The Effect of IT Governance on Internal Audit Quality

Authors

  • Kifah Sami Hussein National Center for Hematology Research and Treatment

Keywords:

Information Technology, Internal Audit Function, IT Governance

Abstract

Effective IT management is crucial for an organization's progress, and inefficient management can lead to system inefficiencies. IT governance ensures an organization's IT systems are functioning as intended, provides oversight of IT operations, and mitigates related risks. Despite its importance, there is a lack of research on the impact of ITG on internal audit role, particularly in the context of internal control. This study aims to fill this research gap by investigating the relationship between ITG characteristics and IAF within IAF. The research examines the link between ITG and IAF, as well as ITG's impact on internal control practices. The study analyzes survey responses from 414 internal auditors in Iraqi companies using a statistical method. The results demonstrate a strong association between IT knowledge, internal auditing responsibilities, the degree of strength of the IAF-IT relationship, and the effectiveness of ITG processes. Additionally, there is a significant association between IT audit abilities and ITG mechanisms. Also, effective overall controls are positively associated with well-capitalized ITG processes and a strong relationship between IAF and IT. This research extends the earlier work on the role of ITG in auditing and focuses on the crucial importance of ITG in the creation of effective IT systems.

References

Abbott, L.J., Daugherty, B., Parker, S., Peters, G.F., 2016. Internal audit quality and financial reporting quality: The joint importance of independence and competence. J. Account. Res. 54 (1), 3-40.

Abdolmohammadi, M.J., Boss, S.R., 2010. Factors associated with IT audits by the IAF. Int. J. Account. Inf. Syst. 11 (3), 140-151. Abubaker, F., El-Badri, H.A., 2022. Using Digital Storytelling as a Tool for Reflection in the Libyan EFL Literature Classroom. In English as a Foreign Language in a New-Found Post-Pandemic World. IGI Global, pp. 182-205.

Ali, S., Green, P., 2012. Effective ITgovernance mechanisms: An IT outsourcing perspective. Inf. Syst. Front. 14 (2), 179-193. Allataifeh, H.A., Moghavvemi, S., 2022. Digitally-Enabled Innovation Processes: The Emergence of a New Management Logic. In Emerging Technologies for Innovation Management in the Software Industry. IGI Global, pp. 44-59.

Association of Certified Fraud Examiners (2016). Report to the Nation: Occupational Fraud and Abuse. Retrieved from https://www.acfe.com/-/media/files/acfe/ pdfs/2016-report-to-the-nations.ashx.

Bagozzi, R.P., Yi, Y., 1988. On the evaluation of structural equation models. J. Acad. Mark. Sci. 16 (1), 74-94.

Boritz, J.E., Hayes, L., Lim, J.H., 2013. A content analysis of auditors' reports on IT internal control weaknesses: The comparative advantages of an automated approach to control weakness identification. Int. J. Account. Inf. Syst. 14 (2), 138-163.

De Haes, S., Caluwe, L., Huygh, T., & Joshi, A. (2020). Governance Objectives to Lead Digital Transformation. In Governing Digital Transformation (pp. 47-61). Springer, Cham.

Bradley, R.V., Byrd, T.A., Pridmore, J.L., Thrasher, E., Pratt, R.M., Mbarika, V.W., 2012. An empirical examination of antecedents and consequences of ITGin US hospitals. J. Inf. Technol. 27, 156-177.

Coderre, D., 2005. Continuous Auditing: Implications for Assurance, Monitoring and Risk Assessment. GTAG# 3-Global. In: Technology Audit Guide. The Institute of Internal Auditors, NJ.

De Haes, S., Van Grembergen, W., 2009. An exploratory study into ITGimplementations and its impact on business/IT alignment. Inf. Syst. Manag. 26 (2), 123-137.

De Haes, S., Van Grembergen, W., Debreceny, R.S., 2013. COBIT 5 and enterprise governance of information technology: building blocks and research opportunities. J. Inf. Syst. 27 (1), 307-324.

DeLone, W., Migliorati, D., Vaia, G., 2018. Digital IT governance. In: CIOs and the Digital Transformation. Springer, Cham, pp. 205-230.

Donathan, C., 2012. So, you want to be an IT auditor: practitioners need a combination of technical and people skills to forge a career in auditing Technology. Intern. Audit. 69 (5), 25-27.

Ege, M.S., 2015. Does IAF quality deter management misconduct? Account. Rev. 90 (2), 495-527.

Fornell, C., Larcker, D.F., 1981. Structural equation models with unobservable variables and measurement error: Algebra and statistics. J. Mark. Res. 382-388. Haislip, J.Z., Masli, A., Richardson, V.J., Sanchez, J.M., 2016. Repairing organizational legitimacy following ITmaterial weaknesses: Executive turnover, IT expertise, and IT system upgrades. J. Inf. Syst. 30 (1), 41-70.

Hall, J.A., 2015. Information Technology Auditing. Cengage Learning.

Havelka, D., Merhout, J.W., 2013. Internal information technology audit process quality: Theory development using structured group processes. Int. J. Account. Inf. Syst. 14 (3), 165-192.

Hermanson, D.R., Hill, M.C., Ivancevich, D.M., 2000. Information technology-related activities of internal auditors. J. Inf. Syst. 14 (s-1), 39-53.

Héroux, S., Fortin, A., 2013. The intemal audit function in information technology governance: A holistic perspective. J. Inf. Syst. 27 (1), 189-217.

Hikmet, N., Chen, S.K., 2003. An investigation into low mail survey response rates of information technology users in health care organizations. Int. J. Med. Inf. 72 (1-3), 29-34.

Huang, S.M., Hung, W.H., Yen, D.C., Chang, I.C., Jiang, D., 2011. Building the evaluation model of the IT general control for CPAs under enterprise risk management. Decis. Support Syst. 50 (4), 692-701.

Information Systems Audit and Control Association & Protiviti (2016). A Global Look at IT Audit Best Practices: Assessing the International Leaders in an ISACA/ Protiviti Survey. Retrieved from https://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/a-global-look-at-it-audit-best-practices.aspx. Institute of Internal Auditors (IIA), 2012. International Standards for the Professional Practice of Internal Auditing. The Institute of Internal Auditors, Altamonte Springs, FL..

Institute of Internal Auditors (IIA), 2018. Global Technology Audit Guide (GTAG): Auditing IT Governance. The Institute of Internal Auditors, Lake Mary, FL. ITGInstitute (ITGI), 2007. COBIT 4.1: Framework, Control Objectives. Management Guidelines, Maturity Models. ITGInstitute, Rolling Meadows, IL.

ITGInstitute (ITGI), 2013. COBIT 5 for Assurance. ITGInstitute, Rolling Meadows, IL

KPMG (2021a) Trends in material weaknesses Retrieved from https://assets.kpmg/content/dam/kpmg/bm/pdf/2022/02/materials-weakness-non-ipo.pdf.

KPMG (2021b). Agile, resilient & transformative Retrieved from https://assets.kpmg/content/dam/kpmg/xx/pdf/2021/08/agile-resilient-and-transformative-report. pdf.

Li, C., Peters, G.F., Richardson, V.J., Watson, M. W., 2012. The consequences of information technology control weaknesses on management information systems: The case of Sarbanes-Oxley internal control reports. MIS Q 179-203.

Lunardi, G.L., Maçada, A.C.G., Becker, J.L., Van Grembergen, W., 2016. Antecedents of ITGeffectiveness: an empirical examination in Brazilian firms. J. Inf. Syst. 31 (1), 41-57.

Merhout, J.W., Havelka, D., 2008. Information technology auditing: A value-added ITG partnership between IT management and audit. Commun. Assoc. Inf. Syst. 23 (1), 26.

Mezulis, A.H., Abramson, L.Y., Hyde, J.S., Hankin, B.L., 2004. Is there a universal positivity bias in attributions? A meta-analytic review of individual, developmental, and cultural differences in the self-serving attributional bias. Psychol. Bull. 130 (5), 711-747.

Mulyana, R., Rusu, L., & Perjons, E. (2021). ITGMechanisms Influence on Digital Transformation: A Systematic Literature Review. In Twenty-Seventh Americas' Conference on Information Systems (AMCIS), Digital Innovation and Entrepreneurship, Virtual Conference, August 9-13, 2021. (pp. 1-10).

Nfuka, E.N., Rusu, L., 2011. The effect of critical success factors on ITG performance. Ind. Manag. Data Syst. 111 (9), 1418-1448. Nicoletti, B., 2013. Governance of Cloud Computing. In Cloud Computing in Financial Services. Palgrave Macmillan, London, pp. 87-117.

Paiva, L.E., Maravilhas, S., Marinho, F.S., Sampaio, R.R., 2021. Digital transformation, public policies, and the triple helix: a case study of the city of Salvador. In: Handbook of Research on Digital Transformation and Challenges to Data Security and Privacy. IGI Global, pp. 289-310.

Pang, M.S., 2014. ITGand business value in the public sector organizations-The role of elected representatives in ITGand its impact on IT value in US state governments. Decis. Support Syst. 59, 274-285.

Peterson, D.K., Kim, C., Kim, J.H., Tamura, T., 2002. The perceptions of information systems designers from the United States, Japan, and Korea on success and failure factors. Int. J. Inf. Manag. 22 (6), 421-439.

Pizzini, M., Lin, S., Ziegenfuss, D.E., 2015. The impact of IAF quality and contribution on audit delay. Audit. J. Pract. Theory 34 (1), 25-58. Podsakoff, P.M., MacKenzie, S.B., Lee, J.Y., Podsakoff, N.P., 2003. Common method biases in behavioral research: a critical review of the literature and recommended remedies. J. Appl. Psychol. 88 (5), 879.

Podsakoff, P.M., MacKenzie, S.B., Podsakoff, N.P., 2012. Sources of method bias in social science research and recommendations on how to control it. Annu. Rev. Psychol. 63 (1), 539-569.

Prawitt, D.F., Smith, J.L., Wood, D.A., 2009. Internal audit quality and earnings management. Account. Rev. 84 (4), 1255-1280.

Premkumar, G., Potter, M., 1995. Adoption of computer aided software engineering (CASE) technology: an innovation adoption perspective. ACM SIGMIS Database: the DATABASE for Advances in Information Systems 26 (2-3), 105-124.

Richardson, H.A., Simmering, M.J., Sturman, M.C., 2009. A tale of three perspectives: examining post hoc statistical techniques for detection and correction of common method variance. Organ. Res. Methods 12 (4), 762-800.

Ringle, C. M., Wende, S., and Will, A. 2005. "SmartPLS 2.0," University of Hamburg, Hamburg, Germany (http://www.smartpls.de).

Sedikides, C., Campbell, W.K., Reeder, G.D., Elliot, A.J., 1998. The self-serving bias à relational context. J. Pers. Soc. Psychol. 74 (2), 378-386. Spremic, M., 2017. Governing digital technology-how mature ITGcan help in digital transformation? Int. J. Econ. Manage. Syst. 2, 214-223. Steinbart, P.J., Raschke, R.L., Gal, G., Dilla, W.N., 2012. The relationship between internal audit and information security: An exploratory investigation. Int. J. Account. Inf. Syst. 13 (3), 228-243.

Saleh, K. M., Hasan, A. A., & Jawad, A. B. (2023). The Moderating Effect of Burnout in Relationship Between Job Complexity and Psychological Detachment. Revista De Gestão Social E Ambiental, 17(8), e03525-e03525.

Steinbart, P.J., Raschke, R.L., Gal, G., Dilla, W.N., 2013. Information security professionals' perceptions about the relationship between the information security and IAFs. J. Inf. Syst. 27 (2), 65-86.

Steinbart, P.J., Raschke, R.L., Gal, G., Dilla, W.N., 2018. The influence of a good relationship between the internal audit and information security functions on information security outcomes. Acc. Organ. Soc. 71, 15-29.

Stewart, J., Subramaniam, N., 2010. Internal audit independence and objectivity: emerging research opportunities. Manag. Audit. J. 25 (4), 328-360.

Stoel, M.D., Muhanna, W.A., 2011. IT internal control weaknesses and firm performance: An organizational liability lens. Int. J. Account. Inf. Syst. 12 (4), 280-304. Teffo, M.C., Motjolopane, I., Masenya, T.M., 2022. Academic library innovation through a business model canvas lens: a case of South African Higher Education Institutions. In: Innovative Technologies for Enhancing Knowledge Access in Academic Libraries. IGI Global, pp. 22-39.

Wallace, L., Lin, H., Cefaratti, M.A., 2011. Information security and Sarbanes-Oxley compliance: An exploratory study. J. Inf. Syst. 25 (1), 185-211.

Westlund, A.H., Källström, M., Parmler, J., 2008. SEM-based customer satisfaction measurement: On multicollinearity and robust PLS estimation. Total Qual. Manag. 19 (7-8), 855-869.

Williams, L.J., Hartman, N., Cavazotte, F., 2010. Method variance and marker variables: A review and comprehensive CFA marker technique. Organ. Res. Methods 13 (3), 477-514.

Prabakaran, N., Patrick, H. A., & Jawad, A. B. (2024). Global Regionalization of Consumer Neuroscience Behavioral Qualities on Insights From Google Trends. In Explainable AI Applications for Human Behavior Analysis (pp. 258-274). IGI Global.

Wu, T.H., Huang, S.M., Huang, S.Y., Yen, D.C., 2017. The effect of competencies, team problem-solving ability, and computer audit activity on internal audit performance. Inf. Syst. Front. 19 (5), 1133-1148.

Wu, S.P.J., Straub, D.W., Liang, T.P., 2015. How information technology governance mechanisms and strategic alignment influence organizational performance: Insights from a matched survey of business and IT managers. MIS Q. 39 (2), 497-518.

Yu, P., Chen, D., Ahuja, A., 2022. Smart and sustainable economy: how COVID-19 has acted as a catalyst for china's digital transformation. In Al-Enabled Agile Internet of Things for Sustainable FinTech Ecosystems. IGI Global, pp. 106-146.

Downloads

Published

2025-06-19

How to Cite

Hussein, K. S. (2025). The Effect of IT Governance on Internal Audit Quality. International Journal of Applied Research and Sustainable Sciences, 2(12). Retrieved from http://journal.multitechpublisher.com/index.php/ijarss/article/view/3071

Issue

Vol. 2 No. 12 (2024): December 2024

Section

Articles

License

Copyright (c) 2025 Kifah Sami Hussein

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.