CHAPTER TWO

REVIEW OF RELATED LITERATURE

In this chapter the literature review on internal auditing and related literature is discuss in to
two parts that are; the theoretical and empirical bases of internal auditing.

2.0. Theoretical literature

The theoretical literature is concerned with theories of internal auditing rather than their
practical applications.

2.1. Auditing

Auditing is an objective examination performed by professionally qualified person.

Auditing is rather a generic term meaning which involves reports of attestation. (Kinfo &
bayou, 2009)

The general definition of auditing is the accumulation and evaluation of evidence about
information to determine and report on the degree of correspondence between the
information and established criteria and auditing should be done by competent person.
(Arens, 1997)

2.1.1 History of Auditing

Auditing was introduced in the Christian era. Anthropologist has found records of auditing
activity dating back to early Babylonian times (around 3000BC).there was also auditing
activity in ancient china, Greece and Rome. Auditing have its own meaning in Latin word
auditor was a “hearer or listener “because in Rome auditors heard tax payers such as farmers,
give their public statements regarding the result of their business and the tax duty due. Also
auditor existed in ancient china and Egypt. Egyptian parahons were very strong with their
auditors. Each royal have two auditors, one counted the goods when they came in the door
and the second counted the goods after they were stored. the supervisors were both killed.
The presents status of the auditor’s report and independent auditing represents the
culmination of century of development (Hiwot 2015)
2.1.2.Types of auditors

Auditors could broadly be classified into external auditors and internal auditors.

Internal auditors

Internal auditors are a managerial control activity performed within an organization as a

service to management by an employee of the organization. it involves a review of operation
through the measurement and evaluation of the other control mechanism and assessment of
the extent to compliance. In order to maintain, independence they present their report directly
to the board of directors or the top management. (Kinfo and Bayou, 2009)

External auditors

External auditors are an independent staff assigned by an auditing firm to assess and evaluate
financial statement of their clients to perform agreed up on evaluation and is engaged as an
independent contractor external to the organization to generate an independent opinion
(kinfo,& bayou, 2009).

2.2. Internal auditing

Many large companies and organization maintain internal auditing staff al internal auditors
are employed by individual companies auctioneer that provides in dependent objective
assurance and consulting services designed to add value and improve an organizations
operation. The internal audit activity helps an organization to accomplish its objectives by
bringing a systematic disciplined approach to evaluate and improve the effectiveness risk
management control and governance processes.(Adam 2012)
The internal auditing activities evaluate the adequacy and effectiveness of controls
encompassing the organizations governance operations and internal system. Internal audit
reviews includes the reliability and integrity of financial and operational information,
effectiveness and efficiency of operations, safeguarding of assets and compliance with laws
regulations and contracts. These reviews also a creation the extent to which operating and
program goals and objectives have been established and conform to those of the organization,
as well as the extent of which results are constant with established goals and objectives and
whether operations and programs are being implanted or performed as intended. (Adam
2012)
2.2.1 The objective of internal auditing
The objective of internal auditing is to assess members of the organization in the effective
discharge of their responsibilities. Internal audit furnishes them with analysis, appraise
recommendation, counsel and information concerning actively reviewed. The audit objective
includes promoting effective control of reasonable cost. (Kinfo& Bayou, 2009).

2.2.2 Functions of internal auditing

The internal auditing function includes verification, evaluation, and compliance of operation
and the following are some of them.

 Review and appraise internal control procedure

 Ascertain effectiveness and efficiency of operation
 Evaluate quality of performance in carrying out assigned responsibility
 Recommend improvement in better management control
The internal auditor can perform the work through either functional approach, operational
approach or financial approach. (Kinfo and bayou, 2003)
2.3.Role of internal auditing

According to Hermanson and Rittenbug (2003) internal auditors have the following roles

 Risk assessment
 Providing assurance regarding controls
 Compliance
 Consulting and operation
Other Role of internal auditor
The internal audit department has many roles to be a corner stone of good public governance
by providing an biased objective assessment whether public resource are responsibility and
effectively and efficiently managed to achieve intended result those are;

 Reviewing internal control system

 Examining financial and operating information
 Reviewing operation efficiency
 Special investigation of fraud
 Ascertaining the external of compliance with established policies plan and procedures.
 Ascertaining the reliability of management data developed within the organization.
 Appraising the quality of performance in carrying out assigned responsibilities.
 Recommending organizational functional units to improve their operation.
 Reviewing compliance with laws

As a convenient summary of these roles of internal audit it might be stated that the internal
auditor is primarily concerned with evaluation compliance and verification of operational
performance. Reviewing and apprising the soundness, adequacy and application of
accounting, financial and other operating controls and promoting effective control of
reasonable cost.(shewamene 2014).

2.4.Types of internal audit

Compliance audit

As Hermanson, ( 2003 ) staffed compliance audit is conducted to determine whether the

audits are following specific procedure, rules or regulation set by some higher authority. the
following are examples of compliance audit for private business.

 Determine whether accounting personnel is following the procedure prescribed by the

company controller.
 Examine contractual agreement with bankers and other lenders to be sure that the
company is complying with legal requirements.
 results of compliance are typically reported to management rather than outsiders,
because management is primarily group concerned with the extent of compliance with
prescribed procedures and regulations.
 The fore, a significant portion of work of this type is often done by the auditors
employed by the organization units.

Financial statement audits

A financial statement audit is conducted to determine whether the financial statements ( the
information being verified) are stated in accordance with specified criteria. normally, the
criteria’s are international accounting standards although auditors may conduct audits of
financial statement prepared using the cash basis or some other basis accounting appropriate
for the organization in determining whether financial statement are fairly stated in accordance
with accounting standards. the auditors gather evidence to determine whether the statement
contain material error or other miss-statement as business increase in complexity. no longer
for auditors sufficient to focus only on accounting transaction. an integrant approach to
auditing considers both risk of misstatement and operating controls intend to prevent
misstatement. (Arna etal, 2012).

Operational audit

Operational audit deals with efficiency and effectiveness of an organization's operation. other
auditors use the term of management auditing or performance auditing instead of operational
auditing.refering to those activities , while others do not distinguish among the terms
performance auditing, management audit and operational audits are used by them inter
changeably. Effectiveness results to meeting objectives such as; producing parts without
defects efficiency refers to determining the resources used to achieve those objectives such as
determining whether parts are produced at a minimum cost. Efficiency is defined as reducing
cost without reducing effectiveness. (Richiute and David, 2003)

The purpose of operational auditing of internal control is to evaluate efficiency and

effectiveness. The scope of operational auditing concerns any control affect effectiveness of
internal control over financial reporting and it effect on the fair presentation of financial
statement (Richiute and David, 2003).

Functional audits

A functional audit deals with one or more functions in the organization concerning efficiency
and effectiveness of functions for division or for the company as a whole.
(Kinfo&bayou,2009).

Organizational audits

An organizational audit emphasizes how efficiently and effectively functions interact the
planed organization and the methods coordinate activities are important in the type of audit.
(kinfo and Bayou,2009)

2.5.Role and image of internal auditing

The role and image of internal audit has been very thorny to say the least in many respects.
Internal audit is a service to management and the internal auditor has been described as the
ears of management. The caution is needed not to project a negative image of spy or detective
function. Internal auditors as an employee of the organization must find acceptable by
colleagues and established good working relationship but it is also expected to maintain
certain degree of independency. (Kinfo &bayou, 2009)

2.6. Internal audit report

According to kinfo and bayou (2009), the end product of any audit work culminates in
writing of audit report. but un like external auditors report, the internal auditors report is not
standardized short term in its nature ( content). Audit report of internal auditors requires a lot
of imagination and creatively with communicative ability in its writing. the audit report
should basically contain the following.

• Details of purpose and scope of audit work

• Description of tools and audit procedure
• Finding, suggestions, opinion and recommendation.

2.7. Internal control

Internal control consists of policies and procedures designed to provide management, with
reasonable assurance, that the company achieves its objectives and goals. management
typically has three broads objectives in designing an effective internal control system ,
reliability, of financial reporting, efficiency and effectiveness of operation and compliance
with law and regulation. (Arenas etal, 2012)

Management of internal audit department, performance of audit work and report significantly
affects internal control system. the internal control system play an important role in the
internal auditing practice since internal auditors might be considered as being specialists in
management control. the role of internal auditing is review of effectiveness of the system of
internal control is to ascertain whether the system is functioning as intended.

Effective control is present when the administrative management directs the system so such a
way as to provide reasonable assurance that the organizations objectives and goals will be
achieved. The purpose of the review for the quality of performance is to ascertain whether the
organization objective and goals have been achieved. (Arenas et al, 2012)

The primary objective of any organization system of internal control is to provide

administrative management with reasonable that financial information is accurate and
reliable. The organization complies with the policies, plans, procedures laws, regulations and
contracts assets and safe guarded against lose and theft.
Resources are used economically and efficiently and established objectives and goals for
operation or programs can be met internal auditing focuses and evaluation of this system as
frame work of internal control.

The objective of internal auditing is to assist all members of management in effective

discharge of chair responsibility by furnishing them with analysis, effective internal control
system, reliability of financial reporting , efficiency and effectiveness of operation and
compliance with law and regulation. (Arenas etal,2012)

2.7.1. Components of internal control

As arenas et al (2012) internal control includes five categories of control that management
design and implement to provide reasonable assurance that management control objectives
met these are;-

• Control environment
• Risk assessment
• Control activities
• Information and communication
• Monitoring
Control environment

As arenas et at (2012), the service as the umbrella for the other four components of actions,
policies and procedures that reflect overall attitudes of top management, directors and owners
of the entry about internal control and its important to the entity about internal control and its
importance to the entity it has sub components of;-

 Integrity and ethical values of directors and owners of an entity

 Commitment to competent internal and its important
 Board of directors and audit committee participation
 Management philosophy and operating style ‘
 Organization structure
 Human resource policies and practices.
Risk assessment

As Areans et al (2012) for financial reporting, management identification and analysis of risk
relevant to the preparation of financial statement in conformity with appropriate accounting
standards. management's identification and analysis of risk assessment procedures are;-

• Identify factors affecting risk assessment

• Assess significance of risk and likely hood of occurrence accounting frame work.
such as; GAAP or IFNS
• Determine actions necessary to manage risks.
Control activities

As Arenas et al (2012); Control activities are policies and procedures in addition to those
included in the other four control components that help to ensure actions are taken to address
the achievement of the entities objectives. there are potentially many such control activities in
any entity including both manual and automated controls. The control activities generally fall
in to the following five types.

 Adequate separation of duties

 Proper authorization transactional and activities
 Adequate documents and records
 Physical control over assets and records
 Independent checks on performance.
Information and communication

As Arenas et al (2012), information and communication initiate records, process and reports
the entity transaction and to maintain accountability for the related assets. these are
transaction related audit objectives that must be satisfied;-

 Occurrence maintains accountability for related assets

 Completeness
 Accuracy
 Posting and summarization
 Classification
 Timing
Monitoring

Monitoring deals with ongoing or periodic assessment of the quality of internal control
management to determine that control are operating as intended and that they are modified
appropriate for change in conditions monitoring management is not applicable assessment the
quality of internal control performance to determine whether control are operating intended
and is modified when needed (Arenas et. al 2012).

2.8. internal audit effectiveness

Internal audit is effective if it provides the required service from the functions or in other
words it achieves the objective of the function. (Ditten hoffer, 2001) as Barnet (1986), noted
the effectiveness of internal audit can be difficult to quantify. Thus; effectiveness is
determined the perception of audits. Internal audit is effective when it meets the intended
outcome and is supposed to bring about audit effective quality service. There are four
potential facts influencing effectiveness of internal audit these are;-

• Internal audit quality

• Management support
• Organization setting and
• Audit attributes
2.9.Internal audit quality
Internal audit quality which is demonstrated by the offices capability to provide useful audit
finding and recommendation is one of the most prominent factors on which audit
effectiveness is achieved. The performance standard of the IIA requires that auditor to post
and perform the work such as he/she should be to arrive at useful audit finding and forward
recommendation for improvement. The office ability to properly plan, perform and
communicate the result of audit is proxy for audit quality.

Therefore, audit quality is arguable function of extensive staff expertise reasonableness of the
scope of the service, effect of planning, execution and communication of internal audits
(Mihret &Yismaw, 2007).

2.10.Audit attributes

To achieve effective audit work, the auditors required to have full and un restricted access to
all activities record and properties and provided with cooperation from the audited the
capability of the audit to meet their objectives also reflects on audit quality (Mihret and
Yismaw, 2007).

The concept of internal audit effective nest possess direct relevance to value added internal
audit. because the former serves as a measure of the later, as internal audit might be an
indication have of value added, the lower effectiveness of internal audit might be an
indication of low value added internal audit effectiveness and value added internal audit are
positively associated. (Mihret, 2008).

2.11.Audit planning

As Arenas et at (2012) the first generally accepted auditing standard of field work requires
adequate none of the work and most be properly supervisor any assistants. There to obtain
sufficient appropriate evidence for the circumstances to help keep audit costs reasonable and
to avoid misunderstanding with clients.

Planning an audit and designing an audit approach ;-

• Get materiality and assess acceptable audit risk and inheret risk
• Understanding internal control and internal control risk
• Develop overall audit plan and audit program
• Gather information to assess fraud risk
• Accept client and perform initial audit planning
• Perform preliminary analysis procedures
• Assess client business risk
• Understand the client business and industry

2.12. Objectives of conducting an audit of financial statements

The purpose of an audit is to provide financial statement users with an opinion by the auditor
on whether the financial statement is presented fairly, in all material respects in accordance
with applicable financial accounting frame work 9Arens et al, 2006).

2.13. Management responsibility

The management responsibility for adapting sound accounting of policies maintain adequate
internal control and making fair representation in the financial statement rest with
management rather than with the auditor knows more about the company’s transaction and
related assets liability and equity than the auditor, in contrast the auditors knowledge those
matters and internal control is limited to that acquired during the audit (Arenas et, 2006).

The annual reports of many public companies include a statement about management
responsibilities and relationship with CPA firm. Management responsibility for the interpret
and fairness of representation (assertions) in the financial statements carries with it. Privilege
of determining which presentation and discuss it considers necessary .management insists of
financial statements disclosure that the auditor find an acceptable and opinion the auditor can
either issues an adverse or qualified opinion or with draw from his engagement (Arena et al,
2006).

2.14. Auditors responsibility

As arenas et at (2006) the overall objectives of auditors are;-

• To obtain reasonable assurance about whether the financial statement as a whole and
free from material misstatement , whether due to fraud or error, thereby enabling the
auditors to express an opinion whether the financial statement are prepared with all
material respects, in accordance with an applicable financial reporting frame work
and;
• To report on the financial statement and communicate as required by audit standards
in accordance with the auditors.
Auditor’s responsibilities for detecting material error

Auditors spend a great portion of their time by planning and perform audit to detect un
international mistakes made by management and employees auditors fined a variety of errors
resulting from such things as mistakes in calculations , omissions, and misunderstanding and
misapplication of accounting standard, incorrect summarization and descriptions. auditors
responsibility for detecting material Fraud audit standard make no distinction between the
auditors responsibilities for searching for errors and fraud in either case the auditor must
obtain reasonable assurance about whether the statement are free of material misstatement.
the standards also recognize that fraud is often canceling the fraud, the difficulty of detection
doesn’t change the auditors responsibilities to properly plan and perform the audit to detect
material misstatements , whether caused by error or fraud (Arena elala 2006).
2.15.Empirical literature review
Empirical review is derived from or relating to experiment and observation rather than theory
and the researcher review research work an internal audit practice as a source of empirical
review.
The researcher review research work an internal audit practice as a source of empirical
review.
According to (Hiwot 2015) Audit is defined as a systematic approach because it follows a
structured, documented plan. in the process of audit accounting records are analyzed by the
auditor using a variety of generally accepted techniques. Which is a competent independent
person accumulates and evaluates evidence about financial information related to specific
economic entity for the purpose of determining and reporting on the degree of
correspondence between the financial information and established criteria.
Auditing was a process through which frauds and error discovered. There were a few who
through that auditing was concerned with checking with their accounting records and bad
been kept properly and up to date and that is only created problems for efficient managers
who might not have bothered to keep their records up to date. The auditor examines the
information under audit and expresses his opinion on the same by way of written report.
According to Arenas( 1997) internal auditor can never be regard as completely effective
regardless of the care in their design and implementation ,even if the system personnel can
design an ideal system its effectiveness depends on the competence and dependability of the
people using it.
According to Herman Sonetal (2003),review internal audit related problem that were reveled
provide specific recommendation for building an effective value adding internal related
problem is interrupted as a sign of effectiveness this being primary concern of the board and
top management in the after math of the bankrupted internal audit make a difference when it
was effective in the area.
As Getie and wondim (2007)research work was internal audit effectiveness in large pull
sector high education institution in Ethiopia, the finding of the study high lights the internal
audit effectiveness is strongly influence by internal audit quality and the management
support.
According to Arenas (1997) internal control can never be regard as completely effective
regardless of the care in their design and implementation, even if the system personnel could
design an ideal system its effectiveness depends on the competence and dependability of the
people using it.
According to Chamber (1992) internal control can be defined as the process through which
can an entity attempt to minimize the like hood of accounting related error irregularities and
illegal acts internal control is a process effected by an entity’s board of directors
managements and other personnel designed to provide reasonable assurance;-
• Effectiveness and efficient of operation
• Compliance with applicable law and regulation
According to chamber (1992), the best set of qualities of internal auditors may no avail in the
obscene an understanding of the polices and culture of the organization the clarity of their
role is imperative in ensuring their effectiveness.

Hermanson et al (2003), review internal audit related problem that were reveled provide
specific recommendation for building an effective value adding internal related problem is
interrupted as a sign of effectiveness’ this being primary concern of the board and top
management in the after math of the bankrupted internal audit make a difference when it was
effective in the area.

Modern internal audit has been constructed up on the three E’s, at effectiveness and economy
(Riddly, 2008) and view effectiveness as doing the right thing efficiency, means doing them
well and economy means them cheaply.

Academic research an internal auditing effective point out that support for self-management
is essential in practice as Sah and bunnies (2011) show the most common employed measure
of internal audit effectiveness related to its efficiency acceptance and adoption of internal
audit recommendation it stresses the crucial skill of internal auditor being able to speak
especially in controversial situation.

As per Getie and Wondim (2007) research work was internal audit effectiveness in large pull
sector high education institution in Ethiopia, the finding of the study high lights the internal
audit effectiveness is strongly influenced by internal audit quality and the management
support.

2.16. Research Gap

The researcher needs to add value by examining; how internal auditor can practice the given
theoretical principles, how internal audit can consult the organization to improve good
governance and smooth functioning activities and how internal auditor can give continuous
assurance service in the organization.