Next Article in Journal
Dynamic Asymmetric Effect of Currency Risk Pricing of Exchange Rate on Equity Markets: A Regime-Switching Based C-Vine Copulas Method
Previous Article in Journal
Is Platinum a Real Store of Wealth?
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
IJFS
Volume 10
Issue 3
10.3390/ijfs10030071
ijfs-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Concept Paper

The Influential Factors of Internal Audit Effectiveness: A Conceptual Model

by
Ayman Abdelrahim
and
Husam-Aldin N. Al-Malkawi
*
Faculty of Business and Law, The British University in Dubai, Dubai P.O. Box 345015, United Arab Emirates
*
Author to whom correspondence should be addressed.
Int. J. Financial Stud. 2022, 10(3), 71; https://doi.org/10.3390/ijfs10030071
Submission received: 18 July 2022 / Revised: 4 August 2022 / Accepted: 11 August 2022 / Published: 19 August 2022
Browse Figures
Review Reports Versions Notes

Abstract

:
The purpose of this paper is to systematically review the literature on the influential factors of internal audit effectiveness and articulate these factors in a conceptual model. A systematic literature review (SLR) is conducted to identify the influential factors of internal audit effectiveness; relevant studies are reviewed between the period January 1999 and March 2022 through a lens focused on the key factors of internal audit effectiveness. In addition, our review took into consideration what is mentioned in The International Professional Practices Framework for Internal Auditing (IPPF). Five factors of internal audit effectiveness and their dimensions are identified and comprised into a conceptual model, these factors are internal audit organizational characteristics, internal audit relationships, internal audit processes, internal audit resources, and internal audit coordination with other assurance providers. This paper provides internal audit practitioners, audit committees, and senior management in organizations with a broad understanding and comprehensive overview of the key factors that should be considered to make their internal audit functions more effective. This paper proposes a conceptual model that provides a holistic view of the influential factors of internal audit effectiveness and clearly identifies the dimensions of the factors. Additionally, it provides an opportunity for future research to test the model and build on it as well.

1. Introduction

Internal audit (IA) functions play a crucial role in assisting organizations to achieve their objectives and safeguard their assets (Alqudah et al. 2019). Additionally, the IA become a vital management tool for achieving effective control in organizations (Behrend and Eulerich 2019; Endaya and Hanefah 2016). Having an effective IA function is important for organizations; the effective role, as interpreted by The International Professional Practices Framework for Internal Auditing (IPPF), will ultimately have a major contribution to improving the effectiveness of an organization’s risk management, internal control, and governance processes (The Institute of Internal Auditors 2017). Internal auditing is defined by The Institute of Internal Auditors (IIA) as “An independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” (The Institute of Internal Auditors 2017, p. 29) Moreover, effective IA is important to an organization’s audit committee, senior management, and external auditor. The IA provides the audit committee and senior management with an objective assessment of the whole organization’s operations, processes, and performance (The Institute of Internal Auditors 2017). Senior management relies on IA to enhance the controls and reduce the risk as well as improve its operations, while the audit committee relies on IA to achieve robust internal controls and attain a quality of financial reporting as well as maintain compliance with regulations (Eulerich et al. 2019). On the other hand, IA effectiveness affects the external auditor’s decision to rely on the IA work (Lenz and Hahn 2015). Although organizations invest in establishing IA functions, IA is carried out in many organizations despite the fact that these organizations vary in their goals, size, structure, and complexity (The Institute of Internal Auditors 2017). Therefore, knowing the factors that influence IA effectiveness is important to understand the hidden drivers of their effectiveness. However, the factors that influence IA effectiveness were debatable in the literature and several investigations stressed that IA effectiveness is influenced by many factors. Nevertheless, until now, there is no consensus among researchers about the optimal framework for IA effectiveness; this could be related to a lack of a comprehensive conceptual model that comprised the key factors of IA effectiveness. Despite IA effectiveness increasingly attracting the researchers’ attention, the existing majority of research in this field focused only on identifying and testing different factors that affect IA effectiveness with a very limited deeper attention view on these factors and their dimensions. Moreover, scholars study different factors individually based on the researchers’ interest and the literature available such as IA independence, size, competencies, quality, relationship with the audit committee, relationship with the external auditor, senior management support, and outsourcing of IA (Alhajri 2017; Alqudah et al. 2019; Al-Shbail and Turki 2017; Alzeban and Gwilliam 2014; Ashfaq et al. 2021; Arena and Azzone 2009; Bednarek 2018; Christopher et al. 2009; Cohen and Sayag 2010; D’Onza et al. 2015; Dellai and Omri 2016; George et al. 2015; Mahyoro and Kasoga 2021; Mihret and Yismaw 2007; Onay 2021; Onumah and Krah 2012; Oussii and Boulila 2021; Salehi 2016; Soh and Martinov-Bennie 2011; Ta and Doan 2022; Turetken et al. 2019).
Furthermore, no major attention was given to which conceptual model is the optimal model to test its impact on IA effectiveness or to study the relationship between the factors. Turetken et al. (2019) indicate that there is a need for studies to investigate the factors influencing IA effectiveness and to provide understating of the IA effectiveness and the influential factors. Although the existing literature has its own value, our endeavor is to conceptualize the factors that influence IA effectiveness into one model and clearly identify the dimensions for these factors and link them to IA effectiveness. We believe this is necessary for enriching the internal auditing body of knowledge by providing a comprehensive overview of the influential factors that affect IA effectiveness.
This paper attempts to articulate a conceptual model based on the literature. Our motivation for this paper is also to answer the following question: can we conceptualize a model that includes the influential factors of IA effectiveness based on what the literature says? This paper responds to this question by building on the literature on internal auditing and its argument on the factors that influence IA effectiveness and their dimensions. A systematic literature review was conducted to synthesize the factors that affect internal audit effectiveness. In this paper, we used the term “the influential factors” to refer to the keys to effective IA function. The Cambridge Dictionary has defined the word “influential” as “having a lot of influence on somebody/something,” while the dictionary defined the verb “influence” as “to change the way that someone thinks or the way that something develops,” whereas the noun “influence” is defined as “the power to change people or things” (Cambridge University 2022). In this paper, we defined “the influential factors” as “those factors that are substantial for the IA function as well as are important to IA effectiveness and may affect it.” In addition, this paper argues that the IA function should look to a set of influential factors in order to understand the IA effectiveness; without this consideration, its effectiveness may be affected. The proposed conceptual model for IA effectiveness integrates five factors and their dimensions. These factors are IA organizational characteristics, IA relationships, IA processes, IA resources, and IA coordination with other assurance providers.
The structure of this paper is organized as follows. The next section provides background about IA effectiveness. Section three describes the methodology used. Section four systematically reviews the literature on the influential factors. Section five presents the conceptual model based on what has been discussed about the influential factors. The last section concludes the paper and provides research implications and recommendations for future research.

2. Internal Audit Effectiveness

Ridley (2008) highlights that IA was built on the three Es of effectiveness, efficiency, and economy, where effectiveness is the most important “E.” Efficiency and economy are worthless if IA is ineffective (Dittenhofer 2001; Lenz and Hahn 2015). Researchers look at IA effectiveness from different points of view; however, they shared the common view that effectiveness is achieved when the defined IA objectives and goals are achieved (Ahmad et al. 2009; Badara and Saidin 2013, 2014; Dittenhofer 2001; Mihret and Yismaw 2007). According to Badara and Saidin (2013), IA effectiveness is the ability to achieve the predefined IA objectives, while Dittenhofer (2001) indicates that these objectives should be stated in clear terms to achieve them. On the other hand, although the definition of internal auditing clearly stated that IA is designed to add value and improve the organization’s operations as well as evaluate and improve the effectiveness of risk management, control, and governance processes, IA’s role in organizations diverse and different from one organization to another (Rupšys and Boguslauskas 2007). Moreover, the level of effectiveness varies amongst various organization operations (Al-Twaijry et al. 2003). IA is a complicated process; it is part of the organization’s internal control system and depends on its effectiveness (Badara and Saidin 2014). This complicated process includes audit planning, conducting audit engagements, conforming audit results, following up the results to ensure that proper actions, and developing the staff to ensure they have the sufficient knowledge and skills to conduct the audit engagements; however, IA effectiveness is not limited to evaluating the above aspects to ensure that IA is able to achieve its objectives (Dittenhofer 2001).
Furthermore, Lenz and Hahn (2015) looked into IA effectiveness from an institutional theory lens and indicated that there are different macro and micro factors that influence IA effectiveness. Macro factors are represented by coercive, normative, and mimetic forces; where coercive forces are explained by compliance with the regulations that affect the role of IA in the organization, normative forces are explained by the degree of conformance with internal auditing standards, and mimetic forces are explained by the benchmarking against successful IA in organizations. Conversely, the micro factors are explained by factors related to the organization and factors related to internal resources, processes, and relationships. From another perspective, Azzali and Mazza (2018) examine IA effectiveness from an agency theory lens. They maintain that IA is an agent to the board of directors and the management and it will be effective when performing its role for their benefit; this view is aligned with the definition of internal auditing, which focuses on helping the organization to achieve its objectives.
On the other hand, some researchers indicate that IA effectiveness is achieved based on many factors. For example, integration of management support for IA with IA work and internal auditors’ competencies (Badara and Saidin 2013); compliance with internal auditing standards (Cohen and Sayag 2010); and quality of IA procedures (Dittenhofer 2001). While the IA provides recommendations to improve the organization’s operations, to understand the IA effectiveness, some researchers look into the IA recommendations for implementation rate (Arena and Azzone 2009; Bednarek 2018; Erasmus and Coetzee 2018; Soh and Martinov-Bennie 2011). Moreover, some studies consider the demand and supply view for IA effectiveness, where the demand view is based on the satisfaction of the organization’s management and auditee on the IA, while the supply view is based on the auditors’ view on the IA effectiveness (Alzeban and Gwilliam 2014; Cohen and Sayag 2010; Erasmus and Coetzee 2018; Yee et al. 2008). Alzeban and Gwilliam (2014) view IA effectiveness from internal auditors’ and auditees’ standpoints and study IA effectiveness based on the ability of IA to plan; improve the productivity of the organization; evaluate and improve the organization’s internal control and risk management; and the implementation of IA recommendations. The demand view of IA effectiveness helps understand how audit work is perceived; however, the supply view helps to understand the factors that influence the effectiveness (Lenz and Hahn 2015).
Moreover, while the scope of IA is wide and included different aspects of the organization, it carries out a wide range of independent evaluations (Alqudah et al. 2019; Al-Twaijry et al. 2003; Arena and Azzone 2009; Cohen and Sayag 2010; Rupšys and Boguslauskas 2007; Mihret and Yismaw 2007). To achieve effectiveness, the IA must perform a variety of things, yet researchers have different viewpoints on what an effective IA should do. For example, the effective IA should assist the organization to achieve its objectives and safeguard its assets (Alqudah et al. 2019; Azzali and Mazza 2018); evaluate the organization’s internal control system and improve its effectiveness (Lenz and Hahn 2015); evaluating organization’s risk management and improving its effectiveness (Chambers and Odar 2015; Cohen and Sayag 2010; Goodwin-Stewart and Kent 2006); evaluating an organization’s compliance with laws and regulations (Eulerich et al. 2019); supporting management to prevent fraud (Alqudah et al. 2019); improving the organization’s operations (Ahmad et al. 2009) and improving its performance (Alzeban 2020; Coetzee and Erasmus 2017); and providing recommendations to improve different aspects of the organization (Alqudah et al. 2019; Al-Twaijry et al. 2003; Arena and Azzone 2009; Cohen and Sayag 2010; Mihret and Yismaw 2007). Moreover, Onay (2021) stated that “IA effectiveness is one of the most prominent issues that internal auditors should consider in order to establish good governance both in terms of their functions and organizations” (p. 1). Therefore, knowing the influential factors that influence IA effectiveness is important for the IA functions and its organizations.

3. Methodology

Based on the research objective and the related question defined in the introduction, the current paper employed a systematic literature review (SLR). This paper followed the guideline provided by Xiao and Watson (2019), who identified eight steps to conduct the SLR: (1) formulating the research problem; (2) developing and validating the review protocol; (3) searching the literature; (4) screening for inclusion; (5) assessing quality; (6) extracting data; (7) analyzing and synthesizing data; and (8) reporting the findings. The first step is covered in the introduction section of this study where the research problem is formulated. Following the guideline, the second step is to develop and validate the review protocol which includes the purpose of the study, research question, inclusion criteria, search strategies, quality assessment criteria and screening procedures, and strategies for data extraction, synthesis, and reporting. The purpose of this study and its research question, as explained in the introduction section, are focused on understanding and identifying the influential factors of IA effectiveness and conceptualizing it in a model. Searching the literature is the third step; the search was based on reliable online databases to identify the relevant literature including Scopus, Web of Science, Emerald Insight, Science Direct, SpringerLink, IEEE Xplore, and WorldCat Digital Library. The importance of using a range of online databases is to ensure wide coverage of available literature and to maximize the coverage in the research (Saunders et al. 2019). A combination of the following keywords was used during the online search. We combined the “internal audit” word with each one of the following words: effectiveness, quality, performance, efficiency, add value, factors, relationship, affect, influence, association, case study, empirical, examination, drivers, evaluation, measurement, assessment, and framework.
In step four, the literature selected based on different disciplines aligned with the definition of internal auditing according to the IIAs’ IPPF, disciplines including IA effectiveness, IA performance, IA efficiency, IA quality, and IA adding value were the literature utilized these terms to refer to the extent to which the defined IA objectives achieved. Moreover, the papers selected are in the English language, published between the period January 1999 to March 2022, and included theoretical reviews and empirical studies, both qualitative and quantitative. Greater attention was given to literature that addressed the factors that influence IA effectiveness and study its relationship with IA effectiveness. The gray literature and the papers that do not address the factors that influence IA effectiveness topic are excluded. At this step, the initial search shows that over 5000 papers are relevant to this study. Scanning of the title, the abstract, and the keywords for the first 150 papers was conducted for each type of search as the rest of the papers in each search show that they were not directly relevant to this study’s topic. This scanning led to identifying 156 papers considered for further review. After the screening for the inclusion step, step five is assessing the quality of the selected papers based on a full-text review; in this step, the papers that are selected are validated based on their meeting the criteria developed in step four, and a decision is taken to consider the selected papers or not for further analysis in the next step. As a result, 34 papers are selected; these papers directly addressed the influential factors for IA effectiveness (see Table A1 in Appendix A) and, in addition, these papers are the primary source to understand the influential factors and build on them. Moreover, the assessment of the full text led to 25 additional papers that were considered as a source to support the analysis and the discussion of the results in the fourth section of this study, which were included in the references list. In step six, the papers that are selected are classified based on the authors, the years, the research method, and the factors used to study IA effectiveness, the papers are summarized, and each factor influencing IA effectiveness is synthesized. The papers selected for more analysis in step six are analyzed and synthesized in step seven, and inclusion and exclusion criteria are considered again during this step. In step eight, the influential factors of IA effectiveness reported in a synthesized way show the importance of each factor, as explained in the fourth section of this paper based on the relevant literature, and our model is conceptualized as shown in the fifth section of this paper. Moreover, we took into our consideration what is mentioned in the IIA’s IPPF and link it to each factor to support the analysis, the discussion, and the reporting. Figure 1 below summarizes the process of the SLR.

4. The Influential Factors

Internal auditing is still an emerging profession. To understand this profession, more attention should be given to the factors that make the IA effective (Lenz et al. 2018), and more studies should be conducted on the drivers of IA effectiveness (Erasmus and Coetzee 2018). To provide a broad overview of the factors that influence IA effectiveness, we use the institutional theory as an underpinning theory to understand the influential factors. Institutional theory is used as a useful platform to understand the aspects that determine IA effectiveness and the factors that influence IA effectiveness (Lenz and Hahn 2015). Many studies used the institutional theory as a theoretical framework to explain the factors shaped due to each institutional force and how the institutional theory views IA changes as a response to the three institutional forces: coercive forces, normative forces, and mimetic forces. Coercive forces are related to the influence of compliance with laws and regulations; normative forces are related to the influence of the degree of conformance with internal auditing standards; and mimetic forces are related to the influence of the tendency of organizations to model and benchmark themselves based on similar types of organizations that are considered successful (Al-Twaijry et al. 2003; Christopher et al. 2009; Lenz and Hahn 2015; Lenz et al. 2018). However, Lenz and Hahn (2015) differentiate between macro factors and micro factors, where the macro factors are based on the institutional forces; they also highlight that there is a limitation to investigating macro factors due to the potential of undervaluing or missing important external drivers such as political, economical, societal, technological, legal, and environmental megatrends. Moreover, they highlight that those micro factors are superior to macro factors because the IA function is an internal monitoring mechanism for internal stakeholders; from their perspective, micro factors include organizational characteristics, IA resources, IA processes, and IA relationships.
In addition, Lenz et al. (2014) suggested four key factors as “building blocks” that shaped the IA effectiveness. These factors are organizational characteristics, IA resources, IA processes, and IA relationships. Furthermore, in a recent qualitative study, Roussy et al. (2020) build models that attempt to understand the relationships between the four key factors “building blocks” as well as considering any other factors as a dimension of these factors without clear identification of the dimensions of these factors. However, these models overlooked a new insight into IA related to its role in leading the combined assurance in the organization and its coordination with the other assurance providers, as this role is a new phenomenon (Kurnia and Yulian 2018). This paper builds on and extends the models of Lenz et al. (2014) and Roussy et al. (2020), with a narrow focus on the IA influential factors and their dimensions in order to provide a holistic view of the key factors of IA effectiveness.
In this paper, our model is based on five key factors including ten dimensions, these key factors are IA organizational characteristics, IA relationships, IA processes, IA recourses, and IA coordination with other assurance providers. The dimensions of these factors are IA size, IA independence, IA relationship with the audit committee, senior management support to IA, adopting risk-based audit, adopting quality assurance and improvement program, IA competencies, IA outsourcing, leading the implementation of combined assurance, and cooperation with external audit. The following sections will highlight what the literature says about these factors.

4.1. Internal Audit Organizational Characteristics

The IA function is part of the organization, and the context in which the IA performs its duties and the organizational setting are represented by IA organizational characteristics (Roussy et al. 2020). Researchers argue that IA organizational characteristics include many factors influencing IA effectiveness; for example, Mihret and Yismaw (2007) indicate that IA organizational setting includes its organizational status, its integrity, and its policies and procedures that enable it to achieve useful audit results. However, Turetken et al. (2019) mention that the IA organizational setting is not linked to policies and procedures that direct the audit process but also includes its status in the organization and its organizational profile, whereas Karagiorgos et al. (2011) point out that organizational setting is represented by the IA position in the organizational structure and its independence, which is important to determine and maintain its segregation of duties. In this paper, we used IA independence and size as dimensions of IA organization characteristics since these dimensions implicit the other dimensions such as policies and procedures and integrity. The IA function cannot maintain its integrity without having its independence, and its policies and procedure are also affected by its independence and its size since the International Standards for the Professional Practice of Internal Auditing (internal auditing standards) (Standard 2040-Policies and Procedures) explain that the form and content of policies and procedures are dependent upon the size and structure of the IA activity and the complexity of its work.

4.1.1. Internal Audit Independence

Despite internal auditors being normally employees in the organizations, professional bodies are increasingly emphasizing the need for IA independence (Alzeban and Gwilliam 2014). IA independence is “the freedom from conditions that threaten the ability of the IA activity to carry out IA responsibilities in an unbiased manner” (The Institute of Internal Auditors 2017, p. 23). In addition, internal auditing standards (Standard 1100-Organizational Independence) emphasized the importance of maintaining the organizational status and the independence of the IA function, which can be gained through reporting to a level within the organization that allows the IA to perform its duties without having interference in determining the scope of work, performing the audit and communicating the audit results, as well as having a dual-reporting line to the audit committee and the Chief Executive Officer (CEO) of the organization (The Institute of Internal Auditors 2017). Reporting to the audit committee assists in making IA effective by preventing the organization’s management from interference in the scope of IA and controlling the IA work, while reporting to the CEO assists the IA in carrying out its responsibilities without obstacles and addressing difficult issues with other senior leaders (The Institute of Internal Auditors 2019).
Furthermore, prior studies emphasized the importance of IA independence to its effectiveness; independence is also important to enable better communication with senior management by emphasizing the independence of the auditee as well as creating an objective atmosphere that assists to communicate the audit results without influence from the auditee (Mihret and Yismaw 2007). In addition, independence creates a supportive environment that helps the IA perform its work without pressure and makes the internal auditors more objective and provides a message to the employees in the organization that they can rely on the IA results (Cohen and Sayag 2010). Similarly, D’Onza et al. (2015) emphasized that IA independence is fundamental to ensuring the trustworthiness of IA services. Moreover, the lack of independence for IA affects its ability to provide assurance to the audit committee, which affects the committee’s ability to fulfill its corporate governance role effectively (Christopher et al. 2009; D’Onza et al. 2015). However, some threats affect this independence, such as using the IA function as a training ground for a future managerial position within the organization; when the IA budget is approved by the CEO or the Chief Finance Officer (CFO), as this is considered a powerful tool to imposing budget constraints that may reduce the scope and affect IA effectiveness; when senior management is heavily involved in developing the IA plan; and when IA plays a consulting role and is perceived by senior management as a partner and performs as a subservient management role (Christopher et al. 2009).

4.1.2. Internal Audit Size

The size of the IA function plays an essential role in its effectiveness. To properly carry out IA responsibilities, the IA function needs to be adequately resourced (Alzeban and Gwilliam 2014). The internal auditing standard (2030-Resource Management) emphasizes the importance of having sufficient resources to implement the IA plan and deploying resources effectively to optimize the achievement of the plan (The Institute of Internal Auditors 2017). The agency theory justifies the larger size of the IA function where agents have more information than the principals. This information asymmetry affects the principals’ ability to monitor whether or not their interests are being properly served by agents; this justifies the larger size of the IA function to closely monitor the agents’ activities and safeguard the principals’ interests (Sarens and Abdolmohammadi 2011). Furthermore, a large size of the IA function allows to rotate internal auditors, and this rotation leads to increasing objectivity (Arena and Azzone 2009; Turetken et al. 2019).
Some studies argue that there is a relationship between IA size and its effectiveness. For example, Alzeban and Gwilliam (2014) find that IA size is positively and significantly correlated with IA effectiveness. They also report that the availability of IA resources affects the percentage of actions taken by auditees on audit results, whereas Al-Twaijry et al. (2003) show that the smaller size of the IA function limits the scope of work and adversely affects the ability to achieve IA objectives and fulfill their duties and responsibilities successfully. They justify not having sufficient resources due to an insufficient budget. In another study, Ahmad et al. (2009) reveal that internal auditors are ranking the lack of staff in IA functions as number one of the main ten problems faced by IA functions and a major setback that can restrain IA effectiveness. Therefore, the size of the IA should be considered by organizations’ audit committees and senior management when they need to improve the IA’s effectiveness.

4.2. Internal Audit Relationships

Relationships for any IA function are important to IA effectiveness. The IIA’s IPPF emphasized the importance of dual-reporting relationships with the audit committee and senior management, where the first reporting line is functionally reporting to the audit committee and assists in making IA effective by enabling IA access to sensitive matters, ensuring sufficient organizational status for IA, and preventing organization management from interference to control IA work and ensuring the highest level of governance on IA work (The Institute of Internal Auditors 2019). Conversely, the second reporting line is administratively reporting to senior management—mainly reporting to the Chief Executive Officer (CEO)—is important to support the IA effectiveness through supporting IA function with the appropriate authority and budget as well as facilitate its work to carry out its responsibilities without obstacles and to deal with difficult issues with other senior leaders (The Institute of Internal Auditors 2019).
Roussy et al. (2020) indicate that transparent and trustful relationships between the Chief Audit Executive (CAE) with the audit committee and the CEO are important for IA effectiveness. Moreover, they point out that the quality of relationships is linked to the frequency of meetings and formality of communication, which are important to improving transparency and trust. In this paper, we used the IA’s relationship with the audit committee and senior management support as dimensions of IA relationships, since the audit committee and senior management represented the main stakeholders for the IA function. IA function cannot be effective without having a positive relationship with the audit committee and appropriate support from senior management (Soh and Martinov-Bennie 2011).

4.2.1. Relationship with Audit Committee

Despite the fact that the IA function and audit committee are separate control bodies, they both have similar goals in terms of monitoring and evaluating the internal control system of their organization (Arena and Azzone 2009). However, the audit committee relies on the work performed by the IA function to fulfill its responsibilities (Brender et al. 2015) as well as look at IA as a source of information that assists it to fulfill its duties (D’Onza et al. 2015). Therefore, it is important for the audit committee to make the IA function effective. The IA function is supervised by the audit committee, where the IA function is represented by the CAE who is reporting to the audit committee. The relationship between the IA and the audit committee is critical to IA effectiveness, when the audit committee consists of independent directors having finance and accounting expertise, the audit committee plays an active role in oversighting the IA function with a possibility of more frequent meetings and informal access from the CAE (Lenz and Hahn 2015). The frequency of meetings, the level of formality, and the level of confidence between the CAE and audit committee members drive the relationship and affect the IA effectiveness (Roussy et al. 2020; Sarens et al. 2009; Soh and Martinov-Bennie 2011). A positive relationship between the IA function and the audit committee facilitates the role of IA and provides the audit with sufficient support to fulfill its responsibilities.
The audit committee’s oversight of the IA function helps identify the problems in the IA itself and offers opportunities for improvement (Arena and Azzone 2009). Moreover, audit committees act as a preserver of the organizational independence of the IA and strengthen the IA’s ability to overcome undue pressure from senior management (Ahmad et al. 2009; D’Onza et al. 2015; Soh and Martinov-Bennie 2011). Moreover, an intensive working relationship between the IA and the audit committee is expected to strengthen the objectivity and independence of the IA (Lenz and Hahn 2015). Furthermore, regular access from the CAE to the audit committee provides an opportunity to address the concerns raised in the IA reports and received support to address the reported weaknesses (D’Onza et al. 2015). Similarly, frequent interactions between the CAE and audit committee strengthen the communication process and allow the IA to address its concerns and get advice and support to become more effective in improving the organization’s risk management, internal control, and governance processes (Abbott et al. 2007; D’Onza et al. 2015; Goodwin-Stewart and Kent 2006). The audit committee empowers the IA to escalate outstanding issues with management and approve the plan and the required resources (Soh and Martinov-Bennie 2011), where a trustful and transparent relationship between the audit committee and the CAE is important to solve any actual concerns raised by the IA (Roussy et al. 2020). Arena and Azzone (2009) conclude that involvement of the audit committee in IA activities sends a message that the organization is committed to increasing the credibility of the IA and encourages line managers to be more active in implementing IA recommendations.

4.2.2. Senior Management Support

The relationship between the IA function, represented by CAE and senior management, is crucial for IA effectiveness. Senior management wants the IA function to take more responsibility to enhance the organization’s internal control and risk management, while the IA function expects senior management to support it in fulfilling its responsibilities (Sarens and De Beelde 2006b). Internal auditing standards emphasize the importance of this relationship for supporting the independence of the IA and the objectivity of the internal auditors (Standard 1100-Independence and Objectivity); also, it is important to support the improvement of the quality of the IA by communicating the quality assurance and improvement program results to senior management (Standard 1320-Reporting on the Quality Assurance and Improvement Program); in addition, it is important to supporting and facilitating the role of the IA through communicating the IA requirements (Standard 2060-Reporting to Senior Management and The Board). Moreover, the standards emphasize the importance of senior management support through their involvement in developing the IA plan (Standard 2010.A1-Planning) (The Institute of Internal Auditors 2017). Previous studies show that senior management support is important for IA effectiveness. This support enables the IA to maintain its independence (Alzeban and Gwilliam 2014); provide IA with sufficient budget and resources in order to fulfill its responsibilities effectively (Ahmad et al. 2009; Alqudah et al. 2019; Alzeban and Gwilliam 2014; Ta and Doan 2022); provide appropriate tools that assist to complete the audit engagements (Alzeban and Gwilliam 2014; Cohen and Sayag 2010); provide IA with the right number of staff and attracting skilled and experienced staff (Ahmad et al. 2009; Alzeban and Gwilliam 2014; Cohen and Sayag 2010; Ta and Doan 2022); ensure enough and up-to-date training and development programs (Alzeban and Gwilliam 2014; Cohen and Sayag 2010); and provide resources and commitment to implementing IA recommendations which considered as an indicator for achieving IA effectiveness (Mihret and Yismaw 2007).
On the other hand, lack of management support adversely affects the auditee’s level of cooperation with IA and creates an unfavorable attitude towards the IA by the auditee as well as the perception of the auditee by the IA as unimportant because it is recognized to be unimportant by senior management (Mihret and Yismaw 2007). It would be difficult for the IA to have complete access to all activities, records, and assets without full auditee cooperation (Ahmad et al. 2009). Employees act according to what their managers expect of them; accordingly, when employees recognize that top management recognizes IA as essential to them, they will appreciate and accept its work as well as cooperate with the IA and support it (Cohen and Sayag 2010; Sarens and De Beelde 2006b).

4.3. Internal Audit Processes

IA processes are important to IA effectiveness as through the processes, IA will be able to achieve its objectives; however, IA processes are shaped by adopting a risk-based auditing approach and quality assurance and improvement program. Researchers linked IA processes with adopting a risk-based auditing approach (Castanheira et al. 2010; Coetzee and Lubbe 2013; Sarens and De Beelde 2006a; Soh and Martinov-Bennie 2011) and adopting a quality assurance and improvement program (Arena and Azzone 2009; Castanheira et al. 2010; Coetzee and Lubbe 2013; Cohen and Sayag 2010; D’Onza et al. 2015; Lenz and Hahn 2015; Mihret and Yismaw 2007; Rupšys and Boguslauskas 2007; Sarens and De Beelde 2006a; Soh and Martinov-Bennie 2011; Turetken et al. 2019). Risk-based audit approach affects the priorities for the audit and the areas that will be considered during the audit as well as the resources needed to do the audit and the audit tools and techniques used to achieve the objectives of the audit engagements (The Institute of Internal Auditors 2019). Conversely, the quality assurance and improvement program is designed to enable the IA to conform with the internal auditing standards and code of ethics; ensure the IA’s efficiency and effectiveness; and provide an opportunity for improvement (The Institute of Internal Auditors 2019). In addition, a quality assurance and improvement program should be developed in a way that helps the IA add value to the organization and improve its operations (Marais 2004) and quality assurance and improvement program, shaping the processes through responses and feedback from internal auditors and audited entities (The Institute of Internal Auditors 2019). In this paper, adopting risk-based audit and quality assurance and improvement programs are used as dimensions of IA processes since these are the most important factors that shaped the IA processes.

4.3.1. Adopting Risk-Based Audit

Risk-based auditing is seen as a modern approach that assists organizations in recognizing the risks that limit their ability to meet their targets (Arena and Azzone 2009; Lenz and Hahn 2015). The internal auditing standards demand risk-based auditing, and standard 2010-Planning stated that “the CAE must establish a risk-based plan to determine the priorities of the IA activity, consistent with the organization’s goals” (The Institute of Internal Auditors 2017, p. 10). Typically, planning is seen as a key audit activity and it includes preparing a strategic plan, annual plan, and programs for individual audit assignments, also proper planning allows a large number of audits to be carried out in a given timeframe by improving efficiency (Mihret and Yismaw 2007). From the agency theory perspective, Zainal Abidin (2017) highlights that the concept of agency theory evolved from the separation of the ownership (the board) and the agent (management), with a well-designed control and oversight system aiming to maximize the benefit to all parties. From this perspective, the IA’s role is to monitor the actions and decisions made to execute the strategies in order to achieve the targets; thus, IA adopted a risk-based audit approach to ensure that risks associated with strategies are identified and mitigated properly and management is acting in accordance with the expectations of the owner.
IA adopted a risk-based audit approach to achieve its effectiveness, since this approach allows effective utilization of resources and allows focus on important matters (Azzali and Mazza 2018). The risk-based audit approach goes beyond compliance and allows the IA to provide assurance on the effectiveness of risk management and internal controls (Lois et al. 2021). Additionally, when the IA is linked with risk management, it enables the IA to assist the organization’s manager in understanding the weaknesses of internal control as well as enhance the communication between the internal auditors and auditees (Arena and Azzone 2009; D’Onza et al. 2015). Organizations identify controls to mitigate their risks, which makes risk management essential for IA effectiveness (Turetken et al. 2019). The value provided by IA increases when IA contributes to improving the effectiveness of risk management, whereas this contribution increases when IA uses a systematic approach when carrying out risk management assessment (D’Onza et al. 2015). Effective IA assessed the risks facing the organization and built an audit plan to address them, however, the risk assessment process must be dynamic and link changes in the company’s risk profile to changes in the audit plan (Feizizadeh 2012). IA involvement in risk management enables it to update the audit plan based on the updated risks; nevertheless, internal auditors are concerned about their abilities to play a key role in risk management (Sarens and De Beelde 2006a).

4.3.2. Adopting a Quality Assurance and Improvement Program

A quality assurance and improvement program plays a key role in IA effectiveness. To demonstrate that IA is valuable to the organization and has a good reputation within the organization, IA must continuously evaluate its performance and improve its service quality (Mihret and Yismaw 2007). However, the quality of the audit work refers to the quality of IA activities (Endaya and Hanefah 2013; Mihret and Yismaw 2007). The quality of IA is determined through the internal capability to provide valuable and useful findings and recommendations; the quality of IA is an indicator of the level of staff competencies, the scope of work provided, and the extent to which audit is appropriately planned, executed and communicated (Mihret and Yismaw 2007). Moreover, the quality of IA refers to a set of IA activities: these activities include planning, supervision, fieldwork, reporting results, and recommendations as well as follow-up action plans on the recommendations (Endaya and Hanefah 2013). Furthermore, the quality of IA refers to the adherence to internal auditing standards (Arena and Azzone 2009; Cohen and Sayag 2010; Rupšys and Boguslauskas 2007; Turetken et al. 2019). A higher level of quality of IA work improves the IA effectiveness, where the quality of IA is understood in terms of adherence to internal auditing standards and a high level of planning and execution (Cohen and Sayag 2010). Therefore, performing auditing in accordance with internal auditing standards will contribute to the IA’s effectiveness (Turetken et al. 2019). The conformance with internal auditing standards affects the IA’s effectiveness and its ability to add value since the standards provide a framework for performance and a range of value-added activities (D’Onza et al. 2015). The internal auditing standards emphasize the importance of maintaining a quality assurance and improvement program that covers all aspects of the IA activities and continuously monitors its effectiveness (Standard 1300-Quality Assurance and Improvement Program). The quality assurance and improvement program includes an internal assessment and external assessment. These assessments are designed to enable the evaluation of IA conformance with internal auditing standards and code of ethics; evaluate IA efficiency and effectiveness; and provide an opportunity for improvement (The Institute of Internal Auditors 2017; Soh and Martinov-Bennie 2011).
The internal assessment provides an ongoing review of the IA performance, and a periodic self-assessment is conducted by someone within the organization having sufficient knowledge of internal auditing standards and practices. The external assessment provides assurance that IA work conforms with the internal auditing standards, and this assessment is conducted by an independent assessor from outside the organization (The Institute of Internal Auditors 2017). Once the quality of IA improved to a degree that meets the management interest, management support and commitment to implementing the IA recommendations would be a natural result since management realized the value and contribution of IA to the achievement of organizational goals; ultimately, this would positively enhance the IA effectiveness (Mihret and Yismaw 2007).

4.4. Internal Audit Resources

IA resources are an integral part of the IA’s success, and they are the CAE and the IA staff matter (Lenz and Hahn 2015). IA work required experienced professional staff to undertake a wide range of audits, as well as the staff should have the necessary education, professional qualifications, and proper training (Al-Twaijry et al. 2003; Cohen and Sayag 2010). Some studies linked IA resources with internal auditors’ competencies (Ahmad et al. 2009; Arena and Azzone 2009; Bednarek 2018; Cohen and Sayag 2010; Dellai and Omri 2016; George et al. 2015; Lenz and Hahn 2015; Mihret and Yismaw 2007; Roussy et al. 2020), while other studies linked IA resources with outsourcing of the IA (Coram et al. 2008; Dellai and Omri 2016; Sharma and Subramaniam 2005; Soh and Martinov-Bennie 2011). Internal auditors’ competencies include significant operational experience specific to the organization; IT competencies; and other specific competencies such as judgment, adaptability, listening skills and persuasiveness, and strength of character (Roussy et al. 2020). Conversely, IA outsourcing provides the IA with experienced resources with specialized skills and also fosters the objectivity of the internal auditors and the independence of the IA (Dellai and Omri 2016). In this paper, internal auditors’ competencies and IA outsourcing are used as dimensions of IA resources since these are the most important factors that shaped IA resources.

4.4.1. Internal Auditors’ Competences

Internal auditors’ competencies are critical for IA effectiveness (Al-Twaijry et al. 2003; Alzeban and Gwilliam 2014; Dellai and Omri 2016; George et al. 2015; Ta and Doan 2022). The competencies of internal auditors can enhance the effectiveness of the IA by improving the perception and recognition of their role within the organization (Arena and Azzone 2009). The internal auditing standards (Standard 1200-Proficiency and Due professional Care) emphasized that internal auditors must possess the knowledge and skills and other competencies needed to perform their individual responsibilities (The Institute of Internal Auditors 2017). Internal auditors must have the knowledge, skills, and other competencies that are necessary to perform their proficiency and due professional care responsibilities (Endaya and Hanefah 2013). A skilled auditor is more capable of completing audits, providing advice on how to improve the internal control system, identifying appropriate solutions based on his past experience, and dealing with conflict and complex situations (Arena and Azzone 2009).
Internal auditors utilize their knowledge to assess the objective and the scope of the audit engagements in order to determine how to complete the audit engagements effectively (The Institute of Internal Auditors 2019). However, despite the importance of internal auditor competence, most organizations tend to concentrate on establishing IA functions in order to meet the regulations without looking to the available resources, training, education, and qualification of auditors (Elmghaamez and Ntim 2016). Internal auditors perform a wide variety of audit engagements within the organization (Cohen and Sayag 2010). Therefore, it is essential to recruit internal auditors having experience, professional skills, and knowledge of a wide range of operations and systems, as well as it is important to improve their skills through continuous training and development (Mihret and Yismaw 2007). The development and training of internal auditors are very important to IA’s success (Al-Twaijry et al. 2003).

4.4.2. Internal Audit Outsourcing

IA can be performed by an internal in-house team from the organization or outsourced to third parties (Dellai and Omri 2016; Turetken et al. 2019). Prior studies argue that IA outsourcing has advantages and disadvantages to IA effectiveness. Although that IA outsourcing enhances the objectivity of the auditor and the independence of the IA function (Dellai and Omri 2016), outsourcing the routine IA tasks threatens the independence and the quality of IA (Abbott et al. 2007; Selim and Yiannakas 2000). Outsourcing of the IA allows the forming of a team with specialized skills and decreases the cost of recruiting and training the internal team. However, outsourced internal auditors do not have the full picture of the organization’s environment and culture and also face some resistance from the auditee to provide them with access to the necessary information and to identify critical issues (Dellai and Omri 2016). Despite outsourced IA improving IA effectiveness and having a positive influence on organization performance by reducing the risks and operating costs (Sudsomboon 2011; Prawitt et al. 2012), an in-house team is able to detect fraud more likely than the outsourced IA (Abbott et al. 2007; Coram et al. 2008; Selim and Yiannakas 2000). Moreover, considerations such as IA technological know-how, quality of IA services provided, and communication and coordination issues may play a role in the managerial decision to outsource the IA; however, issues such as the desire to protect the firm information and improve the organizational performance are important for the decision to in-house than the decision to outsource the IA (Sharma and Subramaniam 2005). From the external auditor perspective, an outsourced IA is more reliable than an in-house IA team, since the IA outsourcing is more competent and more objective than the in-house team (Ahlawat and Lowe 2004; Davidson et al. 2013); however, this reliance is decreased when the outsourced team provides additional services such as tax and consulting services (Desai et al. 2011).

4.5. Coordination with Other Assurance Providers

The increase in compliance requirements and business complexity drives organizations to establish many internal assurance providers and rely on external assurance providers. These assurance providers are charged with measuring and reporting risks, identifying control gaps, tracking remediation, and concluding whether control processes are operating effectively in specific areas, as well as providing assurance on areas they assessed and providing recommendations to strengthen the related controls which often in areas within the scope of IA’s work (The Institute of Internal Auditors 2011). While internal assurance providers represent the oversight functions that are part of senior management or report to senior management, external assurance providers are assurance activities performed by parties outside the organization and may report to senior management or external stakeholders such as external auditor and statutory auditor (The Institute of Internal Auditors 2011, 2019). Organizations use a variety of internal and external assurance providers to assist the board of directors in carrying out their oversight responsibility and implementing effective governance practices, and some of these assurance providers include the functions responsible for compliance, legal, quality assurance, health and safety, corporate social responsibility, and IA and, outside the organization, including external auditors (Decaux and Sarens 2015).
Furthermore, IA coordination with internal and external assurance providers plays an important role in IA effectiveness. The internal auditing standards emphasize the effective coordination role of the CAE with other assurance providers; sharing the information among them, and considering relying on them to ensure proper coverage and minimize the duplication of efforts (Standard 2050-Coordination and Reliance); and considering the reliance on their results while communicating the IA overall opinion (Standard 2450-Overall Opinions). Internal auditing standards also emphasize the important role of IA in providing recommendations to improve the organization’s governance processes for coordinating the activities and communicating the information among the board, external auditor, IA, other assurance providers, and management (Standard 2110-Governance) (The Institute of Internal Auditors 2017). However, the coordination process varies between organizations. In small organizations, informal processes could be found, while coordination in large organizations could be complex and formal (The Institute of Internal Auditors 2019). Coordination with other assurance providers is done through combined assurance implementation, where IA plays important role in leading this implementation (The Institute of Internal Auditors 2019). In addition, the external auditor is typically the main external assurance provider, whereas most of the previous studies focus only on it since an external auditor is mandatory for most organizations and other external assurance providers vary and depend on the nature of the organizations (Alqudah et al. 2019; Alzeban and Gwilliam 2014; Badara and Saidin 2014; Alzeban and Gwilliam 2014). In this paper, the leading role of IA in implementing the combined assurance and IA coordination with external auditors is used as dimensions of coordination with other assurance providers, since these are the most important factors that shape the IA’s role in their coordination with other assurance providers.

4.5.1. Leading the Implementation of Combined Assurance

The combined assurance concept was adopted by the IIA as a responsibility for the IA to effectively coordinate with other assurance providers to ensure proper coverage of organization risks (The Institute of Internal Auditors 2019). Combined assurance is a new concept implemented by organizations. It aims to satisfy audit committees by providing them with confidence that the combined efforts of all assurance providers are sufficient to provide assurance that all significant risk areas have been addressed adequately and some controls exist to mitigate these risks (Schreurs and Marais 2015). From the agency theory perspective, IA is seen as an agent to the board of directors and the audit committee (principals) and agency problem exist when the principals entrust the agent; therefore, IA acts and lead the combined assurance implementation which aims to provide holistic coverage of the organization’s business risks (Rossouw 2015). Combined assurance is a way for IA to coordinate assurance efforts with other assurance providers where this coordination improves the effectiveness of the IA by reducing the frequency and redundancy of the IA (The Institute of Internal Auditors 2019). Each assurance provider carries out its assurance role in isolation and reports its results separately (Schreurs and Marais 2015); this leads to a lack of consistency and transparency in assurance services and inefficiencies in risk management (Sarens et al. 2012; Schreurs and Marais 2015) as well as put auditee and management under pressure from assurance fatigue and assurance gaps (Decaux and Sarens 2015).
On the other hand, the isolation work of each assurance provider leads to providing the board and audit committee with multiple views; therefore, the board will not be in a good position to perform their monitoring role, and this negatively affects the governance (Sarens et al. 2012; Decaux and Sarens 2015; The Institute of Internal Auditors 2019; Kurnia and Yulian 2018). Consequently, coordination is important among these assurance providers (Decaux and Sarens 2015; Schreurs and Marais 2015). Some studies found that IA is in an ideal position to lead the implementation of combined assurance as well as report the combined results of other assurance providers because IA has a holistic view of the organization’s risk and control environment (Decaux and Sarens 2015; Kurnia and Yulian 2018; Schreurs and Marais 2015). Leading the combined assurance implementation will improve the stature of the IA in the organization and also help IA become more effective by addressing areas that have not been covered by other assurance providers and facilitating auditee cooperation with the IA and assisting them in resource planning in order to facilitate the assurance work (Kurnia and Yulian 2018). However, leading the implementation of the IA is misunderstood as the IA is leveraging on it instead of collaborating with other assurance providers (Decaux and Sarens 2015; Rossouw 2015) and may also cause a conflict of interest and affect the IA independence (Schreurs and Marais 2015).

4.5.2. Internal Audit Coordination with External Auditor

Despite the external auditor’s scope of work considered while implementing the combined assurance, this consideration is used only to ensure that there is holistic coverage for the organization’s business risks. However, even if combined assurance is effectively implemented, the IA coordination with the external auditor cannot be ignored to achieve IA effectiveness. In addition, although internal and external audits performed different roles, both complement each other. While the external audit is concerned with inaccuracies and misstatements that affect the financial information, IA is more concerned with nonfinancial information related to governance, risk management, and internal controls (Chartered Institute of Internal Auditors 2020). Higher external audit quality drives the assurance value, which reduces the bias in management reporting and adds credibility to a company’s finical statement (Boubaker et al. 2018). Therefore, effective cooperation between internal and external audits will be beneficial for both of them and for the organization they serve (Endaya 2014). However, despite there being a good relationship between IA and external auditors, the levels of mutual reliance between them vary (Soh and Martinov-Bennie 2011). Some studies show that a closer relationship between internal and external audit positively and significantly correlated with IA effectiveness; IA coordination with the external auditor is essential for IA effectiveness through maintaining good coordination and cooperation lead to a good relationship; sharing valuable information and opinions; joint planning and sharing plans; preventing unnecessary duplication of work; and exchanging important materials to facilitate higher quality audits (Alqudah et al. 2019; Alzeban and Gwilliam 2014; Badara and Saidin 2014). Furthermore, cooperation between internal and external audits provides a means for faster fraud detection (Alqudah et al. 2019; Endaya 2014). Moreover, a constructive relationship based on regular communication and sharing of information has a benefit to the organization they serve and a close and constructive relationship also leads to the efficient use of resources (Chartered Institute of Internal Auditors 2020). In addition, a cooperative relationship creates a strong accountable relationship where IA becomes more effective when the relationship is strong (Alqudah et al. 2019).

5. The Conceptual Model

This paper attempts to articulate a conceptual model based on previous literature. The above literature analysis provided the theoretical foundation for the model development. Based on the literature review, this paper discussed the influential factors of IA effectiveness; drawing on this discussion, we propose a conceptual model that explains the relationship between the influential factors and IA effectiveness, as shown in Figure 2. The literature analysis shows that many factors affect IA effectiveness, and the conceptual model clearly shows the dimensions for IA organizational characteristics, IA relationships, IA processes, IA resources, and IA coordination with other assurance providers. The literature analysis revealed that IA organizational characteristics are part of the organization’s context, where the IA status is shaped, and their independence gained by reporting to the level with the organization allows it to perform without obstacles and assist it in communicating IA results objectively without influence from the auditee and management. Additionally, IA size is part of the IA organization characteristics, where the IA should be adequately resourced to optimize the achievement of the IA plan and assist it in rotating the auditors to increase their objectivity as well as achieve the objectives of the IA successfully.
Furthermore, the literature analysis revealed that IA relationships are represented by dual-reporting relationships, functionally reporting to the audit committee and administratively reporting to a level within the organization that allows IA to fulfill its responsibilities. A positive relationship with the audit committee facilitates the role of IA and supports it to address its concerns and become more effective in improving the organization. In addition, the relationship with senior management is very important to support the IA role. Senior management support is essential for IA effectiveness, which is also crucial for maintaining the IA independence, facilitating the communication of IA requirements, providing IA with appropriate budget and resources as well as it is important for the senior management commitment to implement IA recommendations. Moreover, based on the literature, IA processes are crucial for IA effectiveness, IA processes are shaped by adopting a risk-based audit approach and adopting a quality assurance and improvement program. Risk-based audit affects audit priorities and areas to be considered during the audit and the resources needed and audit tools and techniques used, whereas adopting a quality assurance and improvement program is designed to ensure that IA follows the internal auditing standards, where performing audit work in accordance with internal auditing standards will contribute to the IA effectiveness.
On the other hand, IA resources are analyzed in the literature, IA competencies are important to perform the IA responsibilities effectively, and IA staff should have the required education, skills and training to work effectively. Moreover, the other dimension of the IA resources is outsourcing, outsourcing enhances the independence of the IA function and the objectivity of the internal auditors as well as provides the IA with experienced resources with specialized skills. Finally, the literature analysis showed that IA should consider the coordination with other assurance providers, and this consideration can be through leading the implementation of combined assurance and coordination with the external auditor. IA effectiveness is affected by combined assurance implementation, through the combined assurance implementation IA can reduce the frequency and redundancy of the IA. In addition, coordination with the external auditor facilitates sharing valuable information and opinions, joint planning and sharing plans; preventing unnecessary duplication of work; and exchanging important materials to facilitate higher quality audits. Overall, all of the above factors are influential for IA effectiveness.

6. Conclusions

This paper summarized the influential factors of IA effectiveness based on an extensive literature review and argued that the body of knowledge needs a model that provides a holistic view and shows the relationship between the influential factors and IA effectiveness. Based on a systematic literature review (SLR) covering the period from January 1999 to March 2022, our research expands the internal auditing body of knowledge by attempting to capture the influential factors of IA effectiveness into one conceptual model. The existing literature on the factors that influence IA effectiveness is mostly focused on identifying the key factors that influence IA effectiveness, without major attention given to which conceptual model is appropriate in order to enrich the internal auditing theory; there is also no consensus among researchers about the optimal model for IA effectiveness.
Additionally, most researchers investigated different factors individually based on the objectives of the research without justifications on why they did not include the other factors in their studies. There was an evident need to develop an IA effectiveness model that integrated all the influential factors and their dimensions. This paper, first, discussed the concept of IA effectiveness based on the existing literature to reach an understanding of what IA effectiveness means. Then, we discussed the influential factors of IA effectiveness and its dimensions. After that, we proposed a conceptual model based on what the literature says, the model is built on and extends Lenz et al. (2014) and Roussy et al. (2020) models. The contribution of this paper is related to the fact that the proposed model includes a holistic view of the influential factors and their dimensions are clearly identified in the model, and the model clearly takes into consideration the role of IA in leading the implementation of combined assurance since this role is a new phenomenon and should be considered as a factor of IA effectiveness. The proposed model will drive future studies to test the model and build on it as well. Furthermore, the proposed model in this paper needs empirical validation to extract the most important determination of IA effectiveness and the most significant factors. Moreover, the proposed model provides an opportunity to study the relationships between the influential factors, this could be possible through empirical study or to understand these relationships through case studies taking into consideration the agency theory and the institutional theory. In addition, based on the proposed model, comparative studies between IA functions existing in different industries or countries will provide insights into the key factors associated with IA effectiveness.
Furthermore, IA effectiveness has been traditionally examined by researchers as a unidimensional variable across different contexts (Alqudah et al. 2019; Al-Shbail and Turki 2017; Al-Twaijry et al. 2003; Alzeban and Gwilliam 2014; Alzeban 2010; Badara and Saidin 2014; Bednarek 2018; Cohen and Sayag 2010; Dellai and Omri 2016; Endaya and Hanefah 2016; George et al. 2015; Onay 2021; Salehi 2016; Ta and Doan 2022); therefore, there is an opportunity for qualitative research to look more deeply into IA effectiveness and identify its dimensions, this is will not be possible without considering the main objective on the internal auditing profession. Practically, the proposed model provides IA practitioners, audit committees, and senior management with a broad understanding and holistic view of the key factors that should be considered when they want to make their IA functions more effective and boost the role of IA in their organizations. Moreover, this paper provides insights and opportunities to policymakers and regulators to take into consideration the key factors of IA effectiveness while improving their corporate governance legislations. Finally, the current paper is not free from limitations. A potential limitation is that the literature reviewed by this study is limited to academic studies; therefore, future research may consider gray literature to expand this study and provide further insight on the influential factor of IA effectiveness.

Author Contributions

Conceptualization, A.A.; methodology, A.A. and H.-A.N.A.-M.; resource validation, A.A. and H.-A.N.A.-M.; data curation A.A. and H.-A.N.A.-M.; formal analysis, A.A. and H.-A.N.A.-M.; writing—original draft preparation, A.A.; writing—review and editing, H.-A.N.A.-M.; visualization, A.A. and H.-A.N.A.-M. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The datasets used and/or analyzed during the current study are available from corresponding author on reasonable request.

Acknowledgments

The authors would like to thank the Editor and three anonymous reviewers for their insightful comments and constructive feedback.

Conflicts of Interest

The authors declare no conflict of interest.

Appendix A

Table
Table A1. Summary of the literature on the factors of internal audit effectiveness.
Table A1. Summary of the literature on the factors of internal audit effectiveness.
No.Author (Year)Type of ResearchFactors of Internal Audit Effectiveness
1Alqudah et al. (2019)Quantitative ResearchIA Independence, Top Management Empowerment, and External Auditor’s Cooperation
2Al-Shbail and Turki (2017)Theoretical ReviewIA Independence, IA scope of Work, Management Support, Auditee Cooperation, and Satisfaction of Internal Auditors
3Al-Twaijry et al. (2003)Mixed MethodIA Independence, IA Size, IA Scop of work, and Management Support
4Alzeban and Gwilliam (2014)Quantitative ResearchInternal Auditors’ Competences, IA Size, IA Relationship with EA, Management Support, IA Independence
5Arena and Azzone (2009)Mixed Method Empirical Analysis based on Multiple Case StudyCharacteristics of The IAF, Characteristics of the Internal Auditors, The Organizational Environment
6Ashfaq et al. (2021)Mixed MethodIAF Objectivity, Competence, Work Performance, Sourcing, Internal Control System’s Assessment
7Azzali and Mazza (2018)Quantitative ResearchIA Organizational Characteristics, IA Process, and IA Relationships
8Badara and Saidin (2014)Quantitative ResearchRisk Management, Internal Control Systems, Audit Experience, Cooperation Between IA and EA, and IA Performance Management
9Bednarek (2018)Quantitative ResearchSize of IA Team, Competencies of Internal Auditors, IA’s Commitment to Ensuring and Improving IA Quality, Cooperation of AC, and IA’s Commitment to Executing Commissioned Audits
10Coetzee and Erasmus (2017)Quantitative ResearchCAE Profile (Leadership), IA Independence, Functioning of IA, IA Status, IA Competences, IA Services, and Role
11Cohen and Sayag (2010)Quantitative ResearchThe sector to which an organization belongs, professional proficiency of internal auditors, Quality of IA, IA Independence, Career Advancement for Internal Auditors, and Top Management Support
12Dellai and Omri (2016)Quantitative ResearchCompetence of IA, Independence and Objectivity of IA, Outsourcing of IA, Management Support, and Use of IAF as a Management Training Ground
13D’Onza et al. (2015)Quantitative ResearchIA independence and objectivity, Use of The IIA standards, Relationship with AC, Number of Activities Carried Out by The IA, Number of Internal Auditing Tools Used, Systematic Approach to Evaluate the Effectiveness of Internal Controls, and Systematic Approach to Evaluate the Effectiveness of Risk Management, and Systematic Approach to Evaluate the Effectiveness of Corporate Governance
14Elmghaamez and Ntim (2016)Quantitative ResearchInternal Auditors’ Professional Skills, Internal Auditors’ Interpersonal Skills, Internal Auditors’ Technical Skills, Internal Auditors’ Audit Skills
15Endaya and Hanefah (2013)Theoretical ReviewInternal Auditors’ Characteristics, IA Performance, and Management Support,
16Endaya and Hanefah (2016)Quantitative ResearchInternal Auditors’ Characteristics, and Management Support
17Erasmus and Coetzee (2018)Quantitative ResearchIA Function Influence Sphere, IAF Standing, IAF Services and Role Performed, IAF Size, Internal Auditor Competence, IAF Conducts Risk Consulting and Risk-Based Audit, IAF Understand Operations, IAF Functional Reporting Structure Competent Leadership of IAF, and No Scope Limitation on IAF
18Feizizadeh (2012)Literature ReviewIA Alignment with Stakeholder Needs, Achieves Best-in-Class Capabilities, Complies with Applicable Professional Standards, and Measures Results
19George et al. (2015)Quantitative ResearchQuality of IA, Competence of IA Team, Independence of IA, Management Support
20Kurnia and Yulian (2018)Qualitative ResearchInternal audit’s role as a coordinator of combined assurance implementation
21Lenz and Hahn (2015)Literature ReviewOrganizational Characteristics, IA Resources, IA Processes, IA Relationships
22Lenz et al. (2014)Quantitative ResearchOrganizational Characteristics, IA Resources, IA Processes, IA Relationships
23Mahyoro and Kasoga (2021)Quantitative ResearchIA Quality, IA Organization Setting, Auditee Attributes,
24Mihret and Yismaw (2007)Case Study, Qualitative ResearchIA Organizational Setting, IA Quality, Management Support, Auditee Attributes
25Onay (2021)Quantitative ResearchIA Independence, IA Size, IA Competence, Management Support, Cooperation with EA, Carrying Out Risk-Based Activities
26Onumah and Krah (2012)Quantitative ResearchThe legislative framework of IA, IA Professional proficiency, Management Perception of IA, Role Recognition of Internal Auditors, Relationship with AC
27Oussii and Boulila (2021)Quantitative ResearchAudit Committee Financial Expertise, Senior Management Support, AC involvement in reviewing the IA plans and results, The number of years the CAE has been in his/her position, the company audited by one of the Big 4 EA, Form Size (Total Assets), Company’s Affiliation to the Finance Industry
28Roussy et al. (2020)Qualitative ResearchOrganizational Characteristics, IA Resources, IA Processes, IA Relationships
29Sarens and De Beelde (2006a, 2006b)Qualitative ResearchRole of IA in Risk Management
30Salehi (2016)Case Study, Quantitative ResearchCompetency of IA Staff, Size of IA Department, Communications between IA and EA, Management’s Support for IA, Independence IA
31Schreurs and Marais (2015)Qualitative ResearchImplementation of Combined Assurance
32Soh and Martinov-Bennie (2011)Qualitative ResearchIAF Structure, Status, and relationships of the IAF, Human Resources in terms of staffing and competencies
33Ta and Doan (2022)Quantitative ResearchIA Independence, Competence of internal auditors, Management Support for IA, Quality of IA work
34Yee et al. (2008)Quantitative ResearchIA Independence, IA Competences, Relationship with EA, IA services and Role, and Quality of IA
IA, Internal Audit; IAF, Internal Audit Function; CAE, Chief Audit Executive; AC, Audit Committee; EA, External Auditor.

References

  1. Abbott, Lawrence, Susan Parker, Gary Peters, and Dasaratha Rama. 2007. Corporate governance, audit quality, and the Sarbanes-Oxley Act: Evidence from internal audit outsourcing. The Accounting Review 82: 803–35. [Google Scholar] [CrossRef]
  2. Ahlawat, Sunita S., and D. Jordan Lowe. 2004. An Examination of Internal Auditor Objectivity: In-House versus Outsourcing. Auditing: A Journal of Practice and Theory 23: 147–58. [Google Scholar] [CrossRef]
  3. Ahmad, Nasibah, Radiah Othman, Rohana Othman, and Kamaruzaman Jusoff. 2009. The effectiveness of internal audit in Malaysian public sector. Journal of Modern Accounting and Auditing 5: 53–62. [Google Scholar]
  4. Alhajri, Meshari O. 2017. Factors associated with the size of internal audit functions: Evidence from Kuwait. Managerial Auditing Journal 32: 75–89. [Google Scholar] [CrossRef]
  5. Alqudah, Hamza, Noor Amran, and Haslinda Hassan. 2019. Factors affecting the internal auditors’ effectiveness in the Jordanian public sector. EuroMed Journal of Business 14: 251–73. [Google Scholar] [CrossRef]
  6. Al-Shbail, Awn, and Turki Turki. 2017. A theoretical discussion of internal audit effectiveness in Kuwaiti industrial SMEs. International Journal of Academic Research in Accounting, Finance and Management Sciences 7: 107–16. [Google Scholar]
  7. Al-Twaijry, Abdulrahman A. M., John A. Brierley, and David R. Gwilliam. 2003. The development of internal audit in Saudi Arabia: An institutional theory perspective. Critical Perspective on Accounting 14: 507–31. [Google Scholar] [CrossRef]
  8. Alzeban, Abdulaziz. 2010. The Effectivness of Internal Audit in The Saudi Public Sector. Ph.D. thesis, University of Exeter, Exeter, UK. [Google Scholar]
  9. Alzeban, Abdulaziz. 2020. The relationship between the audit committee, internal audit and firm performance. Journal of Applied Accounting Research 21: 437–54. [Google Scholar] [CrossRef]
  10. Alzeban, Abdulaziz, and David Gwilliam. 2014. Factors affecting the internal audit effectiveness: A survey of the Saudi public sector. Journal of International Accounting, Auditing and Taxation 23: 74–86. [Google Scholar] [CrossRef]
  11. Arena, Marika, and Giovanni Azzone. 2009. Identifying organizational drivers of internal audit effectiveness. International Journal of Auditing 13: 43–60. [Google Scholar] [CrossRef]
  12. Ashfaq, Khurram, Shafique Ur Rehman, Moeez Ul Haq, and Muhammad Usman. 2021. Factors influencing stakeholder’s judgment on internal audit function’s effectiveness and reliance. Journal of Financial Reporting and Accounting. Ahead-of-print. [Google Scholar] [CrossRef]
  13. Azzali, Stefano, and Tatiana Mazza. 2018. The Internal Audit Effectiveness Evaluated with an Organizational, Process and Relationship Perspective. International Journal of Business and Management 13: 238–54. [Google Scholar] [CrossRef]
  14. Badara, Mu’azu, and Siti Zabedah Saidin. 2013. The journey so far on internal audit effectiveness: A calling for expansion. International Journal of Academic Research in Accounting, Finance and Management Sciences 3: 340–51. [Google Scholar] [CrossRef]
  15. Badara, Mu’azu, and Siti Zabedah Saidin. 2014. Empirical evidence of antecedents of internal audit effectiveness from Nigerian perspective. Middle-East Journal of Scientific Research 19: 460–71. [Google Scholar]
  16. Bednarek, Piotr. 2018. Factors affecting the internal audit effectiveness: A survey of the polish private and public sectors. In Efficiency in Business and Economics. Springer Proceedings in Business and Economics. Edited by Tadeusz Dudycz, Grażyna Osbert-Pociecha and Bogumiła Brycz. Cham: Springer, pp. 1–16. [Google Scholar]
  17. Behrend, Joel, and Marc Eulerich. 2019. The evolution of internal audit research: A bibliometric analysis of published documents (1926–2016). Accounting History Review 29: 103–39. [Google Scholar] [CrossRef]
  18. Boubaker, Sabri, Asma Houcine, Zied Ftiti, and Hatem Masri. 2018. Does audit quality affect firms’ investment efficiency? Journal of the Operational Research Society 69: 1688–99. [Google Scholar]
  19. Brender, Nathalie, Bledi Yzeiraj, and Emmanuel Fragniere. 2015. The management audit as a tool to foster corporate governance: An inquiry in Switzerland. Managerial Auditing Journal 30: 785–811. [Google Scholar] [CrossRef]
  20. Cambridge University. 2022. Cambridge Dictionary. Available online: https://dictionary.cambridge.org/dictionary/english/influential (accessed on 21 February 2022).
  21. Castanheira, Nuno, Lu’cia Rodrigues, and Russell Craig. 2010. Factors associated with the adoption of risk-based internal auditing. Managerial Auditing Journal 25: 79–98. [Google Scholar]
  22. Chambers, Andrew D., and Marjan Odar. 2015. A new vision for internal audit. Managerial Auditing Journal 30: 34–55. [Google Scholar] [CrossRef]
  23. Chartered Institute of Internal Auditors, UK and Ireland. 2020. Position Paper: Internal Audit’s Relationship with External Audit. London: Chartered Institute of Internal Auditors in UK and Ireland. [Google Scholar]
  24. Christopher, Joe, Gerrit Sarens, and Philomena Leung. 2009. A critical analysis of the independence of the internal audit function: Evidence from Australia. Accounting, Auditing and Accountability Journal 22: 200–20. [Google Scholar] [CrossRef]
  25. Coetzee, Philna, and Dave Lubbe. 2013. Improving the efficiency and effectiveness of risk-based internal audit engagements. International Journal of Auditing 18: 115–25. [Google Scholar] [CrossRef]
  26. Coetzee, Philna, and Lourens J. Erasmus. 2017. What drives and measures public sector internal audit effectiveness? Dependent and independent variables. International Journal of Auditing 21: 237–48. [Google Scholar] [CrossRef]
  27. Cohen, Aaron, and Gabriel Sayag. 2010. The effectiveness of internal auditing: An empirical examination of its determinants in Israeli organisations. Australian Accounting Review 20: 296–307. [Google Scholar] [CrossRef]
  28. Coram, Paul, Colin Ferguson, and Robyn Moroney. 2008. Internal audit, alternative internal audit structures and the level of misappropriation of assets fraud. Accounting and Finance 48: 543–59. [Google Scholar] [CrossRef]
  29. Davidson, Bruce, Naman Desai, and Gerory Gerard. 2013. The effect of continuous auditing on the relationship between internal audit sourcing and the external auditor’s reliance on the internal audit function. Journal of Information Systems 27: 41–59. [Google Scholar] [CrossRef]
  30. Desai, Naman, Gerory Gerard, and Arindam Tripathy. 2011. Internal audit sourcing arrangements and reliance by external auditors. Auditing: A Journal of Practice & Theory 30: 149–71. [Google Scholar]
  31. D’Onza, Giuseppe, Georges M. Selim, Rob Melville, and Marco Allegrini. 2015. A Study on Internal Auditor Perceptions of the Function Ability to Add Value. International Journal of Auditing 19: 182–94. [Google Scholar] [CrossRef]
  32. Decaux, Loïc, and Gerrit Sarens. 2015. Implementing combined assurance: Insights from multiple case studies. Managerial Auditing Journal 30: 56–79. [Google Scholar] [CrossRef]
  33. Dellai, Hella, and Mohamed Ali Brahim Omri. 2016. Factors affecting the internal audit effectiveness in Tunisian organizations. Research Journal of Finance and Accounting 16: 208–21. [Google Scholar]
  34. Dittenhofer, Mort. 2001. Internal auditing effectiveness: An expansion of present methods. Managerial Auditing Journal 16: 443–50. [Google Scholar] [CrossRef]
  35. Elmghaamez, Ibrahim, and Collins Ntim. 2016. Assessing the effectiveness of internal governance controls: The case of internal auditors skills and challenges in Libya. Corporate Ownership and Control Journal 13: 46–59. [Google Scholar] [CrossRef]
  36. Endaya, Khaled Ali. 2014. Coordination and cooperation between internal and external auditors. Research Journal of Finance and Accounting 5: 76–80. [Google Scholar]
  37. Endaya, Khaled, and Mustafa Hanefah. 2013. Internal audit effectiveness: An approach proposition to develop the theoretical framework. Research Journal of Finance and Accounting 4: 92–102. [Google Scholar]
  38. Endaya, Khaled, and Mustafa Hanefah. 2016. Internal auditor characteristics, internal audit effectiveness, and moderating effect of senior management. Journal of Economic and Administrative Sciences 32: 160–76. [Google Scholar] [CrossRef]
  39. Erasmus, Lourens, and Philna Coetzee. 2018. Drivers of stakeholders’ view of internal audit effectiveness: Management versus audit committee. Managerial Auditing Journal 33: 90–114. [Google Scholar] [CrossRef]
  40. Eulerich, Marc, Joleen Kremin, and David A. Wood. 2019. Factors that influence the perceived use of the internal audit function’s work by executive management and audit committee. Advances in Accounting 45: 100410. [Google Scholar] [CrossRef]
  41. Feizizadeh, Ahmad. 2012. Strengthening internal audit effectiveness. Indian Journal of Science and Technology 5: 2777–78. [Google Scholar] [CrossRef]
  42. George, Drogalas, Karagiorgos Theofanis, and Arampatzis Konstantinos. 2015. Factors associated with internal audit effectiveness: Evidence from Greece. Journal of Accounting and Taxation 7: 113–22. [Google Scholar]
  43. Goodwin-Stewart, Jenny, and Pamela Kent. 2006. The use of internal audit by Australian companies. Managerial Auditing Journal 21: 81–101. [Google Scholar] [CrossRef]
  44. Karagiorgos, Theofanis, George Drogalas, and Nikolaos Giovanis. 2011. Evaluation of the effectiveness of internal audit in Greek Hotel Business. International Journal of Economic Sciences and Applied Research 4: 19–34. [Google Scholar]
  45. Kurnia, Rama, and Lufti Yulian. 2018. Internal audit’s role as a coordinator of combined assurance implementation. In Competition and Cooperation in Economics and Business. London: Taylor and Francis Group, Routledge, pp. 41–46. [Google Scholar]
  46. Lenz, Rainer, and Ulrich Hahn. 2015. A synthesis of empirical internal audit effectiveness literature pointing to new research opportunities. Managerial Auditing Journal 30: 5–33. [Google Scholar] [CrossRef]
  47. Lenz, Rainer, Gerrit Sarens, and Kenneth D’Silva. 2014. Probing the discriminatory power of characteristics of internal audit functions: Sorting the wheat from the chaff. International Journal of Auditing 18: 126–38. [Google Scholar] [CrossRef]
  48. Lenz, Rainer, Gerrit Sarens, and Kim Jeppesen. 2018. In search of a measure of effectiveness for internal audit functions: An institutional perspective. EDPACS 58: 1–36. [Google Scholar] [CrossRef]
  49. Lois, Petros, George Drogalas, Michail Nerantzidis, Ifigenia Georgiou, and Eleni Gkampeta. 2021. Risk-based internal audit: Factors related to its implementation. Corporate Governance 21: 645–62. [Google Scholar] [CrossRef]
  50. Mahyoro, Kalokola, and Pendo Kasoga. 2021. Attributes of the internal audit function and effectiveness of internal audit services: Evidence from local government authorities in Tanzania. Managerial Auditing Journal 36: 999–1023. [Google Scholar] [CrossRef]
  51. Marais, M. 2004. Quality assurance in internal auditing: An analysis of the standards and guidelines implemented by the Institute of Internal Auditors (IIA). Meditari Accountancy Research 12: 85–107. [Google Scholar] [CrossRef]
  52. Mihret, Dessalegn Getie, and Aderajew Wondim Yismaw. 2007. Internal audit effectiveness: An Ethiopian public sector case study. Managerial Auditing Journal 22: 470–84. [Google Scholar] [CrossRef]
  53. Onay, Ahmet. 2021. Factors affecting the internal audit effectiveness: A research of the Turkish private sector organizations. Ege Academic Review 21: 1–15. [Google Scholar] [CrossRef]
  54. Onumah, Joseph M., and Redeemer Yao Krah. 2012. Barriers and catalysts to effective internal audit in the Ghanaian public sector. Accounting in Africa 12: 177–207. [Google Scholar]
  55. Oussii, Atef, and Neila Boulila. 2021. Evidence on the relation between audit committee financial expertise and internal audit function effectiveness. Journal of Economic and Administrative Sciences 37: 659–76. [Google Scholar] [CrossRef]
  56. Prawitt, Douglas, Nathan Sharp, and David Wood. 2012. Internal audit outsourcing and the risk of misleading or fraudulent financial reporting: Did Sarbanes-Oxley get it wrong? Contemporary Accounting Research 29: 1109–36. [Google Scholar] [CrossRef]
  57. Ridley, Jeffery. 2008. Cutting Edge Internal Auditing. West Sussex: John Wiley and Sons. [Google Scholar]
  58. Rossouw, Duane. 2015. The Impact of Combined Assurance on the Internal Audit Function. Mater’s thesis, University of Pretoria, Northen Sotho, South Africa. [Google Scholar]
  59. Roussy, Mélanie, Odile Barbe, and Sophie Raimbault. 2020. Internal audit: From effectiveness to organizational significance. Managerial Auditing Journal 35: 322–42. [Google Scholar] [CrossRef]
  60. Rupšys, Rolandas, and Vytautas Boguslauskas. 2007. Measuring performance of internal auditing: Empirical evidence. Engineering Economics 55: 9–15. [Google Scholar]
  61. Salehi, Tabandeh. 2016. Investigation factors affecting the effectiveness of internal auditors in the company: Case study Iran. Review of European Studies 8: 224–35. [Google Scholar] [CrossRef]
  62. Sarens, Gerrit, and Ignace De Beelde. 2006a. Internal auditors’ perception about their role in risk management. Managerial Auditing Journal 21: 63–80. [Google Scholar] [CrossRef]
  63. Sarens, Gerrit, and Ignace De Beelde. 2006b. The relationship between internal audit and senior management: A qualitative analysis of expectations and perceptions. International Journal of Auditing 10: 219–41. [Google Scholar] [CrossRef]
  64. Sarens, Gerrit, and Mohammad J. Abdolmohammadi. 2011. Monitoring effects of the internal audit function: Agency theory versus other explanatory variables. International Journal of Auditing 15: 1–20. [Google Scholar] [CrossRef]
  65. Sarens, Gerrit, Ignace De Beelde, and Patricia Everaert. 2009. Internal audit: A comfort provider to the audit committee. The British Accounting Review 41: 90–106. [Google Scholar] [CrossRef]
  66. Sarens, Gerrit, Loïc Decaux, and Rainer Lenz. 2012. Combined Assurance, Case Studies on a Holistic Approach to Organizational Governance. Altamonte Springs: The Institute of Internal Auditors Research Foundation. [Google Scholar]
  67. Saunders, Mark, Philip Lewis, and Adrian Thornhill. 2019. Research Methods for Business Students, 8th ed. Essex: Pearson Education Limited. [Google Scholar]
  68. Schreurs, H. K., and Marinda Marais. 2015. Perspectives of chief audit executives on the implementation of combined assurance. Southern African Journal of Accountability and Auditing Research 17: 73–86. [Google Scholar]
  69. Selim, Georges, and Aristodemos Yiannakas. 2000. Outsourcing the internal audit function: A survey of the UK public and private sectors. International Journal of Auditing 4: 213–26. [Google Scholar] [CrossRef]
  70. Sharma, Divesh, and Nava Subramaniam. 2005. Outsourcing of internal audit services in Australian firms: Some preliminary evidence. Asian Academy of Management Journal of Accounting and Finance 1: 33–52. [Google Scholar]
  71. Soh, Dominic S. B., and Nonna Martinov-Bennie. 2011. The internal audit function: Perceptions of internal audit roles, effectiveness and evaluation. Managerial Auditing Journal 26: 605–22. [Google Scholar] [CrossRef]
  72. Sudsomboon, Seerungrat. 2011. The effects of internal audit outsourcing effectiveness on firm sustainability: An empirical research of ISO 9001 business in Thailand. International Journal of Business Research 11: 217–25. [Google Scholar]
  73. Ta, Thu Trang, and Thanh Nga Doan. 2022. Factors Affecting Internal Audit Effectiveness: Empirical Evidence from Vietnam. International Journal of Financial Studies 10: 37. [Google Scholar] [CrossRef]
  74. The Institute of Internal Auditors, IIA. 2011. Practices Guide: Reliance by Internal Audit on Other Assurance Providers. Altamonte Springs: The Institute of Internal Auditors Research Foundation. [Google Scholar]
  75. The Institute of Internal Auditors, IIA. 2017. International Professional Practices Framework (IPPF). Altamonte Springs: The Institute of Internal Auditors Research Foundation. [Google Scholar]
  76. The Institute of Internal Auditors, IIA. 2019. Implementations Guidance for the IIA’s Code of Ethics and the in International Standards for the Professional Practices of Internal Auditing. Altamonte Springs: The Institute of Internal Auditors Research Foundation. [Google Scholar]
  77. Turetken, Oktay, Stevens Jethefer, and Baris Ozkan. 2019. Internal audit effectiveness: Operationalization and influencing factors. Managerial Auditing Journal 35: 238–71. [Google Scholar] [CrossRef]
  78. Xiao, Yu, and Maria Watson. 2019. Guidance on conducting a systematic literature review. Journal of Planning Education and Research 39: 93–112. [Google Scholar] [CrossRef]
  79. Yee, Cassandra S. L., Ahmad Sujan, Kieran James, and Jenny K. S. Leung. 2008. The perception of the Singaporean internal audit customers regarding the role and effectiveness of internal audit. Asian Journal of Business and Accounting 1: 147–74. [Google Scholar]
  80. Zainal Abidin, Nor. 2017. Factors influencing the implementation of risk-based auditing. Asian Review of Accounting 25: 361–75. [Google Scholar] [CrossRef]
Ijfs 10 00071 g001 550
Figure 1. Summary of the SLR process and the search results.
Figure 1. Summary of the SLR process and the search results.
Ijfs 10 00071 g001
Ijfs 10 00071 g002 550
Figure 2. The Conceptual Model.
Figure 2. The Conceptual Model.
Ijfs 10 00071 g002
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Abdelrahim, A.; Al-Malkawi, H.-A.N. The Influential Factors of Internal Audit Effectiveness: A Conceptual Model. Int. J. Financial Stud. 2022, 10, 71. https://doi.org/10.3390/ijfs10030071

AMA Style

Abdelrahim A, Al-Malkawi H-AN. The Influential Factors of Internal Audit Effectiveness: A Conceptual Model. International Journal of Financial Studies. 2022; 10(3):71. https://doi.org/10.3390/ijfs10030071

Chicago/Turabian Style

Abdelrahim, Ayman, and Husam-Aldin N. Al-Malkawi. 2022. "The Influential Factors of Internal Audit Effectiveness: A Conceptual Model" International Journal of Financial Studies 10, no. 3: 71. https://doi.org/10.3390/ijfs10030071

APA Style

Abdelrahim, A., & Al-Malkawi, H. -A. N. (2022). The Influential Factors of Internal Audit Effectiveness: A Conceptual Model. International Journal of Financial Studies, 10(3), 71. https://doi.org/10.3390/ijfs10030071

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop