The Compositions, Contributions and Limitations of Current Instruments on the Erm and Internal Auditors Roles in the Erm Implementation: A Review of Significance Literature (original) (raw)
Related papers
AFRICAN JOURNAL OF BUSINESS MANAGEMENT, 2012
The primary objective of this study is to comprehensively review the literature concerning existing instruments on the measures of the ERM implementation and roles of internal auditing (IA) in the Enterprise Risk Management (ERM) implementation. The study involves review of existing ERM instruments from 2001 to 2011. The present instrument were critically reviewed in which the contributions and limitations of each is appropriately identified and summarized. The review identified four main limitations of the existing ERM instruments that limit its applicability in academic setting. First, there is no consistency on the attributes used to tap the construct, that is, the ERM. Second, most of the instruments were not based on any well accepted ERM framework. Third, almost all of the instruments do not incorporate the roles of IA in the ERM. Finally, all of the instruments do not attempt to appropriately quantify the measurement of the ERM and this is evidenced by the use of categorical scales. This review could add value to academic research by providing analysis, comments and summary of various ERM instruments for ten years. This may assist more studies in this area that currently lack academic-based measurement tools. This present review could be among the significance source of reference for academic research especially on the measurement of the ERM implementation and IA roles in the implementation. It also could serve as guidance for the development of new academic-based instrument. Further, this review offers new solution to critical research questions concerning the structure, framework and measurement procedures.
Stakeholders' view on the contribution of public sector internal auditing to ERM
Although risk management is not a new phenomenon, enterprise risk management (ERM) is a relatively new concept in the business environment. In a very short time, ERM has established its worth in all sectors. This article investigates the views of chief audit executives (CAEs), the chairs of audit committees (CACs) and accounting officers (AOs) with regard to the contribution that the internal audit function (IAF) makes to ERM in the public sector. This contribution is considered in the context of existing ERM structures and the level of coordination between ERM and the IAF. Results indicate that the CAEs have very different views from the other two parties, and that the existence of ERM structures has very little effect on how the contribution of internal auditing to ERM is perceived.
Operationalising Enterprise Risk Management (ERM) Effectiveness
Asian Journal of Accounting Perspectives, 2014
Studies on ERM effectiveness appear to suffer from the same catastrophic dilemma as that of organizational effectiveness. To the best of the author's knowledge, very little research has been done on the effectiveness of ERM in managing risks. Based on the guidance from the COSO (2004) framework and the existing literature coupled with the insights gathered from semi-structured interviews, the current article aims to demarcate a workable model, and, thereafter, an instrument to be operationalized in ERM effectiveness studies. The findings suggest that the COSO framework is still relevant for ERM and that to improve the robustness of the effectiveness instrument, a multidimensional approach is key. This paper suggests a multiple model approach comprising a process model, system resource model and outcome model for measuring ERM effectiveness. Additionally, the perspectives from various ERM stakeholders of the risk, including the risk function itself, such as from the internal audit and finance or other members of the management team, may enhance the assessment of the effectiveness of ERM in managing risks. It is hoped that the model and instrument developed in this paper will encourage more studies to be conducted on the effectiveness of ERM in particular. From the practical standpoint, with some modifications to the fit, the instrument can also be applied to evaluate the effectiveness of ERM implementation in the respective organisations.
Journal of Advanced Research in Business and Management Studies, 2020
This study investigates ERM implementation of non-financial public listed companies (PLCs) in Malaysia against company size and leverage. The ERM implementation is proxy by ERM Score. The ERM Score is based on COSO ERM Framework. Company size and leverage is proxy by total revenues and liabilities/equities. The objective is to observe changes in ERM implementation in response to changes in company size and leverage. This study develops a 3 by 3 matrix named ERM Behaviour Matrix to understand the changes. The behaviour matrix captures changes in ERM implementation by mapping the ERM Score against company size and leverage. The ERM implementation behaviour is defined as changes in ERM implementation driven by two stimuli, company size, and leverage. Data are collected from annual reports 2016-2017. The study samples are 44 non-financial PLCs of high-risk sectors (energy, utilities, and telecommunications and media). The matrix shows positive ERM behaviours for company size. ERM scores increases as firm size increases, and decreases as firm size decreases. The matrix shows mixed ERM behaviours for leverage. A number of companies' shows status-quo behaviour i.e. as leverage increases, ERM Score remain constant. In contrast, several companies' shows negative behaviour, i.e. as leverage increases, ERM Score decreases. The matrix is an alternative approach to understand ERM implementation. It is a simple and easy to use behaviour tool mapping ERM implementation against firm size and firm advantage. It can be use in practice to monitor ERM implementation by companies. Results of this study contribute to enhance understanding on ERM implementation by public limited companies (PLCs) in Malaysia.
ERM Sophistication, Asymmetric Information and Audit Quality
2020
This study aims to examine the negative effects of ERM sophistication on asymmetric information and the role of internal audit function and auditor specialisation in strengthening the negative effect of ERM sophistication on asymmetric information. This study used 281 listed companies in the Indonesian Stock Exchange in 2016. The method of Moderated Regression Analysis (MRA) is used in this study. The results show that ERM sophistication has a negative and significant effect on asymmetric information, while the internal audit function and auditor specialisation cannot improve the negative effect of ERM sophistication on asymmetric information. The fact that there are still many sample companies audited by non-specialist public accounting firms and the lack of information presented by company related to their internal audit functions becomes an obstacle in assessing the effectiveness of supervision by internal audit of management activities.
An Exploratory Study of Enterprise Risk Management: Pillars of ERM
There is a general consensus that enterprise risk management's (ERM) popularity has resulted from a response to pressure on organizations to holistically manage risk. Multiple frameworks for implementation of ERM contribute to an overall uncertainty regarding the essential components of ERM. This uncertainty carries forward to empirical studies of ERM where results regarding value creation are inconclusive. There exists no real consensus about what the principal components of ERM are; this has led to identification and measurement methods that are inconsistent. By using inconsistent indicators and measures of ERM implementation, it is impossible to compare ''apples to apples'' and arrive at conclusive and convincing results regarding ERM's ability to create value. This is an exploratory study of ERM aimed at determining the integral components of ERM based on how firms actually implement ERM dimensions. The result is the identification of four discrete components, or pillars, of ERM implementation; two prerequisite components related to the general internal environment and control activities of the firm, one component identifying risk management activities of the firm and one component with the defining attributes of ERM implementation. All four components must be implemented to have well-implemented ERM, but only one separates ERM firms from non-ERM firms. The resulting four components challenge existing frameworks to adapt to better reflect how firms implement ERM and can have a valuable impact on identifying and measuring ERM, leading to more informative empirical studies on the value creating abilities of ERM.
ERM implementation on Construction Companies
ERM implementation on Construction Companies, 2016
As a Program Manager, I must interact with each project manager and provide support and guidance on individual projects. Also, I must convey the relevant relationship of each project to the overall program and organizational performance objectives. Adversely, project risk management is an entirely different matter than ERM, mainly because the PMs and I work managing risks within each project. To provide an in-depth review of how the ERM critical success factors (CSFs) apply, I decided to use my company as a case study for implementing an ERM—also discussing what would be the challenges and what could be the decisive CSFs necessary for a successful implementation. The construction industry is project-based. Product uniqueness, on-site production, and ad hoc project teams with relatively high turnover rates are typical characteristics of the industry (Tserng et al., 2009). However, organizations, regardless of their size, industry, or customer base, have to face some degree of risks. Traditionally, risk management has been segmented and conducted in separate business units or departments (i.e., silos) within a company. However, the silo-based approach to risk management has been criticized because it overlooks risk interdependence, inefficient coordination, and duplication of expenditure (Zhao, Hwang & Low, 2015). By contrast, ERM treats each risk as part of an enterprise’s entire risk portfolio rather than a discrete one and is thus considered as a holistic and integrated risk management approach. The COSO (2004) defined ERM as “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives” (p. 4). It is noteworthy that the events in this definition can have a negative impact, positive impact, or both, which is consistent with the double-edged nature of risk. Additionally, ERM is a process, ongoing and flowing through an entity, and should be practiced by individuals at every level of an organization. This process is applied in strategy setting and the enterprise, including taking an entity-level portfolio view of risk. Identification of potential events and management of risk within a corporation also falls within the scope of the ERM process.
International Journal of Economics and Finance
This study aimed at examining the impact of the ERP system on the quality of internal auditing in the Jordanian commercial banks. For this purpose, the researchers designed a questionnaire that was distributed to specialists in the same field of this research. The questionnaire consisted of eight perspectives. The study’s sample included 21 Jordanian banks, while the study’s sample consisted of thirteen Jordanian commercial banks. The results discovered a statistical and significant impact on the application of the organization's resource planning system, especially in the field of finance, marketing, sales, management, human resources as well as the services’ system. Based on these results, the researchers raised up a set of recommendations, which are including the necessity of developing the capabilities of the internal auditors in the use of the organization's ERP system in general, and enhancing the accounting system to increase the confidence and the quality of the fina...
Internal audit involvement in enterprise risk management
Managerial Auditing Journal, 2011
Purpose -The paper examines the impact of involvement in Enterprise Risk Management (ERM) on internal auditors' willingness to report a breakdown in risk procedures and whether a strong relationship with the audit committee affects willingness to report. The study also investigates the use of ERM and the role of internal audit in ERM. Design/methodology/approach -The study uses an experimental design, manipulating (i) the internal auditor's involvement in ERM and (ii) the strength of the relationship between internal audit and the audit committee. Participants are 117 certified internal auditors. The study also gathers descriptive data on the use of ERM. Findings -The study indicates that a high involvement in ERM impacts internal auditors' willingness to report a breakdown in risk procedures to the audit committee. However, a strong relationship with the audit committee does not appear to affect willingness to report. The study also finds that the majority of organisations have recently adopted ERM. Internal auditors are involved in ERM assurance activities but some also engage in activities that could compromise objectivity. Research limitations -There are internal and external validity threats associated with the experimental design. Practical implications -The findings reinforce the need for organisations to adhere to the recommendations of the IIA and to ensure that internal auditors do not play an inappropriate role in ERM. Originality/value -The study contributes to our understanding of the impact of involvement in ERM on internal audit objectivity and of the current role of internal audit in ERM in Australia.