Abstract
Purpose: The aim of this chapter is to make concluding observations based on what we have discussed in other previous chapters as well as to describe future research opportunities within the area of internal control.
Synopsis: Internal control seems to be an all-encompassing process. The wider approaches to internal control have expanded its boundaries significantly, far beyond the financial reports and the duties of the accountant. Financial reporting quality objectives have been supplemented with other internal control objectives which are related to compliance, efficiency and effectiveness. Today internal controls may be dispersed and embedded in most of the company’s business activities. Furthermore, internal control has transformed into an extension of risk management and thus tied closer to the strategy formulation and execution process. Internal control is considered to be a form of risk treatment through which inherent risk may be increased or decreased through the design and application of controls. Furthermore, it is today a regulatory object. Lawmakers and supervisory authorities are increasingly concerned with the design and operating effectiveness of internal controls. Disclosure requirements imposed on firms are forcing them to provide public disclosures about their internal control systems, which were previously private to firms. Today internal control is also considered to be a key corporate governance mechanism and corporate governance rating systems and credit rating agencies increasingly take into account the internal control and risk management practices of firms. Some researchers however have pointed out that there is still much to learn about internal control quality, and how internal control is associated with corporate governance quality. The fact that internal control is an inherently complex concept poses a significant research barrier, and while all research methods are valid, it is unlikely that archival studies or experiments are able to capture measures of internal control quality. Finally, practical, regulatory and academic texts suggest that internal control designs are contingent upon certain variables. These variables include company objectives, strategy, regulatory characteristics, risk and risk appetite, management attitudes and firm size. Prior research also points to the challenge facing any internal control architect. Building internal control capabilities would seem to be of great importance if firms are to be able to design internal controls which are balanced, integrated, dynamic and cost-effective.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Governance rating systems builds on agency-ideas (see Chap. 1, Table 2.1) where disclosure about the level of corporate governance quality will reduce information-asymmetries between investors and firms thus enabling investors to make better investment-decisions. Corporate governance ratings and disclosures thus provides opportunity to compare companies within themselves and also to show companies which may be involved with non-best practices. It should also be pointed out that researchers have also examined informal processes and arrangements related to certain governance structures and how they impact governance outcomes, see for example Turley and Zaman (2007).
References
Beasley, M. S., Clune, R., & Hermanson, D. R. (2005). Enterprise risk management: an empirical analysis of the factors associated with the extent of the of implementation. Journal of Accounting and Public Policy, 24, 521–531.
Brandinger, R. (2008a). Kodens ansvar finns i betraktarens öga. Dagens Industri.
Brandinger, R. (2008b, September 1). Riskhantering – inget för koden. Dagens Industri.
Chapman, C., Hopwood, A., & Shields, M. D. (Eds.). (2007). Handbook of management accounting research. Oxford: Elsevier.
COSO (Committee of Sponsoring Organizations of the Treadway Commission). (1992). Internal control – Integrated framework. New York: AICPA.
COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2004). Enterprise risk management – Integrated framework, executive summary. New York: AICPA.
Davies, M. (2008). The impracticality of international “once size fit all” corporate governance of best practice. Managerial Auditing Journal, 23(6), 532–544.
Doyle, E. (2007). Compliance obstacles to competitiveness. Corporate Governance, 7(5), 612–622.
Eisenhardt, K. M. (2007). Theory building from case studies: Opportunities and challenges. Academy of Management Journal, 50(1), 25–32.
Ethiraj, S. K., Kale, P., Krishnan, M. S., & Singh, J. V. (2005). Where do capabilities come from and how do they matter? A study in the software services industry. Strategic Management Journal, 26, 25–45.
Fadzil, F. H., Haron, H., & Jantan, M. (2005). Internal auditing practices and internal control system. Managerial Auditing Journal, 20(8), 844–866.
Fraser, I., & Henry, W. (2007). Embedding risk management: Structures and approaches. Managerial Auditing Journal, 22(4), 392–409.
Hammer, M. (2007, April). The process audit. Harvard Business Review, 111–123.
Hammer, M., & Champy, J. (1993). Reengineering the corporation. A manifesto for business revolution. London: Nicholas Brealey.
Handley-Schachler, M., Juleff, L., & Paton, C. (2007). Corporate governance in the financial services sector. Corporate Governance, 7(5), 623–634.
Haun, R. D. (1955). Broad vs. narrow concepts of internal auditing and internal control. The Accounting Review, 30(1), 114–118.
Heier, J. R., Dugan, M. T., & Sayers, D. L. (2005). A century of debate for internal controls and their assessment: A study of reactive evolution. Accounting History, 10(3), 39–70.
Hermanson, D. R., & Rittenberg, L. E. (2003). Research opportunities in internal auditing chapter 2: Internal audit and organizational governance. Florida: IIA (Institute of Internal Auditors) Research Foundation.
Hutter, B., & Power, M. (Eds.). (2005). Organizational encounters with risk. Cambridge: Cambridge University Press.
Jonnergård, K., & Larsson, U. (2007). Developing codes of conduct: Regulatory conversations as means for detecting institutional change. Law & Policy, 29(4), 460–492.
Khanchel, I. (2007). Corporate governance: Measurement and determinant analysis. Managerial Auditing Journal, 22(8), 740–760.
Kinney, W. R., Jr. (2000). Research opportunities in internal control quality and quality assurance. Auditing: A Journal of Practice and Theory, 19(Supplement), 83–90.
Kollegiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2005). Anvisning Nr.1-2005 [Guidance No.1-2005 regarding board reporting on internal control], Stockholm, December 15, 2005.
Kollegiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2006a). Anvisning Nr.1-2006 [Guidance No. 1-2006 on the application of code provisions regarding reporting and disclosure of internal controls], Stockholm, September 6, 2006. Available at www.corporategovernanceboard.se
Lekvall, P. (2008, September 6). Intern kontroll kvar i fokus. Dagens Industri.
Maijoor, S. (2000). The internal control explosion. International Journal of Auditing, 4, 101–109.
Mikes, A. (2009). Risk management and calculative cultures. Management Accounting Research, 20, 18–40.
Oliviero, M. E. (2002, February). The architect is missing. Internal Auditor, 76.
Picket, K. H. S. (2001). Internal control: A manager’s journey. New York: Wiley.
Porter, M. E. (1985). Competitive advantage. New York: Free Press.
Power, M. (1997). The audit society: Rituals of verification. New York: Oxford University Press.
Power, M. (2004). The nature of risk: The risk management of everything. Balance Sheet, 12(5), 19–28.
Power, M. (2005). The invention of operational risk. Review of International Political Economy, 12(4), 577–599.
Power, M. (2007). Organized uncertainty: Designing a world of risk management. New York: Oxford University Press.
Rae, K., & Subramaniam, N. (2008). Quality of internal control procedures: Antecedents and moderating effect on organizational justice and employee fraud. Managerial Auditing Journal, 23(2), 104–124.
Sarens, G., & De Beelde, I. (2006). Internal auditors’ perception about their role in risk management: A comparison between US and Belgium companies. Managerial Auditing Journal, 21(1), 63–80.
Scott, W. R. (2003). Financial accounting theory (3rd ed.). Toronto: Prentice Hall.
Spira, L. F., & Page, M. (2003). Risk management: The reinvention of internal control and the changing role of internal audit. Accounting, Auditing and Accountability Journal, 16(4), 640–661.
Teece, D. J., Pisano, G., & Shuen, A. (1997). Dynamic capabilities and strategic management. Strategic Management Journal, 18(7), 509–533.
Turley, S., & Zaman, M. (2007). Audit committee effectiveness: Informal processes and behavioural effects. Accounting, Auditing and Accountability Journal, 20(5), 765–788.
Winter, S. G. (2003). Understanding dynamic capabilities. Strategic Management Journal, 24, 991–995.
Woods, M. (2009). A contingency theory perspective on the risk management control systems within Birmingham city council. Management Accounting Research, 20, 69–81.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Arwinge, O. (2013). Conclusions and Future Research. In: Internal Control. Contributions to Management Science. Physica, Heidelberg. https://doi.org/10.1007/978-3-7908-2882-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-7908-2882-5_6
Published:
Publisher Name: Physica, Heidelberg
Print ISBN: 978-3-7908-2881-8
Online ISBN: 978-3-7908-2882-5
eBook Packages: Business and EconomicsBusiness and Management (R0)