DOI QR코드

DOI QR Code

Exploring the Distribution of Organizational Risk and Assessing Internal Audit Effectiveness: A Systematic Review

  • Arum ARDIANINGSIH (Faculty of Business and Economics, Universitas Pekalongan) ;
  • Doddy SETIAWAN (Faculty of Business and Economics, Universitas Sebelas Maret) ;
  • Wahyu WIDARJO (Faculty of Business and Economics, Universitas Sebelas Maret) ;
  • Payamta PAYAMTA (Faculty of Business and Economics, Universitas Sebelas Maret)
  • Received : 2024.01.14
  • Accepted : 2024.04.05
  • Published : 2024.04.30

Abstract

Purpose: The function of internal audit is to help achieve company goals and targets by minimizing the impact of business risks. The distribution of internal audit activities in carrying out control and supervision covers all aspects or activities at all levels of management. The aim of the research is to determine the distribution of risk-based internal audit effectiveness assessments in companies. Data and Research Design Methodology: Researchers examined research trends regarding things that could influence the distribution of the effectiveness of the internal audit function from 2007 to 2023.This research used a systematic literature review (SLR) research method. This research used 23 papers sourced from the Scopus database. Results: The distribution of the effectiveness of audit services provided by internal auditors is more influenced by the personal characteristics of internal auditors and has little to do with the leadership of the chief internal auditor, technology, and risk management. Conclusion: The distribution of monitoring services provided by internal auditors covers all levels of departments or divisions of the organization. The assessment of internal audit effectiveness is more influenced by the auditor's personal attributes such as independence, competence, and management support.

Keywords

1. Introduction

Organization is always faced with business risks. Changes in the business environment have generated new risks and forced organization to modify governance, risk management, control, and supervision processes. Minimizing the impact of risk will maintain business sustainability and the organization's success (Widianingsih et al., 2023). Business changes and risks faced by the organization also create a need for internal auditors. Internal audit plays a role in carrying out supervision and helping to control and handle the negative impacts of risks that exist in the organizational. Internal audit is part of the organizational's governance structure to provide support for good corporate governance.

The distribution of internal audit services covers all organizational divisions to manage, control and supervise the impact of business risks that threaten the achievement of organizational goals and objectives (Drogalas & Siopi, 2017; Drogalas et al., 2020; Grant & Visconti, 2006; Karagiorgos et al., 2010; Κοutoupis & Tsamis, 2009; KPMG, 2007; Lemon & Tatum, 2003). Risk in auditing means that the auditor accepts a certain level of uncertainty which can cause losses to the Company so that it requires a response in carrying out the audit. Now, Organizations must to report on what they are doing to identify and mitigate sustainability risks. The distribution of internal audit functions has provided wider coverage for risk assessment, audit planning, and internal audit implementation (Khanna & Kaveri, 2008; Koutoupis & Tsamis 2009; Coetzee & Lubbe, 2014).

Internal audit helps management ensure the adequacy of internal control through supervision, minimizing the impact of risks such as fraud risk, credit risk and reputation risk. The main purpose of internal audit is to assist work units in the corporation's operational activities to manage risk by identifying problems, suggesting improvements that add value to the corporation. The risk is the possibility that an event/action will fail or negatively affect the corporation's ability to achieve business goals. The risk in auditing means that the auditor accepts a certain level of uncertainty that can cause losses to the Corporation so that it requires a response in conducting an audit. The risk-based audit procedures underscore the importance of identifying risks inherent in strategic plans, testing and reporting on the adequacy and effectiveness of risk mitigation procedures (Coetzee & Lubbe, 2014).

The main objective of internal audit is to assist the Company's operational activities, manage risks by identifying problems, suggesting improvements that provide added value to the company. The distribution of internal audit activities primarily focuses on areas in divisions or departments that have significant risks. (Griffiths, 2005; Hafizah, 2017; Koutoupis & Tsamis, 2009; Sarens et al., 2012). Auditor characteristics are expected to be able to increase the role of internal auditors effectively (Arena & Azzone, 2009; Alzeban & Sawan, 2015; Chang, et. al., 2019; Mihret & Yismaw, 2007; Lenz & Hahn, 2015). Effectivenessinternal audit viewsthat all business activities, especially those containing business risks, need to be mapped. Several factorssuch as corporation size, regulation, type of industry and culture will encourage the adoption of a risk-based internal audit process in the corporations (Koutoupis &Tsamis, 2009).

Bednareck (2018) argues that the effectiveness of internal audit is important because it will ensure the reliability of internal audit results, the active involvement of internal auditors in the company's governance system (Martino, et al., 2019) and requires risk management through risk management (Coetzee & Lubbe, 2014). The internal audit function is distributed in management, risk control and supervision activities as well as suggestions for improvements throughout the company's business lines, which has opened research opportunities regarding the effectiveness of internal audit. This research offers first, a direction for future internal audit effectiveness research. Second, this research maps the factors that influence the effectiveness of internal audit. This research was conducted using the systematic literature review (SLR) research method. The systematic literature review (SLR) method is used to evaluate the results of empirical research related to the effectiveness of internal audit and analyze them.

2. Literature Review

IIA (2017) defines internal audit as an independent and objective assurance and consulting activity designed to add value and improve operational of corporation. Internal audit helps an organization or corporation achieve its goals through a systematic and regular approach in evaluating and improving the effectiveness of risk management, control, and governance processes. Internal audits help save money, protect reputation, and pave the way for achieving corporate goals. In short, internal audit identifies risks that can keep the organization from achieving its strategic goals and objectives, alerts management to business processrisks, and proactively recommends improvements to help reduce risk. According to the IIA number 1100 standard, the internal audit activity must be independent and objective in carrying out its duties. Internal audit ensures that the corporation has performed effectively and efficiently.

The effectiveness of the internal audit function according to (Dittenhofer, 2001; Mihret & Yismaw, 2007) is measured by the ability of internal auditors to disclose and communicate findings and recommendations that are followed up by the management of corporation. According to Pickett (2010), Internal auditors must possess the knowledge, skill, and other competencies needed to perform their individual responsibilities. Research by Soh and Martinov (2011) proves that having the right people with sufficient skills to carry out the internal audit function is important for corporations. Management commitment and management support to use recommendations on audit results will strengthen the overall effectiveness of internal audit (Mihret & Yismau, 2007; Cohen & Sayag, 2010).

According to IIA, (2017) the effectiveness of internal audit can be seen from two sides, namely the supply side and the demand side. The supply side consists of factors such as Competence of the Internal Audit (IA) department, Size of the Internal Audit (IA) department, Organizational settings, Scope limitations, Compliance with applicable standards, Management training ground, Auditee attributes, Internal Audit (IA) independence, Internal Audit (IA) objectivity, conduct risk consulting, Outsourcing Internal Audit (IA), Quality of audit work, Chief audit executive's leadership style. While the demand side consists of factors such as Management support for Internal Audit (IA), Interaction between Internal Audit (IA) and external audit, Cooperation with the audit committee, Information and communication, Existence of a follow-up process, Supportive control environment, Cultural dimensions.

Risk is a deviation between expected results and actual results (Arena et al., 2006). Evenly distributing risk control and monitoring in each business line will help the company maintain its business continuity. The Corporation's business process risks require control, supervision and handling so that they do not have a negative impact on the achievement of the Corporation's goals. Some of the risks contained in the corporation are operational risk, reputation risk, compliance risk, legal risk, and strategic risk which are risks that are interrelated with one another. Effectiveness internal audit approach emphasizes that auditors begin to allocate resourcesto high-risk areas in conducting audits. If risks are not identified and assessed, then the internal auditor is required to work closely with business management to provide information about this (Griffiths, 2005; Kumaat, 2011).

The functions of an internal auditor are distributed across management structure, business objectives, organizational changes, high-risk areas or divisions or departments and management concerns regarding risks and outcomes when assessing risks. Risk assessment must be considered at all levels in the business organizational structure as well as in the activities of subsidiaries. The effectiveness internal audits are highly dependent on the influence of internal monitoring mechanisms such as audit committees, internal audit attributes, and risk management and internal control systems (Abidin, 2017). Mihret and Khan (2013) conceptualize internal audit as a party that provides ex post assurance and consulting services to improve company efficiency and effectiveness.

3. Methodology

This research method uses a systematic literature review (SLR). The systematic literature review (SLR) method focuses on certain issues, organizes relevant literature into a collection of findings in a coherent and comprehensive manner and reconstructs it into new knowledge (de Geus et al., 2020; Massaro et al., 2016). Sources of data come from journals, websites, and books. This research analyzestrends in the distribution of risk-based internal audit monitoring and supervision that are carried out effectively and published in reputable journals. The research was carried out using a three-step approach that has been carried out by previous research (Alhossini et al., 2021; Nerantzidis et al., 2020). We seek and identify, collect, and analyze studies on the characteristics of internal audit and their impact on the effectiveness internal audit. The first stage, designing the formulation of the problem which is the focus of attention in this research. Furthermore, we collect published research esearch method uses a systematic literature review publication articles consisting of:

⦁ Google scholar (http://googlescholar.com),

⦁ Scopus (http://scopus.com),

⦁ Science direct (http://Sciencedirect.com),

⦁ Emerald Insight (http://www.emeraldinsight.com)

The electronic media above is the main electronic machine for searching and identifying published articles, ensuring that all published research results meet publication quality requirements (Nerantzidis et al., 2020). Then we conducted a search in the Scopus, google scholar, science direct and emerald insight database using the keywords “Internal audit”, “Effectiveness of Internal Audit”, "Characteristics of Internal Auditors", “Risk”.

In the second step, we review titles, keywords, abstracts, and exclude irrelevant studies such as proceedings and books. We only take reputable and quality journals (Kubicek & Machek, 2019). In the third stage, we take quoted or cited studies. In the third step, we examine the impact of published articles based on the number of citations on Google Scholar. In the final stage, we perform data extraction by recording: author, year of publication, journal, research location, citation, research approach, research method, data source, theory, review of research themes and variables.

4. Result

In the results and discussion section, the researcher will summarize the results of data tracking by mapping and analyzing research trends on the effectiveness internal audit. Our search results, based on the keywords, obtained preliminary data of 1200 articles published in international journals and Scopus indexed international journals. We are eliminated 558 articles published in international journals. We also eliminated 319 articles as books (non-academic), magazine articles, and publications without bibliographic information. Then, 300 articles such as thesis or dissertations were eliminated from this research data. The final data screening obtained 23 articles for analysis. There are 12 (52%) articles published in international journals indexed Scopus Q1, 8 (35%) articles in Scopus Q2, 1 (4%) article in Scopus Q3, and 2 (9%) articles in Scopus Q4 (Figure 1). Our search results found that there were 23 articles on the effectiveness internal audit that were mostly published in the Managerial Auditing Journal, namely 5 articles, and the International Journal of Auditing, namely 5 articles (Table 1).

OTGHB7_2024_v22n4_59_f0001.png 이미지

Figure 1: The Distribution of Published Articles In Scopus

Table 1: The Distribution of Published on The Effectiveness Internal Audit Articles.

OTGHB7_2024_v22n4_59_t0001.png 이미지

Based on journal publishers, the results obtained for the publication of research on the effectiveness internal audits were mostly carried out on Emerald publishers with 7 articles and John Wiley and Sons Ltd with 5 articles (Table 2). We also see an impact on research publications related to the effectiveness of internal audit based on the number of citations, namely 4392 citations starting in 2008 with 4 citations, in 2009 with 15 citations, in 2010 with 17, in 2011 with 34, in 2012 with 55, in 2013 with 77, in 2014 with 122, in 2015 with 192, in 2016 with 245, in 2017 with 232, in 2018 with 384, in 2019 with 343, in 2020 with 421, in 2021 with 524, in 2022 with 612, and in 2023 with 329 citations. The number of citations tends to increase every year, with the highest number of citations in 2022 of 612 citations (Figure 2). The distribution of citations for each journal shows that the managerial auditing journal has the highest number of citations, namely 1736 citations, then the international journal of auditing with 1090 citations and the Australian Accounting Review with 701 citations (Figure 3).

Table 2: The Distribution of Articles in Each Publisher

OTGHB7_2024_v22n4_59_t0002.png 이미지

OTGHB7_2024_v22n4_59_f0002.png 이미지

Figure 2: Number of Article Citations Every Year

OTGHB7_2024_v22n4_59_f0003.png 이미지

Figure 3: Citation Distribution for Each Journal

The results of the study also show the type of research, namely 17 studies using a quantitative approach, 3 studies using a qualitative approach and 3 studies using a mixed method. The research methods used include surveys, observations, experiments, phenomenology, interviews, literature studies. The results of the study provide an overview of several theories used such as agency theory (Mihret & Yismaw, 2007; Arena & Azzone, 2009; Soh & Martinov, 2011; Alzeban & Gwilliam, 2014; D'Onza et al., 2015; Lenz et al., 2017; Oussii & Taktak, 2018; Carcelo et al., 2020; Dzikirullah et al., 2020; Ibrani et al., 2020; Garven & Scarlata, 2020). Agency theory can be used in this kind of research because it is able to explain how the supervisory role in reducing agency problems so that it can improve the implementation of risk-based internal audits to be more effective.

Research using Institutional Theory (Elbardan et al., 2016), Institutional Theory explains that to fulfill their needs, humans need to work together with others so it is necessary to control behavior so that an organization can achieve common goals. This theory can be used to explain how good cooperation between internal audit and stakeholders can increase the effectiveness of organizational governance. Well-established cooperation between management, risk management and internal auditors will enable risk-based internal audit activities to run effectively to achieve corporate objectives. Stakeholders’ theory is used in research by (Erasmus & Coetzee, 2018). Resource-based theory is used in research of Alqudah et al. (2019), and clinical governance theory in Van Gelderen et al. (2017).

5. Discussion

The Common Body of Knowledge (CBOK) by the Institute of Internal Auditors (IIA) in 2010, provides 3 indicators for the competence of internal auditors as follows: (1) Knowledge, (2) Behavioral skills and technical skills, (3) Dimensions of general competencies, (4) Communication skills, ability to identify problems and theirsolutions. Indicators of internal audit effectiveness can be categorized based on process, output, and outcome (Arena & Azzone, 2009). The process indicator is to evaluate the auditor's performance such as the ability to prepare audit plans, carry out audit work and communicate audit findings. The output indicator is alignment with the expectations of stakeholders or accommodating the needs of stakeholders. The outcome indicator is the impact of the internal audit process being able to provide added value to the Corporation.

According to Cohen and Sayag (2010), top management support includes providing the support needed by internal audit, a comparison between the number of internal auditors and audit work that has been planned and must be completed, the budget provided for the internal audit department, adequate support for training and development internal audit staff. Management support for internal audit includes responses to audit findings, commitment to strengthening internal audit, and resources for the internal audit department (Alzeban & Gwilliam, 2014; Mihret & Yismau, 2007). When management fully supports the activities carried out by the internal audit unit, it will provide confidence and ease of accessfor the internal audit team in carrying out the monitoring and control process. Management support also facilitates the implementation of recommendations and follow-up of risk-based internal audit results to be immediately responded to within the organization.

The results of research conducted by Mihret and Yismaw (2007) state that the effectiveness of the internal audit function is influenced by: (1) Internal audit quality, namely: staff expertise, scope of service, audit planning, observation and control as well as effective communication; (2) Management support, namely: responses to audit findings and commitment to strengthen internal audit; (3) Organizational arrangements, namely: organizational profile, internal organization, internal audit department policies and procedures and budget; (4) Policies and procedures for auditing, namely: auditee's expertise, auditee's attitude towards internal audit and auditee's cooperation with internal audit. D'Onza et al. (2015) stated that the effectiveness internal audit will be seen from the number of findings that are verified and communicated to management. Audit findings are obtained in accordance with auditing standards and audit procedures used. D`Onza et al. (2015) said that the encouragement of internal audit activities will provide different added values for developed countries and developing countries, the financial industry and or non-financial industries.

Distribution of the effectiveness internal audit from internal audit quality such asinternal audit size (Dzikirullah et al., 2020), or personal auditor attributes such as independence, competence, ethics, and expertise (Yee et al., 2008; Lenz et al., 2017; Alzeban & Gwilliam, 2014). The effectiveness internal audit will improve an organization's internal control and governance practices (Chang et al., 2019; Turetken et al., 2020). Internal auditors must have independence, objectivity, management support, work experience, critical thinking skills, and competency certification (Eulerich et al., 2018; Dzikirullah et al., 2020). A free position, not bound by the interests of any party, and no intervention from any party in carrying out audit duties and responsibilities as well as efforts to maintain the credibility of the internal auditor profession (D'Onza et al., 2015) is an attitude of independence that internal auditors (Dejnaronk et al., 2016). Internal auditors must always act independently so that they are free from interference, whether fear or intervention that could influence their judgment. The availability of reference documents regarding the right to access information on organizational records and assets, the position, function and structure of the internal audit organization, and the scope of internal audit are things that need to be considered in independence. The literature agrees that a lack of independence will affect the effectiveness of internal audit (Alzeban & Gwilliam, 2014; D'Onza et al., 2015; Eulerich et al., 2018).

The Competencies are key and general requirements that must be met to be able to carry out internal audits effectively (Dellai et al., 2016). Literature studies on competency look at competency aspects of internal auditor experience, educational qualifications, percentage of internal auditors who have certification, and the number of training hours required to carry out internal audit tasks (Mihret & Yismaw, 2007; D'Onza et al., 2015; Lenz et al., 2017). The analysis of the literature also obtained responses to the processes and results of the internal audit in the form of audit findings, follow-up on recommendations will increase the effectiveness internal audit (Oussii & Taktak, 2018).

Bantleon et al. (2020) uses a three lines defence model to see the effectiveness of internal audit. The three lines of defence model highlights the need for coordination between the governance function, risk management, internal audit function with external auditors is needed to achieve the effectiveness internal audit. The organization will distribute various efforts to minimize the impact of risks through control, supervision, and monitoring mechanisms. Risk management and risk mitigation are carried out by the risk management division (Badara & Saidin, 2014) which is able to encourage the implementation of internal audits to be more effective.

The effectiveness internal audit implementation is also determined from the use of information technology that supportsinternal audit duties(Elbardan et al., 2016; Garven & Scarlata, 2020; Eulerich et al., 2023). Technological advances have exposed companies to cyber risks, so companies have taken action to create audit systems. A technology-based audit system makes the implementation of the internal audit process more effective (Lois et al., 2020). Leadership is also a concern in risk-based internal audit activities (Erasmus & Coetzee, 2018; Martino et al., 2019). An internal auditor must have leadership skills including personal skills, managerialskills, and educational abilities. Leadership will strengthen the attitude of internal auditors in disclosing and reporting audit findings so that internal audits can run effectively.

6. Conclusion and Implications

This study used the systematic literature review (SLR) method. Researchers analyzed research trends on the effectiveness internal audits over a period of 16 years. Researchers conducted an analysis of 23 articles published in Scopus indexed journals. Literature studies that have been carried out show that the effectiveness of internal audit can reduce the negative impact of risk through the distribution of supervision throughout the company. The effectiveness internal audit will improve corporate governance and provide added value to the organization.

In terms of research methods, the effectiveness internal audit tends to use survey methods with research instruments in the form of questionnaires and very few uses experimental methods. Then in terms of the type of research conducted, it tends to use quantitative and qualitative approaches, while the use of a mix method is rarely used. Carrying out internal audits spread across each division or department will reduce the negative effects of business risks. The results of observations and analysis carried out by researchers found that effective implementation of internal audits is influenced by management support, internal auditor attributes such as independence and competence. Risk management, and leadership of the head of internal audit are factors that are still rarely researched. This research is only based on the publication of empirical study results and limits certain types of publications.

Acknowledgments

The authors would like to acknowledge directorate general of higher education, Ministry of Education, Culture, Research and Technology, Republic of Indonesia, for the grant no. 055/E5/PG.02.00.PL/2023.

Appendix

References

  1. Abidin, N. H. Z. (2017). Factors influencing the implementation of risk-based auditing. Asian Review of Accounting, 25(3), 361-375.
  2. Alhossini, M. A., Ntim, C. G., & Zalata, A. M. (2021). Corporate board committees and corporate outcomes: An international systematic literature review and agenda for future research. The International Journal of Accounting, 56(1), 2150001.
  3. Alqudah, H. M., Amran, N. A., & Hassan, H. (2019). Factors affecting the internal auditors effectiveness in the Jordanian public sector. EuroMed Journal of Business, 14(3), 251-273.
  4. Alzeban, A., & Gwilliam, D. (2014). Factors affecting the internal audit effectiveness: a survey of the Saudi public sector, Journal of International Accounting, Auditing and Taxation, 23(2), 74-86.
  5. Alzeban, A., & Sawan, N. (2015). The impact of audit committee characteristics on the implementation of internal audit recommendations. Journal of International Accounting, Auditing and Taxation, 24, 61-71.
  6. Arena, M., Arnaboldi, M., & Azzone, G. (2006). Internal audit in Italian organizations: A multiple case study. Managerial Auditing Journal, 21(3), 275-292.
  7. Arena, M., & Azzone, G. (2009). Identifying organizational drivers of internal audit effectiveness. International Journal of Auditing, 13(1), 43-60.
  8. Badara, M.S. and Saidin, S.Z. (2013). The journey so far on internal audit effectiveness: a calling for expansion. International Journal of Academic Research in Accounting, Finance and Management Sciences, 3(3), 340-351. https://doi.org/10.6007/IJARAFMS/v3-i3/225
  9. Bantleon U., d'Arcy, A., Eulerich, M., Hucke, A., Pedell, B., & Ratzinger-Sakel, N. V. S. (2020). Coordination challenges in implementing the three lines of defense model. Int J Audit. 1-16.
  10. Bednareck, P. (2018). Factors Affecting the Internal Audit Effectiveness: A Survey of the Polish Private and Public Sectors. Efficiency in Business and Economics. 1-16.
  11. Carcello, J.V, Eulerich, M., Masli, A., Wood, D.A., (2020). Are internal audits associated with reductions in perceived risk?. Auditing: A Journal of Practice & Theory, 39(3), 55-73.
  12. Cohen, A., & Sayag, G. (2010). The effectiveness of internal auditing: an empirical examination of its determinants in Israeli organisations. Australian Accounting Review, 20(3), 296-307.
  13. Coetzee, P., & Lubbe, D. (2014). Improving the efficiency and effectiveness of risk-based internal audit engagements. International Journal of Auditing, 18(2), 115-125.
  14. Chang, Y. T., Chen, H., Cheng, R. K., & Chi, W. (2019). The Impact of Internal Audit Attributes on the Effectiveness of Internal Control Over Operation and Complience. Journal of Contemporary Accounting & Economics, 15(1), 1-19.
  15. de Geus, C. J. C., Ingrams, A., Tummers, L., & Pandey, S. K. (2020). Organizational citizenship behavior in the public sector: A systematic literature review and future research agenda. Public Administration Review, 80(2). 259-270.
  16. Dellai, H., Ali, M., & Omri, B. (2016). Factors affecting the internal audit effectiveness in Tunisian organizations, Research Journal of Finance and Accounting, 7(16), 2222-2847.
  17. Dejnaronk, J., Little, H.T., Mujtaba, B.G., & McClelland, R. (2016). Factors influencing the effectiveness of the internal audit function in Thailand, Journal of Business and Policy Research, 11(2), 80-93.
  18. Dittenhofer, M. (2001). Internal auditing effectiveness: An expansion of present methods. Managerial Auditing Journal, 16(8), 443-50. https://doi.org/10.1108/EUM0000000006064
  19. D'Onza, G., Selim, G.M., Melville, R, & Allegrini, M. (2015). A study on internal auditor perceptions of the function ability to add value. International Journal of Auditing, 19(3),189-194.
  20. Drogalas, G., & Siopi, S. (2017). Risk management and internal audit: Evidence from greece. Risk Governance and Control: Financial Markets and Institutions, 7, 104-110.
  21. Drogalas, G., Nerantzidis, M., Mitskinis, D., & Tampakoudis, I. (2020). The relationship between audit fees and audit committee characteristics: Evidence from the athens stock exchange. International Journal of Disclosure and Governance. 18, 24-41.
  22. Dzikirullah, A. D., Harymawan, I., & Ratri, M. C. (2020). Internal audit functions and audit outcomes: Evidence from Indonesia. Cogent Business & Management, 7(1750331), 1-21.
  23. Erasmus, L., & Coetzee, P. (2018). Drivers of stakeholders' view of internal audit effectiveness: Management versus audit committee. Managerial Auditing Journal, 33(2), 90-114.
  24. Elbardan, H., Ali, M., & Ghoneim, A. (2016). Enterprise resource planning systems introduction and internal auditing legitimacy: An institutional analysis. Information Systems Management, 33(3), 231-247.
  25. Eulerich, M., Theis, J. C., Lao, J., & Ramon, M. (2018). Do fine feathers make a fine bird? The influence of attractiveness on fraud-risk judgments by internal auditors. International Journal of Auditing, 22(3). 1-13.
  26. Eulerich, M. A., Masli, J., Pickerd, D. A., & Wood. (2023). The Impact of audit technology on audit task outcomes: evidence for technology-based audit techniques. Contemporary Accounting Research, 40(2), 981-11012.
  27. Garven, S., & Scarlata, A. (2020). An examination of factors associated with investment in internal auditing technology, Managerial Auditing Journal, 35(7), 955-978.
  28. Grant, R. M., & Visconti, M. (2006). The strategic background to corporate accounting Scandals. Long Range Planning, 39(4), 361-383.
  29. Griffiths, P. (2005) Risk-based auditing chapter 1. Ashgate Publishing.
  30. Hafizah, N. Z. A. (2017). Factors influencing the implementation of risk-based auditing. Asian Review of Accounting, 25(3), 361-375.
  31. Ibrani, E. Y., Faisal, Sukarsari, N., & Handayani, Y. D. (2020). Determinants and consequences of internal auditor quality on regional performances: An empirical investigation in indonesia. Quality-Access to Success, 21(176), 87-92.
  32. Karagiorgos, T., Drogalas, G., Eleftheriadis, I., & Christodoulou, P. (2010). Internal audit contribution to efficient risk management. Journal of Business Management, 2(1), 1-14.
  33. Khanna, V., & Kaveri, J. S. (2008). Implementing risk-based internal audit in Indian banks: An assessment of organizational preparedness. Journal of Bank Management, 7(3), 23-47.
  34. Koutoupis, G, A, & Tsamis, A. (2009). Risk based internal auditing within greek banks: A case study approach. Journal of Management and Governance.
  35. KPMG (2007). The evolving role of internal auditor - Value creation and preservation from an internal audit perspective KPMG LLP, USA.
  36. Kubicek, A., & Machek, O. (2019). Gender-related factors in family business succession: A systematic literature review. Review of Managerial Science, 13(5), 963-1002.
  37. Kumaat, V. G. (2011). Internal audit. Jakarta: Erlangga.
  38. Lemon, W. M., & Tatum, K. W. (2003). Internal auditing systematic and disciplined process, in Bailey, A. D., Gramling, A. A. & Ramamoorti, S. (Eds.), Research opportunities in internal auditing, Chapter 8 (pp. 269-301). The Institute of Internal Auditors Research Foundation, Altemonte Springs, Florida.
  39. Lenz, R., & Hahn, U. (2015). A synthesis of empirical internal audit effectiveness literature pointing to new research opportunities. Managerial Auditing Journal, 30(1), 5-33.
  40. Lenz, R., Sarens, G., & Hoos, F. (2017). Internal audit effectiveness: Multiple case study research involving chief audit executives and senior management. EDPACS, 55(1), 1-17,
  41. Lois, P., Drogalas, G., Karagiorgos, A., & Tsikalakis, K. (2020). Internal audits in the digital era: opportunities risks and challenges. EuroMed Journal of Business, 15(2), 205-217.
  42. Martino, P., D'Onza, G., & Melville, R. (2019). The relationship between cae leadership and the IAF's involvement in corporate governance. Journal of Accounting Auditing & Finance, 36(2), 1-19.
  43. Massaro, M., Dumay, J., & Guthrie, J. (2016). On the Shoulders of giants: Undertaking a structured literature review in accounting. Accounting Auditing & Accountability Journal, 29(5), 767-801.
  44. Mihret, D. G., & Yismaw, A.W. (2007). Internal audit effectiveness: An Ethiopian public sector case study. Managerial Auditing Journal, 22(5), 470-484.
  45. Mihret, D. G., & Khan, D. A. (2013). The role of internal auditing in risk management. Seventh APIRA Conference.
  46. Nerantzidis, M., Pazarskis, M., Drogalas, G., & Galanis, S. (2020). Internal auditing in the public sector: A systematic literature review and future research agenda. Journal of Public Budgeting, Accounting & Financial Management, 34(2), 189-209.
  47. Oussii, A. A., & Taktak, B. N. (2018). The impact of internal audit function characteristics on internal control quality. Managerial Auditing Journal, 33(5), 450-469.
  48. Pickett, K. H. (2010). The internal auditing handbook (3rd. Ed). John Wiley & Sons, Inc., Hoboken, New Jersey.
  49. Sarens, G., Abdolmohammadi, M. J., & Lenz, R. (2012). Factor associated with the internal audit function's role in corporate governance. Journal of Applied Accounting Research, 13(2), 191-204.
  50. Soh, D. S. B., & Martinov-Bennie, N. (2011). The internal audit function: Perceptions of internal audit roles, effectiveness, and evaluation. Managerial Auditing Journal, 26(7), 605-622.
  51. The Institute of Internal Auditors (IIA). (2010). International standards for the professional practice of internal auditing.
  52. The Institute of Internal Auditors (IIA). (2017). International standards for the professional practice of internal auditing.
  53. Turetken, O., Jethefer, S., & Ozkan, B. (2020). Internal Audit Effectiveness: Operationalization and Influencing Factors. Managerial Auditing Journal, 35(2), 238-271.
  54. Van Gelderen, S. C., Zegers, M., Boeijen, W., Westert, G. P., Robben, P. B., & Wollersheim, H. C. (2017). Evaluation of the organisation and effectiveness of internal audits to govern patient safety in hospitals: A mixed-methods study. BMJ Health services research, 7(7), 1-10.
  55. Widianingsih, Y. P. N., Setiawan, D., Aryani, Y. A., & Gantyowati, E. (2023). The relationship between innovation and risk taking: The role of firm performance. Risks 11(144), 1-13.
  56. Yee, C. D. L., Sujan, A., James, K., & Leung, J. K. S. (2008). Perceptions of Singaporean internal audit customers regarding the role and effectiveness of internal audit. Asian Journal of Business and Accounting, 1(2), 147-174.