Public Sector Accounting and Budgeting

Public Sector Accounting and Budgeting

The impact of electronic internal auditing based on information technology governance on reducing audit risks in public sector organizations

Document Type : Original Article

Authors
Marzie Jafarian 1
Payam Salimi 2
1 M.A. Student in public Accounting, Rasam Higher Education Institute, Karaj, Iran
2 Department of Accounting, Rasam Higher Education Institute, Karaj, Iran
10.22034/psab.2025.217622
Abstract
The primary objective of this research is to investigate the impact of electronic internal auditing, with an emphasis on IT governance, and its effect on reducing audit risks (case study: municipalities in Alborz Province). This study adopts a quantitative research method, and the data was collected through a field approach using questionnaires. The reliability of the questionnaire was assessed using Cronbach's alpha test and was deemed valid. The questionnaires were distributed across 17 municipalities in Alborz Province in 2024, and 106 valid questionnaires were received. The statistical population of this research includes employees with various job titles, such as managers and financial/accounting experts, internal auditors, and IT managers and specialists. The research hypotheses were tested using multiple regression analysis and SPSS 26 software. The findings revealed that IT governance-based electronic internal auditing has a significant impact on reducing audit risks. Additionally, the variables of compliance assessment, control assurance, and risk assessment were identified as key factors contributing to this risk reduction.
Keywords
Electronic internal audit
Electronic audit risk
IT governance
Public Sector

Subjects

  1. برخوردار، کتایون؛ ناظمی، امین؛ نمازی، نویدرضا. (۱۴۰۰). بررسی عوامل مؤثر بر اثربخشی حسابرسی داخلی و ارزیابی نقش حسابرسی داخلی در مدیریت ریسک و کنترل‌های داخلی بانک کشاورزی. پژوهش‌های حسابرسی حرفه‌ای، 1(2)، 5-33.

    پویان فر، فرزاد؛ محمودی، فرزاد. (1400). حسابرسی مبتنی بر ریسک: با رویکرد تصمیم‌گیری چند شاخصه. فصلنامه مهندسی تصمیم، 3(10)، 119-152.

    تاجیک جلایری، مجید؛ رمضانی، جواد؛ کامیابی، یحیی. (1401). تأثیر چارچوب عملی حرفه‌ای بین‌المللی بر اثربخشی حسابرسی داخلی. پژوهش‌های حسابداری مالی و حسابرسی، 14(53)، 77-102.

    زندی، آناهیتا. (1403). ارائه الگویی جهت بررسی عوامل مؤثر بر عملکرد حسابرسی با رویکرد مبتنی بر ریسک و کیفیت حسابرسی مستقل. نشریه مطالعات اخلاق و رفتار در حسابداری و حسابرسی، 4(1)، 114-81.

    منتی، وحید؛ چابکی، یاسین. (1402). تأثیر عملکرد حسابرسی داخلی بر استفاده واحدهای حسابرسی داخلی از تجزیه‌وتحلیل داده‌ها. پژوهش‌های کاربردی در گزارشگری مالی، 12(1)، 7-40.

    Abass, Z. K., Flayyih, H. H., & Hasan, S. I. (2022). The relationship between audit services and non-audit actuarial services in the auditor’s report. International Journal of Professional Business Review, 7(2), Article 455. https://doi.org/10.26668/businessreview/2022.v7i2.455

    AICPA. (2017). Audit risk and materiality in conducting an audit.

    Al-Fatlawi, Q. A., Al Farttoosi, D. S., & Almagtome, A. H. (2021). Accounting information security and IT governance under COBIT 5 framework: A case study [Special issue on Information Retrieval and Web Search]. Webology, 18, 294–310. https://doi.org/10.14704/WEB/V18SI02/WEB18073

    Alhawari, S., Karadsheh, L., Talet, A. N., & Mansour, E. (2012). Knowledge-based risk management framework for information technology project. International Journal of Information Management, 32(1), 50–65. https://doi.org/10.1016/j.ijinfomgt.2011.07.002

    Alles, M., Kogan, A., & Vasarhelyi, M. (2004). The law of unintended consequences? Assessing the costs, benefits, and outcomes of the Sarbanes-Oxley Act. IS Control Journal, (1), 17–21.

    Alsaleem, E. A., & Husin, N. M. (2024). IT governance and audit risk in Jordanian companies: The moderating role of audit quality. Revista de Gestão Social e Ambiental, 18(4), e03718-e03718.

    Alsharif, M. H., Alzahrani, M. M., & Alshahrani, S. A. (2022). The role of IT governance in enhancing internal audit effectiveness: Evidence from Saudi Arabia. International Journal of Accounting Information Systems, 42, 100515.

    Al-Taee, S. H. H., & Flayyih, H. H. (2022). The impact of the audit committee and audit team characteristics on the audit quality: Mediating impact of effective audit process. International Journal of Economics and Finance Studies, 14(3), 249–263.

    Al-Taee, S. H. H., & Flayyih, H. H. (2023). Impact of the electronic internal auditing based on IT governance to reduce auditing risk. Corporate Governance and Organizational Behavior Review, 7(1), 94–100.

    Alzeban, A., & Gwilliam, D. (2014). Factors affecting the internal audit effectiveness: A survey of the Saudi public sector. Journal of International Accounting, Auditing and Taxation, 37, 32–47.  

    Chartered Institute of Public Finance and Accountancy. (2018). Building skills for public financial management.

    Christ, M. H., Eulerich, M., Krane, R., & Wood, D. A. (2021). New frontiers for internal audit research. Accounting Perspectives, 20(4), 449-475.

    Cohen, A., & Sayag, G. (2010). The effectiveness of internal control: A review of the literature. Journal of Accounting Literature, 29(2), 103–126.

    Committee of Sponsoring Organizations (COSO). (2004). Enterprise risk management integrated framework: Executive summary framework. Jersey City, NJ: AICPA.

    COSO. (2018). Enterprise risk management - integrating with strategy and performance.

    1. (2021). How internal controls can help mitigate risks. https://www.ey.com/en_gl/services/assurance/internal-controls-effectiveness

    Gendron, Y., Bedard, J., & Gosselin, M. (2004). Getting inside the black box: A field study of practices in ‘‘effective’’ audit committees. Auditing: A Journal of Practice & Theory, 23(1), 153–171.

    IAASB. (2018). International standards on auditing.

    IAASB Handbook. (2009). Glossary of terms, 2 SAS 300: Audit risk assessments and accounting and internal control systems.

    IFAC. (2019). The role of professional accountants in corporate governance. Institute of Electrical and Electronics Engineers.

    Institute of Internal Auditors (IIA). (2019). International standards for the professional practice of internal auditing.

    International Federation of Accountants. (2019). Public sector financial management.

    IT Governance Institute. (2022). COBIT 2019 framework: Introduction and methodology.

    Ježovita, A., Tušek, B., & Žager, L. (2018). The state of analytical procedures in the internal auditing as a corporate governance mechanism. Management: Journal of Contemporary Management Issues, 23(2), 15–46.

    Jóhannesdóttir, A. M., Kristiansson, S. N., Sipiläinen, N., & Koivunen, R. (2018). Internal audit in the public sector — Comparative study between the Nordic countries: The development of internal auditing within the public sector in the Nordic countries. Stjórnmál og Stjórnsýsla: Icelandic Review of Politics and Administration, 14(3), 44–69.

    Joshi, A., Bollen, L., & Hassink, H. (2013). An empirical assessment of IT governance transparency: Evidence from commercial banking. Information Systems Management, 30(2), 116–136.

    Khan, A., & Zaman, K. (2022). The impact of electronic internal auditing on organizational performance: A study of the mediating role of IT governance. Journal of Business Research, 135, 123–135.

    Knechel, W. R., Van Staden, C., & Sun, L. (2013). The role of audit quality in the financial reporting process. Accounting Horizons, 27(3), 511–534.

    KPMG. (2019). Internal control: A practical guide.

    KPMG. (2020). Understanding audit risk in the public sector.

    Liston‐Heyes, C., & Juillet, L. (2020). Burdens of transparency: An analysis of public sector internal auditing. Public Administration, 98(3), 659–674.

    McNamee, D., & Selim, G. M. (1998). Risk management: Changing the internal auditor’s paradigm. Managerial Auditing Journal, 13(1/2), 4–9.

    Mervelito, M. A., Lintang, B. A., & Adri, A. (2021). Internal auditing paradigm shift: From traditional audits to audits in the 4.0 industry era. International Journal of Innovative Science and Research Technology, 6(3), 56–63.

    Mexmonov, S. U., & Temirkhanova, M. J. (2020). The role of the internal audit based international internal audit standards in Uzbekistan. Journal of Media & Management, 2(1).

    Meyer, N. D. (2004). Systematic IS governance: An introduction. Information Systems Management, 21(4), 23–34.

    Mohamed, N., & Kaur, J. (2012). A conceptual framework for information technology governance effectiveness in private organizations. Information Management & Computer Security, 20(2), 88–106.

    Ozier, W. (2003). Risk metrics needed for IT security. ITAudit, 1(1).

    PCAOB. (2020). Auditor's responsibilities relating to fraud in an audit of financial statements.

    PCAOB. (2021). Risk assessment in audits.

    Pizzi, S., Venturelli, A., Variale, M., & Macario, G. P. (2021). Assessing the impacts of digital transformation on internal auditing: A bibliometric analysis. Technology in Society, 67, 101738.

    Poltak, H., Sudarma, M., & Purwanti, L. (2019). The determinants of the effectiveness of internal audits with management support as the moderating variable. International Journal of Multicultural and Multireligious Understanding, 6(1), 33–51.

    PricewaterhouseCoopers. (2003). Technology forecast: 2003–2005. Menlo Park, CA: PricewaterhouseCoopers. http://www.silicontaiga.ru/article/files/1758_1.pdf

    Ramamoorti, S., & Traver, R. O. (1998). Using neural networks for risk assessment in internal auditing: A feasibility study. Altamonte Springs, FL: The Institute of Internal Auditors Research Foundation.

    Rensburg, J. O., & Coetzee, P. (2016). Internal audit public sector capability: A case study. Journal of Public Affairs, 16(2), 181–191.

  • Receive Date 10 December 2024
  • Revise Date 17 February 2025
  • Accept Date 13 March 2025