Internal Control Over Financial Reporting Quality and Information Technology Control Frameworks

Chapter
Part of the Lecture Notes in Information Systems and Organisation book series (LNISO, volume 3)

Abstract

The objective of this research is to investigate the relation between the Internal Control over Financial Reporting (ICFR) Quality and Information Technology Control (ITC) frameworks compliance. We selected a sample of listed companies in the manufacturing, service and finance industries in Italy. The data were collected with interviews and questionnaires for ITC information and through financial reporting for ICFR Quality. The research methodology included univariate, multivariate and simple linear regressions. The Dechow et al. model, the Kothari et al. model and the Healy model adapted to the finance industry are engaged to measure ICFR Quality. The results show that compliance with COSO report in the manufacturing and services industries and with COBIT and COBIT for SOX frameworks in the finance industry is positively related to ICFR Quality: companies that follow these frameworks’ processes, objectives and test frequency requirements decrease Discretionary Accruals.

Keywords

Information technology controls Internal controls over financial reporting  Audit quality  

References

  1. 1.
    Public Company Accounting Oversight Board (PCAOB): An audit of internal control over financial reporting performed in conjunction with an audit of financial statements, auditing standard n. 2, PCAOB, Washington (2004)Google Scholar
  2. 2.
    Public Company Accounting Oversight Board (PCAOB): An audit of internal control over financial reporting that is integrated with an audit of financial statements, auditing standard n. 5, PCAOB, Washington (2007)Google Scholar
  3. 3.
    Securities And Exchange Commission (SEC): Commission guidance regarding management’s report on internal control over financial reporting under section 13(a) or 15(d) of the Securities Exchange Act of 1934, (Release Nos. 33-8810; 34-55929), SEC, Washington (2007)Google Scholar
  4. 4.
    Securities and Exchange Commission (SEC): Management’s report on control over financial reporting in exchange act periodic reports of non-accelerated filers, (Release Nos, 33-9072; 34-60813), SEC, Washington (2009)Google Scholar
  5. 5.
    Committee of Sponsoring Organizations of the Treadway Commission (COSO): Internal control. Integrate framework, AICPA, New York (1992)Google Scholar
  6. 6.
    Committee of Sponsoring Organizations of the Treadway Commission (COSO): Guidance for smaller public companies reporting on internal controls over financial reporting, AICPA, New York (2006)Google Scholar
  7. 7.
    COBIT: IT Governance Institute, Control Objectives for information and related technology 4.1 (COBIT 4.1), ITGI, USA (2007)Google Scholar
  8. 8.
    COBIT for SOX: IT Governance Institute, IT Control objectives for Sarbanes-Oxley: The role of IT in the design and implementation of internal control over financial reporting, 2nd edn. ITGI, USA (2006)Google Scholar
  9. 9.
    Jones, J.J.: Earnings management during import relief investigations. J. Acc. Res. 29, 193–228 (1991)CrossRefGoogle Scholar
  10. 10.
    Dechow, P.M., Sloan, R.G., Sweeney, A.P.: Detecting earnings management. Acc. Rev. 70, 193–225 (1995)Google Scholar
  11. 11.
    Kothari, S.P., Leone, A.J., Wasley, C.E.: Performance matched discretionary accrual measures. J. Acc. Econ. 39, 163–197 (2005)CrossRefGoogle Scholar
  12. 12.
    Healy, P.M.: The effect of bonus schemes on accounting decisions. J. Acc. Econ. 7, 85–107 (1985)CrossRefGoogle Scholar
  13. 13.
    Mascarenhas, D., Cahan, S.F., Naiker, V.: The effect of audit specialists on the informativeness of discretionary accruals. J. Acc. Audit. Finan. 25(1), 53–84 (2010)Google Scholar
  14. 14.
    Subramanyam, K.R.: The pricing of discretionary accruals. J. Acc. Econ. 22, 249–281 (1996)CrossRefGoogle Scholar
  15. 15.
    Tucker, J.W., Zarowin, P.A.: Does income smoothing improve earnings informativeness? Acc. Rev. 81, 251–270 (2006)CrossRefGoogle Scholar
  16. 16.
    Myers, J., Myers, L., Omer, T.: Exploring the term of auditor-client relationship and the quality of earnings: a case for mandatory auditor rotation? Acc. Rev. 78(3), 779–799 (2003)CrossRefGoogle Scholar
  17. 17.
    Choi, J.H., Chansog, F.K., Jeong-Bon, K., Zang, Y.: Audit office size, audit quality, and audit pricing. Audit. J. Pract. Theory 29(1), 73–97 (2010)Google Scholar
  18. 18.
    Wuchun, C., Huang, H., Liao, Y., Xie, H.: Mandatory audit partner rotation, audit quality, and market perception: evidence from Taiwan. Contemp. Acc. Res. 26(2), 359–391 (2009)CrossRefGoogle Scholar
  19. 19.
    Ashbaugh-Skaife, H., Collins H.D., Kinney, W.: The discovery and reporting of internal control deficiencies prior to SOX-mandated Audits. J. Acc. Econ. 44 (1–2), 166–92 (2007)Google Scholar
  20. 20.
    Doyle, J., Ge, W., McVay, S.: Determinants of weaknesses in internal control over financial reporting. J. Acc. Econ. 44(1–2), 193–223 (2007)CrossRefGoogle Scholar
  21. 21.
    Ge, W., McVay, S.: The disclosure of material weaknesses in internal control after the sarbanes-oxley act. Acc. Horiz. 19, 137–158 (2005)CrossRefGoogle Scholar
  22. 22.
    GAIT The Institute of Internal Auditors: The GAIT Methodology, IIA, USA (2007)Google Scholar
  23. 23.
    GAIT The Institute of Internal Auditors: GAIT for Business and IT Risk, IIA, USA (2008a)Google Scholar
  24. 24.
    GAIT The Institute of Internal Auditors: GAIT for IT General Control Deficiency Assessments, IIA, USA (2008b)Google Scholar
  25. 25.
    Harris, S.: Alphabet soup: understanding standards for risk management and compliance. Inf. Secur. Mag. 2, (2006)Google Scholar
  26. 26.
    Wallace, L., Lin, H., Cefaratti, M.A.: Information security and sarbanes-oxley compliance: an exploratory study. J. Inf. Syst. 25(1), 185–211 (2011)Google Scholar
  27. 27.
    Linkhous, J.: Puzzle pieces: the relationship between SOX, COSO and COBIT. Inf. Syst. Control J. 5, (2008)Google Scholar
  28. 28.
    Public Company Accounting Oversight Board (PCAOB): An audit of internal control over financial reporting that is integrated with an audit of financial statements. guidance for auditors of smaller public companies, Auditing Standard n. 5, PCAOB, Washington (2009)Google Scholar
  29. 29.
    Greenfield, D.: IT by the book. InformationWeek, 35–38 (2007)Google Scholar
  30. 30.
    Von Solms, B.: Information security governance: COBIT or ISO 17799 or both? Comput. Secur. 24, 99–104 (2005)CrossRefGoogle Scholar
  31. 31.
    Merhout, J.W., Havelka, D.: Information technology auditing: a value-added IT governance partnership between IT management and audit. Commun. Assoc. Inf. Syst. (CAIS) 23(26), 463–482 (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Department of EconomicUniversity of ParmaParmaItaly

Personalised recommendations