, we present an overview of statistics for variables used in the above model.
Tables IV and V in particular indicate the association between the dependent variable, the
IAF’s SIFI, and independent variables. As indicated, 68 percent of the survey respondents
declare that their internal auditing activities investigate fraud and irregularities.
The second and third columns of Tables IV and V show an overview of explanatory and
control variables in terms of the IAF’s SIFI. The last two columns provide statistical tests results
as well as their degree of bilateral significance for the differences between each
INVESTIGATION variable. We have highlighted all the significant differences. The first
independent variable, the independence and objectivity (IND&OBJECT index), is significant
according to Table IV. This result is based on the fact that the difference between the
IND&OBJECT index of 4.61 (under “Yes” to “INVESTIGATION”) and 2.81 (under “No” to
“INVESTIGATION”) is significant from a statistical point of view ( po0.05). The decision to
investigate fraud and irregularities is therefore linked to the independence and objectivity of the
IAF. Internal auditors should not be biased in the exercise of their activities and engagements.
IND&OBJECT index 0–3 mean (number of cases) 2.30 (66) 1.78 (30) t ¼ 3.118 o 0.05
ACTIVITIES: min ¼ 2, max ¼ 18 mean (number of cases) 10.27 (66) 7.34 (30) t ¼ − 2.93 o 0.05 Table IV.
RISKMANAGEMENT scale 1–5 (disagree to agree) mean 4.05 (66) 3.44 (30) t ¼ − 3.340 o 0.01 Results of
(number of cases) univariate analysis (1)
JAAR IAF fraud investigation
20,2 Variable Yes (68.75%) No (31.25%) Statistic Significance
ORGANIZATIONIC
No report 18 (51.4%) 17 (48.6%)
Report on internal control 46 (75.4%) 15 (24.6%) χ2 ¼ 5.756 o 0.01
144 ASSURANCE
No assurance 50 (78%) 14 (22%) χ2 ¼ 5.689 o 0.01
Assurance 14 (93.3%) 1 (6.7%)
YEAREX
10 years or less 6 (40%) 9 (60%) χ2 ¼ 7.355 o 0.05
From 11 to 50 44 (76%) 14 (24%)
More than 51 years 14 (61%) 9 (39%)
SIZE
500m or less 6 (60%) 4 (40%) χ2 ¼ 9.353 o 0.05
Table V. 500m–5bn 20 (57.1%) 15 (42.9%)
Results of univariate 6–25bn 32 (84.2%) 6 (15.8%)
analysis (2) Over 25bn 6 (46.1%) 7 (53.9%)
The variable IND&OBJECT index’ measure is three inter-related parameters at the same time:
the perception of independence of the internal auditor, his/her access to the audit committee and
his/her functional reporting. Significance then concerns these three parameters.
Concerning the number of performed activities (ACTIVITIES), it is interesting to note that
the means of “Yes” to “IA activity investigates fraud and irregularities” is higher than that of
“No” to “IA activity investigates fraud and irregularities.” This result shows that when a higher
number of activities is executed, this gives rise to the perception that IAF is investigating fraud
and irregularities. This result only concerns the activities cited by CBOK.
Also, Table IV shows that the variable associated with the role played by IAF in the
evaluation of the effectiveness of risk management “RISKMANAGEMENT” is significant
( p o0.01). This means that the difference between the RISKMANAGEMENT of 4.05 (under
Yes to “INVESTIGATION”) is higher than that of “No” to “INVESTIGATION.” The idea
that the IAF has been further engaged in assessing the risk management process as one that
is linked to the investigation of fraud and irregularities is supported.
The remaining explanatory variables are significant ( po0.01). With respect to the variable
associated with ORGANIZATIONIC, it is interesting to note that 46 of 64 respondents
investigating fraud and irregularities (i.e. 75 percent) declare that the organization provides a
report on internal control in its annual report. This result indicates that when a report on
internal control is carried out by management, the implication of internal auditors in
investigation of fraud and irregularities is higher, leading to the generation of strong internal
control. Regarding the variable ASSURANCE, the result is impressive. Indeed, 50 of 64 internal
auditors who investigate fraud and irregularities (i.e. 78 percent) assume that internal audit
activity performance is not measured by the assurance of sound risk management/internal
control. This supports the view that as the performance of internal audit activity is
measured by the assurance of internal control, IAF’s implication in investigation of fraud and
irregularities is lower. The control variables, the number of years the IAF has existed
(YEAREX) and the size of organization (SIZE) are significant ( po0.05). When the experience
of IAF in terms of number of years is higher, the perception of investigating fraud and
irregularities is rather positive. So when the size of the organization increases, awareness of the
IAF regarding the likelihood of fraud and irregularities increases, thus increasing investigation
efforts. We report in Table VI the Pearson correlation matrix of independent variables.
IND&OBJECT index ACTIVITIES ORGANIZATIONIC ASSURANCE RISKMANAGEMENT YEAREX SIZE
145
ability to
The function’s
Table VI.
matrix of
Pearson correlation
independent variables
JAAR According to this table, four significant correlations exist between explanatory variables. The
20,2 highest correlation is between independence and objectivity (IND&OBJECT index) and
organization report on internal control (ORGANIZATIONIC) with a coefficient of 0.382. Our
model does not pose a problem of multicollinearity since, as reported in Table VII, all VIF
coefficients are under the level of 5.
Notes
1. More than 2/3 of French companies have been victims of fraud in the last 24 months.
2. Foreign Corrupt Practices Act (FCPA) is a US federal law of 1977 to combat corruption, which
punishes bribes or similar activities.
References
Abbott, L.J., Parker, S., Peters, G.F. and Rama, D.V. (2007), “Corporate governance, audit quality, and
the Sarbanes Oxley Act: evidence from internal audit outsourcing”, The Accounting Review,
Vol. 82 No. 4, pp. 803-835.
AICPA (2002), Consideration of Fraud in A Financial Statement Audit, Statement on Auditing
Standards No. 82, AICPA, New York, NY.
AICPA (2005), “Management override of internal controls the Achilles’ hell of fraud prevention”.
Allegrini, M. and D’onza, G. (2003), “Internal auditing and risk assessment in large Italian companies:
an empirical survey”, International Journal of Auditing, Vol. 7 No. 3, pp. 191-208.
Araj, F.G. (2015), “Faire face au risque de fraude, exploration du rôle de l’audit interne”, CBOK, The IIA
research Foundation, pp. 1-27.
Balkaran, L. (2007), “A solid reporting line”, Internal Auditor, Vol. 64 No. 2, p. 35.
Brazel, J.F., Jones, K.J. and Zimbelman, M.F. (2009), “Using nonfinancial measures to assess fraud risk”,
Journal of Accounting Research, Vol. 47 No. 5, pp. 1135-1166.
Brody, R.G. and Lowe, J.D. (2000), “The new role of the internal auditor: implications for internal
auditor objectivity”, International Journal of Auditing, Vol. 4 No. 2, pp. 169-176.
Burnaby, P and Hass, S (2009), “Ten steps to enterprise-wide risk management”, Corporate
Governance: The International Journal of Business in Society, Vol. 9 No. 5, pp. 539-550.
Caplan, D. (1999), “Internal controls and the detection of management fraud”, Journal of Accounting
Research, Vol. 37 No. 1, pp. 101-117.
Carcello, J.V. and Nagy, A.L. (2002), “Auditor industry specialization and fraudulent financial
reporting”, working paper, University of Tennessee.
Chadwick, W.E. (2000), “Keeping internal auditing in-house”, Internal Auditor, Vol. 57 No. 3, p. 88. The function’s
Chambers, A.D. and Odar, M. (2015), “A new vision for internal audit”, Managerial Auditing Journal, ability to
Vol. 30 No. 1, pp. 34-55. investigate
Christopher, J., Sarens, G. and Leung, P. (2009), “A critical analysis of the independence of the internal fraud
audit function: evidence from Australia”, Accounting, Auditing & Accountability Journal, Vol. 22
No. 2, pp. 200-220.
Cohen, J., Krishnamoorthy, G. and Wright, A.M. (2002), “Corporate governance and the audit process”, 151
Contemporary Accounting Research, Vol. 19 No. 4, pp. 573-594.
Cohen, J.R., Milici Gaynor, L., Krishnamoorthy, G. and Wright, M.A. (2011), “The impact on auditor
judgments of CEO influence on audit committee independence”, Auditing: A Journal of Practice
& Theory, Vol. 30 No. 4, pp. 129-147.
COSO (2012), “Internal control–integrated framework”, Exposure Draft, Committee of Sponsoring
Organizations of the Treadway Commission, September, pp. 1-178, available at:
https://ce.jalisco.gob.mx/sites/ce.jalisco.gob.mx/files/coso_mejoras_al_control_interno.pd
COSO II (2005), Le management des risques de L’Entreprise, cadre de référence – Technique
d’application, Committee of Sponsoring Organizations, Eyrolles., Ed. d’Organisation, Paris,
Committee of Sponsoring Organizations.
Coram, P., Ferguson, C. and Moroney, R. (2008), “Internal audit, alternative internal audit structures
and the level of misappropriation of assets fraud”, Accounting and Finance, Vol. 48 No. 4,
pp. 543-559.
D’Onza, G., Selim, G.M., Melville, R. and Allegrini, M. (2015), “A study on internal auditor perceptions of
the function’s ability to add value”, International Journal of Auditing, Vol. 19 No. 3, pp. 182-194.
Deloitte (2016), “Internal audit insights’, high impact areas of focus, 2016-2017”.
DeZoort, F.T. (1997), “An investigation of audit committees’ oversight responsibilities”, Abacus, Vol. 33
No. 2, pp. 208-228.
Ege, M.S. (2015), “Does internal audit function quality deter management misconduct?”, the Accounting
Review, Vol. 90 No. 2, pp. 495-527.
Erickson, M., Mayhew, B.W. and Felix, W.L. Jr (2000), “Why do audits fail? Evidence from Lincoln
savings and loan”, Journal of Accounting Research, Vol. 38 No. 1, pp. 165-194.
Eutsler, J., Nickell, E.B. and Robb, S.W.G. (2016), “Fraud risk awareness and the likelihood of audit
enforcement action”, Accounting Horizons, Vol. 30 No. 3, pp. 379-392.
Goodwin-Stewart, J. and Kent, P. (2006), “Relation between external audit fees, audit committee
characteristics and internal audit”, Accounting and Finance, Vol. 46 No. 3, pp. 387-404.
Gramling, A.A., Maletta, M.J., Schneider, A. and Church, B.K. (2004), “The role of the internal audit
function in corporate governance: a synthesis of the extant internal auditing and directions for
future research”, Journal of Accounting Literature, Vol. 23, pp. 194-244, 51pp.
Hazami-Ammar, S. (2018), “La contribution de l’auditeur interne à l’Enterprise Risk Management:
résultats d’une étude exploratoire”, Recherches en Sciences de Gestion, No. 127, pp. 109-133.
Hermanson, D.R., Ivancevich, D.M. and Ivancevich, S.H. (2008), “Building an effective internal audit
function: learning from SOX section 404 Reports”, Review of Business, Vol. 28 No. 2, pp. 13-28.
IFACI (2000), “Le rôle de l’auditeur interne dans la prévention de la fraude : Prise de position de
l’ECIIA”, pp. 1-53.
IIA (2009), “Internal auditing and fraud”, IPPF – Practice Guide, December, pp. 1-42, available at:
http://www.kcgaudit.co.uk/wp-content/uploads/2016/01/internal_auditing_and_fraud.pdf
IIA (2012), “International standards for the professional practice of internal auditing”,
Altamonte Spring, FL, pp. 1-26, available at: https://na.theiia.org/standards-guidance/Public%
20Documents/IPPF%202013%20English.pdf
Jensen, M. and Meckling, W. (1976), “Theory of the firm: managerial behavior, agency cost and
ownership structure”, Journal of Financial Economics, Vol. 3 No. 4, pp. 305-360.
JAAR Kaplan, S.E. and Schultz, J. (2007), “Intentions to report questionable acts: an examination of the
20,2 influence of anonymous reporting channel, internal audit quality and setting”, Journal of
Business Ethics, Vol. 71 No. 2, pp. 109-124.
Klibi, M.F. (2015), “Contribution to the understanding of audit committees’ effectiveness: exploratory
study in the Tunisian context”, International Management, Vol. 19, numéro spécial, pp. 219-234.
Kruglanski, A. (1980), “Lay epistemology process and contents”, Psychological Review, Vol. 87 No. 1,
152 pp. 70-87.
Kunda, Z. (1990), “The case for motivated reasoning”, Psychological Bulletin, Vol. 108 No. 3, pp. 480-498.
Loebbecke, J.K., Eining, M.M. and Willingham, J.J. (1989), “Auditors’ experience with material
irregularities: frequency, nature, and detectability”, Auditing, A Journal of Practice & Theory,
Vol. 9 No. 1, pp. 1-28.
McHugh, J. and Raghunandan, K. (1994), “Hiring and firing the chief internal auditor”, Internal Auditor,
Vol. 51 No. 4, pp. 34-40.
Mihret, D.G. and Yismaw, A.W. (2007), “Internal audit effectiveness: an Ethiopian public sector case
study”, Managerial Auditing Journal, Vol. 22 No. 5, pp. 470-484.
Mutchler, J., Chang, S. and Prawitt, D. (2001), Independence and Objectivity: A Framework for Internal
Auditors, IIARF, Altamonte Springs, FL.
Neter, J., Wasserman, W. and Kutner, M.H. (1990), Applied Linear Statistical Models, Irwin, Burr Ridge,
IL, p. 1181.
Piot, C. and Kermiche, L. (2009), “A quoi servent les comités d’audit”, Comptabilité Contrôle Audit,
Tome, Vol. 15 No. 3, pp. 9-54.
PWC (2016), “La fraude explose en France”, Global Economic Crime Survey, pp. 1-36.
Ratdavone, K., Gendron, Y. and Malsch, B. (2012), “Affaire Worldcom : Incompétence des auditeurs ou
manquement à leur obligation d’indépendance”, International Journal of Case Studies in
Management, Vol. 10 No. 4.
Rezaee, Z. (2002), Financial Statement Fraud: Prevention and Detection, John Wiley & Sons, Inc., pp. 16-17.
Salierno, D. (2007), “Managing change”, The Internal Auditor, Vol. 64 No. 1, pp. 51-54.
Sarens, G. and De Beelde, I. (2006), “Internal auditors’ perception about their role in risk management:
a comparison between US and Belgian companies”, Managerial Auditing Journal, Vol. 21 No. 1,
pp. 63-80.
Scarbrough, D.P., Rama, D.V. and Raghunandan, K. (1998), “Audit committee composition and interaction
with internal auditing: a Canadian evidence”, Accounting Horizons, Vol. 12 No. 1, pp. 51-62.
SEC (2003), “Comments on proposed rule: standards relating to listed company audit committees”.
Selim, G., Melville, R., D’Onza, G., Pelligrini, M. and Kotoupis, A. (2014), Internal Audit Around the
World: A Perspective on Global Regions, IIARF, FL, Research Report, available at: www.theiia.
org/research
Smith, J.F. and Kida, T. (1991), “Heuristics and Biases: expertise and task realism in auditing”,
Psychological Bulletin, Vol. 109 No. 3, pp. 472-489.
Soh, D.S.B. and Bennie, N.M. (2011), “The internal audit function: perceptions of internal audit roles,
effectiveness, and evaluation”, Managerial Auditing Journal, Vol. 26 No. 7, pp. 605-622.
Spira, L.F. and Page, M. (2003), “Risk management: the reinvention of internal control and the changing
role of internal audit”, Accounting, Auditing & Accountability Journal, Vol. 4 No. 16, pp. 640-661.
Vijayakumar, A. and Nagaraja, N. (2012), “Internal control systems: effectiveness of internal audit in
risk management at public sector enterprises”, BVIMR Management Edge, Vol. 1, pp. 1-8.
Wallace, W.A. (1984), “Enhancing your relationship with internal auditors”, The CPA Journal, Vol. 54
No. 12, p. 47.
Whittington, O.R. and Winters, A.J. (1990), “Considering the work of an internal auditor”, The CPA
Journal, Vol. 60 No. 4, p. 28.
Wilks, T.J. and Zimbelman, M.F. (2004), “Decomposition of fraud assessments and auditors’ sensitivity The function’s
to fraud cues”, Contemporary Accounting Research, Vol. 21 No. 3, pp. 719-745. ability to
Zain, M.M., Subramaniam, N. and Stewart, J. (2006), “Internal auditors’ assessment of their contribution investigate
to financial statement audits: the relation with audit committee and internal audit function
characteristics”, International Journal of Auditing, Vol. 10 No. 1, pp. 1-18. fraud
About the author
Sourour Hazami-Ammar is Assistant Professor of Accounting and Corporate Governance at The 153
Institute of The Higher Business Studies (IHEC) of Sfax, University of Sfax (TUNISA). She holds a PhD
in Management Sciences from the IAE of Poitiers (FRANCE) and the Habilitation to Research.
Hazami-Ammar is particularly interested in topics related to the field of external auditor’s competence,
external audit fees, reporting on internal control and role of the internal auditor in risk management.
Sourour Hazami-Ammar can be contacted at: ammar_sourour@yahoo.fr
For instructions on how to order reprints of this article, please visit our website:
www.emeraldgrouppublishing.com/licensing/reprints.htm
Or contact us for further details: permissions@emeraldinsight.com