Critical Perspectives on Accounting 24 (2013) 550–571

Contents lists available at ScienceDirect

Critical Perspectives on Accounting

journal homepage: www.elsevier.com/locate/cpa

Internal auditors’ roles: From watchdogs to helpers and

protectors of the top manager
Mélanie Roussy *
École de comptabilité, Faculté des sciences de l’administration de l’Université Laval, 2325 rue de la Terrasse, Pavillon Palasis-Prince,
bureau 4244, Québec (Québec), G1V 0A6, Canada

A R T I C L E I N F O A B S T R A C T

Article history: The purpose of this paper is to understand the governance roles of internal auditors in
Available online 22 August 2013 public sector organizations. An analysis of 42 in-depth semi-structured interviews
conducted with experienced internal auditors working in public administration in Quebec
Mots clés: indicates that internal auditors perform two key roles: a protector role, further subdivided
Audit interne into two roles, protective shield and keeper of secrets, and a helper role, also subdivided
Gouvernance
into two roles, support of organizational performance and guide. The analysis also shows
Indépendance
that internal auditors have developed a nuanced conception of independence defined as
Nouvelle gestion publique
Secteur public ‘grey independence’ in order to perform their roles. Internal auditors consider that their
primary role is to serve the top manager and the organization and that they must prioritize
Keywords: the top manager at the expense of audit committee members. Therefore, this paper
contributes to the literature on internal auditor independence. Overall, the findings
suggest that internal auditing is not the governance watchdog expected by the regulatory
bodies since this is not the role performed by internal auditors.
ß 2013 Elsevier Ltd. All rights reserved.

Palabras clave:
Auditorı́ainterna
Gobernancia
Independencia
Nueva GestiónPública
Sector Público

Keywords:
Internal audit
Independence
Governance
Public sector
New public management

1. Introduction

As a result of the financial scandals of the early 2000s, the regulatory frameworks of governance and auditing in
North America have undergone major reforms. Current regulations generally recommend sound governance practices
aimed for the most part at providing reassurance to stakeholders (particularly investors and creditors) about the quality

* Tel.: +1 418 656 2131x3829.

E-mail address: melanie.roussy@fsa.ulaval.ca.

1045-2354/$ – see front matter ß 2013 Elsevier Ltd. All rights reserved.
http://dx.doi.org/10.1016/j.cpa.2013.08.004
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 551

of organizational governance. As a result of various reforms in this area, public sector organizations in Canada have been
required to introduce an internal audit function (IAF). The result has not only been a change in the general context
governing internal auditing and other governance watchdogs (such as the audit committee and external auditors). There
has also been a marked increase in the range of duties and responsibilities performed by actors in the field (Rezaee,
2005). Current governance regulations are not designed to regulate the activities of internal auditors (Archambeault
et al., 2008; Holt and DeZoort, 2009; Messier, 2009). As a result, the governance role of internal auditors and their
relations with audit committee members (AC members) remain largely nebulous issues (Beasley et al., 2009; Davies,
2009; Gendron and Bedard, 2006; Mat Zain and Subramaniam, 2007; Sarens et al., 2009b), particularly in the public
sector (Davies, 2009, p. 42).
Although very little is known about the implications of the reform of organizational governance in the private sector, a
vast governance reform of the Quebec public sector designed as part of the state modernization project was launched in
2004, before becoming a reality in 2006. As is often the case with new public management reforms, the spirit of the
governance reform of the Quebec public sector was largely inspired by similar reforms in the private sector.
In recent years, financial scandals have revealed the insufficiency of control systems and the lack of transparency on
the part of certain organizations. In the wake of this situation, new management trends have emerged, including in the
public sector, and internal audit can play a key role in taking these changes into account.
(Auditor General of Quebec, 2005, Vol. 1, Art. 4.02)
Despite being seen as a governance watchdog, the usefulness of internal auditing has yet to be demonstrated, since we
do not know what role the IAF actually performs (Archambeault et al., 2008). Very little is known about the roles performed
by internal auditors and about how internal auditors perform their duties. Public administration in Quebec provides a
useful context for examining the roles performed by internal auditors working in public sector governance since the
Quebec government justified the NPM reform by arguing that the IAF (viewed as a governance watchdog) will ensure
greater transparency in public management and greater accountability among top managers. The plan for the
modernization of the Quebec state is based on the assumption that the IAF is one of the key mechanisms for promoting
‘respect for transparency, ethics and good governance values, the improvement of the quality of the services provided to
citizens and the disciplined, diligent and profitable use of public funds’ (Plan de modernisation de l’État québécois 2004–
2007, section 2.2.4, p. 14). In this document, the Gouvernment of Quebec made the commitment to reinforce internal
auditing in order ‘to guarantee its independence and preserve its credibility’ (Plan de modernisation de l’État québécois,
2004–2007, section 2.2.4, p. 14). The aim of the government was to reassure citizens on the sound management of the state
in the wake of the financial scandals that affected Canada and the United States in the early 2000s. An analysis of the roles
performed by public sector internal auditors will help to improve our understanding of the extent to which the trust
seemingly granted to internal auditing by regulatory bodies and stakeholders is in fact justified. Therefore, by focusing on a
governance reform occurred in the public sector, this paper contributes to this special issue in Public Sector Accountability
and Corporate Governance of Critical Perspectives on Accounting (see Funnell and Wade, 2012; English, 2013; Habersam
et al., 2013; Mutiganda, 2013; Saliterer and Korac, 2013; Vinnari and Nasi, 2013 for other critical papers on this particular
research theme). More specifically, the purpose of the paper is to examine the extent to which the roles performed by
internal auditors are congruent with regulatory expectations by addressing the following question: what roles do internal
auditors play in the public sector, and what are the organizational, professional and individual factors that shape these
roles?
To answer these questions, a field study was conducted in 13 public sector organizations in Quebec. 42 in-depth
interviews were conducted among experienced internal auditors working in these organizations. The interviews were semi-
structured and focused on interviewees’ personal conception of their roles, the activities and assignments they perform as
internal auditors, and the strategies they use to cope with role conflicts.
Based on data analysis using role theory (Katz and Kahn, 1978) and the ‘model of coping with role conflict’ developed
by Hall (1972), it became apparent that a new typology of the roles performed by internal auditors was required. Internal
auditors perform two key roles: a protector role and a helper role. First, internal auditors act as protectors to serve as a
shield protecting the top manager, AC members and managers against possible obstacles or pitfalls. In the event of an
inter-sender role conflict, the protection provided by internal auditors may favor the top manager at the expense of AC
members and managers. The protection provided by internal auditors may also extend to the entire organization in the
event that the organization is threatened by an external body such as the Auditor General of Quebec or by public opinion.
Internal auditors also act as keepers of the secrets of the top manager against AC members and as keepers of the public
secrets of the organization against the oversight body of public administration in Quebec or public opinion. Second,
internal auditors also act as helpers. As helpers, internal auditors support organizational performance and provide
guidance when a new administrative rule is implemented or a new management strategy or measure is adopted by the
organization.
I argue that it is important not to view the IAF as a governance watchdog since the roles performed by internal auditors
within the IAF are not based on a commitment to this principle. This argument is important for understanding internal
auditing in a governance context and is a serious warning for the relevant regulatory bodies: internal auditing is not viewed
as a governance watchdog by internal auditors and, based on the roles performed by IAF professionals, it would appear that
the IAF does not fully perform the governance role expected by regulatory bodies. The analysis also indicates that internal
552 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

auditors have developed a nuanced conception of independence (defined as ‘grey independence’) in order to perform their
roles. Therefore, the paper also sheds light on the issue of internal auditor independence.
Section 2 outlines the theoretical framework, while Section 3 presents the methodology. Section 4 presents the results
and begins with a broad overview of the current legal and normative environment of internal auditing in the Quebec public
sector. Finally, Section 5 discusses the results and concludes the paper.

2. Role theory and role conflict coping strategies

The conceptual framework of this study is based on role theory (Katz and Kahn, 1978) and the ‘model for coping with role
conflict’ (Hall, 1972). In role theory, an individual working in an organization is required to perform a wide range of roles. The
roles performed by an individual may or may not be in conflict. The conceptual basis of this research incorporates the ‘model
of coping with role conflict’ elaborated by Hall (1972) since Hall’s study is generally considered to be a reference in the field
(Wiersma, 1994).

2.1. Role theory

In role theory, a role is treated as a plural concept and the range of roles of the focal person (i.e. role expectations, sent role,
received role and role behavior) is known as the ‘role set’ (Katz and Kahn, 1978, p. 219). An organization is conceived as a
social system based on a core concept – the concept of ‘role set’. The focal person receiving the signals emitted by senders
(the sent role) develops their own perception of the role they are required to perform in order to meet the role expectations
perceived through the sent role (this is the received role). The role sender is the person giving orders in the role set of the
examined focal person. There may be several role senders. A role sender may be the immediate superior or line manager of
the focal person or an organizational interlocutor (without any formal hierarchical links with the focal person). The actions of
the focal person are usually governed by received roles, thus forging their role behavior. The role behavior includes the
actions and behaviors of the focal person performing their role. The role behavior is generally consistent with the received
role, although inconsistencies or conflicts may occur. These roles are shaped by various organizational, personal, and
interpersonal factors (Katz and Kahn, 1978). To this extent, role theory is a contextual theoretical framework. As suggested
by the theoretical model developed by Katz and Kahn (1978), roles are shaped by personal factors such as the number of
years of experience (Harrell et al., 1986; Shenkar and Zeira, 1992), the training of focal persons (Verstegen et al., 2007) and
their moral values (Grover, 1993), and by organizational factors such as the management style of role senders (Byrne and
Pierce, 2007), the size of the organization and the position occupied by the focal person in the organization (Pei and Davis,
1989; Verstegen et al., 2007; Van Peursem, 2005). Since the purpose of this study is to identify and understand the roles
performed by internal auditors within the organization, the focal person is the internal auditor and the context is public
administration in Quebec.
According to Fondas and Stewart (1994, p. 86), there are two main reasons why role theory provides a valid framework for
management research. First, the theoretical framework provided by role theory is a relevant basis for empirical studies on
the work and behavior of individuals aimed at defining their roles in a specific context. Second, role theory examines the
interrelations and interactions between individuals and a range of personal characteristics. Personal characteristics,
interrelations and interactions shape the role set in a specific context, thereby increasing the potential for analysis and
explanation. According to Denis et al. (2000), the adoption of organizational roles is a dynamic process involving several
actors. Therefore, role theory can be used to draw a number of conclusions about the range of roles performed by several
focal persons by helping to identify the personal and organizational factors shaping the model of organizational role-taking
developed by Katz and Kahn (1978, p. 196).
In a literature review focusing on the work of managers, Hales (1986) argued that the concept of role set is a useful avenue
since it is located at the crossroads of individual analysis and organizational or function analysis. According to Hales (1986),
the concept can also be used to examine the impact of the actions of the focal person on the roles performed by a specific
function in the organization. Studies by McCracken et al. (2008), Verstegen et al. (2007) and Sorensen and Sorensen (1974)
provide useful illustrations of this concept. The implication is that internal auditors largely govern the roles performed by the
IAF since it is primarily internal auditors who support this particular organizational function. Therefore, the study will
address the following research question: what roles do internal auditors perform in the public sector, and what are the
organizational professional and individual factors that shape their roles?
Finally, according to Hales (1986, p. 109), the concept of role set has the advantage of not requiring consistency among the
various roles (role expectations, sent roles, received roles and roles performed). Therefore, role theory may be useful for
highlighting potential conflicts and ambiguities between the various roles and for identifying potential areas of freedom
created by the organizational context (Katz and Kahn, 1978, p. 204–206). These areas of freedom are deemed to facilitate the
management of role conflict. As noted by Ahmad and Taylor (2009), the role theory developed by Katz and Kahn (1978) –
specifically the concept of role conflict – is also relevant for analyzing the roles performed by internal auditors since internal
auditors operate in a complex and ever-changing environment. Ahmad and Taylor (2009, p. 917) emphasized the need for a
better understanding of the behavior of internal auditors in situations involving role conflict and the impact of these
behaviors. They also emphasized the need for further qualitative studies to establish the importance of the specific context in
which internal auditors are required to operate.
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 553

2.2. Coping strategies

The strategies for coping with role conflict have become a major focus of feminist research, starting with the study by Hall
(1972) on the behavior of career women. Hall (1972) suggested that the identity of women involves multiple sub-identities,
including wife, employee, mother and housewife. Inspired by research conducted by Levinson (1959) and Katz and Kahn
(1978), Hall also treated the role as a plural concept and associated a specific role with each sub-identity. Hall (1972, p. 472)
argued that the notion of role is an ‘umbrella concept’ that includes the same components as the role set (Katz and Kahn,
1978). Hall (1972) developed a ‘model of coping with role conflict’ articulated around three main types of strategies:
structural role redefinition, personal role redefinition, and reactive role behavior. Type I, structural role redefinition (also
referred to as negotiation), includes strategies aimed at altering the role sender’s expectations. Type I strategy involves a
negotiation of roles with the role sender and aims to change various environmental factors in order to modify or reduce the
role sender’s expectations. Type II strategy, personal role redefinition (also referred to as internalization), involves a change
in attitude when faced with expectations that are perceived as being in conflict. In this sense, personal redefinition requires
work on the self, and more specifically an internalization of expectations. For: Type III strategy, reactive role behavior (also
known as resignation), involves a passive strategy of resignation defined as a defense strategy rather than a strategy for
coping with role conflict, since the individual does nothing to manage role conflict (Hall, 1972, 1p. 484). The individual
accepts role conflict as being inevitable and seeks to meet all expectations by working faster and longer. Table 1 – typology of
strategies for coping with role conflicts – presents a table inspired by Hall (1972, p. 478) summarizing the typology and
presenting the three types of strategies and the associated tactics.
According to Grover (1993), the various coping strategies determine the roles that are effectively performed. In other
words, the strategies used by individuals to cope with role conflict are closely linked to the role-taking process, thus
contributing to the emergence of role behaviors. In light of these remarks, role theory (combined with the strategies for
coping with role conflict) appears to have considerable explanatory power and provides a promising theoretical framework
for addressing the research question presented above.
It is important to define another concept in addition to the role set and the strategies for coping with role conflict: role
conflict. A role conflict occurs in the event of ‘the simultaneous occurrence of two or more role expectations such that
compliance with one would make compliance with the other more difficult’ (Katz and Kahn, 1978, p. 204). A distinction is
drawn between four types of role conflict according to their source. The first type of conflict is ‘inter-sender role conflict’. An
inter-sender role conflict occurs when the expectations of the different role senders are in conflict. The second type is ‘intra-
sender conflict’, which occurs when there is a conflict between the expectations of the same role sender. The third type,
‘inter-role conflict’, occurs when the expectations of a particular role are in conflict with the expectations associated with
another role performed by the same individual. Inter-role conflict was examined more closely by Hall (1972). The fourth and
final type is ‘ethical conflict’ (also called moral conflict), which occurs when the received expectations concerning a given
role are in conflict with the values and ethics of the role receiver (Jones and Deckro, 1993).
There appear to be different determinants of role conflict. A difference between the roles received from role senders and
the moral values of the focal person (inculcated by their membership of a specific profession) generates a role conflict
(Grover, 1993; Harrell et al., 1986; Sorensen and Sorensen, 1974; Van Peursem, 2005). These role conflicts are ethical
conflicts. A role conflict also occurs when several role senders have different role expectations (Byrne and Pierce, 2007;
Marginson and Bui, 2009). A role conflict results in the use of several strategies for managing role conflict (Grover, 1993; Hall,
1972; Randall, 1988; Sorensen and Sorensen, 1974; Tietze, 2002).

3. Methodology

3.1. Methodological design

The paper is based on a field study conducted among internal auditors working in the Quebec public sector. The
organizations examined in this study were non-commercial government organizations and state-owned enterprises and
ministries. As well as being selected based on their specific status and nature, the organizations examined in this research
were also chosen because they have an active IAF. One of the key indicators of internal audit activity is the number of internal
auditors working in the IAF.
The field study was conducted in a large number of organizations and was based solely on interviews with internal
auditors rather than a smaller number of organizations involving interviews with top managers and AC members (defined as
role senders in the role-taking process governing the roles performed by internal auditors) in addition to internal auditors.
There are three reasons for this. First, the research question implies a focus on internal auditors’ perceptions of their own
roles and role behaviors. Second, according to Eisenhardt (1989), a field study conducted in several locations has the
advantage of facilitating comparisons of the answers given by interviewees working in different organizations, thereby
increasing the applicability of the results and producing more general knowledge than a field study conducted in one
location. Therefore, a study conducted in several locations improves our understanding of internal audit in the public sector.
Third, given the sensitive nature of some of the issues discussed in the interviews, the answers given by the interviewees
might have been affected by social desirability bias if they had known that the top manager or AC members were also taking
part in the study (in other words, the interviewees might have based their answers on what they felt the top manager or AC
554 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

Table 1
Typology of strategies for coping with role conflict (Hall, 1972).

Type of coping Coping tactics Additional information

strategiesa

Type I: A. Eliminate (or add) particular activities within roles. Do not
Structural role give up or add entire role, only certain components of it
redefinition
B. Role support from outside role set. Employing outside help
to assume certain role activities
C. Role support from member of role set. Receiving help from
role senders in performing activities necessary to meet role
demands
D. Problem-solving with role senders. Collaborative
redefinition of roles. Moral support from or problem-solving
with role senders in deciding how to resolve role conflicts
E. Integrate roles. Increase overlap among roles in such a way
that each contributes to the other
F. Change the societal definition of roles. Change general social
expectations as opposed to the expectation of specific role
senders
This strategy does not involve a wholesale redefinition of the
performed role but merely a modification of some activities
This strategy involves transferring activities to a resource that
is external to the targeted process
Help may involve the provision of additional resources (time,
money, qualified staff, etc.)
The conflict is the object of an open discussion
Rather than resignation, this strategy involves opting for an
open attitude that leaves room for a global understanding of
the situation
This strategy involves changing the expectations of the role
sender by working upstream of the process. The aim is to
change the definition of the roles promoted in society or to
denounce those elements that do not suit the role receiver

Type II: A. Establish priorities for roles or within roles. Rank activities in This strategy involves attempting to do everything by
Personal role order of importance establishing priorities in order to ensure that the most
redefinition important activities are carried out or the most important roles
are performed
B. Partition and separate roles. Devote full attention to a given This strategy involves compartmentalizing activities by
role when in that role. Attempt to minimize simultaneous separating conflicting or overlapping roles (i.e. doing one thing
overlap of roles at a time)
C. Overlap role demands or reduce standards. Choose not to This strategy involves not seeking for perfection and accepting
meet certain role demands that activities are not carried out perfectly in view of the
context. This strategy may also involve consciously omitting
activities that are generally required in order to perform the
expected roles correctly
D. Change attitude toward roles or develop a new attitude that This strategy involves adopting an attitude that helps to
helps reduce conflicts manage role conflict better
E. Eliminate roles. Withdraw from an entire role area This strategy involves deciding to eliminate a role that needs to
be performed without discussing the matter with the role sender
F. Shift attention from one role to another. Handle each role in This strategy involves shifting between the various roles that
turn as it comes up need to be performed according to a plan based on previous
experience. The time devoted to each role may vary
G. Develop self and own interests. See personal interests as This strategy involves finding an outlet that favors well-being
valid source of role demands in a role conflict situation

Type III: A. Plan, schedule, organize better. Increase efficiency of role
Reactive role performance
behavior
B. No conscious strategy. No attempt to control role demands
or own responses. Passive orientation toward role conflicts
C. Working harder to meet all role demands. Do all that is
expected. Work harder, devote more time and energy inputs to
role performance
a
The two first columns of this table are drawn from the first two columns of ‘‘Table 1 – Coping strategies for a woman’s role conflicts’’ in Hall (1972,
p. 478). The third column provides additional information.
This strategy involves reorganizing the activities that need to
be carried out in order to perform all of the roles with a view to
improving performance and thereby meeting all expectations
This strategy involves doing nothing to manage role conflict,
i.e. remaining passive. The role receiver accepts the situation as
if it were inevitable
This strategy involves seeking to do everything by working
harder

members wanted to hear rather than what they really felt since they would have known that the top manager or AC members
would have had access to the papers drawn from the data collection). Potential cross-references might have created
awkward situations between the interviewees and their superiors since it would have been more difficult to protect the
identity of the interviewees if the field study had been conducted in a smaller number of organizations. The methodology
was developed with this issue in mind. Although it would have been useful to interview the top manager and AC members
about their expectations of internal auditors in order to provide a more comprehensive picture of internal auditing in the
public sector, the study focused solely on internal auditors.1

1
For a study of AC members’ expectations of internal auditing in the Quebec public sector, see Roussy (2012), where I examine this issue based on a case
study involving semi-structured interviews with AC members working in this sector (but not in the same organizations as the internal auditors who
participated in this study).
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 555

3.2. Data collection method and sources

In total, the field study involved 42 individual interviews (14 managers and 28 professionals) conducted among internal
auditors working in 13 organizations. The final distribution of the various organizations is as follows: nine state bodies or
enterprises (69%) and four ministries (31%). In each IAF, in addition to internal audit managers, interviews were conducted
with experienced internal auditors (between two and five interviewees in total per organization). It is also important to note
that copies of eight internal audit policies were obtained, i.e. over 57% of the IAFs. Copies of four annual planning and
accountability documents were also obtained, i.e. just over 28% of the IAFs. These documents were primarily used to validate
some of the answers given by the interviewees.
The interviews were conducted by the author between May and October 2010. Every internal auditor was interviewed at
least once. The interviews lasted on average 2 h and were recorded and transcribed. An interview guide was developed on the
basis of the research questions addressed in my doctoral thesis and the main theoretical constructs of the conceptual
framework. The sequence of the topics and the nature of the questions varied from one interview to another. Some of the
interviews focused more specifically on a particular subject (according to the answers given by the interviewees).
To protect interviewees against negative repercussions, permission to conduct interviews was obtained from the top
manager (the chief executive officer or the deputy minister). Once permission had been granted, requests for interviews
were made among internal auditors working in the IAFs of the targeted organizations. To obtain their free and informed
consent (Patton, 2002, p. 408–409), interviewees were contacted individually by email. A consent form signed by
interviewees clearly explained the objectives of the study to ensure that interviewees were informed of the topics addressed
in the interviews. In order to protect the identity of the interviewees, the top manager who had granted permission to carry
out the interviews was not informed of the participation (or non-participation) of the internal auditors who had been invited
to take part in the interviews.
To ensure anonymity, the paper will not give a detailed presentation of every interviewee or organization. However, the
information required to understand the analysis will be disclosed. Interviewees2 included internal auditors with (on
average) 10–15 years of experience in internal auditing and between 20 and 25 years of professional experience in total.
There were no significant differences between the internal audit manager and internal audit professionals in terms of the
number of years of experience. Most of the interviewees had spent the majority of their career in public administration in
Quebec and had a detailed knowledge of the sector and of internal auditing. When comparing interviewees from ministries
with interviewees from other bodies, the personal characteristics of interviewees were found to be relatively homogeneous.
Therefore, no distinction will be drawn between the two categories of interviewees.
In terms of professional affiliation, 27 interviewees (64%) were accountants. To qualify as an accountant, an interviewee
must have one of the three accounting titles recognized in Canada (CA, CGA or CMA). The 15 remaining interviewees (36%)
worked in a variety of fields ranging from teaching to ICT and the social sciences. It is impossible to define a particular profile
for these interviewees. 24 interviewees (57%) were men, while 18 interviewees were women (43%).3

3.3. Data processing and data analysis

While there are no fixed rules for conducting data analysis in qualitative field research, a number of good practices have
been highlighted in the literature, including those recommended by Miles and Huberman (2003) and the coding strategies
used by Strauss and Corbin (1990). The quality of the analysis and (therefore) the quality of the results largely depend on the
ability of the researcher to analyze and synthesize data (Patton, 2002, p. 433). In this study, approximately 85 h of recorded
interviews totaling over 2000 pages of transcripts and related notes, in addition to several written documents, were coded
and analyzed. According to Romelaer (2001, p. 6), content analysis involves determining the frequency of themes in
discursive material in order to generate significant results. The aim of content analysis is to analyze the content of interview
transcripts by examining the frequency of words and themes as a basis for analysis. This study is based on an analysis of
interview transcripts and related notes and an analysis of documents using Atlas.ti software.
Two coding techniques were used: open coding and axial coding (Strauss and Corbin, 1990). Open coding involves
isolating segments of words from the discursive material drawn from the data collection process in order to define
categories, propositions or constructs based on the conceptual framework adopted by the researcher (Strauss and Corbin,
1990, p. 97). Since it is a preliminary data coding process, open coding was conducted before axial coding. Axial coding was
used to reorganize the data after open coding by making connections between the coded elements (Strauss and Corbin, 1990,
p. 96). At this stage, the data coding process becomes more refined and stratified (Strauss and Corbin, 1990, p. 97) and a good

2
From this point on, the terms ‘interviewees’ and ‘internal auditors’ will be used when referring to internal audit managers or internal audit
professionals. The term ‘internal audit manager’ (IAM) will be used exclusively to refer to this particular category of interviewees. The term ‘internal audit
professionals’ (IAP) will be used to refer to interviewees who are not internal audit managers.
3
Masculine or plural pronouns and articles will be used to protect the identity of the interviewees and organizations. A clear distinction between male
and female interviewees might have revealed the identity of some organizations, interviewees and top managers. In addition, drawing a distinction
between internal audit managers who are chartered accountants and internal audit managers who are not, or identifying the gender of internal audit
managers, might potentially reveal their identity and, therefore, the identity of their organization and top manager. Therefore, this information will not be
provided. The specific names of the organizations and individuals explicitly referred to in interviews have also been replaced by generic terms.
556 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

representation of the studied phenomenon begins to emerge from the data. In this study, categories, properties and
dimensions that had not initially been considered began to emerge from the data during axial coding. Although the two
coding stages recommended by Strauss and Corbin (1990) are distinct methods that must follow a precise order, I predicted
that I would have to use both forms of coding in parallel based on an iterative coding process (Strauss and Corbin, 1990, p.
98). In the course of the coding process, the structure of the codes was adjusted to take account of its evolution, underlining
the parallel use of the two coding techniques. Lastly, the codes were connected to the discursive material and the conceptual
framework, as suggested by Strauss and Corbin (1990, p. 115).
Once the coding was complete, three complementary strategies were used to interpret the data. First, the frequency
(i.e. the number of occurrences) of codes was measured in order to identify major trends. Visual mapping was then used
based on figures designed to visualize the connections between the different concepts that emerged from the data
coding. According to Langley (1999, p. 703), although these methods can be used to analyze large amounts of data and
to identify key connections between the data, it is important not to oversimplify reality. To avoid this risk, the narrative
method of inquiry was used as the final and main stage of the data analysis process. The detailed presentation of the
answers given by the interviewees in the results section highlights the plot or narrative framework of the
roles perceived and performed by internal auditors by focusing on contextual details as experienced by internal
auditors.

3.4. Credibility of research design

The credibility of a field study primarily depends on two main criteria: an adequate representation of the many possible
representations of reality and a complete and comprehensive understanding of the studied phenomenon (Lincoln and Guba,
1985, p. 301–315).
Various strategies were used to ensure credibility. My decision to conduct the field study in a number of organizations
and to interview several internal auditors in each organization ensured greater credibility. In addition, although my initial
intention was to conduct approximately 45 interviews, the precise number of interviews to be conducted was not
determined in advance. The aim was to reach saturation point (Lincoln and Guba, 1985: p. 202). In this study, saturation
point was reached toward the 30th interview. However, the data collection process continued beyond the 30th interview
since appointments for the final interviews had already been made before the point of saturation was reached. Several data
sources were used (i.e. interview material and, where necessary, relevant documentation), which allowed for data
triangulation since I was able to compare the data collected in the interviews with the data contained in the various
documents used as additional data sources (Lincoln and Guba, 1985, p. 301–305; Patton, 2002, p. 559). According to Patton
(2002: p. 559), comparative analysis of interview transcripts and written or electronic documents is a form of triangulation
based on multiple qualitative data sources. The alphanumeric codes used to identify the interviewees quoted in the paper
(IAM 1–14 and IAP 1–28) also ensured that the source of the quoted material could be traced without having to reveal the
identity of interviewees (the codes were randomly assigned) – a technique that has the added advantage of showing that the
answers are not all drawn from the same source.
According to Patton (2002: p. 560), the use of more than one data analysis method enables data triangulation, thus
increasing the credibility of the results. To this extent, the data analysis strategy also contributes to the credibility of the
study through its conception. The coding method proposed by Strauss and Corbin (1990) and the combined use of three
complementary analytical strategies, as suggested by Langley (1999) and Romelaer (2001), ensure analytical rigor, thereby
increasing the credibility of the results while allowing for data triangulation based on multiple analytical techniques (Patton,
2002: p. 560).
Various measures aimed at increasing the credibility of the results were also taken to conduct the interviews. Along with
the other individuals who had access to the interview data and documentary data, I signed a confidentiality agreement. The
interviewees were informed of the confidentiality agreement and a copy of the agreement was given to every interviewee.
Because of the trust fostered by the agreement, they were more disposed to speak openly about their experiences as internal
auditors.
At the end of each interview, I wrote down all of my observations and impressions. Like the interview material, the notes
were recorded, digitized, and transcribed. The impressions and feelings that I experienced during the interviews were
carefully recorded, with the complete reports forming my research log. My observations provided valuable information that I
was subsequently able to use in order to re-experience the interviews at the data analysis stage (Patton, 2002, p. 384). This
technique is also useful for assessing the relevance and authenticity of the answers given by interviewees (Patton, 2002,
p. 384).

4. Received roles and role behaviors of internal auditors

The analysis of the results begins with abroad overview of the legal and normative environment of internal auditing in the
Quebec public sector. The analysis proper begins with an analysis of their conceptions (i.e. received roles) before focusing on
the roles effectively performed by internal auditors (i.e. role behaviors) since, as noted in Section 2, the theoretical
framework of this study implies that the roles performed by internal auditors are mostly shaped by their personal conception
of their roles (i.e. received roles).
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 557

4.1. Internal auditing in Quebec public sector organizations

In 2006, the National Assembly of Quebec adopted the Act Respecting the Governance of State-Owned Enterprises,
included in chapter G-1.02 of the Revised Statutes and Regulations of Quebec (Lois Refondues du Québec or LRQ). The purpose
of the new law was to introduce new governance rules to ‘‘establish corporate governance principles so as to strengthen the
stewardship of state-owned enterprises with a view to enhancing the effectiveness, transparency and accountability of the
officers and bodies that make up their management’’ (Government of Quebec, 2006, G-1.02, art. 1).
Under the new system, state-owned enterprises are essentially required to adopt governance and internal control
mechanisms similar to those adopted by organizations that are subject to the Financial Markets Authority. The companies
targeted by the new measures are required (for example) to introduce an independent audit committee and an IAF placed under
its authority (Government of Quebec, 2006, G-1.02, art.26).4 Article 25 also illustrates the spirit of the public sector governance
reform by emphasizing that the audit committee is required by law to oversee top management, since the article stipulates that
‘‘the audit committee must notify the board of directors in writing on discovering operations or management practices that are
unsound or do not comply with the law or the regulations or with the policies of the enterprise or its wholly owned subsidiaries’’
(Government of Quebec, 2006, G-1.02, art. 25). Since state enterprises are not defined as ‘‘ministries’’ or ‘government bodies’ in
Quebec’s public administration, a specific law was introduced to ensure the implementation of the new governance rules
included in the Act Respecting the Governance of State-Owned Enterprises (presented above): the Public Administration Act,
included in chapter A-6.01 of the Revised Statutes and Regulations of Quebec (Government of Quebec, 2000, LRQ, A-6.01).
In 2006, the Quebec Treasury Board5 incorporated its guidelines concerning the audit committee and internal auditing in
the Recueil des politiques de gestion (Conseil du Trésor du Québec, 2006). Since November 2006, ministries and bodies are
required to comply with the internal audit guidelines outlined in the management policies defined by the Treasury Board.
This regulation defines the expected roles of the IAF by indicating that the priority must be on assurance assignments,
generally associated with its role as watchdog, as opposed to consultancy assignments, associated with the consulting role of
the IAF advising top management (Ahmad and Taylor, 2009; Arnold and Ponemon, 1991; Van Peursem, 2004):
Internal auditing aims primarily to provide an objective and independent evaluation of the systems, processes and
activities of the organization and an assessment of the degree of control over them. [. . .] Internal auditing may also
provide consultancy services to improve management and performance.
(Conseil du Trésor du Québec, 2006, art. 6)
Since the new regulations stipulate (as required by the Act Respecting the Governance of State-Owned Enterprises and by
the Public Administration Act) that the activities of the IAF pertain exclusively to the audit committee (i.e. functional
authority), the assumption is that the IAF is officially accountable to the audit committee and must ‘‘promptly inform AC
members of any element that may significantly affect the independence, objectivity, effectiveness, efficiency or quality of
internal auditing’’ (Conseil du Trésor du Québec, 2006, art. 11). The implication is that the person in charge of the IAF is
required to meet with the audit committee at least twice a year to present their plan, their audit reports, the monitoring of
the recommendations made during the year and the supervision of work in progress. The audit committee also makes
recommendations concerning the adoption of documents relating to planning, monitoring and accountability to the deputy
minister, the organization manager or the board. However, at an administrative level, the IAF remains under the control of
the highest authority of the bodies targeted by the new measures, i.e. the board, the CEO or the deputy minister. The
implication is that the board, the CEO or the deputy minister has authority over (for example) the allocation of the financial,
material and human resources of the IAF. Furthermore, a guide on the introduction and consolidation of the IAF, which
essentially restates the standards of the Institute of Internal Auditors (IIA) and the practices suggested by the IIA,6
recommends securing ‘the commitment of top management’ to ensure the success of the IAF (SCT, 2009, p. 17). Therefore,
internal auditors cannot ignore top management in the conduct of their activities and are encouraged to work in close
collaboration with the top manager, despite the fact that the functional authority is in the hands of the audit committee.

4.2. Received roles

We (the IAF) are here to help the organization to progress. Which means that I always need to position myself in
relation to the particular situation of the organization. [. . .] The idea is that we provide a tool that the top manager can
work with and that will help him; (a tool) that will help to ensure that he is in control and to fulfill the objectives of the
organization. (IAM 14)
This interviewee viewed the IAF as a tool at the service of the organization, the top manager and the managers. Internal
auditors feel particularly useful when they feel able to contribute to the improvement of organizational performance or
when they feel the appreciation of the top manager.

4
The implementation of the new measures was a gradual process, with the necessary changes to be introduced at the latest by January 1, 2010.
5
The Quebec Treasury Board is responsible for developing the rules governing the implementation of the Public Administration Act.
6
See the Guide sur la mise en place et consolidation de la fonction de vérification interne dans les ministères et organismes published by the Treasury Board
Secretariat (2009). Note that this guide is designed to provide support to ministries and bodies in introducing the IAF.
558 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

4.2.1. The IAF: a function at the service of the organization

The interviewees viewed themselves primarily as working in the service of the organization. This was particularly
apparent in the responses given by IAM 6 and IAM 8, who associated their sense of usefulness with the implementation of
internal audit recommendations by organization managers:
I feel that they (the managers) know it. They listen, they reach an agreement, they prepare to take action, and then
they take action. Of course, it may not happen as quickly as you would want it to, but at least the concern is there
and action is eventually taken. You see a transformation. [. . .] I say to myself that as long as there’s progress, as
long as there’s a concern and we stick to our targets, everything will be ok. The work we do still has an impact.
(IAM 6)
Whenever I issue a report or every time I make recommendations, I feel very, very useful. I feel even more useful when
my recommendations are applied and are taken in hand (by the audited entities). (IAM 8)
This view can be explained based on role theory (Katz and Kahn, 1978), which suggests that personal factors shape
the role-taking process of internal auditors. In this study, professional membership of the IIA was considered to be a
personal factor. Since 100% of the interviewees were members of the IIA, their conception of the role of the IAF complies
with the role recommended by the IIA. Based on this definition, the IAF works in the interests of the organization in
order to achieve the objectives of the organization (The Institute of Internal Auditor, 2009). One interviewee even
quoted part of the definition of the IIA almost word-for-word: ‘I am here to help the organization to better achieve its
objectives’ (IAP 28).
Based on the theoretical framework used in this research, it is assumed that the legal and regulatory environment will
also shape the roles of internal auditors. From a theoretical point of view, the legal and regulatory environment is assimilated
with norms, which, as noted by Katz and Kahn (1978, p. 43), reflect the general expectations of a role set in a given system.
The empirical representations of norms include the internal audit policy of organizations and, more generally, the internal
audit recommendations made by the Treasury Board (Conseil du Trésor du Québec, 2006) and applying to all Quebec public
sector organizations. The internal audit policies to which access was granted indicate that the IAF is required to comply with
IIA standards, although most policies also refer to C.T. Conseil du Trésor du Québec (2006) and to the Guide sur la mise en place
et consolidation de la fonction de vérification interne dans les ministères et organismes (2009), which strongly recommends
compliance with IIA standards. The following excerpt is drawn from the internal audit policy of one of the Quebec public
sector organizations examined in this research:
This policy is based on the internal audit recommendations issued by the Treasury Board Secretariat in November
2006 (Conseil du Trésor du Québec, 2006). [. . .] Internal audit work is based on the International Professional Practices
Framework defined by the Institute of Internal Auditors (IIA), an international body specializing in internal auditing.
(Extract from an internal audit policy)
Interviewees stated that they complied with IIA standards (thus reflecting the internal audit policy of their organization)
and with Conseil du Trésor du Québec (2006) in their conception of internal auditing. Therefore, the legal and regulatory
environment appears to have a significant impact on internal auditors’ personal conception of their role.
Role theory posits that the expectations of the role senders (as perceived by internal auditors) are the main factor
determining their received roles. However, we will see that the strategies for coping with role conflict also shape internal
auditors’ personal conceptions of their roles. Type II strategy (internalization) is the most important strategy since it helps to
understand how internal auditors eliminate the perceived expectations of AC members from their personal conception of
their role, despite the fact that the Act Respecting the Governance of State-Owned Enterprises and in the Public
Administration Act clearly indicate that the IAF is under the functional authority of the audit committee. A more detailed
analysis is provided below.

4.2.2. IAF: a function at the service of the top manager

The desire of interviewees to serve the organization is mainly reflected in their desire to serve and protect the top
manager. Internal auditors who hold this view tend to privilege the interests of management at the expense of impartiality.
Three interviewees made the following statements:

(Addressing the top manager at their first encounter) ‘Here’s a caricature. I’m your best assistant. You can tell me
anything or ask me anything. (IAM 4)
We’re here to support the top manager. He’s here to explain things; he’s not here to defend things, but to explain
things. Which means that if I know about something, I can act as his relief. [. . .]We’re his eyes and ears. . .. Our boss is
the top manager. (IAM 1)
Our role is to ensure that the top manager is not seen in a negative light and to be careful about the way things are said
so things don’t seem out of proportion when viewed from the outside. (IAP 7)
All of the IAFs accessed in this research were found to be functionally dependent (in theory) on the audit committee, as
shown by the internal audit policies obtained in the course of the field study (and noted by the interviewees). Internal
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 559

auditors are therefore well informed of existing regulations and policies. The interviewees also emphasized the expectations
of three interlocutors: the top manager, managers and AC members. First, internal auditors were found to be deeply aware of
AC members’ expectations. According to the interviewees, AC members expect the IAF to keep them informed of what
happens in the organization and to protect them from potential mistakes caused by the complexity of public administration
governance and accountability standards.

Metaphorically, I’d say it’s all about being their eyes and ears. When they entrust us with something, whatever it
may be, they expect us . . . [. . .] They expect to be given an accurate picture. Put simply and clearly, I think that’s it.
(IAP 7)

Interviewees also felt that AC members expect the IAF to paint an accurate picture of the issues that concern them. The IAF
‘reassures’ (IAM 8) them in their role as AC members since they will often have a relatively superficial knowledge of the
organization or of ‘major public administration processes’ (IAM 5). In this sense, they do not expect audit committee reports
to refer solely to weaknesses since they are also keen to know about the strengths of the organization in order to have an
accurate picture of the situation.
Interviewees felt that AC members want to be protected by the IAF. According to them, AC members are aware of only
having access to information filtered by the managers of the organization. As a result, they are deeply aware of the potential
for mistakes caused by inaccurate or incomplete information. The interviewees also reported that AC members want the IAF
to warn them of issues that managers may wish to conceal. In addition, the interviewees indicated that AC members need a
mechanism to guide them through the administrative complexities of the organization since their administrative knowledge
and skills are not sufficient to perform their duties. Because of the complexity of the legal and regulatory environment of
public administration in Quebec, AC members need a guide to navigate them through the administrative complexities of the
sector. In short, internal auditors feel that AC members want to be guided and protected by the IAF to avoid making mistakes.
The following views illustrate this point:

That (i.e. the IAF) is the comfort they get. It’s as if you had an alarm system at home; you know it works. If someone
tries to break into your house, you’ll be warned. You take it for granted, you’re reassured. (IAM 8)

I’d say they expect us to tell them if there have been any irregularities in the management (of the organization).
They’re outsiders, so what they’re often afraid of is making a blunder when they deal with major process like credit
assessments, loan applications, things like that. [. . .] In terms of their expectations, it’s more a matter of us helping
them to operate at a government level so they don’t make any major mistakes. [. . .] They said something to me once in
the early days. What they wanted, they said, was basically . . . [They said]: ‘a dog is a dog, but we’d rather have a guide
dog than a guard dog’. (IAM 5)
Interviewees also felt that AC members want the IAF to focus primarily on the major risks facing the
organization. Internal audit managers felt that AC members are satisfied with the work performed by internal auditors
since the annual planning process of the IAF is defined on the basis of the strategic risks facing the organization.
According to the interviewees, this also explains why AC members rarely intervene in the annual planning process of
the IAF.
Second, the interviewees emphasized the perceived expectations of the top manager. They reported that top managers
expect to be kept informed of any matters concealed by their management team and are keen to prevent any potential
reprimands from central public administration bodies or the audit committee. In short, two main expectations emerged from
the interviews: managers expect to be kept informed of all organizational matters by the IAF and expect to be protected by
the IAF. First, the interviewees considered that the top manager wants to ‘be given an accurate picture’ (IAP 25). In other
words, the top manager wants to be ‘kept informed’ (IAM 6) of ‘things that his senior managers are not telling him’ (IAP 28).
Second, the interviewees stated that the top manager expects to be protected by the IAF. The following quotes illustrate the
views expressed by interviewees on this issue:
We have a top manager [. . .] who wants to be given an accurate picture and I’d say he doesn’t want to be stabbed in the
process. (IAP 3)
Every time we ask the top manager: ‘Do you want us to do less?’ [. . .] He says: ‘No, I don’t, we’re going to submit this to
the National Assembly, even if there’s a slight inaccuracy, I’m counting on you’. He counts on us a lot. (IAM 11)
The interviewees felt that they must protect the top manager from AC members, which is consistent with the fact that
internal audit managers see the audit committee as a threat.
That’s it, (you have to) make sure (the top manager) comes across well. Being politically correct means not taking him
by surprise, laying out the cards, then giving him time to respond. Those are my guidelines. [. . .] So I always prepare the
top manager before meeting with the audit committee. I tell him that I’ll be talking about this, this, and this. In return,
he has to say that he’ll be taking such and such a measure. (IAM 5)
Third, internal auditors are aware of the expectations of managers. The interviewees stated that managers only want the
IAF to provide consulting services and are resistant to assurance assignments.
560 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

Also, people often ask us for a more or less immediate opinion. [. . .] There’s a lot riding on the procedure for granting
contracts this year.7 (IAM 1)
The interviewees stated that managers expect the IAF to provide consultancy services but that they are above all keen to
avoid any assignment that might result in an assurance audit report (i.e. a report which includes findings that require a
response and recommendations that managers will be required to implement). Interviewees attributed the ‘not in my
backyard’ (IAP 3) syndrome to the fact that managers tend to see the IAF as a threat since assurance audit reports are
systematically passed on to top management and the audit committee. As noted by one interviewee, managers ‘want us to
perform a consulting role, not an oversight role’ (IAM 3) since they feel that the IAF gives ‘report cards’ (IAM 3) to managers.
When the IAF targets an operational sector with a view to conducting an assignment leading to an assurance report, internal
auditors feel that they are an unwelcome presence.
However, it is clear that internal auditors tend not to view the IAF as working in the service of the audit committee,
despite the fact that they are aware of official regulations and the Act Respecting the Governance of State-Owned Enterprises
and the Public Administration Act indicate that the IAF is under the functional authority of the audit committee. Interviewees
often emphasized their desire to protect the top manager from AC members since they tend to view the top manager as their
‘real boss’ (IAM 8), i.e. the entity with the real power over the IAF. The audit committee is generally seen as an external body
with no real power in the organization, i.e. the ‘fake boss’ (IAM 8), and even as a threat. The data indicate that internal
auditors are aware of an inter-sender role conflict between the top manager and AC members. Internal audit managers
discussed the issue in the following terms:
If someone wants to survive in this world . . . [. . .] The top manager represents the hierarchical authority. He has full
powers over audited entities and the work conditions of the administrative unit. Whatever you do, and unless you’re a
bit of a masochist, you have to respect the hierarchical authority. When you get to the end of the year, he may be the
person in charge of your evaluation, which means . . . After that, you’ve got the audit committee, a functional authority
with external members, people who have no power of intervention and who have nothing to do with the daily running
of the organization. . .. To hang on to that is suicidal, I mean, yes, you need to take information on board, but they’re not
the people who’ll have a direct impact on your work or who’ll be capable of helping you to do your work. That’s it. (IAM
5)
My audit committee will always be given an accurate picture. But, how is it possible not to harm the top manager
while giving an accurate picture? That’s a real difficulty. [. . .] They’re people from outside (i.e. AC members), and here
I’m talking . . . I mustn’t say anything that I haven’t already said to the top manager. I mustn’t bypass the top manager.
(IAM 4)
It is important to ask why internal auditors deliberately neglect the legal and regulatory environment and their
awareness of the expectations of AC members in emphasizing that their perception of the role of the IAF involves providing
protection and support to the top manager rather than the audit committee. Their desire to protect the top manager can be
explained based on role theory or the strategies for coping with role conflict used by internal auditors since the point is to
deal with an instance of inter-sender role conflict.
Role theory suggests that organizational factors and interpersonal factors play a key role in shaping internal auditors. The
implication is that the organizational structure, including the position of the IAF and the related hierarchical relations and
accountability, shapes the role-taking process among internal auditors. An accurate view of the various factors shaping
internal auditors’ conception of the role of the IAF can be obtained by combining the frequency of meetings between internal
audit managers and the top manager and the quality of their relationship. The IAFs visited as part of this study were under
the direct authority of the top manager and the internal audit managers held regular and frequent meetings with the top
manager, while meetings with AC members were less frequent. Therefore, we may posit that internal auditors believe that
the IAF must support and protect the top manager rather than AC members. The internal audit managers stated that they
trust their top manager, while half of them stated that they had little trust in AC members. One interviewee claimed that ‘my
relationship with the top manager is far stronger than my relationship with the audit committee’ (IAP 10), while IAM 8 stated
that the top manager is the ‘real boss’ and that the audit committee chairman is the ‘fake boss’. The excerpts from the
interviews conducted with IAM 5 and IAM 4 quoted above are particularly revealing. While interviewee IAM 5 indicated that
protection of the top manager is a matter of survival, IAM 4 was careful not to speak too much to the audit committee from
fear of ‘bypassing’ the top manager. These findings clearly indicate that the loyalty shown by most internal auditors is
directed toward the top manager and not toward AC members. It is worth noting that interviewees shared this conception
irrespective of the type of organization in which they worked (ministry or non-profit government organization).
Allegiance to the top manager can also be understood based on the strategies used by internal auditors to cope with role
conflict. Internalization tactic II-A (aimed at establishing an order of priority among the various roles that need to be
performed) was often used by the interviewees. Internalization tactic II-A essentially involves prioritizing expectations. The

7
Several months before the interviews were conducted, a political scandal broke out in Quebec over alleged corruption in the process of awarding
contracts in the construction industry. A committee chaired by the honorable judge France Charbonneau was set up to investigate the allegations. A
permanent anti-corruption unit was also set up in the state police (La Sureté du Québec).
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 561

interviewees stated that they prioritize expectations according to whether they come from within or outside the
organization and according to the hierarchical level of the sender. Requests from the top manager tend to be treated as a
priority over requests from AC members or managers. Internal auditors refer to this tendency as ‘choosing one’s camp’ (IAM
5) ‘since it is the top manager who defines priorities’ (IAM 11).
Prioritization based on the hierarchical level of role senders is indicative of the way internal auditors conceive their role
and the strategies used to cope with role conflict. Internal auditors manage inter-sender role conflicts between the top
manager and AC members by prioritizing one of the two role senders – the top manager. Interpersonal factors (such as their
close relationships with the top manager) and organizational factors (such as the structure of accountability) rather than the
legal and regulatory environment shape the roles performed by internal auditors.
Internalization tactic II-D (i.e. changing attitude or adopting a new attitude based on the conflicting roles that need to be
performed) was also a common tactic among the interviewees. Internal auditors stated that they had to convince themselves
that the top manager was right or to accept that they had failed in their duty of independence.

At one point, I had to talk to my top manager. I said: ‘Are we going to the audit committee?’ He said: no, we’re not. [. . .]
After that, I got home in the evening, and then I put it out of my mind for a few days, you know? In the end, I took his
opinion on board, and I said, OK, that’s what we’ll do. I came around to it. (IAM 8)

Internal auditors were also found to have so completely internalized their lack of independence that they practiced self-
censorship:

If I disclose this, what will happen? (I’ll find) that the government gives too much money to – (a particular group of
citizens). Then what will I do? There’ll be roadblocks. No, I can’t disclose this – it just wouldn’t make sense. We talked
about it yesterday at the audit committee, and the committee said to me: no, we definitely don’t want to dig this up.
Don’t do any work on agreements with – (the particular group of citizens). One of the members, someone who knows
about the issue, added: ‘Listen, because of case Y, just don’t touch it’. [. . .] No, it’s not obvious. That’s it. Yes, we’re
independent, but let’s just say that in that particular case . . . (IAM 10)

Tactic II-D (i.e. changing attitude or adopting a new attitude based on the conflicting roles that need to be performed) is
used to manage inter-sender and inter-role conflicts involving the core values of interviewees. Tactic II-D is used to manage
ethical conflicts caused by inter-sender and inter-role conflicts. Interviewees stated that they often found themselves torn
between the demands of their profession and the demands imposed by their membership of the organization and their
involvement in public administration.
Because they feel periodically torn between the values promoted by their profession (particularly independence and
objectivity) and the context in which they operate, internal auditors have developed a nuanced conception of independence
that will be referred to as ‘grey independence’. Grey independence is a nuanced form of independence that allows for
imperfection.

When it comes to independence, there is no clear boundary. My job is to find out how things work, to get an idea, and
to say things as they are. I often say to new members of the team that in their new role, they may feel they have a
conflict of interests. I tell them that’s just how it’s going to be from now on. Of course, it’s not like that in IIA training;
things are different here. So we always have to play around with the utopian principle of independence. (IAM 14)

I think the debate surrounding independence is a false debate. The implication is that you’re either ‘dependent’ or
‘independent’ – that it’s black or white. But it doesn’t work like that! Yes, perhaps it’s important but, in any case, if
something can help to improve the organization, we’ll stick our neck out and that’s it; too bad for independence!
People in the organization understand that. (IAM 7)

Yes, we’re independent, but let’s say that in this particular case (in reference to a particular assignment) . . . considering
the political context and the organizational context . . . we tone it down and that’s ok. (IAM 1)

It is precisely because their conception of independence is nuanced that internal auditors are keen to emphasize
objectivity. Since they accept that their independence is conditional upon the internal status of the IAF (i.e. within the
organization), internal auditors tend to believe that objectivity is more important.
I’m close to management and that limits my independence. I’m very aware of it but I’m still capable of doing an
objective and impartial job. (IAM 5)
Their particular conception of independence also enables internal auditors to choose their camp (tactic II-A (i.e.
establishing priorities for roles)) in peace. By internalizing their lack of independence from the organization and top
management on the grounds that ‘internal auditing is internal’ (IAM 5), internal auditors are able to prioritize the top
manager among the various role senders, despite the fact that the legal and regulatory environment encourages them to
prioritize AC members based on the functional authority they exert over the IAF.
The analysis suggests that grey independence needs to be considered in order to understand internal auditors’ personal
conception of their roles. Their conception does not involve support and protection of AC members (despite the fact that
internal auditors are required to perform this role by the legal and regulatory environment and in order to meet the
562 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

expectations of AC members) by prioritizing support and protection of the top manager and (to a lesser extent) managers.
However, the grey independence exhibited by internal auditors indirectly serves to amplify potential inter-sender role
conflicts between the top manager and AC members or between the top manager and managers.
Since the theoretical framework implies viewing membership of a profession and the values of internal auditors as
personal factors, it is concluded that the latter shape the received roles of internal auditors. Personal factors shape the
received roles through internalization (type II strategy for coping with role conflict).

4.2.3. The IAF: a function at the service of managers

Interviewees indicated that they ‘‘are here to support the managers’’ (IAP 9) of the organization in the exercise of their
duties. This feeling was found to be more pronounced among internal audit professionals than among internal audit
managers. The account given by IAP 26 is a good example of this tendency:
Our interventions often provide support, and not a little support, to the findings of managers, through control or
selective audit operations. They might say: ‘you see, I told you about such and such a case. The internal audit has just
been performed. It gives roughly the same picture’. It gives further credibility to the manager in the eyes of their
employees. (IAP 26)
The bureaucratic organization of the Quebec public sector, characterized (among other things) by a large number of
hierarchical levels, may explain this phenomenon, since internal audit managers are required to interact directly and on a
regular basis with the top manager, whereas internal audit professionals have more contact with managers during audit
assignments. Since internal audit professionals are in closer contact with managers, it seems reasonable to assume that they
feel closer to managers than to top managers. Conseil du Trésor du Québec (2006) also allows the IAF to provide consultancy
services to managers (see Section 4.1).
By qualifying their conception of independence in order to take account of the organizational context, internal auditors are
able to make compromises with audited managers to ensure that recommendations are applied, thereby improving
organizational performance. Compromises are generally the result of type 1 strategy for coping with role conflict (negotiation).
The negotiation process that occurs during the validation of the findings and recommendations of the IAF is an example of
negotiation tactic I-D. Tactic I-D involves resolving conflicts by redefining the expectations of the roles that need to be
performed through an open discussion with the role sender until a consensus is reached. Internal auditors aim to reach a
compromise with the audited manager since ‘a little is better than nothing at all’ (IAM 4). Internal auditors target the
relevance of the audit report, which is consistent with their personal conception of the roles they must perform, since it
promotes adherence of the audited entities to the findings and recommendations of the IAF. This pragmatic perspective
reflects the attitude adopted by the external auditors of the Alberta Government, who prefer ‘Chevy’ recommendations
implemented by audited entities to ‘Cadillac’ recommendations, which are never implemented (Radcliffe, 1999, p. 349–350).

4.3. Role behaviors

The interviews conducted with internal auditors were useful for seeing beyond the official version of the various
assignments and activities carried out by the IAF. Internal auditors were found to perform two main roles: protector and
helper. As protectors, internal auditors act as either a shield or a keeper of secrets. As helpers, internal auditors support
organizational performance or provide guidance. At this stage, it is important to note that the same internal auditor performs
all of these roles as part of his/her job. However, depending on the circumstances, one role will tend to prevail. One of the
interviewees referred to this as ‘changing hats’ (IAM 2).

4.3.1. Internal auditors as protectors

Internal auditors acting as ‘protectors’ aim to protect the top manager, managers and AC members from potential
obstacles or pitfalls. Auditors acting as ‘protective shields’ may seek to protect the organization as a whole in the event of a
perceived threat from an external body (such as the Auditor General of Quebec) or public opinion. Internal auditors acting as
‘protectors’ may also become ‘keepers of the secrets’ which the top manager is keen not to disclose to AC members, central
bodies or the general public. Fig. 1 – the role of protector and its variants – provides a summary of the activities and
assignments associated with this role and classified according to the two variants observed in this research.

4.3.1.1. Internal auditors as protective shields. To protect the organization, internal auditors are prepared to brandish a
protective shield around the top manager and, to a lesser extent, around AC members and managers. Internal auditors are
often keen to prevent the obstacles or pitfalls faced by these three role senders and to lessen the impact when anticipated
problems cannot be avoided. The protective shield provided by internal auditors is directed in such a way as to protect the
role sender and the organization from external threats. One interviewee provided the following account:
Fundamentally, our role is to provide support and assistance. I say: be careful, look, we’ve seen that such and such
happened, if it were ever to happen again, we (the organization) would be in an awkward situation. (IAM 2)
However, as noted above, in the event of inter-sender role conflicts, internal auditors will often act as a shield to protect
the top manager (to whom the auditor gives their allegiance) against potential threats from AC members and managers
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 563

Fig. 1. The role of protector and its variants.

(tactic II-A: establishing priorities). It may happen that internal auditors perform compliance audits or value-for-money
audits at the express request of the top manager and to reassure him without previously informing managers. Internal
auditors also stated that they aim to ensure that the top manager does not lose face in front of AC members. This particular
concern is not embodied by a specific assignment or activity, but is reflected in the attitude adopted by internal auditors. This
attitude is apparent in the way internal auditors tend to operate. The internal audit manager ensures that the top manager
feels comfortable with the annual plan before submitting it to the audit committee for approval.
We always present it to the top manager before submitting it to an audit committee so that the top manager doesn’t
feel uncomfortable. (IAM 10)
The internal audit manager and the internal auditors in charge of assignments inform the top manager about the most
important issues noted in their reports and discuss these issues with the top manager before presenting the report to the
audit committee. Internal auditors refer to this process as ‘preparing’ the top manager.
The various assignments and activities associated with the role of protective shield are said to be ‘official’ in the sense that
they are included in the annual plan and in the reports of the activities of the IAF or solely in the activity report (in the case of
interventions requested in the course of the year). Among the external threats identified by the interviewees, the most
frequently cited were those relating to the legal and environmental framework governing public administration in Quebec.
The interviewees stated that they performed compliance audits and audits of the annual management report to ensure that
the organization (starting with the top manager) complies with the relevant legal and regulatory obligations.
Another threat weighing on the organization and managers is the risk of an audit by an external body (a public
administration body). The Auditor General of Quebec was perceived to be the most threatening entity. One of the
responsibilities performed by internal auditors is to prevent potentially negative repercussions from interventions by the
General Auditor of Quebec. Internal auditors perform value for money and compliance audits relating to activities that are
deemed to involve a degree of risk, whether it be at the level of economics, efficiency or compliance. While the interviewees
claimed to perform compliance audits, they also stated that they perform value-for-money audits.

We’re internal to the organization. Our aim is to make sure things don’t get out. Our aim is to prevent the General
Auditor of Quebec from turning up and saying that we’re not doing things properly. We’re here to make sure that we
(i.e. the organization) don’t have any problems. (IAP 1)
While such assignments (described as preventative by the interviewees) cannot prevent the Auditor General of Quebec
from performing an audit, coordination and negotiation with the Auditor General of Quebec are among the duties performed
by internal audit managers. Their responsibilities also include supporting the managers who are required to respond to the
criticisms of the General Auditor of Quebec during the validation of the report.
The interviewees also emphasized the threats associated with ‘public opinion risks’. The organizations examined in this
research are all part of public administration in Quebec and are therefore accountable to citizens through elected
representatives. The interviewees stated that they provided support to the top manager and managers in preparing them to
appear before a parliamentary committee. Internal auditors claim to act as the devil’s advocate and to submit the top
manager and their team of managers to a simulation of a parliamentary committee with a view to preparing them for all
eventualities. This type of activity is characteristic of the role of protective shield performed by internal auditors.

We coached them. This meant imagining the questions that the parliamentary committee might ask, i.e. identifying
what they could reasonably expect to be asked by a parliamentary committee. We’d prepared for it. (IAP 25)
564 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

In discussing public opinion risks, the interviewees also stated that they seek to limit negative repercussions in the event
of a public scandal or to prevent a repeat of any such scandal.
We protect the organization. [. . .] We correct things before it’s too late. That’s our main objective: timing. (IAM 12)
In responding to a scandal that has already broken out, the protection provided by internal auditors involves preparing
the top manager and managers for an appearance before a parliamentary committee or for answers to questions raised by
the General Auditor in the event of an audit. Once the dust settles, the internal audit manager will generally include a
compliance audit or a value-for-money audit in their annual plan or perform these assignments immediately if required to
do so by the top manager.
Most of the official activities of internal auditors operating as protective shields are consistent with the field of action of
the IAF as defined in the internal audit policies consulted during this research. Internal audit policies clearly indicate that
compliance audits and value-for-money audits and coordinating relations with the General Auditor are the responsibility of
the IAF.
These official interventions appear to be in line with Conseil du Trésor du Québec (2006) and IIA standards. They reflect
the following section of the IIA’s definition of internal auditing: ‘internal audit [. . .] provides assurance to the organization
concerning the degree of control of its operations [. . .]’ (The Institute of Internal Auditors, 2009). However, as shown by the
analysis, internal auditors tend not to perform these activities entirely independently. Because they have a grey conception
of independence, internal auditors are constantly seeking to protect the top manager. However, it appears that internal
auditors perform official duties and assignments, such as providing advice about the legality of operations, in compliance
with the regulatory framework of internal auditing. The only infringement is their allegiance to the top manager. Current
standards require internal auditors to display objectivity and to be independent of top management. Internal auditors
seeking to act as shields protecting the top manager are therefore more likely to transgress the limits imposed by their
profession in terms of objectivity. The internal auditors interviewed in this research stated that while they had transgressed
these limits, they did not feel that they had failed to meet their obligation to remain independent and objective.

4.3.1.2. Internal auditors as keepers of secrets. When protection is pushed to the extreme, internal auditors act as keepers of
secrets. The secrets kept by internal auditors may be the secrets of top management or secrets which the organization is keen
to conceal from elected representatives.
Internal auditors may act as the keepers of secrets that the top manager is keen to conceal from AC members. This role is
close to the role of protective shield – except that in their role as keepers of secrets, internal auditors deliberately conceal
information from AC members in order to protect the top manager. The point is not merely to prepare the top manager for
meetings with the audit committee in order to avoid ‘any surprises’ and to ensure that the top manager is capable of dealing
with all eventualities (as illustrated by internal auditors acting as protective shields). When acting as keepers of secrets,
internal auditors aim to conceal or censure key information. One interviewee stated that they had opted to destroy paper
documents that would have put the top manager in an awkward situation rather than disclosing the information since ‘it’s
part of our job [. . .] to make sure the manager doesn’t end up in prison’ (IAM 4).8 Another interviewee claimed to have
provided AC members with distorted information, while another claimed to filter information systematically in order to
‘protect the image of the top manager’ (IAM 8). In all of these cases, AC members are deprived of potentially important
information as a result of an attempt by internal auditors to protect the top manager. Only information that will not
compromise the top manager is transmitted to AC members:
I’d just got back from holiday and there was a report on my desk. I looked at it, and I realized we couldn’t show it to the
audit committee – we just couldn’t. I went to see the top manager and I said: listen, we can’t show this to the audit
committee. (IAM 3)
These practices are not in accordance with the regulatory framework. However, as noted above, they are consistent with
internal auditors’ conception of their roles – a conception more heavily shaped by organizational and relational factors and
by lack of independence (grey independence) than by the legal and regulatory framework. By acting in this way, internal
auditors are not only guilty of failing to act as governance watchdogs, but are also impeding AC members by withholding
information.
Internal auditors may also seek to conceal the secrets of their organization from the prying eyes of external bodies such as
the General Auditor or from public opinion. This requires ‘knowing what not to know’ (Radcliffe, 2008, 2011, p. 1). This is
what Radcliffe (2011, p. 2) calls ‘the law of silence’ self-imposed by some external auditors in the government sector in order
to preserve ‘public secrecy’.9 This paper argues that internal auditors working in the Quebec public sector sometimes act as
keepers of public secrets. For example, internal auditors may deliberately seek to limit the scope of their interventions
because they are aware that they must remain silent about issues that are deemed to be too sensitive. For example, the

8
This is a metaphorical way of saying that he wants to protect the top manager against negative repercussions caused by a failure to comply with a law or
regulation. However, non-compliance does not necessarily imply that the top manager or internal auditor in question has committed a criminal act.
9
According to Radcliffe (2011, 2008), to protect a public secret is not always or necessarily a failure of independence, but a pragmatic behavior adopted by
auditors to perform a difficult job or task.
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 565

account given by IAM 10 (quoted in Section 4.2.2) referred to a sensitive discussion with AC members about the fact that the
IAF should not intervene in a particular sector on the grounds that it might have involved denouncing subsidy overpayments
to a particular group of citizens, since any matter relating (however remotely) to this particular group of citizens is invariably
a highly sensitive issue in public opinion. Another interviewee described the forbidden issues that internal auditors should
avoid at all costs: ‘[. . .] You just don’t talk about it, you don’t touch on it, you don’t even think about it [. . .] because it’s too
sensitive politically’ (IAP 6).
However, as noted above, internal auditors tend to adopt a grey conception of independence that enables them to cope
with ethical conflicts. Their conception of independence is nuanced and adapted to the context in which they operate. ‘Grey
independence’ is a theoretical construct enabling internal auditors in the Quebec public sector to perform their job in a
complex environment made all the more difficult by their role conflicts. Acting as a keeper of public secrets appears to be a
natural behavior among the internal auditors interviewed in this research. This behavior is perfectly consistent with their
primary goal, i.e. to serve and protect their organization and its top manager, since ‘internal auditing is internal’ (IAM 5).
However, as when they seek to protect the secrets of the top manager, their role as ‘keeper of secrets’ is in conflict with the
rules governing internal audit practices. While a governance watchdog should encourage transparency and accountability,
internal auditors working in the IAF are sometimes involved in protective practices that legitimize opacity. The conclusion is
that the IAF does not fully perform its role as a governance watchdog since internal auditors act as keepers of the secrets of
top managers or of the public secrets of the organization.

4.3.2. Internal auditors as helpers

Internal auditors help the top manager, managers and AC members in two ways. First, they support organizational
performance. Second, they act as guides when a new administrative rule comes into force or when a new management policy
or measure is incorporated in public administration. Fig. 2 – the role of helper and its variants – provides a summary of the
various activities and assignments associated with the role of helper, classified according to two key variants.

4.3.2.1. Supporting organizational performance. Support of organizational performance was found to be the main role
performed by internal auditors in promoting resource optimization, and is performed on a regular basis by the interviewees.
Value-for-money audits aim to improve organizational performance. In this type of assignment, internal auditors perform
two roles: the role of protector (see above) and a role aimed at supporting organizational performance. This role is dependent
on the implementation of the recommendations made by audited managers in audit reports. As noted in Section 4.2.3, this
explains the importance given by internal auditors to the relevance of their reports and the frequent use of the negotiation
strategy (type 1 in the typology presented by Hall, 1972) in the event of a conflict with audited managers during
assignments. Internal auditors consider that a consensus on the findings and recommendations outlined in the audit report
facilitates the application of the recommendations made by the IAF. One interviewee stated that ‘a little is better than
nothing’ (IAM 4) in order to justify their use of the negotiation strategy. Supporting organizational performance is also
achieved by performing strategic consulting assignments. The interviewees stated that they were often involved in strategic
consulting. Despite not issuing in reports making formal recommendations, strategic consulting assignments are designed to
improve organizational performance. These assignments are generally requested by managers when they feel the need for
support in coping with the processes for which they are responsible. In responding to their demands, internal auditors
contribute to improving organizational performance by providing support to managers.
Internal audit managers are members of various management committees in their organization. Their involvement in
management committees is not an audit assignment but is part of the secondary activities performed by internal audit
managers. Some internal audit professionals may also be required to perform this type of subsidiary activity when the

Fig. 2. The role of helper and its variants.

566 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

manager is unable to assist or when the committee calls on a specific type of expertise offered by a particular individual (such
as an auditor with an expertise in information technology). Management committees are formed in response to specific
organizational needs, and the internal audit manager will often sit on committees to provide ‘proactive advice’ rather than to
intervene a posteriori. By taking part in management committees, internal auditors contribute actively to the improvement
of the management of the organization. Because of their grey conception of independence, internal auditors are also able to
cope with the inter-role conflicts that may arise in this type of activity in the event of a subsequent audit assignment
involving the expression of a definite opinion (assurance assignment).
In summary, internal auditors support organizational performance in three ways: by performing value-for-money audits,
by providing strategic consulting, and by taking part in organizational management committees. Since these assignments
and activities are official, they can be traced in the various documents obtained in the course of this research (internal audit
policies and activity reports). These interventions comply with the Act Respecting the Governance of State-Owned
Enterprises, with the Public Administration Act and with IIA standards and the IIA code of ethics. Moreover, these
interventions reflect the definition of internal auditing provided by the IIA:
Internal auditing is a [. . .] consulting activity designed to add value and improve an organization’s operations. It helps
an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the
effectiveness of risk management, control, and governance processes. (The Institute of Internal Auditors, 2009b)
Finally, it is important to note that the support of organizational performance provided by internal auditors is in line with
their personal conception of their role. As noted above, this is because they prioritize the top manager at the expense of the
two other role senders.

4.3.2.2. Guide. The interviewees claimed to act as guides when one or all role senders are faced with a new situation. In
practice, the role of guide is embodied by internal auditors performing important training activities in the organization and
among AC members.
This explains why the interviewees claimed to have trained AC members who were not aware of the role they needed to
perform or who had insufficient knowledge of the organization to perform their role adequately. It is important to note that
the presence of audit committees is a new development in public administration in Quebec. Audit committees have only
been introduced on a massive scale in recent years and only very recently compared to private sector firms. Internal auditors
also claim to intervene actively when a new management practice process needs to be introduced or when a new type of
accountability is imposed by a central body. Examples include the obligation to produce an annual management report that
must be submitted to the National Assembly, the development and introduction of new software programs, and
the introduction of a risk management process. The case of risk management will be used to illustrate the effects of the
leadership role performed by the IAF. As a result of being forced to become involved in risk management during the
modernization of the state without knowing how to apply risk management, several top managers and managers turned to
the IAF, since the IAF already planned its activities based on its own assessment of organizational risks. Internal audit
managers still claim to be actively involved in strategic consulting aimed specifically at organizational risk management.
Note that some managers are in charge of risk management within their organization, whereas others perform assignments
that involve providing a definite opinion about this process. Because of the scale of this phenomenon in private sector
organizations, the IIA recently published a document specifying that internal auditors should limit their interventions to
audit assignments that involve providing a definite opinion and strategic consulting to avoid replacing managers in the
implementation of new management processes. Internal audit managers appear to guide the top manager and managers
involved in implementing and coping with the new management processes made compulsory by the Treasury Board
Secretariat.
While the annual plans and activity reports obtained in the course of this research clearly refer to the assignments
relating to the management of new processes or government-scale projects, they make no reference to the training activities
performed by internal auditors. Therefore, these activities remain informal.

4.4. Organizational role-taking among internal auditors

To conclude the presentation of the results, the process of organizational role-taking among internal auditors needs to be
conceptualized. Fig. 3 – organizational role-taking among internal auditors – illustrates the entire process. First, internal
auditors develop their own conception of the roles they must perform (received roles). Fig. 3 shows that these received roles
are influenced by the personal characteristics of internal auditors, interpersonal relations within the organization, the
organizational structure, the legal and regulatory environment and the perceived expectations of the role senders. However,
the analysis also indicates that these factors are filtered by the nuanced conception of independence developed by internal
auditors (grey independence) before being taken into consideration (it is important to remember that grey independence is
in fact a type II-D internalization tactic, which involves changing attitudes toward roles or developing a new attitude that
helps to reduce conflicts.). Fig. 3 also shows how internal auditors come to adopt two role behaviors (protector and helper).
Their role behaviors are mainly governed by the received roles, while also being shaped by role conflict coping strategies
such as grey independence (tactic II-D) and tactics I-D (the conflict is the object of an open discussion in order to reach a
consensus) and II-A (defining priorities in order to cope with role conflicts). It is also important to note that grey
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 567

Fig. 3. Organizational role-taking among internal auditors.

independence is in some sense the keystone of organizational role-taking among internal auditors since it operates both
upstream (by shaping the received roles) and downstream by enabling internal auditors to adopt role conflict coping
strategies I-D and II-A in such a way that internal auditors come to perform the specific roles of helper and protector.

5. Discussion and conclusion

The aim of this paper was to understand how the roles performed by internal auditors impede their watchdog role – a key
role that the regulatory bodies and the various stakeholders expect internal auditors to perform in a public sector context.
The following research question was addressed: what roles do internal auditors perform in a public sector context, and what
are the organizational professional and individual circumstances that shape these roles? A qualitative study based on role
theory (Katz and Kahn, 1978) and the model of coping with role conflict (Hall, 1972) was conducted. Data collection was
based on semi-structured interviews conducted among 42 experienced internal auditors working in 13 public sector
organizations in Quebec.
First, the analysis of the results indicates that internal auditors perform two key roles: the role of protector, further
subdivided into the roles of protective shield and keeper of secrets, and the role of helper, also involving two roles, support of
organizational performance and guide. The typology of the roles performed by internal auditors presented in this paper
differs from the typology usually found in the literature. The reviewed studies generally use a dichotomous typology of the
roles of internal auditors directly inspired from the definition of internal auditing given by the IIA. The standard typology
involves two roles: the role of auditor operating independently of top management (watchdog) and the role of consultant to
top management (Ahmad and Taylor, 2009; Arnold and Ponemon, 1991; Van Peursem, 2004). Audit assignments involving
the expression of a definite opinion (value-for-money audits, compliance audits, financial statement audits) involve
assignments typically associated with the watchdog role, while assignments that do not involve the expression of a definite
568 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

opinion (such as strategic consulting) tend to be associated with the consultant role. According to this typology, the internal
auditor is either independent or not. Internal auditors either conduct audits or provide advice. Therefore, the reality of
internal auditors is without nuance and is limited to the assignments and activities officially performed by the IAF.
However, based on the experience of the internal auditors interviewed in this study, the results suggest that the typology
generally used in the literature is somewhat reductive. This paper argues that categorizing the roles performed by internal
auditors solely on this basis significantly limits our understanding of the roles they perform since the reality of their work
was found to be far more subtle and complex than anything suggested by this typology. This paper provides an alternative
typology of the roles performed by internal auditors that is more representative of the experience of internal auditors
working in Quebec public sector organizations. The typology provided in this paper incorporates the various nuances that
need to be emphasized in order to understand the roles performed by internal auditors based on the official assignments and
activities of the IAF, but also the unofficial activities performed by internal auditors in the IAF and the attitudes adopted by
internal auditors.
Secondly, the analysis indicates that internal auditors have developed a nuanced conception of independence known as
‘grey independence’ in order to perform these roles. Radcliffe (2011, p. 727 and 728) warned researchers against a misplaced
and unjustified attack on auditors for failing to display independence, arguing that we need to examine this particular aspect
of auditing practice with ‘great sensitivity’ in order to understand the various nuances. I agree with Radcliffe (2011) on the
need for sensitivity and restraint in assessing the independence of auditors in the exercise of their duties. In my view, the
grey independence of internal auditors does not imply that they are guilty of unethical conduct. Grey independence enables
internal auditors to manage the context in which they operate in order to cope with a conflict without feeling that they are
departing from the IIA code of ethics or the professional order of accountants. Ahmad and Taylor (2009) argued that the more
internal auditors experience role conflicts, the less importance they grant to independence. However, this research suggests
that internal auditors give more importance to independence despite the many role conflicts they experience. Internal
auditors tend to seek refuge in a different conception of independence – a grey conception in which auditors forgive
themselves for falling short of independence in the strictest sense of the term.
Thirdly, it was found that internal auditors see themselves above all as working in the service of the top manager and the
organization and that they tend to prioritize the top manager at the expense of AC members, despite the fact that they are
aware of the legal framework and the expectations of AC members. Although Van Peursem (2005) found that internal
auditors have a tendency to foster role ambiguity, no evidence of this was found among the internal auditors interviewed in
this study. However, the particular conception of the role of the IAF emphasized by the interviewees is consistent with the
results obtained by Colbert (2002), who found that internal auditors tend to promote the interests of management rather
than remaining impartial. Such behavior is in conflict with the laws and regulations established by state modernization. The
IAF is now compulsory and has been established as a governance watchdog, as opposed to a management tool serving the
interests of top management. The IAF is thus designed to support AC members in monitoring top management, and is not
designed to protect the top manager against potential threats from AC members (among others). Regulations provide that
the IAF is required to be functionally dependent on the audit committee, and not the top manager. In the reviewed studies,
the audit committee was also found to be the main interlocutor of the IAF (Davies, 2009; Mat Zain and Subramaniam, 2007;
Rezaee, 2005; Rezaee and Lander, 1993; Sarens et al., 2009a; Turley and Zaman, 2004, 2007). The findings of this study are
relatively surprising in the light of previous research and the existing laws and regulations, with one exception. The position
adopted by internal auditors is consistent with the results obtained by Norman et al. (2010), who found that internal auditors
view their functional dependence on the audit committee as a threat rather than an opportunity. The findings of this study
and the results obtained by Norman et al. (2010) are not consistent with previous studies. Internal auditors seek to protect
and support AC members only insofar as such protection and support does not prevent them from providing protection and
support to the top manager. Organizational and interpersonal factors therefore have a greater impact on the roles performed
by internal auditors than legal and regulatory factors.
However, irrespective of the roles they perform, internal auditors tend to comply with their personal conception of their
roles (i.e. their received roles). The roles performed by internal auditors are also consistent with the organizational structure
and the closeness of the relationships between the internal audit manager and the top manager, who see the top manager as
having both formal and informal authority. Therefore, the roles performed by internal auditors are not in perfect compliance
with the current legal and regulatory framework governing public administration in Quebec. Overall, the findings suggest
that internal auditing is not the governance watchdog defined by the regulatory authorities and taken for granted in a
number of studies in the field (Archambeault et al., 2008; Gramling et al., 2004; Holt and DeZoort, 2009; Mat Zain and
Subramaniam, 2007; Prawitt et al., 2009) since internal auditors do not systematically act in this way. The results indicate
that internal auditors operate as members of the management team rather than as members of the monitoring and oversight
team. In short, the findings suggest that internal auditors have clearly ‘chosen their camp’.
These findings have serious implications – namely that citizens should not assume that the presence of an IAF has
resulted in greater transparency and accountability since the overhaul of the legal and regulatory framework. When an
organizational function such as the IAF is presented as a key governance mechanism despite the fact that internal auditors
operate, among others, as keepers of the secrets of the top manager or the organization, the result is that the IAF merely
serves to increase the opacity surrounding governance rather than promoting greater transparency. This paper may be seen
as a warning. The point is not that the IAF is useless or irrelevant, but that in the current state of governance, the authorities
should not present the IAF as a panacea to the governance issues raised by the potentially dubious behaviors of top managers
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 569

or by questionable and/or politically sensitive organizational practices. The findings challenge the effectiveness of the legal
and regulatory framework and, in particular, its capacity to promote or increase the independence of the IAF in order to
establish it as a reliable governance watchdog. Finally, I would argue that it was perhaps naive of the regulatory bodies to
believe that the mere fact of changing the legal and regulatory framework in order to place the IAF under the functional
authority of the audit committee would be enough to ensure that the IAF performed its expected role as a watchdog. Having
previously operated under the sole authority of the top manager, the IAF and internal auditors have continued to work in
close collaboration with the top manager.
If the authorities wish to strengthen governance, the different mechanisms aimed at ensuring better governance should
be seen not in isolation but as part of a whole in order to develop an intelligent network of mechanisms designed to improve
the governance of public sector organizations. The implication is that we need to adopt a global approach that incorporates
the different governance, assurance and control mechanisms in order to make optimum use of their complementarity and
to avoid any overlap. This is consistent with English (2013, p. 34) who indicates that it is imperative to better understand
the role of auditors within the ‘‘network of policies, practices, actors and values that shape and support iterative change
processes’’ in the context of reforms occurring in the public sector and involving changes in the ‘‘accountability regime’’.
This is also consistent with Power (2009, p. 173), who, in a memorandum addressed to the House of Commons Treasury
Committee (United Kingdom) in the context of a public consultation relating to the banking crisis, noted that ‘financial
audit is not an island. It is highly dependent on many other practices. It is one part of a complex network of oversight and
assurance activities which are mutually reliant, and which collectively provide assurance about financial stability.
Regulators need to understand this network, and its strengths and weaknesses, rather than focusing on each component in
isolation’.
The implication is that the solution to governance problems cannot involve an overhaul of internal auditing that fails to
take account of other existing governance mechanisms. To illustrate this point, consider the following ‘isolated’ solution:
internal auditor independence could be strengthened and the conflicting roles performed by internal auditors limited by
changing the organizational structure surrounding the IAF, since analysis shows that organizational and interpersonal
factors have a greater impact on the role behaviors of internal auditors than the legal environment. In public administration,
a twofold solution seems possible: first, the different IAFs could be brought together in a central body such as the Treasury
Board Secretariat. The effect would be to remove the administrative authority of the top manager over internal auditing. The
top manager of the organization would have no authority over the annual operating budget or the appointment of internal
auditors. These duties would be performed by the central body, while the audit committee would continue to exert a
functional authority. In addition, the work of internal auditors could be limited to assurance assignments by preventing
them from engaging in non-audit services to ensure that the change is effective. However, this solution has a number of
drawbacks that will need to be addressed if it is to be considered a serious possibility: first, the top manager and other senior
managers may come to see the IAF as yet another form of external auditing and (therefore) view it as a threat rather than a
partner, despite the fact that the members of the IAF are physically and permanently present in the organization. Based on
the answers given by the interviewees, this could seriously compromise their activities within the organization since the key
figure with the power to open or close doors is the top manager. Second, ‘externalizing’ internal auditing would amount to
replacing it with yet another form of external auditing in a public administration system already governed by multiple
external audit mechanisms. Internal auditing would be in direct competition with external auditing since internal auditors
would perform essentially the same oversight role. A more efficient solution would be to increase the number and duties of
existing external auditors (i.e. the auditor general and the finance controller). Second, although this paper challenges the
effectiveness of the IAF as a watchdog mechanism, it remains that internal auditors operate as helpers and protectors in the
organization. In order to preserve these roles, what remains of the IAF could be placed under the sole authority of the top
manager. Internal auditors would continue to perform their roles as helpers and protectors of the top manager and the
organization by (for example) performing consulting and risk management assignments, and even some assurance
assignments, while being solely accountable to the top manager. The assurance assignments performed on behalf of the
audit committee or the top manager would remain separate, thereby limiting the role conflicts experienced by internal
auditors while preserving the roles they currently perform. However, internal auditors would be in direct competition with
management accountants, who already operate as historians, watchdogs, advisers/consultants and change agents/members
of the management team (see Granlund and Lukka, 1998, 1997) in seeking to respond to the demands for information,
monitoring and consultancy from top management. In short, while this hypothetical solution would imply a number of
changes to internal auditing, their impact would have a domino effect on other governance, assurance and control
mechanisms and on the roles performed by other accountants in the organization. This could potentially generate or amplify
useless overlapping and competition between the different roles performed by accountants within the organization (see
Järvinen, 2009 for another view of this issue). This is why a global approach is required based on a view of governance
mechanisms as a network rather than a set of isolated practices.
This research has a number of limitations. First, the foundations of this study imply a degree of subjectivity. Much care
was taken to emphasize transparency and methodological rigor to enable the reader to assess the quality of the research.
Second, the data collection process was conducted for the most part through semi-structured interviews. Therefore, a bias
may have been introduced because of a desire for social acceptance among interviewees. The methodological precautions
taken in this study were designed to minimize this risk. Third, the results of this study are clearly only valid in the examined
context, and it is left to the reader to decide whether the results apply to other contexts. This is why a detailed description of
570 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571

the new legal and regulatory context produced by the governance reform of public administration in Quebec (typical of the
new public management) in which public sector internal auditors operate was provided.
Since very little research has been conducted on the IAF, a wide range of questions still need to be explored in addition to
those examined in this paper. Very little is known about the IAF (Beasley et al., 2009; Gramling et al., 2004; Messier, 2009). In
order to improve our knowledge and understanding of internal auditing and governance, it is important to conduct further
research on expectations and the relations between internal auditors and other governance mechanisms, particularly the
audit committee, the board of directors, top management and external auditors. The aim of this paper was not to assess the
extent to which protecting the secrets of the top manager strengthens the ties between internal auditors and the top
manager, although it would be interesting to examine the role of this behavior in fostering ties between internal auditors and
top management. Like Järvinen (2009) and Power (2009), this paper raises questions about the potentially overlapping roles
of the different organizational functions traditionally performed by accountants and various governance, assurance and
control mechanisms. This is why I argue that we need to take a global view of the issue by considering governance, assurance
and control mechanisms as a network rather than a set of isolated practices. Lastly, the ways in which internal auditors
embody the concept of independence (i.e. grey independence) provide avenues for further research on auditor
independence. Further studies are needed to understand how grey independence affects the work of auditors and,
ultimately, organizations.

Acknowledgments

This paper is the first extract from my doctoral thesis. I am particularly grateful to the internal auditors who agreed to be
interviewed as part of this research. I am also grateful to Danielle Morin, my doctoral supervisor at HEC Montreal, for her
support and for her comments on my work. I also wish to thank the members of my Ph.D. committee, Claude Pilote and
Louise Côté, and my examiners, Ann Langley and Évelyne Lande, for their comments and suggestions. I am also grateful to the
three anonymous reviewers and the two editors associated with this special issue for their comments and suggestions,
which helped to improve this paper. I wish to thank the delegates of the following doctoral conferences for their useful
comments and suggestions in the early stages of this research: Interdisciplinary Perspectives in Accounting (2009), European
Auditing Research Network (2009) and the 6th International conference on accounting, auditing and management in public
sector reforms (2010). I am particularly grateful to Maurice Gosselin, chair of the School of Accountancy at the University of
Laval, for his unfailing support. I wish to thank all of my colleagues in the School of Accountancy at Laval University for their
unwavering support, comments and suggestions. They are all highly talented and generous individuals, and it is a privilege to
be a part of this team. Finally, I wish to thank Dany and David for their love and support.

References

Ahmad Z, Taylor D. Commitment to independence by internal auditors: the effects of role ambiguity and role conflict. Managerial Auditing Journal 2009;24:
899–925.
Archambeault DS, DeZoort FT, Holt TP. The need for an internal auditor report to external stakeholders to improve governance transparency. Accounting Horizons
2008;22:375–89.
Arnold DFS, Ponemon LA. Internal auditors’ perceptions of whistle-blowing and the influence of moral reasoning: an experiment. Auditing 1991;10:1–15.
Auditor General of Quebec. Chapter 4 – internal audit in the Government of Quebec. In: Report to the national assembly for 2004-2005, Québec city. 2005;72–115.
Beasley MS, Carcello JV, Hermanson DR, Neal TL. The audit committee oversight process. Contemporary Accounting Research 2009;26:273–301.
Byrne S, Pierce B. Towards a more comprehensive understanding of the roles of management accountants. European Accounting Review 2007;16:469–98.
Colbert JL. Corporate governance: communications from internal and external auditors. Managerial Auditing Journal 2002;17:147–52.
Conseil du Trésor du Québec. Receuil des politiques de gestion. Orientations concernant la vérification interne (C.T. 204419); 2006.
Davies M. Effective working relationships between audit committees and internal audit: the cornerstone of corporate governance in local authorities, a Welsh
perspective. Journal of Management & Governance 2009;13:41–73.
Denis J-L, Langley A, Pineault M. Becoming a leader in a complex organization. The Journal of Management Studies 2000;37:1063–99.
Eisenhardt KM. Building theories from case study research. Academy of Management The Academy of Management Review 1989;14:532–50.
English LM. The impact of an independent inspectorate on penal governance, performance and accountability: pressure points and conflict in ‘‘the pursuit of an
ideal of perfection. Critical Perspectives on Accounting 2013;24(7–8):532–49.
Fondas N, Stewart R. Enactment in managerial jobs: a role analysis. The Journal of Management Studies 1994;31:83–103.
Funnell W, Wade M. Negociating the credibility of performance auditing. Critical Perspectives on Accounting 2012;23:434–50.
Gendron Y, Bedard J. On the constitution of audit committee effectiveness. Accounting Organizations and Society 2006;31:211.
Government of Quebec. Revised statutes and regulations of Quebec, chapter A-6.01: act of public administration. 2000.
Government of Quebec. Plan de modernisation de l’État. 2004;101.
Government of Quebec. Revised statutes and regulations of Quebec, chapter G-1.02: act respecting the Governance of State-Owned Enterprises. 2006.
Gramling AA, Maletta MJ, Schneider A, Church BK. The role of the internal audit function in corporale governance: a synthesis of the extant internal auditing
literature and directions for future research. Journal of Accounting Literature 2004;23:194–244.
Granlund M, Lukka K. From bean-counters to change agents – the Finnish management accounting culture in transition. The Finnisah Journal of Business
Economics 1997;9:421–43.
Granlund M, Lukka K. Towards increasing business orientation: finnish management accountants in a changing cultural context. Management Accounting
Research 1998;9:185–211.
Grover SL. Why professionals lie: the impact of professional role conflict on reporting accuracy. Organizational Behavior and Human Decision Processes
1993;55:251–72.
Habersam M, Piber M, Skoog M. Knowledge balance sheets in Austrian universities: the implementation, use, and re-shaping of measurement and management
practices. Critical Perspectives on Accounting 2013;24:319–37.
Hales CP. What do managers do? A critical review of the evidence The Journal of Management Studies 1986;23:88–115.
Hall DT. Model of coping with role conflict – role behavior of college educated women. Administrative Science Quarterly 1972;17:471–86.
Harrell A, Chewning E, Taylor M. Organizational-professional conflict and the job satisfaction and turnover intentions of internal auditors. Auditing 1986;5:109.
 M. Roussy / Critical Perspectives on Accounting 24 (2013) 550–571 571

Holt TP, DeZoort T. The effects of internal audit report disclosure on investor confidence and investment decisions. International Journal of Auditing 2009;13:
61–77.
Järvinen J. Shifting NPM agendas and management accountants’ occupational identities. Accounting Auditing & Accountability Journal 2009;22:1187–210.
Jones RE, Deckro RF. The social psychology of project management conflict. European Journal of Operational Research 1993;64:216–28.
Katz D, Kahn RL. The social psychology of organizations. New York: John Wiley and Sons; 1978.
Langley A. Strategies for theorizing from process data. Academy of Management The Academy of Management Review 1999;24:691–710.
Levinson D. Role, personality, and social structure in the organizational setting. Journal of Abnormal and Social Psychology 1959;58:170–80.
Lincoln YS, Guba EG. Establishing trustworthiness. In: Park N, editor. Naturalistic inquiry. Sage; 1985. p. 289–331.
Marginson D, Bui B. Examining the human cost of multiple role expectations. Behavioral Research in Accounting 2009;21:59–81.
Mat Zain M, Subramaniam N. Internal auditor perceptions on audit committee interactions: a qualitative study in malaysian public corporations. Corporate
Governance An International Review 2007;15:894–908.
McCracken S, Salterio SE, Gibbins M. Auditor-client management relationships and roles in negotiating financial reporting. Accounting Organizations and Society
2008;33:362–83.
Messier B. What we don’t know about the audit process. In: Paper presented at the fifth European auditing research network symposium, Valencia, Spain. 2009.
Miles MB, Huberman AM. Centration et délimitation du recueil de données: fondements liminaires. In: Université DB, editor. Analyse de données qualitatives.
Bruxelles. 2003;37–80.
Mutiganda J-C. Budgetary governance and accountability in public organisations: an institutional and critical realism approach. Critical Perspectives on
Accounting 2013;24(7–8):518–31.
Norman C, Rose A, Rose J. Internal audit reporting lines, fraud risk decomposition, and assessments of fraud risk. Accounting Organizations and Society
2010;35:546–57.
Patton MQ. Qualitative research & evaluation methods. Thousand Oaks, Calif: Sage Publications; 2002.
Pei BKW, Davis FG. Impact of organizational structure on internal auditor organizational-professional conflict and role stress: an exploration of linkages. Auditing
1989;8:101–15.
Power M. Memorandum from Michael Power about the banking crisis. London: Authority of the House of Commons; 2009. Ev 173–176.
Prawitt D, Smith J, Wood D. Internal audit quality and earnings management. The Accounting Review 2009;84:1255–80.
Radcliffe VS. Knowing efficiency: the enactment of efficiency in efficiency auditing. Accounting Organizations and Society 1999;24:333–62.
Radcliffe VS. Public secrecy in auditing: what government auditors cannot know. Critical Perspectives on Accounting 2008;19:99–126.
Radcliffe VS. Public secrecy in government auditing revisited. Critical Perspectives on Accounting 2011;22:722–7.
Randall DM. Multiple roles and organizational commitment. Journal of Organizational Behavior (1986-1998) 1988;9:309–17.
Rezaee Z. Causes, consequences, and deterence of financial statement fraud. Critical Perspectives on Accounting 2005;16:277–98.
Rezaee Z, Lander GH. The internal auditor’s relationship with the audit committee. Managerial Auditing Journal 1993;8:35–41.
Romelaer P. Notes sur l’entretien semi-directif centré. 2001;12.
Roussy M. Turning watchdogs into secret keepers: internal auditors viewed from the view of audit committee members. In: Paper presented at the critical
perspectives on accounting conference Clearwater Beach, Florida, USA. 2012.
Saliterer I, Korac S. Performance information use by politicians and public managers in a fragmented local service delivery context – the issue of purpose. Critical
Perspectives on Accounting 2013;24(7–8):502–17.
Sarens G, De Beelde I, Everaert P. Internal audit: a comfort provider to the audit committee. The British Accounting Review 2009a;41:90–106.
Sarens G, De Beelde I, Everaert P. Internal audit: a comfort provider to the audit committee. The British Accounting Review 2009b;41:90.
Secrétariat du Conseil du Trésor du Québec. Mise en place et consolidation de la fonction de vérification interne dans les ministères et organismes – guide. 2009.
Shenkar O, Zeira Y. Role conflict and role ambiguity of chief executive officers in international joint ventures. Journal of International Business Studies
1992;23:55–75.
Sorensen JE, Sorensen TL. The conflict of professionals in bureaucratic organizations. Administrative Science Quarterly 1974;19:98–106.
Strauss A, Corbin J. In: Park N, editor. Basics of qualitative research. Sage; 1990. p. 96–115.
The Institute of Internal Auditor. I.I. A., International Standards for the Professional Practice of Internal Auditing (Standards) (The IIA, cited 19 juin 2009); 2009.
Available from http://www.theiia.org/guidance/standards-and-guidance/ippf/standards/.
Tietze S. When ‘‘work’’ comes ‘‘home’’: coping strategies of teleworkers and their families. Journal of Business Ethics 2002;41:385–96.
Turley S, Zaman M. The corporate governance effects of audit committees. Journal of Management & Governance 2004;8:305–32.
Turley S, Zaman M. Audit committee effectiveness: informal processes and behavioural effects. Accounting Auditing & Accountability Journal 2007;20:765–88.
Van Peursem K. Internal auditors’ role and authority: New Zealand evidence. Managerial Auditing Journal 2004;19:378–93.
Van Peursem K. Conversations with internal auditors: the power of ambiguity. Managerial Auditing Journal 2005;20:489–512.
Verstegen B, Loo I, Mol P, Slagter K, Geerkens H. Classifying controllers by activities: an exploratory study. Journal of Applied Management Accounting Research
2007;5:9–32.
Vinnari E, Nasi S. Financial and technical competence of municipal board members: empirical evidence from the water sector. Critical Perspectives on Accounting
2013;24(7–8):488–501.
Wiersma UJ. A taxonomy of behavioral strategies for coping with work-home conflict. Human Relations 1994;47:211–21.