i
Factors Affecting the Performance of the Internal Audit Function in
Government Ministries in Kenya
BY
KIRIMA N. NJOROGE
UNITED STATES INTERNATIONAL UNIVERSITY - AFRICA
SPRING 2016
i
FACTORS AFFECTING THE PERFORMANCE OF THE INTERNAL
AUDIT FUNCTION IN GOVERNMENT MINISTRIES IN KENYA
BY
KIRIMA N NJOROGE
A Research Project Submitted to the Chandaria School of Business in Partial
Fulfillment of the Requirement for the Degree of Masters in Business
Administration (MBA)
UNITED STATES INTERNATIONAL UNIVERSITY - AFRICA
SPRING 2016
ii
STUDENT’S DECLARATION
I’m the undersigned, I declare that this is my original work and has not been submitted to
any other college, institution or university other than the United States International
University -Africa for academic credit.
Signed: ________________________ Date: __________________
Kirima N Njoroge (ID 620232)
This project has been presented for examination with my approval as the appointed
supervisor.
Signed: ________________________ Date: _____________________
Kepha Oyaro
Signed: _______________________ Date: ____________________
Dean, Chandaria School of Business
iii
COPYRIGHT
All rights reserved. No part of this report may be photocopied, recorded or otherwise
reproduced, stored in a retrieval system or transmitted in any electronic or mechanical
means without prior permission of the copyright owner.
Kirima N Njoroge Copyright © 2016
iv
ACKNOWLEDGEMENT
There are many unseen hands I need to acknowledge for the cooperative assistance that
has seen me through the completion of this project. First and foremost, I want to give
special thanks to the Almighty Father for giving me special graces to work through and
complete this project.
I sincerely thank my supervisor Kepha Oyaro, Lecturer at the Chandaria School of
Business at the United States International University - Africa for his guidance, enabling
support, wise counsel and never ending patience during the development of this Project.
I would also like to acknowledge the encouragement from all my colleagues, classmates,
friends and relatives for their remarkable devotion, assistance and dedication throughout
the project work.
v
DEDICATION
This work is dedicated to the almighty God for the wisdom and gift of life that has made
me realize and see the conclusion of this research and to those who helped me carry out
this research. I also want to dedicate this project to my wife Chula, my incredible
children Wairimu and Mbugici for their understanding, patience and support during the
research and the entire program.
vi
ABSTRACT
The study focused on the factors that affect the performance of the internal audit function
in government ministries in Kenya. The study aimed at achieving the following
objectives: to determine how the working environment affects the performance of
internal auditors in government ministries; to assess how the challenges to the
independence of internal auditors in government ministries affects their performance; and
to assess the impact of the level of technical competency on performance of internal
auditors in government ministries.
The study adopted a descriptive research design and involved the collection of data
aligned to the research questions. The study population was 126 members of internal
audit committee and 90 senior members of staff in the 18 government ministries which
were formed after the general election of March 2013 and which all have headquarters in
Nairobi. Data was collected using a structured questionnaire for respondent from each
ministry. The questionnaire was designed by the researcher based on the research
questions and was pre-tested to ascertain the suitability of the tool before actual
administration. The study used both quantitative and qualitative method of data analysis.
Coded data was analyzed using frequency distribution, percentages, mean and standard
deviation and presented using tables and figures. Multiple regression analysis was used to
establish the relationship between the study variables.
From the findings, the study found out that the internal auditors working environment
impacted on the performance of internal audit function and the function’s performance is
impacted by the presence of a clear structure of responsibility linked to set targets,
flexibility in the approach of the internal audit work, better exposure of internal audit
staff through attendance of professional conferences and exchange programs,
professional training support and a clear recognition and reward system.
The study also revealed that internal audit independence and authority impacts on
performance and concluded that performance is enhanced by there being a clear policy on
the establishment of the internal audit function which protects the internal auditors from
vii
undue pressure of reprisals when they report, ensures that internal auditors do not audit
operations they were involved in implementation, requires the presence of a clearly
structured recruitment processes where the CAE is fully involved and the internal
auditors having unrestricted access to records and transactions and to those charged with
governance.
The study concluded that internal auditors technical competence impacts on the
performance of the function and the audit staff need to have competence in risk profiling,
performance measurement principles, financial analysis tools and techniques, ICT and
tech-based audit techniques and an overall appreciation of organization objectives and
how these link to the objectives of the internal audit function.
The study recommends that the ministries should keep organizing seminars and
workshops to train the internal auditors and that the heads of the internal audit department
should be responsible to the audit committees who possess sufficient authority to promote
independence and to ensure that the broad audit objectives are met. Further, the study
also recommends that the internal audit function should have the latest internal audit
software and be aware of the developments in the internal audit frameworks to enhance
their pivotal role in the development of effective public financial management systems in
Kenya.
ii
TABLE OF CONTENTS
STUDENT’S DECLARATION ............................................................................................. ii
COPYRIGHT ......................................................................................................................... iii
ACKNOWLEDGEMENT ..................................................................................................... iv
DEDICATION......................................................................................................................... v
TABLE OF CONTENTS ....................................................................................................... ii
LIST OF TABLES ................................................................................................................. iv
LIST OF FIGURES ................................................................................................................ v
LIST OF ABBREVIATIONS ............................................................................................... vi
CHAPTER ONE ..................................................................................................................... 1
1.0 INTRODUCTION............................................................................................................. 1
1.1 Background of the Study .............................................................................................. 1
1.2 Statement of the Problem ............................................................................................. 5
1.3 Purpose of the Study ..................................................................................................... 7
1.4 Research Questions ...................................................................................................... 7
1.5 Importance of the Study ............................................................................................... 8
1.6 Scope of the Study ........................................................................................................ 9
1.7 Definition of Terms ...................................................................................................... 9
1.8 Chapter Summary ....................................................................................................... 10
CHAPTER TWO .................................................................................................................. 11
2.0 LITERATURE REVIEW .............................................................................................. 11
2.1 Introduction ................................................................................................................ 11
2.2 Internal Auditors Working Environment .................................................................... 11
2.3 Internal Auditors Independence And Authority ......................................................... 17
2.4 Internal Auditors’ Technical Competency ................................................................. 22
2.5 Chapter Summary ....................................................................................................... 28
CHAPTER THREE .............................................................................................................. 29
3.0 RESEARCH METHODOLOGY .................................................................................. 29
3.1 Introduction ................................................................................................................ 29
3.2 Research Design ......................................................................................................... 29
3.3 Population and Sampling Design ............................................................................... 29
iii
3.4 Data Collection Method ............................................................................................. 31
3.5 Research Procedures ................................................................................................... 32
3.6 Data Analysis Methods ............................................................................................... 33
3.7 Chapter Summary ....................................................................................................... 33
CHAPTER FOUR ................................................................................................................. 35
4.0 RESULTS AND FINDINGS .......................................................................................... 35
4.1 Introduction ................................................................................................................ 35
4.2 Demographic Information .......................................................................................... 36
4.3 Internal Auditor’s Working Environment .................................................................. 38
4.4 Auditors Independence and Authority ........................................................................ 42
4.5 Internal Auditors Technical Competence ................................................................... 44
4.6 Performance of Internal Auditors ............................................................................... 48
4.7 Regression Analysis ................................................................................................... 51
CHAPTER FIVE .................................................................................................................. 53
5.0 DISCUSSION, CONCLUSIONS AND RECOMMENDATIONS ............................. 53
5.1 Introduction ................................................................................................................ 53
5.2 Summary ..................................................................................................................... 53
5.3 Discussions ................................................................................................................. 54
5.4 Conclusions ................................................................................................................ 60
5.5 Recommendations ...................................................................................................... 61
REFERENCES ...................................................................................................................... 63
APPENDICES ....................................................................................................................... 69
Appendix I : Introductory Letter ...................................................................................... 69
Appendix II : Questionnaire ............................................................................................. 70
Appendix III: Time Plan ................................................................................................... 76
iv
LIST OF TABLES
Table 3.1: Sample Size Distribution ................................................................................. 31
Table 4.1: Internal Auditor’s Working Environment and performance ............................39
Table 4.2: The Institutional Theory and Auditor’s Working Environment .......................40
Table 4.3: Control Environment ........................................................................................41
Table 4.4 Resources Availability .......................................................................................42
Table 4.5: Internal Auditor Charter ...................................................................................42
Table 4. 6: Control Activities.............................................................................................43
Table 4.7: Information Generation and Communication ...................................................44
Table 4.8: Internal Auditor and Consulting .......................................................................45
Table 4. 9: Internal Auditor Expertise ...............................................................................46
Table 4.10: Internal Auditor Competency and Performance .............................................47
Table 4.11: Professional Competency ...............................................................................48
Table 4.12: Performance of Internal Auditors ...................................................................49
Table 4.13: Model Summary .............................................................................................51
Table 4.14: ANOVA ..........................................................................................................51
Table 4.15: Coefficients .....................................................................................................52
v
LIST OF FIGURES
Figure 4.1: Response Rate .................................................................................................35
Figure 4.2: Gender of the Respondents.............................................................................36
Figure 4.3: Age group ........................................................................................................37
Figure 4.4: Highest Qualification Achieved ......................................................................37
Figure 4.5: Number of Years in the Organization .............................................................38
vi
LIST OF ABBREVIATIONS
AAA : America Accounting Association
CAE : Chief Audit Executive
CBOK : Global internal audit Common Book of Knowledge
CIA : Chief Internal Auditor
COSO : Committee of sponsoring organizations-Tradeway
Commission
GAAP : Generally Accepted Accounting Principles
IA : Internal Auditors
IAFs : Internal Audit Functions
ICPAK : Institute of Certified Public Accountants of Kenya
ICT : Information and Communication Technology
IIA : Institute of Internal Auditors
INTOSAI : International Organization of Supreme Audit Institutions
IS : International Standards
OECD : Organization for Economic Cooperation and Development
SOE : State Owned Enterprises
SOX : Sarbanes-Oxley Act
1
CHAPTER ONE
1.0 INTRODUCTION
1.1 Background of the Study
Organizations Internal auditors play the role of undertaking an independent examinations
and giving assurance on various operations of institutions aimed at enhancing
organizational performance every day (Institute of Internal Auditors(IIA), 2009). This
enables an organization to meet its operational objectives through well thought-out and
dedicated approaches to evaluate and improve on how best to manage risk, institute
effective controls and enhance governance. The broad view of internal audit places it
more centrally as an important element of public expenditure management that also
encompasses management controls and information communication processes (Diamond,
2002). Internal auditors become key by informing the public sector as a result of
principle-agent relationship that exists between the executive and the public (ICPAK,
2015). Internal auditors help in safeguarding organization resources and are expected to
give a continuous account of how the resources have been used and enable continuous
assessment on whether the feedback meets public objectives and expectations and
whether these are well balanced to reduce the risks inherent in the principal-agent
relationship (Adel, 2011).
Internal auditing principles offer quality reporting without due interference from top
management in all processes and transactions undertaken and provide responses as to
whether the agent has used the resources as intended and expected by the set rules
(Adeniyi, 2004). Independence is promoted through established reporting structure by the
organization and should be clear to all parties focusing on achieving an appropriate mind-
set. Internal auditors review and evaluate all internal control measures undertaken within
diverse organizations that vary in complexity, size, structure, and purpose through staff
appointed within the organization (Adeniyi, 2004).
The basic roles of Internal auditors activities are directed towards evaluating whether
operations were carried out in accordance with the set rules and regulations, set
2
governance structures as well as systems that manage information in a bid to promote
preciseness and efficiency in undertaking transactions (Stoner, 1994). In addition,
internal auditors evaluate issues of integrity in a firm, measure systems and information
flow to attain accountability and transparency in financial reporting (IIA, 2004). The
other function of internal auditors is to offer direction on the best measures to adverse
occurrence of chances or deficits that may arise, as well as providing certainty to
institutions audit committee’s and top management in ensuring objectives are well set
(Owler & Brown, 2009).
In most cases, organizations’ internal auditor’s role is guided by the chief audit executive
who outlines authority, independence and the scope of duty for internal auditors in a
written policy document called the charter which is approved by institution’s audit
committee and in turn becomes of importance for reference and reading materials for top
management of the organization (Paape, 2007). The skills, knowledge and objectivity of
qualified internal auditors are important to the firm’s internal audit unit and protect
against any threat to controls and efficiency in management of public resources (IIA,
2004). The huge role of internal auditors requires that they always follow the laid down
procedures developed by IIA (Ramsay, 2002). The other function of internal auditors is
to achieve transparency and high level of accountability in management of utilization of
public finances and achieving expected institution performance (Shuttleworth, 2008). For
an internal auditor to always perform their roles well, they have to work in a conducive
working environment. Key factors such as management support, availability of working
resources, independence of internal auditors and commitment by management influence
internal auditor’s performance (Smith, Normah, Zulkarnain & Ithnahaini, 2001).
Public institutions are required to support the internal auditor to learn effectively on all if
not most issues faced by public institutions by understanding the daily risks and
constraints in public organizations systems and formulating strategies that will enable the
internal auditors to work as a team to identify and address all risks (Ramsay, 2002). A
good internal auditor is one who undertakes his role efficiently and effectively and
enables the achievement of good governance systems in any given public institution
(Belay 2007). The internal auditors’ roles are affected by credibility issues hindering their
3
capability to perform their duties in promoting transparency, accountability and good
governance. For instance, misappropriation of public funds through scandals such as
2005 Anglo-Leasing, NHIF, Judiciary and the Ministries of Agriculture and Education
scandals are indicators of ineffectiveness in public internal auditing and poor
performance of internal auditors.
According to Institute of Internal Auditors (IIA) (2009), internal auditing can be defined
as a self-governing, objective and consulting activity that is designed in order to add
value and develop the operations of an organization. It helps an organization to carry out
its objectives by bringing an organized, disciplined approach in order to assess and
develop the effectiveness of risk management, control and governance processes. Thus,
internal auditing is performed by professionals with a thorough understanding of the
business culture, systems and processes. The internal audit function is expected to offer
guarantee that internal controls in place are sufficient to alleviate the risks, governance
processes are helpful and competent, and organizational goals and objectives are being
met (IIA, 2004). This definition suggests that internal audit has undergone a paradigm
shift from an emphasis on accountability about the past to improving future outcomes
which help organization operate in a more effective and efficient manner (Nagy &
Cenker, 2002).
Internal auditing is a profession and activity involved in advising organizations regarding
how to better achieve their objectives through managing risks and improving internal
controls. Internal auditing involves the utilization of a systematic methodology for
analyzing business processes or organizational problems and recommending solutions.
The main role of the internal audit function is to guarantee that management controls are
being applied in an effective manner. The internal audit function, even though not
obligatory, exists in most private enterprise or corporate entities, and in government
including federal, state, county and city governments. The task, quality and strong point
of an internal audit function may differ extensively within organizations due to
difference in approach by top executives and due to the culture and traditions of
companies and organizations. By measuring and evaluating the effectiveness of
organizational controls, internal auditing, itself, is an important managerial control
4
device, which is linked directly to the organizational structure and the general rules of the
business (Cai, 2007).
IIA (2010) defined internal audit effectiveness “as the degree (including quality) to which
established objectives are achieved”. Internal audit effectiveness means the extent to
which an internal audit office meets its purposes (Mihret & Yismaw, 2007). While
Mizrahi and Ness-Weisman (2007) give their own definition which is in line with the
ability of the internal auditor intervention in the prevention and correction of deficiencies.
They finally defined internal audit effectiveness as “the number and scope of deficiencies
corrected following the auditing process”. Audit effectiveness is an outcome of auditors
activities, duties, professional practices and responsibilities delivered with commitment
and with audit standards, goals, objectives, policies and procedures. Hence the overall
design of the internal audit function should be geared towards the specific priorities and
objectives of each country and in instances where the main challenges are governance,
then the internal audit function should be focused on ensuring compliance with financial
laws and regulations (Diamond, 2002). Diamond (2002) also noted that in developing and
transitional countries which have a high degree of financial stress, the main objectives of
the internal audit function should be to ensure macroeconomic stability while countries
that are able to ensure compliance with laws and have achieved a fair degree of macro-
economic stability, the main objective of the internal audit function should be to ensure
efficiency and effectiveness of resource use. Effective internal audit system helps in
achieving performance, profitability and prevents loss of funds particularly in public
sectors even though Pilcher Gilchrist and Singh (2011) observed that efficiency and
effectiveness of audit in public sectors context is more complex than in the private
sectors.
In Kenya, the public finance management provisions in the new Constitution were
significantly influenced by the need to correct past executive excesses and abuses.
Chapter 12 of the new Constitution begins in Article 201 with guiding principles and a
framework for public finance, which if strictly adhered to can alter policy formulation
and the management of public resources for the better (Kirira, 2011). Among the key
principles are requirements that there should be: Openness, accountability and public
5
participation; Promotion of equity, meaning that the tax burden is shared fairly at both
national and county levels; Public expenditure that promotes equitable development and
addresses marginalized areas and groups; Equitable sharing of debt benefits and burden
between current and future generations; Prudent and responsible use of public resources
and Responsible public financial management with clear fiscal reporting (Kirira, 2011).
In Kenya, the set-up of internal audit function has been provided for under the Public
Financial Management Act of 2012 and the Public financial management regulations of
2015. This law and the implementing regulations also accommodate prior guidance
provided through Treasury circular AG/3/080/6/(61) of 2000 on the establishment of
Audit committees in all Ministries, departments and agencies of the central government,
circular 16 of 2005 which provided detailed guidance on internal auditors role in
enhancing oversight, governance, transparency and accountability and circular 18 of 2005
that provided a detailed guide to management action on internal audit reports (ICPAK,
2015).
1.2 Statement of the Problem
Effective public finance management, including the management of aid flows, is crucial
to countries making progress in reducing poverty. Weaknesses in public financial
management often reflect underlying interests and incentives, and the reform and
strengthening of public financial management requires high-level political leadership and
support as well as technical skills (Diamond, 2002). For all these reasons, public financial
management is likely to remain at the centre of dialogue between aid agencies and
partner country governments. At the same time, donors have both a developmental and a
fiduciary interest in the quality of their partners’ public financial management (OECD,
2006). Audit committees play an important role in public financial management in most
countries. In Kenya, each government Ministry in Kenya has a functioning Audit
Committee in place to assist in streamlining public finance management (ICPAK, 2015)
Internal auditors are critical in ensuring efficiency in financial management of public
funds by preventing loss of the same (Eden & Moriah, 2006). Internal auditors are used
to significantly enhance controls to promote transparency and accountability. There have
6
been numerous complaints on the management of public funds and government being not
as effective in detecting and preventing the misappropriation of public funds. However,
even after enacting laws governing internal audit processes, there is still a rise in cases of
inefficiency in public resources management and many reported cases of frauds and
corrupt practices (Mihret & Yismaw, 2007). The Auditor General noted that out of 101
financial reports for the fiscal year ended 30 June 2014, 26 had an unqualified opinion,
50 had a qualified opinion, 16 had an adverse opinion while 9 had a disclaimer of opinion
(Auditor General, 2015). This therefore suggests to the researcher that management of
financial resources in the public sector is still not efficient and effective.
Adel (2011) indicated that there is inadequate staffing of internal accounting and auditing
departments in government and specifically the internal audit function is generally under
resourced and this affects the performance of the internal auditors in financial
management hence exposing public organizations to face threats of misuse of public
funds. Rezaee (2012) noted that financial reporting is ineffective due to corruption,
frauds, and ineffective regulations.
Recent scandals that faced the Judiciary and the Ministries of Agriculture and Education
revealed poor internal auditors performance mainly due to bureaucracy in transparency
and which resulted in misappropriation of public finance and losses of funds (GOK,
2013). Recent public institutions financial accounting scandals such as in the Judiciary
where over Kshs 2.2 billions of taxpayers’ money was lost indicate poor performance of
internal auditors (GOK, 2013). Similarly weak internal auditing procedures have
increasingly become a major problem in detecting loss of public funds and are an
indication of ineffectiveness of internal auditors in the public sector (Otieno, 2010).
Kibet (2008) carried out a study on the role of the internal auditors in promoting good
corporate governance in State Owned Enterprises (SOEs’) aimed to explore the use of
staff working as internal auditors in promoting good corporate governance in public
sector enterprises and the challenges faced by the internal auditors in SOE. Kibara (2007)
similarly carried out a survey of internal auditors risk management practices in the
banking industry in Kenya and Chepkorir (2009) carried out a study on the challenges
7
and roles of internal auditors in the banking sector in Kenya. According to the
International Audit Standards, the internal auditors’ role is not to unearth frauds and
irregularities in organizations but to carry out their work with a skeptic mind and report
any if they encounter. Despite the increase in corruption cases and misappropriation of
public funds in the public sector, studies on factors affecting internal auditor’s
performance in public sector remain scanty and there is no critical research that has been
undertaken to explain the reasons why the internal audit functions clearly legislated for
under the Public Financial Management Act of 2012 has not been effective in
strengthening public financial management systems which would be a more effective
way of protecting government resources. Further, the constitution brought far reaching
changes in the governance structure in Kenya and the general elections held in March
2013 ushered in the two levels of government. ICPAK (2015) survey on effectiveness of
internal audit committees in the public sector identified the need to conduct further
research to identify the factors affecting the performance of internal auditors in the public
sector and specifically in state owned corporations, government ministries and county
governments. This study therefore sought to fill the existing research gap by establishing
factors affecting the performance of internal auditors’ in public sector in Kenya, with
special focus on government ministries.
1.3 Purpose of the Study
The purpose of the study was to establish the factors affecting the performance of internal
auditors’ in the public sector with a focus on the ministries in the Government of Kenya.
1.4 Research Questions
The study was guided by the following research questions:
1.4.1 To determine how the working environment affects the performance of internal
auditors in government ministries.
1.4.2 To assess how the challenges to the independence of internal auditors in
government ministries affects their performance.
1.4.3 To assess the impact of the level of technical competency on performance of
internal auditors in government ministries.
8
1.5 Importance of the Study
1.5.1 Government Ministries
Government internal auditors are considered a cornerstone of the governance framework
in the public sector. Enquiries on challenges affecting the performance of internal
auditors in government ministries helps to establish measures to minimize internal
auditor’s challenges and improve the performance of the internal audit function by
ensuring effective oversight on internal controls and in determining whether resources
meant for public services are being prudently utilized with an aim of achieving the
desired results. The Internal Audit function is an integral part of government financial
management and an instrument for improving the performance of government ministries.
Internal auditors support government ministries in realizing utmost fidelity and prudent
use of public resources as well as bringing improvements in operations which cultivate
trust among those who have a stake and the citizens.
1.5.2 Multilateral and Bilateral Support Agencies
The research work provides vital support to agencies like the World Bank, UN Agencies
like UNDP and others that support the government of Kenya in Public financial
management. The research brought to light the challenges hampering the efficiency of the
internal auditors in financial management and how these challenges could be tackled.
The research work is also of significance to the management or head of department of
various agencies that support governance processes in government ministries and public
corporations and would enable them gain insight on challenges that affect performance of
internal auditors. This would enable them formulate strategies that would improve
effective internal control system and enhance internal auditors performance in public
financial management.
1.5.3 Policy Makers
This study is of great importance to public policymakers in Kenya as it provides
knowledge on challenges hindering performance of internal auditors in the public sector
and formulates policies that would enhance effectiveness of internal auditors and improve
9
internal audit performance. The study findings provide a basis for policy development
that would improve internal auditing practices and help in detecting and reporting frauds
in financial management and avoid misappropriation and loss of public funds.
1.5.4 Scholars and Academicians
This research serves as an excellent reference material to person(s) who would like to
carry out research related to this area and forms a basis for future research of challenges
affecting performance of internal auditors in the public sector as the forms a foundation
for further research on internal auditors in public sector. The study is significant to
scholars and researchers as the study contributes to existing body of knowledge on
challenges affecting performance of internal auditors in government Ministries.
1.6 Scope of the Study
The study sought to establish the factors affecting the performance of internal auditors in
government ministries in Kenya. The research sought to establish the extent to which
working environment, internal auditor’s independence and technical competency affects
performance of internal auditors’ in the public sector in Kenya.
The study was conducted over one month and targeted audit committee members and
senior internal audit staff of the 18 ministries in place after the March 2013 election in the
government of Kenya at their headquarters in Nairobi.
The respondents at the various ministries are busy people and getting appointments
proved difficult. The researcher distributed questionnaires and gave them time to fill then
collected them later.
1.7 Definition of Terms
1.7.1 Audit Committee
The Audit committee refers to a committee of the Board of Directors whose role typically
focuses on aspects of financial reporting and on the entity's processes to manage business
and financial risk, and for compliance with significant applicable legal, ethical, and
10
regulatory requirements. The Audit Committee typically assists the Board with the
oversight of the integrity of the entity's financial statements; ensures entity's compliance
with legal and regulatory requirements; ensures the independent auditors' qualifications
and independence; oversights the performance of the entity's internal audit function and
that of the independent auditors; and in the absence of a remuneration committee, deals
with compensation of company executives (INTOSAI, 2011).
1.7.2 Audit
International Standards on Auditing (ISA) describes audit as the independent examination
of and expression of an opinion on the financial statement of an entity by an appointed
auditor (IIA, 2009).
1.7.3 Internal Audit
An independent objective assurance and consulting activity designed to add value and
improve organization operations (IIA, 2009).
1.7.4 Public Finance
Public finance is a branch of economic theory that deals with the central and local
government incomes, expenditures and their administration (Goodwin, 2014).
1.8 Chapter Summary
This chapter introduced the study through a detailed outline of the project and has
described the significance of the study and explained the problem statements and
provided three research questions. These are contained within as sub-sections in the
introduction section which are as follows; background of the problem, statement of the
problem, purpose of the study, research objectives, importance of the study, scope of the
study and definition of terms, importance are factors affecting the performance of internal
auditors’ in public sector in Kenya. Chapter two is the literature review, chapter three is
research methodology, chapter four is results and findings and chapter five is the
discussion, conclusion and recommendations.
11
CHAPTER TWO
2.0 LITERATURE REVIEW
2.1 Introduction
This chapter reviews the existing research literature on the factors affecting the
performance of internal auditors’ in public sector in Kenya. In specific the chapter
discusses the extent to which working environment affects the performance of internal
auditors; the extent to which internal auditors independence and authority affect the
performance of internal auditors’; and the extent to which technical competency affects
performance of internal auditors’. The section also includes a chapter summary.
2.2 Internal Auditors Working Environment
IIA (2012) indicates that effective public sector internal audit focuses on achieving good
governance. Internal aauditors play a critical role in promoting governance that is critical
in the organization for the promotion accountability and transparency in financial
management, reduction of risk and minimizing corruption. In this respect, it is important
for the internal audit functions and structure to be effective to achieve the intended
objectives and internal auditors should be empowered to take action with integrity and
offer reliable information for action to be undertaken (IIA, 2012).
Organization view internal auditor’s role as a tool to improve effectiveness in
management of organization’s resources. In many occasion, internal auditors work under
poor working conditions and many times management fail to support their role and
despise them as unworthy in the organization and fail to allocate sufficient resources to
the internal audit function (Morgan, 2009) . Insufficient attention by top management is a
negative indicator of the importance of the internal audit function and this affects the
performance of internal auditors (Mihret & Yismaw, 2011). In addition, insufficient
knowledge on the role of the internal auditors results in poor performance (Mihret &
Yismaw, 2011).
12
2.2.1 Internal Auditor’s Working Environment and performance
Cattrysse (2014) carried out a study investigating the role of internal auditors in
organizations. The study found that internal auditors maintain the structure of
organizations internal operations but also noted that the main problem facing the internal
auditor is poor working conditions that create an unfavorable working environment.
Kamere (2013) carried out a study on challenges faced in professionalizing the internal
auditor’s role in Kenya’s industrial and Allied companies listed in the Nairobi Stock
Exchange and established that the failure to realign skills to address new requirements,
failure to conduct risk assessments by management, poor leveraging of ICT to attain
efficiencies and failure to cope with diminished resources, affects the performance of
internal auditors.
Ramsay (2012) highlighted that in modern times, a number of forces put together have
led to a transformation of governments through the adoption of options meant to scale up
their operations and through the enhancement of internal auditor’s roles to higher levels
in a bid to enhance accountability and transparency in the use of public resources. He
further found that the internal audit function entailed evaluation and improvement of
control of risks, internal controls and governance processes. Krishnan and Visvanathan
(2013) sought to address the role of audit committees and internal auditors in their
reporting to management about internal gaps after the passage of the Sarbenes Oxley Act
(SOX). The study sampled 164 institutions where audit committee members were the
respondents. The study revealed that in the frequent meetings by the internal audit
committees, there were no clear responsibilities over effective reporting and over the
reporting of fraud in organizations.
Kamere (2013) did a study of challenges faced in professionalizing the internal audit
function in Kenya’s industrial and Allied companies listed in the Nairobi Stock
Exchange. The study found that in organizations where management failed to recognize
the role of the internal audit function this led to incompetency and overall lack of
performance of the functions. Hack (2013) carried out a study on challenges facing
internal auditors in 24 countries in Europe and found that main challenges facing internal
13
auditors were the widening technical skills gap, corruption and lack of authority. The
study also identified other challenges that hinder the effective functioning of internal
auditors which included high costs of maintaining the function, reluctance to travel,
cultural and language differences, failure to adhere to quality standards and limited
knowledge on acceptable accounting standards, regulations and local laws. The study
found that only 34% of the respondents were positive that internal auditors followed
internal audit standards. The study recommended that institution should enhance internal
audit competency.
Risk assessment requires that the internal audit staff to have skilled manpower.
According to Hack (2013), 89% of respondents indicated that risk assessment was
normally conducted in their respective organizations to support the internal audit
planning process. However, training needs remained critical as only 44% of the
respondents had the skills and he noted that training of internal auditors was critical as
lack of auditing skills hinders performance of the internal audit function. Research by the
American Accounting Association (2011) on issues of competency pointed out that
internal auditors should engage in those services for which they have the necessary
knowledge, skills, and experience and that they should perform duties in accordance with
the Standards; and continually improve their proficiency and effectiveness.
Ahlawat and Lowe (2014) noted that factors affecting the performance of internal
auditors should be focused on during consultation with the management of organizations.
Management support and internal audit quality are the two most important factors that
influence the effectiveness of the internal audit function (Mihret & Yismaw, 2007).
Hence, failure by management to respond to internal audit findings and recommendations
impacts negatively on the internal audit staff attitude towards the improvement of audit
quality, their commitment to develop their career in the public sector internal audit
functions and their overall job satisfaction (Mihret & Yismaw, 2007). Goodwin (2014)
in a Singapore study found that 72% of internal auditors were not allowed to question the
decisions made by the top executive level and noted instances where top level executives
were dismissed for going to the Chief Internal auditor to verify the decisions made in the
normal course of operations.
14
2.2.2 The Institutional Theory and Auditor’s Working Environment
The institutional theory originates from the view that an organization is structured and
works to achieve social outcomes in the public (Schneider, 2014). Goodwin (2014)
posited that institution internal audit functions are hard and complex to realize and that
the external picture of the organization may be weakly associated with the organization’s
internal operations (Sterck and Bouckaert, 2014). Institutional theory is of the view that
the organization has structured operations to ensure social accountability. The real
functioning of the organization is complemented by an effective internal audit process
(Millichap, 2012).
The internal auditor roles focus on improving corporate governance in an
institutionalized context which is the basis for the adoption of the institutional theory.
These then demands for greater scrutiny of the organization’s financial reporting to
safeguard the interest of the stakeholders. Evaluation of the internal auditor’s role cannot
be avoided particularly where the function is a key feature of organizational effectiveness
(Dalila, 2013).
Fundamentally, internal auditors roles have now became much more essential as a control
within organizations and a key to effective risk management. Internal auditors are heavily
involved in the organization in the continuous internal audit process and ultimately share
with the boards their recommendations which are expected to contribute to the
organization’s objectives (Jamal, 2011). Similarly while performing their roles, all
measures have to be taken to maintain their independence, authority and objectivity, as a
result of being too involved in the organizations operations (Cattryse, 2014). According
to the United Nations, the preferred qualities for good governance are effectiveness,
transparency, responsiveness and public accountability. The same line of thought was
emphasized on in an Internal Auditing Forum (IAF) which emphasized on the need to
focus on the four characteristic for a better performance and functioning of public sector.
Subsequently internal auditors’ roles are considered crucial in government’s financial
management strategies and increasingly used a dependable way of enhancing
performance in the public sector by the government (Mahmoud & Ehab, 2011). Public
15
institution auditing mainly focuses its objectives to influence achievement of effective
governance by being impartial in their reporting and in assessing with objectively on
whether public funds are used prudently and promote accountability (Jamal, 2011). The
internal auditor’s responsibilities are to provide effective ground for achieving
governance and reduce losses of public funds.
2.2.3 Resources Availability
Several scholars have explored ways in which to measure the value added by IAFs, but
Roth (2014) maintained that value-adding IAFs tend to share similar attributes. The
concept of value added internal audit held by IAFs has direct relevance to internal audit
effectiveness, because the latter serves as a measure of the former. Savuk (2015) agreed
with this notion and believed that an IAF, being a constituent part of corporate
governance, can add value to an organization only if it is effective. Paape (2011) used the
following attributes for IAF effectiveness: subordination to the audit committee,
professional certification, experience, internal audit strategy and operating
responsibilities. Arena and Azzone (2009) linked the effectiveness of an IAF to the
resources and competencies of the internal audit team, activities and processes performed
and its organizational role.
In a survey conducted for the IIA Research Foundation (Adding value: Seven Roads to
Success), information was solicited regarding best practices in value-adding internal
auditing (Roth, 2014). Roth (2014) identified the following five value-adding attributes
for IAFs: organizational alignment, extensive staff expertise, challenging work
environment, risk assessment of the audit universe and an array of audit services.
Dittenhofer (2011) suggested that the following four attributes would make the internal
audit process more useful and more efficient and would improve its position vis-à-vis
management’s opinion of its value; adequate IAF interaction with the organization;
internal restructuring, creation of new services and methods and using technology.
Cooper, Leung and Matthews (2014) reported on a survey conducted by Arthur Anderson
to determine the global best practices for internal auditing and identified the following
16
eight attributes: understanding customers, regarding the IAF as a company service line,
including quality control concepts, focusing on the business and its controls, expanding
the role of the IAFs, regular communication, integration of technology and a professional
satisfied staff complement. Gupta (2011) identified the following IAF value adding
attributes: assessing the inherent level of complexity in an organization, identifying
internal audit customers and their needs, developing a mission and vision for the IAF,
taking a process view of the IAF, developing an internal audit business model, using
information technology as an enabler and developing an appropriate internal audit
strategic plan.
In a recent study, Mihret and Yismaw (2011) applied the framework of attributes of a
value-adding IAF developed by Morgan (2009) to an Ethiopian case study. They found
that a traditional/compliance audit approach is dominant in the organization studied and
concluded that the goals and strategies pursued and the level of risk faced by the
organization appeared to shape the value adding attributes of an IAF. On how modern
internal auditing assists organisations in achieving strategic objectives, Ray (2009)
acknowledges that there are many ways to measure whether or not IAFs add value to
their companies. Ray (2009) refers to the global internal audit Common Book of
Knowledge (CBOK) study which found that the four attributes most commonly applied
are: determining the extent of the implementation of the IAF’s recommendations;
assessment by engagement client surveys from audited departments; the extent of
reliance placed by external auditors on the work of the IAF as well as the number of
management requests for assurance and consulting services.
2.2.4 Control Environment
The control environment provides an atmosphere in which people conduct their activities
and carry out their control responsibilities. The Vonya Global report (2009) points out
that fraud is a direct result of not applying internal controls coupled with regular audits to
those controls. The report observes that lack of "tone at the top” is a major contributing
factor to fraud. The COSO report (2009) points out that fraudulent financial reporting can
have significant consequences for the organization and its stakeholders, as well as for
17
public confidence and credibility in an organisation. The COSO (2009) framework
observes that control environment encompasses a number of factors that include integrity
and ethical values, incentives and temptations, board of directors, organisational structure
and human resource practices.
The effectiveness of internal controls cannot rise above the integrity and ethical values of
the people, who create, administer and monitor them. Integrity and ethical values are
essential elements of the control environment, affecting the design, administration and
monitoring of other internal control components. In addition, integrity is a prerequisite
for ethical behaviour in all aspects of an enterprise’s activities (COSO, 2009).
2.3 Internal Auditors Independence And Authority
Internal audit independence and authority are important concepts that enable the function
to operate without interference and provide effective feedback to management on how to
continuously enhance effective control policies (Warga, 2014). Lawrence (2013) found
that the increased frequency of financial reporting and external audit failures motivated
the internal audit profession to seek greater autonomy in the organization structure and in
countries where the role of internal audit is highly valued, functional reporting moved
from senior officers in the organization to specific committees set-up under the boards
and that report to the board of directors. The auditing services offered by internal auditors
are achieved through internal auditor’s independence and where internal auditors lack
independence, they would normally fail to perform to the expectation of the organization
(Kadondi, 2012).
Schneider (2014) found that internal auditors role in achieving objectivity in the
organization is largely affected by their economic status and that lack of clear reward
systems. Schneider found that when rewards were not given to internal auditors, the
internal audit operations could be influenced by management and this would affect would
affect their reports and may result in unreliable reports to the organization. In contrast,
clear rewards linked to performance influenced internal auditors’ intent to report any
violation in the organization. Hence, internal auditors fail to achieve their performance
18
due to lack of support from management, insufficient resources and failure to receive
support from executive as well as poor relationship in the organization (Warga, 2014).
The lack of controls also results in financial reporting errors, late filings, fraud and
numerous other questionable transactions being performed. As the number and size of
public organizations grow so does the need for properly educated and experienced
accounting related personnel. Certain smaller public companies in developing countries
are encountering difficulties in attracting and paying higher wages of qualified
accounting personnel especially those with knowledge of and experience with GAAP and
auditing regulations. As a result management influences decisions of internal auditors
affecting their performance and this results in financial reporting risks such as improper
revenue recognition, inflated acquisition costs for equipment and inventory, improper
cash advances to officers and other transgressions that have a significant impact on
organizational viability (Cohen, Krishnamoorthy & Wright, 2008).
2.3.1 Agency Theory and Auditor Independence
The Agency theory offer explanations on how firms can effectively relate with each other
and stakeholders where agents determines the responsibility to be undertaken (Dess,
Lumpkin & Eisner, 2009). The theory argues that under features of partial information
flow and risk, which arise from the two parties (agencies) the challenges that need to be
dealt with are adverse selection and moral hazard (Lin, Vargus & Bardhan, 2013).
Agency theory therefore focuses on agency constraints or conflicts of interest between
parties on management practices that has led to the need for good governance and
resulted into approaches that focused on control mechanisms. The theory led to various
financial studies which sought to explain prudent financial management in the
organizations.
The separation of management from ownership in public institution offers an ideal
context for the operationalization of agency theory. The shareholders are regarded as the
principal with the interest of achieving maximum outcome interests from the
organization. Conflict arises as the separation of ownership from management leads to
inability of the owners to monitor management actions and activities and results in the
19
need to employ certain source of information systems and control measures to minimize
agency costs (Krishnan & Visvanathan, 2013).
Most institutions put in place control systems such as internal auditing to promote
efficiency in financial management and to effectively monitor the operational
performance of individual departments. Senior management are normally offered
rewards depending on performance agreed on in reward based plans which are
formulated to provide an incentive to management to increase shareholder wealth and to
attract and retain the most competent and qualified staff (Maletta, 2013).
Internal auditors are used as a control mechanism for evaluating management action
against the expectations of the board and shareholders (Montondon & Fisher, 2009).
Despite their existence, information inequalities constraint management and directors and
the expectation that the internal audit function is an effective control system that
promotes good governance (Lin et al, 2013). This is supported by IIA, (2012) which
opined that one of the expected outcomes when assessing the role of internal auditors is
whether the function assists the organization to promote corporate governance processes.
2.3.2 Internal Auditor Charter
In order to measure the effectiveness of audit committees various international parties
have given best practice guidelines. Jonathan and Sue have cited the Cadbury Committee
(2012), the Blue Ribbon Committee (BRC) (2009), the Australian National Audit Office
(2013), and all the Big-4 accounting firms. IOD (2015) shows that within New Zealand
the Institute of Directors issued a best practice statement pertaining to audit committees
in 2012 and which was further updated in 2014 when the IOD issued a best practice guide
for directors which includes a section on audit committees.
According to a study carried out by Sandra & Henk (2011), it was established that audit
committees in Groningen and Leeuwarden had not made any significant change in local
and national government operations. They further argue that they did not find a direct
effect of these audit committees but believe that performance auditing could influence the
quality of democratic processes in a more indirect way. In New Zealand for instance,
Peart (2008) indicates that the importance of strong governance and internal controls
20
within public sector entities such as District Health Boards were effected when the largest
fraud in New Zealand public sector history occurred at the Otago District Health Board in
2008. The fraud is said to have taken place when over a six year period by a former chief
information officer at the District Health Board and an outside accomplice who invoiced
for non-existent maintenance and computer program updates, amounting to NZ$16.9
million. Hartley (2012) argues that the fraud, which went unnoticed by the Board’s audit
committee and its internal and external auditors, led to the conviction of the Chief
information officer and his accomplice, and the sacking of the chairman of the board.
Schofield (2014) concludes that as a consequence of the fraud, New Zealand’s Minister
of Health called for urgent confirmation that systems have subsequently been put in place
at District Health Boards throughout the country to prevent such a fraud from
reoccurring.
Waweru (2013) conducted a study on Audit Committees and Corporate Governance in
developing Countries with a specific focus on Kenya. The study focused on how audit
committees operate in a developing country such as Kenya and how the practices
compare with those of western economies and other emerging economies; how audit
committees relate to management, internal audit, and external auditor; and the major
achievements and challenges facing audit committees in Kenya. The findings indicate
that there is much similarity to studies in major economies. However, skills shortage and
dominant shareholder or government may have affected the operations of audit
committees. From the study, it is important to note that all the audit committees reported
cordial relationships with management, internal audit staff and the external auditors and
were perceived to have improved the quality of financial reporting.
In Kenya, audit committees were established in Kenyan government ministries in August
2000 as part of the Public Financial Management Reforms (PFMR) strategy through
Treasury circular number AG/3/080/6 of August 2000 (Asembo, 2007). Concerns were
raised on the adequacy of guidelines in the circular and specifically on the composition of
the audit committees and the need to provide for objectivity, independence and integrity.
This then resulted in through Treasury circular number 16/2005, further guidelines on
status, mandate, duties and responsibilities of audit committees. Jonathan & Sue (2010)
21
have mentioned oversight responsibilities in four main primary areas for audit
committees; external financial reporting which involves reviewing and discussing the
external financial reports with management and ensuring compliance with standards and
that they are adequate for stakeholder needs; Internal controls which involves making
considerations on their adequacy, reviewing management’s reports on fraud and the
effectiveness of internal controls; risk management which entails reviewing the principal
risks faced by the organization and the effectiveness of the risk management system; and
internal and external audits which involves evaluating the internal audit plan, and
confirming/reviewing the external auditor’s appointment, work programme, and fees.
2.3.3 Control Activities
The detection of occupational fraud in financial statements has been the subject of much
empirical research. Nieschwietz, Schultz & Zimbelman (2010) provide a comprehensive
review of empirical studies related to external auditors’ detection of fraudulent financial
reporting. Albrecht, Albrecht & Dunn (2001) reviewed the fraud detection aspects of
current auditing standards and the empirical research conducted on fraud detection. The
Committee of Sponsoring Organizations of the Treadway Commission sponsored a
descriptive research study by Beasley, Carcello & Hermanson (2009) that provides a
comprehensive analysis of fraudulent financial reporting occurrences investigated by the
SEC subsequent to the issuance of the 1987 Treadway Commission report.
Holmes & Holmes (2012) argues that occupational fraud risks increased with
ineffectiveness in written policies. Kiragu (2015) also observed that thorough
management controls are required to manage occupational fraud. Further, it is important
that the combination of diverse policies and procedures which make up those controls
respond effectively to management directives and are clearly stipulated in organizations
policies and procedures. Control activities occur throughout the organization, at all levels
and in all functions and include a range of activities such as approvals, authorizations,
verifications, reconciliations, reviews of operating performance, security of assets and
segregation of duties (Asembo, 2007). Control activities usually complement each other
and different types of control activities exist, such as preventive controls, detective
22
controls, manual controls, computer controls and management controls (Dittenhofer,
2011).
2.3.4 Information Generation and Communication
A study by ACFE (2012) found that when two or more individuals conspire to commit
fraud against an organization, it can have a harmful effect, particularly when the
combined efforts of the fraudsters enable them to circumvent or override management
controls. In three most recent studies identified by the study, the rate of collusion was
fairly consistent with multiple perpetrators reported in 36% to 42% of all cases. Schemes
involving collusion have also consistently resulted in much larger losses than those
involving a single fraudster (ACFE, 2012).
COSO (2013) highlights that effective communication must occur in a broader sense and
must flow down, across and up the organization. All personnel must receive a clear
message from top management that control responsibilities must be taken seriously. All
personnel must understand their own role in the internal control system, as well as how
individual activities relate to the work of others. They must have a means of
communicating significant information upstream. There also needs to be effective
communication with external parties, such as clients, suppliers, regulators among others.
Effective communication requires that the appropriate content is identified and passed on
timely and that the information should be accurate, current and accessible by all staff in
the organization (Sterck & Bouckaert, 2014).
2.4 Internal Auditors’ Technical Competency
The competency of internal auditors is important in promoting good governance and
ensuring effective utilization of public resources. The internal audit function personnel
both at the audit committee level and at actual internal auditors should be qualified,
competent and knowledgeable to enable them perform their duties effectively. Morgan
(2009) posited that internal auditors needed to be experienced and have the expertise. The
uniqueness of internal auditor’s competency is fostered by ensuring internal auditor’s
independence, expertise, integrity and diligence to perform their role effectively
23
(DeZoort, 2012). In organizations with internal auditors with high competency levels,
there is a positive correlation with performance which results in overall more effective
corporate governance.
Lack of experience, expertise, knowledge and qualification on auditing practices hinders
performance of internal auditors. Kariuki, (2010) posited that internal auditors in a firm
should be competent professionals. Lack of adequate understanding when coupled with
low level of knowledge on auditing operations poses a major threat to the achievement of
high performance. The audit function requires internal auditors to be competent with high
professional qualification with required experience to effectively execute their mandate.
To achieve good governance, internal auditors must have attained minimum education
level and have good professional standing in auditing. The chief auditor is required to
effectively select and recruit highly trained and skilled internal auditors (Kunkel, 2014).
Knowledge, competency and qualification of the internal auditors role depends on the
level of staff competency attained and this impacts on the audit quality (Mihret &
Yismaw, 2013).
2.4.1 Internal Auditor and Consulting
According to Institute of Internal Auditors (IIA) (2009) internal auditing can be defined
as a self-governing, objective and consulting activity that is designed in order to add
value and develop the operations of an organization. The function helps an organization
to carry out its objectives by bringing an organized, disciplined approach in order to
assess and develop the effectiveness of risk management, control and governance
processes. Thus, internal auditing is being performed by professionals with a thorough
understanding of the business culture, systems and processes. The internal audit activity
offers guarantees that internal controls in place are sufficient in to alleviate the risks,
governance processes are helpful and competent, and organizational goals and objectives
are being met (IIA, 2013). This definition suggests that internal audit has undergone a
paradigm shift from an emphasis on accountability about the past to improving future
outcome which helps internal auditors operate in more effective and efficient manner
(Nagy & Cenker, 2012).
24
Internal auditing is a profession and activity involved in advising organizations regarding
how to better achieve their objectives through managing risks and improving internal
control. Internal auditing involves the utilization of a systematic methodology for
analyzing business processes or organizational problems and recommending solutions.
The main role of the internal audit function is to guarantee that management official
controls are being applied in effective manner. The internal audit function, even though
not obligatory, subsists in most private enterprise or corporate entities, and in government
including federal, state, and county and city governments. The task, quality and strong
point of an internal audit function may differ extensively within the approach of top
executives and traditions of companies and organizations. By measuring and evaluating
the effectiveness of organizational controls, internal auditing, itself, is an important
managerial control device, which is directly linked to the organizational structure and the
general rules of the business (Cai, 2011).
2.4.2 Internal Auditor Expertise
Many studies argue that the internal audit function members (audit committee and
internal audit staff) expertise or experience is directly associated with effective
performance of the function (Bedard, 2012). Since the internal audit function’s main task
is to oversee that the organization’s financial reporting and auditing process are
sufficient, they need to have the expertise to understand the issues to be investigated or
discussed (Lin, 2010). Expertise describes the ability of audit committee members to
understand auditing and to have financials literacy which is the ability to read and
understand auditing. Hence audit committee members should have extensive experience
in finance accounting or professional certification in accounting or finance (Daniel,
2012).
Having at least one financial expert on audit committees can influence the functioning of
the audit committee in other ways as well. The presence of a financial expert on audit
committee will decrease the likelihood that the organization will have to restate their
financial reports thus increase the quality of the financial statements (Abbet, 2013).
25
Krishnan (2008) found that when an organization has in its audit committee a financial
expert, the organization is more likely to be conservative in its financial reporting.
However, the impact of the expertise of internal audit only occurs if the firm is founded
in a strong governance framework i.e. if the audit committee has limited power, the audit
committee cannot influence the reporting standards used. Paape (2011) mentioned that
lack of adequate knowledge and relevant experience causes in ability and failure of audit
committee members to understand their roles and responsibilities in the organization.
Absence of these qualities also affects the technical aspects of some of the committee’s
roles, particular in case of internal control evaluation (Haron, 2013). Knapp (1987)
pointed out frequent disputes between external auditors and management about
accounting estimates were routinely resolved by audit committee members due to
adequate technical knowledge and wide expertise.
Tan and Kao (2010) pointed out that it is important to focus on individual’s competence
in performing assigned responsibilities as people having relevant experience and
knowledge normally demonstrate better performance as they tend to prove their
competence. Mcmullen and Reghunandan (2010) identified audit members expertise in
accounting, financial reporting, internal control and auditing as important inputs in the
evaluation of audit committees’ effectiveness. Krishnan and Lee (2009) documented a
strong negative association between litigation risk and audit committee members with
accounting and financial expertise. Organizations with audit committee members who
have financial expertise are less likely to be subjected to censure for poor financial
reporting.
2.4.3 Internal Auditor Competency and Performance
The Internal Audit function is viewed as an integral part of government financial
management and increasingly an instrument for improving performance of the
government sector (Diamond, 2002). Traditionally, the internal audit function was
viewed as a mechanism for assuring government or ministries and the legislature that
public resources have been utilized in line with legislated appropriations and other
26
relevant laws and that the government’s reported use of funds fairly represents the
financial position (Goodwin, 2014). Audit effectiveness refers to achieving audit’s
objective by gathering sufficient and appropriate audit evidence in order to give
reasonable opinion regarding the financial statements compliance with generally accepted
accounting principles.
Effective internal audit system helps in achieving performance, resource optimization and
prevents loss of revenues. The public expenditure management systems of the
government are greatly enhanced by effective internal systems in which the internal audit
has an important role in raising the reliability of the internal control system, improving
the process of risk management and above all, satisfying the needs of internal users.
The internal audit support enhances the system of responsibility that the executive
directors and employees have towards the owners and other stakeholders (Eighme &
Cashell, 2010). Taken together, the internal audit department provides a reliable,
objective, and neutral service to the management, board of directors, and audit
committee, while stakeholders are interested in return on investments, sustainable
growth, strong leadership, and reliable reporting on the financial performance and
business practices of a company (Ljubisavljević & Jovanovi, 2011).
2.4.4 Professional Competency
Detecting fraud is a challenging task. Perpetrators actively engage in deception in an
attempt to conceal their behavior, auditors may have limited experience in fraud
detection, and fraudulent activities are inherently unpredictable and difficult to detect
(Nieschwietz et al., 2000). Hence, the organization would be optimally served by
identifying and utilizing those individuals who, because they appear to share certain
unique personality traits or characteristics, may be best suited to the fraud detection task.
Uecker et al. (2011) used perceptions of relative aggressiveness between internal and
external auditors to investigate the detection of corporate irregularities. Internal auditors
play an important role in fraud detection with most frauds identified by the internal audit
function (KPMG, 2013). Due to the importance of effective fraud detection, any
27
measures that can enhance the efficacy of auditors should be of value. While experience
and ability are undeniably important in the detection process, certain individual
characteristics may be predictive of the capacity to detect fraud (Ashton, 2013).
Understanding how auditors are perceived, and how these perceptions lead to beliefs
regarding their detection abilities, is an important first step in relating personality traits to
the efficacy of auditors.
A review of research reveals a general acknowledgment that the five factor model can be
used as a descriptive mechanism for the most salient elements of an individual’s
personality (Judge et al., 2012). Conscientiousness is the personality dimension primarily
responsible for organizing and directing individual behavior and conscientious
individuals may be characterized as responsible, diligent, persevering and thorough
(Digman and Takemoto-Chock, 2011). Wells (2013) conducted a series of interviews
with successful fraud examiners and found that these individuals exhibited a cluster of
common traits including perseverance, diligence and integrity – each of which is an
attribute of the conscientiousness dimension. Within the context of the five factor model,
only conscientiousness has been found to reliably predict job performance across all
occupational groups (Robertson et al., 2010). Indeed, some studies have demonstrated
that conscientiousness correlates with task performance just as strongly as cognitive
ability (Alonso, 2010). Previous research has demonstrated a linkage between
conscientiousness and task performance, and the linkage has been shown to be stable
across time (Barrick et al., 2011). Conscientiousness can affect job performance in a
number of ways. Conscientious employees are generally more reliable, more motivated,
and harder working and they are also likely to devote more energy to the task at hand and
spend less time daydreaming (Viswesvaran, 2012).
This results in greater assimilation of task related knowledge, leading to greater
productivity (Viswesvaran, 2012). Conscientious individuals would be expected to pay
more attention to detail and profit more from vicarious learning, thus gaining enhanced
job knowledge and being more productive (Viswesvaran, 2012). These assertions were
confirmed by Colquitt et al. (2010) who showed that conscientiousness was highly
28
correlated with motivation to learn and by Borman et al. (2011) who demonstrated a
positive association with job knowledge.
2.5 Chapter Summary
The chapter explores review the literature by various writers on the research objectives.
The main objective is to establish the factors affecting the performance of internal
auditors’ in public sector in Kenya. Precisely, literature review has covered the extent to
which working environment affects the performance of internal auditors, the extent to
which internal auditors independence and authority affect the performance of internal
auditors’ and the extent to which technical competency affects performance of internal
auditors’ and the chapter summary. The next chapter discuses on the research
methodology, it focuses on the population; describes the data collection instruments and
methods used. It also gives details of the research procedures and the data presentation
method was used.
29
CHAPTER THREE
3.0 RESEARCH METHODOLOGY
3.1 Introduction
This chapter presents the research methodology that was used to carry out the study; it
provides a discussion of the research methodology that was used in the study. It discusses
the research design, the population of the study, sample and sampling techniques, data
collection methods as well as data analysis and data presentation methods to be used in
the research study.
3.2 Research Design
The study adopted descriptive research design, it was structured in a formal study with
clear and well stated investigative questions which sought to find out who, what, where,
when and how much (Cooper & Schindler, 2010). Through the descriptive research, the
study sought to assess the effect of the working environment, internal auditor
independence, and level of technical competency of internal auditors on the performance
of the internal audit function in the public sector with a focus on government ministries in
Kenya. A descriptive research determines and reports the way things are and attempts to
describe such things as possible behavior, attitudes, values and characteristics, (Mugenda
& Mugenda, 2008). Descriptive research design was used to establish the factors
affecting the performance of internal auditors’ in public sector in Kenya.
3.3 Population and Sampling Design
3.3.1 Population
According to Kothari (2012), a researcher has to have a specific population as his
research population target upon which he uses to make all his inferences regarding
validity of what he/she is researching on. A population frame is a comprehensive
itemized list of all subjects, which comprise the study population, from which a sample
was taken (Mugenda & Mugenda, 2008). The study targeted members of internal audit
committee in the 18 government ministries formed after the 2013 election and
30
headquartered in Nairobi and senior staff members of the internal audit function. In each
government ministry the audit committee constitutes of 7 members and each ministry has
at least 5 internal auditors who are considered to be senior i.e. Senior Auditor I and above
(Ministry of Finance, 2015).Thus, the target population of the study was 126 for the audit
committees and an average of 90 senior members of the internal audit staff.
3.3.2 Sampling Design
Sampling is selecting some of the elements in a population from which a researcher may
draw conclusions about the whole population. A population group is the subject on which
measurements are obtained; it is the entity of study (Cooper & Schindler, 2010). For the
purpose of this study, the unit of study was the Government Ministry in Kenya.
3.3.2.1 Sampling Frame
The sampling frame was obtained from the internal auditor general which is a department
at the national treasury. The list of members of Audit Committees in the Government
Ministries in Kenya and the list of senior internal audit staff made up the sample frame.
The Sampling frame is an objective list of the population from which the researcher can
make a selection (Denscombe, 2008). A sampling Frame is the list of elements from
which the sample is actually drawn (Kombo & Tromp, 2006).
3.3.2.2 Sampling Technique
Only members of audit committee’s and senior internal audit staff were selected for this
study from the government ministries was sampled for this study. Other than that,
studying a sample selection allows for greater accuracy of results, greater speeds of data
collection, lower cost of research and availability of the population elements.
Stratified random sampling technique was used to select members of the audit
committee’s and senior internal audit staff at each of the ministries. Random sampling
was used to select individual members to be subjected to the study to ensure that every
member of the population was accorded an equal chance of being included in the study
thereby eliminating biasness.
31
3.3.2.3 Sample Size
According to Mugenda and Mugenda (2008) at least 10% of the target population is
enough for a sample size. The study involved a total population of 216 stratified into two
classes of 126 members of audit committee’s and 90 senior members of staff chosen from
all the 18 ministries. Respondents were chosen through simple random sampling
technique for each class.
If the population is small then the sample size can be reduced slightly because a given
sample size provides proportionately more information for a small population than for a
large population (Anderson, Sweeny & Williams, 2014). The sample size (n) was
determined using the equation below.
Where n is the sample size, N is the population size, and e is the level of confidence
which we have determined as 95%. When we use the formula above to the populations
for Audit committees and senior internal audit staff in each ministry, we get the following
sample sizes for each strata:
Table 3.1: Sample Size Distribution
Strata Population Sample size (Rounded-up)
Audit committee members 126 96
Senior internal audit staff 90 74
Total 216 170
3.4 Data Collection Method
Primary data collection method was used in this research. Data was collected using a
structured questionnaire for both quantitative and qualitative information. The
questionnaire was developed by the researcher based on the research questions. The
32
questionnaires contained five sections. Section A sought to establish the respondent
demographic information, section B sought to establish the internal auditors working
environment, section C sought to establish the auditors independent and authority, section
D sought to establish the internal auditors technical competence and section E sought to
establish the performance of internal auditors. The questionnaires were structured to
answer the inquiry questions based on a 5 point Likert scale questions which were close
ended to give the respondents limited and pre-determined responses to choose from. The
questionnaires were made of simple and easy for the respondents to answer.
The questionnaires were distributed to the sample respondents by the researcher using a
drop and pick later method to reduce disruptions on the respondents’ routines.
Respondent anonymity was ensured by giving questionnaires unique numbers which only
the researcher understands their meaning. A clear explanation through a written letter was
given to respondents as to how they are to benefit from the research all these were aimed
at ensuring a high response rate.
3.5 Research Procedures
The questionnaires were designed by the researcher based on the research questions were
pre-tested to ascertain the suitability of the tool before the actual administration.
According to Cooper and Schindler (2010), the reason for conducting pilot testing is to
detect weakness in design and instrumentation and to provide proxy data for selection of
a probability sample. Pre-testing was done by administering the questionnaire to 10
respondents who were not included in the actual study. This enabled the researcher to
fine tune the questionnaire for objectivity and efficiency of the process and to better
restructure questions to ensure clarity on each question. The questionnaire took an
average of fifteen minutes to complete. The final questionnaires were administered using
a drop and pick later method so as to minimize the level of interruptions in the target
respondents schedules. The researcher made follow up calls reminding the respondents to
fill and return the questionnaires.
33
3.6 Data Analysis Methods
This study used both quantitative and qualitative method of data analysis. According to
Babbie (2012), quantitative analysis is the numerical representation and manipulation of
observations for the purpose of describing and explaining the phenomena that those
observations reflect. The data collected from the questionnaires were checked for
completeness and accuracy. The questionnaire was coded according to each variable of
the study to ensure the margin of error is minimized and assure accuracy during analysis.
The coded data was analyzed using quantitative and qualitative techniques. Quantitative
techniques used were descriptive statistics which included the mean, frequency,
percentages and standard deviations while qualitative techniques used was content
analysis. Data was analyzed using Statistical Package for Social Sciences (SPSS). The
data was graphically presented using tables and figures. Multiple regression analysis was
used to establish the relationship between the study variables.The multiple regression
equation was:
Y = β0 + β1X1 + β2X2 + β3X3 +ε
Where
Y is the dependent variable (performance of internal auditor);
β0 is the regression constant;
β1, β2 and β3 are the coefficients of independent variables;
X1 is Internal Auditor’s working environment;
X2 is Auditor’s independence;
X3 is Auditor’s Technical competencies; and
ε is the error term.
3.7 Chapter Summary
Chapter three has mainly described the research design and the methodology applied in
the study to assess the effect of the factors affecting the performance of the internal audit
function in the public sector in Kenya with a focus on government ministries. The
research was based on a stratified sample and individual respondents were selected
randomly and data collection was done using a structured questionnaire. The sample
34
frame was obtained from the Internal Auditor General department with the National
Treasury. The analysis of the data was done using the SPSS data analysis tool. The
following chapter, which is chapter four, covered the results and findings which were
based on information gathered after the data was collected and analyzed.
35
CHAPTER FOUR
4.0 RESULTS AND FINDINGS
4.1 Introduction
This chapter presents the results and findings of data analysis on of collected research
data from the field. The study sought to establish the factors affecting1 the performance
of internal auditors’ in the public sector with a focus on the ministries in the Government
of Kenya. The data was gathered exclusively from questionnaires as the research
instrument. The questionnaire was designed in line with the research questions of the
study.
4.1.1 Response Rate
A total of 170 questionnaires were distributed out of which 131 questionnaires were
returned giving a response rate of 77%. This response was considerable and
representative of the population. This response was good enough and representative of
the population and conforms to Mugenda and Mugenda (2003) stipulation that a response
rate of 70% and above is excellent.
Figure 4.1: Response Rate
36
4.2 Demographic Information
4.2.1 Gender of the Respondents
The study sought to establish the gender of the respondents. The findings in Figure 4.2
show that 56% (73) were male while 44% (58) were female. From the findings it is
evident that both males and females were involved in internal auditing in the ministries in
the Government of Kenya. Thus all genders were significantly represented in the study.
The findings were shown in the Figure 4.2
Figure 4.2: Gender of the Respondents
4.2.2 Age group
The respondents were asked to indicate their age groups distribution and the findings are
represented in the Figure 4.3 below. From the responses, majority 42% (55) of the
respondents were in the age group between 35-44 years, 24% (32) were between 45-54
years, 19% (25) were between 25-34 years, 11% (14) were between 55-64 years and 4%
(5) were 65 years and above. This shows that the findings cut across all the age groups
thus relevant and reliable information for the study was obtained.
37
Figure 4.3: Age group
4.2.3 Highest Qualification Achieved
The respondents were asked to indicate their highest qualification achieved. From the
findings on Figure 4.4, majority 40% (53) of the respondents had degree as the highest
qualification, 24% (31) had masters, 19% (25) had diploma, 12% (15) had other
qualifications and 5% (7) had certificates. This shows that the respondents had relevant
qualifications and were familiar enough with the factors affecting the performance of
internal auditors’ in the public sector hence provides relevant information for the study.
The findings are shown on Figure 4.4.
Figure 4.4: Highest Qualification Achieved
38
4.2.4 Number of Years in the Organization
The respondents were requested to indicate the number of years they have been in the
organization. As shown on Figure 4.5, majority 36% (47) had been in the organization for
between 11-15 years, 24% (31) for between 16-20 years, 18% (23) for 21 years and
above, 15% (19) for between 6-10 years and 8% (11) for between 1– 5 years. This shows
that the respondents had been in their organization long enough to understand the factors
affecting the performance of internal auditors’ in the public sector hence provided
reliable information for the study. The findings are shown on Figure 4.5.
Figure 4.5: Number of Years in the Organization
4.3 Internal Auditor’s Working Environment
Several statements on internal auditors working environment were identified and the
respondents were required to indicate the extent to which they agree or disagree. A five
point Likert scale was provided ranging from: a scale of 1 to 5 where 1=Strongly
Disagree, 2= Disagree, 3= Moderately Agree, 4= Agree and 5=Strongly Agree. From
the responses, mean and standard deviation were used for ease of interpretation and
generalization of findings. The findings are clearly illustrated in the proceeding
presentations.
39
4.3.1 Internal Auditor’s Working Environment and performance
As shown on Table 4.1, internal auditors are praised in audit publications had a mean of
4.15 with a standard deviation of 0.760, the flexibility of processes and controls to
manage changing environment with new risks, or operational gaps had a mean of 4.14
with a standard deviation of 0.763, internal auditors are recognized at annual audit
conference had a mean of 4.12 with a standard deviation of 0.762, top management
through its support and policies demonstrates their enthusiasm to cultivating trust,
integrity and competence within the ministry had a mean of 4.11 with a standard
deviation of 0.765.The respondents strongly agree with the statements thus this finding
concurs with those of Kamere (2013) who carried out a study on challenges faced in
professionalizing the internal auditor’s role in Kenya’s industrial and Allied companies
listed in the Nairobi Stock Exchange. He established that failure to realign skills to
address new requirements, failure to conduct risk assessments by management, poor
leveraging of ICT to attain efficiencies and failure to cope with diminished resources,
affects the performance of internal auditors.
Table 4.1: Internal Auditor’s Working Environment and performance
Internal Auditor’s Working Environment and performance Mean Std Dev
Internal auditors are provided with formal audit training courses 3.86 .814
Internal auditors are given opportunities to attend audit
conferences/seminars/exchange programs 3.75 .750
Internal auditors are provided with training opportunities in
employer specific operations in a bid to enhance their output 3.77 .899
Internal auditors are accorded with on-job skills that suit their
work in the internal audit unit 3.85 .806
The organization has future training plans for each internal audit
staff 3.72 .734
4.3.2 The Institutional Theory and Auditor’s Working Environment
As shown on Table 4.2, Internal Auditors are represented at meetings and conferences
had a mean of 3.89 with a standard deviation of 0.993, there is a precise management
policy on risk had a mean of 3.87 with a standard deviation of 0.992, internal auditors are
provided with formal audit training courses had a mean of 3.86 with a standard deviation
of 0.814, Internal auditors are accorded with on-job skills that suit their work in the
internal audit unit had a mean of 3.85 with a standard deviation of 0.806, the
40
organization’s culture, code of conduct, human resource policies performance reward
systems support the organization’s objectives, risk management and internal control
system had a mean of 3.82 with a standard deviation of 0.996 and the internal auditors
have the relevant skills, tools and knowledge to facilitate achieving set goals and manage
risks effectively had a mean of 3.81 with a standard deviation of 0.994. The respondents
totally agree with the statements and thus the finding is in line with those of Ramsay
(2012) who highlighted that in modern times, a number of forces put together have led to
a transformation of governments through the adoption of options meant to scale up their
operations and through the enhancement of internal auditor’s roles to higher levels in a
bid to enhance accountability and transparency in the use of public resources. He further
found that the internal audit function entailed evaluation and improvement of control of
risks, internal controls and governance processes.
Table 4.2: The Institutional Theory and Auditor’s Working Environment
The Institutional Theory and Auditor’s Working Environment Mean Std. Dev
Internal Auditor’s recommendations are recognized 2.52 1.248
Internal Auditors are represented at meetings and conferences 3.89 .993
The internal auditors are recognized at professional audit
conferences
4.12 .762
The internal auditors are recognized/praised in audit publications 4.15 .760
There are travel opportunities for conferences, audit work, trainings 3.34 1.024
4.3.3 Control Environment
The clear definition of job descriptions, segregation of duties, authority, coordination and
accountability had a mean of 3.39 with a standard deviation of 1.013, there is
professional training support had a mean of 3.37 with a standard deviation of 1.029, there
are travel opportunities for conferences, audit work and trainings had a mean of 3.34 with
a standard deviation of 1.024 and the internal audit staff participate in exchange programs
(e.g. with the auditor-general) had a mean of 3.31 with a standard deviation of 1.013. The
respondents were moderately agree with the statements which are consistent with the
findings of Hack (2013) who carried out a study on challenges facing internal auditors in
24 countries in Europe and found that challenges facing internal auditors were technical
skills gaps, corruption and lack of authority and also identified other challenges that
hinder the effective functioning of internal auditors which included high costs of
41
maintaining the function, reluctance to travel, cultural and language differences, failure to
adhering to quality standards and limited knowledge on acceptable accounting standards,
regulations and local laws.
Table 4.3: Control Environment
Control Environment Mean Std
Dev
Top management through its support and policies demonstrates
their enthusiasm to cultivating trust, integrity and competence
within the ministry
4.11 0.765
The job description, segregation of duties, authority, coordination
and accountability are clearly defined.
3.39 1.013
The ministry shares upfront its set targets and what is expected of
them and the scope of their freedom to act
2.68 1.258
The internal auditors have the relevant skills, tools and knowledge
to facilitate achieving set goals and manage risks effectively
3.81 .994
Flexibility of processes and controls are in place to manage the
changing environment, new risks and new operational gaps
4.14 0.763
4.3.3 Resources Availability
The ministry shares upfront its set targets and what is expected of them and the scope of
their freedom to act had a mean of 2.68 with standard deviation of 1.268, the audit
committee has well laid out plans for managing major risks identified by internal auditors
had a mean of 2.62 with a standard deviation of 1.250 and internal Auditors’
recommendations are recognized had a mean of 2.52 with a standard deviation of 1.248.
The respondents disagree with these statements which concurs with the findings of
Mihret and Yismaw (2007) that failure by management to respond to internal audit
findings and recommendations impacts negatively on their attitude towards the
improvement of audit quality, their commitment to develop their career in the public
sector internal audit functions and their overall job satisfaction.
42
Table 4.4 Resources Availability
Resources Availability Mean Std. Dev
There is professional training support for staff 3.37 1.029
Staff participate in exchange programs (e.g. with the auditor-
general) 3.31 1.013
The audit committee has well laid out plans for managing major
risks identified by internal auditors. 2.62 1.250
There is a precise management policy on risk 3.87 .992
The organization’s culture, code of conduct, human resource
policies and performance reward systems support the
organization’s objectives, risk management and internal control
system
3.82 .996
4.4 Auditors Independence and Authority
The study sought to find out the extent to which the respondents agreed with the
statement on indicators of internal audit independence and authority. A five point Likert
scale was provided ranging from: a scale of 1 to 5 where 1=Strongly Disagree,
2=Partially Disagree, 3=Agree, 4=strongly agree, 5=totally Agree and from the responses
mean and standard deviation was calculated.
4.4.1 Agency Theory and Auditor Independence
As shown on Table 4.5, management policy establishes internal audit unit had the highest
mean of 4.23 with a standard deviation of 0.786, the ministry does not permit internal
auditors to audit operations which they have undertaken had a mean of 4.21 with a
standard deviation of 0.934 and internal auditors report to top management and to those
charged with governance had a mean of 4.18 with a standard deviation of 0.963.
Table 4.5: Internal Auditor Charter
Internal Auditor Charter Mean Std Dev
Internal auditors are sufficiently immune from any internal pressure
and undertake audits, report findings and recommendations
objectively without fear of reprisal
4.00 1.065
The ministry does not permit internal auditors to audit operations
which they have undertaken
4.21 .934
There is clear legislation and charters that define the roles and
authorities of an internal auditor
4.13 1.119
43
4.4.2 Control Activities
On Table 4.6, legislation and or the audit charter defines clear and formally the roles and
authorities of an internal auditor had a mean of 4.13 with a standard deviation of 1.119,
iinternal auditors are segregated from functional and management decisions (e.g. as heads
of operational working groups in administrative reform projects) had a mean of 4.10 with
a standard deviation of 1.109 and during recruitment for an internal audit staff the CAE
is fully involved and actively participates had a mean of 4.07 with a standard deviation of
1.075.
Table 4. 6: Control Activities
Control Activities Mean Std Dev
Internal auditors are segregated from functional and
management decisions
4.10 1.109
Chief Audit Executive (CAE) has adequate powers in
establishing internal audit plans
3.97 1.077
Internal auditors are adequately graded and remunerated
according to their roles and responsibilities
3.81 .982
From Table 4.6, protection of internal auditor independence and authority is adequate had
a mean of 4.02 with a standard 0.752 and that internal auditors are sufficiently immune
from any internal pressure when they undertake audits and they are able toreport findings
and recommendations objectively without fear of political reprisal had a mean of 4.00
with a standard deviation of 1.065. The respondents strongly agree which is consistent
with the findings of Kadondi (2012) that the auditing services offered by internal auditors
are achieved through internal auditor’s independence and where internal auditors lack
independence, they would normally fail to perform to the expectation of the organization.
4.4.3 Information Generation and Communication
The CAE has unlimited and direct access to those charged with governance had a mean
of 3.99 with a standard deviation of 1.049, Chief Audit Executive (CAE) has adequate
powers in establishing internal audit plans had a mean of 3.97 with a standard deviation
of 1.077, the internal auditor has free and unrestricted access to all operations, personnel,
assets and transaction records had mean of 3.94 with a standard deviation of 1.113, the
44
CAE should seek for support, and administrative interface to those charged with
governance for guidance, accountability and reinforcement had a mean of 3.92 with a
standard deviation of 1.023, the internal audit operations are positioned strategically in a
bid obtain cooperation from both management and staff within the ministry had a mean
of 3.86 with a standard deviation of 0.934 and internal auditors are adequately graded and
remunerated according to their roles and responsibilities had a mean of 3.81 with a
standard deviation of 0.982. The respondents agree with the statements thus the findings
concurs with those of Schneider (2014) who found that internal auditors role in achieving
objectivity in the organization is largely affected by their economic status and that lack of
clear reward systems. He further found that when rewards were not given to internal
auditors, the internal audit operations could be influenced by management and this would
affect would affect their reports and may result in unreliable reports to the organization.
Table 4.7: Information Generation and Communication
Information Generation and Communication Mean Std
Dev
During recruitment for an internal audit staff the CAE is fully
involved in the process 4.07 1.075
The CAE has unlimited and direct access to those charged with
governance 3.99 1.049
The CAE seeks for support and engages with those charged with
governance for guidance, accountability and reinforcement. 3.92 1.023
The internal audit operations are positioned strategically in a bid
obtain cooperation from both management and staff within the
ministry
3.86 .934
Internal Auditor has free and unrestricted access to all operations,
personnel, assets and transaction records 3.94 1.113
4.5 Internal Auditors Technical Competence
The study sought to find out the extent to which the respondents agreed with the
statement on internal Auditor’s technical competence. A five point Likert scale was
provided ranging from: a scale of 1 to 5 where 1= significantly below expectation,
2=below expectation 3=Meets (on average) expectation, 4=above expectation and
5=Exceptionally above Expectation and from the responses mean and standard deviation
was calculated.
45
4.5.1 Internal Auditor and Consulting
As shown on Tale 4.8, understanding ministry processes had the highest mean of 4.26
with a standard deviation of 1.004 followed by both management and operation research
skills which had a mean of 4.23 with a standard deviation of 0.883, how higher-level
objectives link with ministry’s operational objectives had a mean of 4.21 with a standard
deviation of 0.905, the ministry’s attitude towards identified risks had a mean of 4.15
with a standard deviation of 1.07 and the ministry’s key related risks and how they
impact high-level objectives had a mean of 4.13 with a standard deviation of 0.905.
Table 4.8: Internal Auditor and Consulting
Internal Auditor and Consulting Mean Std
Dev
Internal auditors are aware of various principles of risk
assessment and appraisal as well as risk management
3.68 1.357
There is adequate awareness of risk management strategy for the
ministry
2.97 1.026
There is a deep understanding of the ministry’s attitude towards
identified risks
4.15 1.127
There is awareness of ministry’s key related risks and how they
impact their high-level objectives
4.13 .905
There is understanding of how higher-level objectives link with
ministry’s operational objectives
4.21 .905
4.5.2: Internal Auditor Expertise
As shown on Table 4.9, governance, risk, and control tools and techniques had a mean of
4.11 with a standard deviation of 0.934, project management had a mean of 4.10 with a
standard deviation of 1.133, electronic work papers had a mean of 4.07 with a standard
deviation of 1.075, Process modeling software had a mean of 4.05 with a standard
deviation of 0.952, understanding performance and measurement principles verses output
targets designed to deliver objectives had a mean of 4.02 with a standard deviation of
1.052. The statements were above expectation as indicated by the respondents and
concurs with Paape (2011) who mentioned that lack of adequate knowledge and relevant
experience causes inability and failure of audit committee members to understand their
46
roles and responsibilities in the organization and Haron (2013) that absence of these
qualities also affects the technical aspects of some of the internal auditors’ roles,
particular in case of internal control evaluation.
Table 4. 9: Internal Auditor Expertise
Internal Auditor Expertise Mean Std
Dev
Internal auditors possess the ability to relate the organizations risk
appetite to the application of controls in operational areas
3.94 1.113
There is understanding of performance measurement principles
against output targets and these are designed to deliver objectives
4.02 1.052
There is knowledge on financial analysis tools and techniques 2.93 .958
Internal auditors are proficient in the use of IT/ICT and tech-based
audit techniques
3.67 1.255
Internal auditors are proficient in forensic skills/fraud awareness 4.15 1.027
Internal auditors are proficient in project management
4.10 1.133
4.5.3 Internal Auditor Competency and Performance
As shown on Table 4.10, Techniques on control assessment and risk analysis had a mean
of 3.97 with a standard deviation of 1.184, knowledge of internal audit frameworks and
balanced scorecard had a mean of 3.96 with a standard deviation of 1.117, ability to relate
the organizations risk appetite to the application of controls in operational areas had a
mean of 3.94 with a standard deviation of 1.113, data mining of 3.92 with a standard
deviation of 1.023, analysis of business processes had a mean of 3.89 with a standard
deviation of 1.283, planning on risk-based Internal auditing had a mean of 3.86 with a
standard deviation of 0.934 and techniques on Computer-assisted internal audit had a
mean of 3.81 with a standard deviation of 0.982. The respondents indicated that the
statements meets (on average) expectation thus this finding is accordance to DeZoort
(2012) that the uniqueness of internal auditor’s competency is fostered by ensuring
internal auditor’s independence, expertise, integrity and diligence to perform their roles
effectively.
47
Table 4.10: Internal Auditor Competency and Performance
Internal Auditor Competency and Performance Mean Std Dev
Internal auditors are proficient in problem-solving techniques
and use of tools
4.00 1.162
Internal auditors are proficient in both management and
operation research skills
4.23 .883
Internal auditors are proficient in data collection and analysis
tools and techniques
2.90 .952
Internal auditors are proficient in analysis of business processes 3.89 1.203
Internal auditors are proficient in governance, risk, and control
tools and techniques
4.11 .934
Internal auditors are proficient in controls identification 3.57 1.222
4.5.4 Professional Competency
As shown on Table 4.11, use of IT/ICT and tech-based audit techniques had a mean of
3.67 with a standard deviation of 1.255, Controls identification had a mean of 3.57 with
a standard deviation of 1.222, The risk management strategy for the ministry had a mean
of 2.97 with a standard deviation of 1.026, financial analysis tools and techniques had a
mean of 2.93 with a standard deviation of 0.958 and data collection and analysis tools
and techniques had a mean of 2.90 with a standard deviation of 0.952. The respondents
indicated low expectation thus the findings are consistent with Reghunandan (2010) who
identified audit members expertise in accounting, financial reporting, internal control and
auditing as important attributes in the evaluation of internal audit effectiveness.
48
Table 4.11: Professional Competency
Professional Competency Mean Std Dev
Internal auditors are proficient in techniques on control
assessment and risk analysis 3.97 1.184
Internal auditors are proficient in understanding business 4.26 1.004
Internal auditors are proficient in process modeling software 4.05 .952
Internal auditors are proficient in internal audits frameworks and
their link to the balanced scorecard 3.96 1.117
Internal auditors are proficient in planning on risk-based Internal
auditing 3.86 .934
Internal auditors are proficient in data mining 3.92 1.023
Internal auditors are proficient in continuous/real-time auditing 3.94 1.049
Internal auditors are proficient in the use of electronic working
papers 4.07 1.075
Internal auditors are proficient in techniques on Computer-
assisted internal audit 3.81 .982
4.6 Performance of Internal Auditors
The study sought to establish out the extent to which the respondents agreed with the
statement on internal Auditor’s technical competence internal Auditor’s performance in
respect to the Key Performance Indicators. A five point Likert scale was provided
ranging from: a scale of 1 to 5 where 1= significantly below expectation, 2=below
expectation 3=Meets (on average) expectation, 4=above expectation and 5=Exceptionally
above Expectation and from the responses mean and standard deviation was calculated.
The findings are indicated on Table 4.7
49
Table 4.12: Performance of Internal Auditors
Mean Std Dev
The internal audit function issues the number of reports as
indicated in the audit plan 3.57 .805
The CAE leads all internal audit plan revisions 3.25 .836
The actual time spent on specific activities compares to the budget 3.85 .861
The plan is implemented throughout the year 3.87 1.062
There is a high number of key risks identified 3.75 .744
There is a high number of ‘best practice’ recommendations made
that are accepted/implemented by the organization 3.91 .745
There is high efficiency based on number of hours spent and
coverage in internal audit activities 3.14 .923
The internal audit covers a high percentage in the coverage (More
than 70%) of the total population 3.50 .852
There is a high rate (more than 90%) of feedback against the
requests issued 2.58 1.108
The function received results of public feedback which are
considered in the plans. 3.55 .892
There is timeliness in the undertaking of satisfaction surveys 4.42 .759
The internal audit staff respond to requests from the Audit
Committee 3.73 .820
There is frankness and condor during interactions with the Audit
Committee 3.67 .955
There is constant briefing on the significant findings to the audit
committee 4.14 .724
Internal auditors have processes that monitor the status of
recommendations 4.01 .750
There are regular discussions between the internal auditors across
the year 4.06 .757
There is constant monitoring of the audit plan 3.76 .934
There is timeliness in issuing audit reports 3.83 .496
The standard of the internal audit reports can be compared with the
best practices 3.89 .772
The internal audits cover areas of the priority and high risk 3.71 .995
As shown on Table 4.7, timeliness of issuing of public satisfaction surveys had a mean of
4.42 with a standard deviation of 0.759, briefing on the significant findings to the audit
committee of significant findings and developments prior to the committee meetings
surveys had a mean of 4.14 with a standard deviation of 0.724, regular discussions
between internal and external auditor across the year had a mean of 4.06 with a standard
deviation of 0.757 and internal auditors processes to monitor the state of
recommendations had a mean of 4.01 with a standard deviation of 0.750. The
50
respondents were in agreement with these statements to above expectation which is in
accordance to Eighme & Cashell (2010) that the internal audit support enhances the
system of responsibility that the executive directors and employees have towards the
owners and other stakeholders.
Number of ‘best practice’ recommendations made that is accepted/implemented by the
organization had a mean of 3.91 with a standard deviation of 0.745, the standard of the
internal audit reports compared with the best practices had a mean of 3.89 with a standard
deviation of 0.772, plan maintained compared to capacity had a mean of 3.87 with a
standard deviation of 1.062, budgeted hours compared to actual hours (variance) had a
mean of 3.85 with a standard deviation of 0.861, timeliness in issuing audit reports had a
mean of 3.83 with a standard deviation of 0.496, monitoring of the audit plan had a mean
of 3.76 with a standard deviation of 0.934, number of key risks identified had a mean of
3.75 with a standard deviation of 0.744,
Responsiveness to requests from the Audit Committee had a mean of 3.73 with a
standard deviation of 0.820, the coverage of the priority and high risk areas had a mean of
3.71 with a standard deviation of 0.995, frankness and condor with the Audit Committee
had a mean of 3.67 with a standard deviation of 0.955, issuance of reports compared with
planned had a mean of 3.57 with a standard deviation of 0.805, results of feedback
received had a mean of 3.55 with a standard deviation of 0.892, percentage coverage of
total audit universe had a mean of 3.50 with a standard deviation of 0.852, CAE internal
audit plan revisions had a mean of 3.25 with a standard deviation of 0.836, number of
un captured hours (total & per team member) had a mean of 3.14 with a standard
deviation of 0.923. The respondents indicated that the statements meets (on average)
expectation thus concurs with Ljubisavljević and Jovanovi (2011) that the internal audit
department provides a reliable, objective, and neutral service to the management, board
of directors, and audit committee, while stakeholders are interested in return on
investments, sustainable growth, strong leadership, and reliable reporting on the financial
performance and business practices of a company.
51
4.7 Regression Analysis
A regression analysis was conducted to determine how internal auditors working
environment, auditor’s independence and authority and internal auditors technical
competence relates to the performance of internal auditors. The statistical package for
social sciences (SPSS) was used to code, enter and compute the measurements of the
multiple regressions for the study.
Table 4.13: Model Summary
Model R R Square Adjusted R Square Std. Error of the Estimate
1 0.882 0.777 0.754 0.102
Table 4.13 shows a model summary of regression analysis between three independent
variables: internal auditors working environment, auditor’s independence and authority
and internal auditor’s technical competence and dependent variable performance of
internal auditors. The value of R was 0.882; the value of R square was 0.777 and the
value of adjusted R square was 0.754. From the findings, 77.7% of changes in the
performance of internal auditors were attributed to the three independent variables in the
study. Positivity and significance of all values of R shows that model summary is
significant and therefore gives a logical support to the study model.
Table 4.14: ANOVA
Model Sum of Squares df Mean
Square
F Sig.
Regression .275 3 .092 4.381 .004
Residual 2.667 127 0.021
Total 2.942 130
ANOVA statistics of the processed data at 5% level of significance shows that the value
of calculated F is 4.381 and the value of F critical at 5% level is 1.96 Since F calculated
is greater than the F critical (4.381>1.96), this shows that the overall model was
significant.
52
Table 4.15: Coefficients
Model Unstandardized
Coefficients
Standardized
Coefficients
t Sig.
B Std. Error Beta
(Constant) 3.088 3.182 .971 .0046
Internal Auditor’s Working
Environment
.162 .194 .207 .836 .0041
Auditors Independence And
Authority
.163 .752 .052 .216 .0031
Internal Auditors Technical
Competence
.145 .226 .160 .641 .0043
The established regression equation becomes;
Y = 3.088+ 0.162X1 + 0.163X2 + 0.145X3 + ε
Where: Y= performance of internal auditors, X1= Internal Auditor’s Working
Environment, X2= Auditors Independence and Authority, X3= Internal Auditors
Technical Competence and ε = Error Term.
From the findings of the regression analysis if all factors (internal auditors working
environment, auditor’s independence and authority and internal auditors technical
competence) were held constant, performance of internal auditors would be at 3.088. An
increase in internal auditors working environment would lead to an increase in the
performance of internal auditors by 0.162. An increase in auditor’s independence and
authority would lead to an increase in performance of internal auditors by 0.163. An
increase in authority and internal auditor’s technical competence would lead to an
increase in the performance of internal auditors by 0.145. All the variables were
significant as the P-values were less than 0.05 which indicates that all the factors
considered were statistically significant.
53
CHAPTER FIVE
5.0 DISCUSSION, CONCLUSIONS AND RECOMMENDATIONS
5.1 Introduction
The chapter provides the summary of the findings, discussion, conclusions and
recommendations of the study based on the research questions of the study. The purpose
of this study was to establish the factors affecting the performance of internal auditors’ in
the public sector with a focus on the ministries in the Government of Kenya.
5.2 Summary
The study establishes that internal auditors working environment affects the performance
of internal auditors to a great extent. The study also revealed that complying with
professional standards is the most important contributor to internal auditing and formal
auditing standards recognize that internal auditors also provide services regarding
information other than financial reports. The study revealed that internal auditors are
expected to carry out their role objectively and in compliance with accepted criteria for
professional practice and standards for audits. The study also revealed that audit-related
services influence the performance of auditors and performing auditing work according
to internal auditing standards contributes significantly to the quality and effectiveness of
auditing and finally that internal auditors evaluate and contribute to the improvement of
risk management, control and governance using a systematic and disciplined approach in
the public sector.
The study establishes that the auditor’s independence and authority affect the
performance of auditors to a great extent. The study further revealed that an internal
auditor must be independent of both the personnel and operational activities of an
organization and the internal audit department in a public institution must be independent
from the activities which it controls and must likewise be independent from the day-to-
day internal control processes. The study revealed that public sector organizations should
have formalized principles of internal audit providing for its position and powers in the
54
framework of the government and that provides for independence which is a critical
requirement for an effective internal auditing function. Internal auditors should not have a
conflict of interests and independence is necessary for the effective achievement of the
function and objectives of internal audit.
The study established that internal auditors’ technical and professional skills in the
various aspects that impact on quality audit reports and auditors readiness to embrace
change are significant and greatly impact on the performance of internal auditors in the
public sector. Effective auditing standards influence auditor’s behaviour and improve the
quality and effectiveness of audits by substantially adjusting audit practice.
From the regression analysis, the study established that there exists a positive relationship
between internal auditors working environment, auditor’s independence and authority
and internal auditor’s technical competence and the performance of auditors in public
sector. In addition, the study also established that the most significant variable affecting
the performance of internal auditors in the public sector is independence and authority
followed by internal auditors working environment and the least was internal auditor’s
technical competence.
5.3 Discussions
5.3.1 Internal Auditor’s Working Environment
The respondents were in agreement that internal auditors were praised and recognized in
audit publications, there was flexibility of processes and controls to manage changing
environment with new risks or operational gaps, internal auditors are recognized at
annual professional audit conference and top management through its support and
policies demonstrate their enthusiasm to cultivating trust, integrity and competence
within the ministry. The finding coincides with Morgan (2009) that performance is
negatively impacted in organizations where internal auditors work under poor working
conditions and where management fails to support their role and despise them as
unworthy in the organization and fail to allocate sufficient resources to the internal audit
function. These findings are also consistent with the findings of Cattrysse (2014) who
55
established that internal auditors maintain the structure of organizations internal
operations. Through their work, internal orders ensures that there is adherence to the
stipulated rules and procedures of operations. Kamere (2013) found that in organizations
where management failed to recognize the role of the internal audit function this led to
incompetency and overall lack of performance of the functions.
The study further found out that the respondents moderately agreed that internal auditors
were represented at meetings and conferences, the presence of a precise management
policy on risk, internal auditors were provided with formal audit training courses and
were accorded with on-job skills that suit their work. These findings are consistent with
the argument by COSO (2009) that the effectiveness of internal controls cannot rise
above the integrity and ethical values of the people, who create, administer and monitor
them. Integrity and ethical values are essential elements of the control environment,
affecting the design, administration and monitoring of other internal control components.
In addition, integrity is a prerequisite for ethical behaviour in all aspects of an
enterprise’s activities (COSO, 2009). Cohen et al. (2008) argues that lack of controls also
results in financial reporting errors, late filings, fraud and numerous other questionable
transactions being performed. As the number and size of public organizations grow so
does the need for properly educated and experienced accounting related personnel.
The study also found that internal auditors have the relevant skills, tools and knowledge
to facilitate achieving set goals and manage risks effectively. The finding is in line with
those of Ramsay (2012) who highlighted that in modern times, a number of forces put
together have led to a transformation of governments through the adoption of options
meant to scale up their operations and through the enhancement of internal auditors’ roles
to higher levels in a bid to enhance accountability and transparency in the use of public
resources. He further found that the internal audit function entailed evaluation and
improvement of control of risks, internal controls and governance processes. Holmes &
Holmes (2012) argues that occupational fraud risks increased with ineffectiveness in
written policies. Further, it is important that the combination of diverse policies and
procedures which make up those controls respond effectively to management directives
and are clearly stipulated in organizations policies and procedures. Control activities
56
usually complement each other and different types of control activities exist, such as
preventive controls, detective controls, manual controls, computer controls and
management controls (Dittenhofer, 2011).
The study also established that the respondents were in disagreement that the job
descriptions, segregation of duties, authority, coordination and accountability are clearly
defined, that there is professional training support, that there are travel opportunities for
conferences, audit work and trainings and that they participate in exchange programs
(e.g. with the auditor-general). This finding coincide with those of Goodwin (2014) who
posited that institution internal audit functions are hard and complex to realize and that
the external picture of the organization may be weakly associated with the organization’s
internal operations.
5.3.2 Auditors Independence and Authority
The study established that respondents strongly agree that management policy established
internal audit unit, that the ministry did not permit internal auditors to audit operations
which they had undertaken, that internal auditors reported to top management and to
those charged with governance, that legislation and audit charter defines clearly and
formally the roles and authorities of an internal auditor, that internal auditors are
segregated from functional and management decisions (e.g. as heads of operational
working groups in administrative reform projects), that the CAE was fully involved in the
recruitment process for internal audit staff, that protection of internal auditor
independence and authority is adequate and internal auditors are sufficiently immune
from any internal pressure and undertake audits, report findings and recommendations
objectively without fear of reprisal. The findings are consistent with the findings of
Kadondi (2012) that the auditing services offered by internal auditors are achieved
through internal auditor’s independence and where internal auditors lack independence,
they would normally fail to perform to the expectation of the organization. Lawrence
(2013) found that the increased frequency of financial reporting and external audit
failures motivated the internal audit profession to seek greater autonomy in the
organization structure and in countries where the role of internal audit is highly valued,
57
functional reporting moved from senior officers in the organization to specific
committees set-up under the boards and that report to the board of directors.
The study also found out that the respondents agreed that CAE had unlimited and direct
access to those charged with governance, that the CAE has adequate powers in
establishing internal audit plans. Krishnan and Visvanathan (2013) argues that the
separation of management from ownership in public institution offers an ideal context for
the operationalization of agency theory. The shareholders are regarded as the principal
with the interest of achieving maximum outcome interests from the organization. Conflict
arises as the separation of ownership from management leads to inability of the owners to
monitor management actions and activities and results in the need to employ certain
source of information systems and control measures to minimize agency costs
The findings further showed that the internal auditors’ have free and unrestricted access
to all operations, personnel, assets and transaction records, that the CAE seeks support
and administrative interface with those charged with governance for guidance,
accountability and reinforcement. These findings are consistent with those of Warga
(2014) who argues that lack of controls also results in financial reporting errors, late
filings, fraud and numerous other questionable transactions being performed. As the
number and size of public organizations grow so does the need for properly educated and
experienced accounting related personnel. As a result management influences decisions
of internal auditors affecting their performance and these results in financial reporting
risks such as improper revenue recognition, inflated acquisition costs for equipment and
inventory, improper cash advances to officers and other transgressions that have a
significant impact on organizational viability
The findings further showed that the internal audit operations were positioned
strategically in a bid to obtain cooperation from both management and staff within the
ministry and that the internal auditors were adequately graded and remunerated according
to their responsibilities and significance. These findings are consistent with those of
Schneider (2014) who established that internal auditors role in achieving objectivity in
the organization is largely affected by their economic status and that lack of clear reward
58
systems. Schneider found that when rewards were not given to internal auditors, the
internal audit operations could be influenced by management and this would affect would
affect their reports and may result in unreliable reports to the organization. Jamal (2011)
noted that internal auditors’ roles have now become much more essential as a control
within organizations and a key to effective risk management and that Internal auditors are
heavily involved in the organization in the continuous internal audit process and
ultimately share with the boards their recommendations which are expected to contribute
to the organization’s objectives.
5.3.3 Internal Auditors Technical Competence
The study revealed that the respondents strongly agreed that internal auditors in
government ministries had a good understanding organization management and operation
research skills. These findings are consistent with Morgan (2009) who argues that the
competency of internal auditors is important in promoting good governance and ensuring
effective utilization of public resources. The internal audit function personnel both at the
audit committee level and at actual internal auditors should be qualified, competent and
knowledgeable to enable them perform their duties effectively. According to Institute of
Internal Auditors (IIA) (2009) internal auditing is being performed by professionals with
a thorough understanding of the business culture, systems and processes.
The internal audit staff understood how higher-level objectives link with ministry’s
operational objectives and understood the ministry’s attitude towards identified risks.
Kariuki, (2010) posited that internal auditors in a firm should be competent professionals.
Lack of adequate understanding when coupled with low level of knowledge on auditing
operations poses a major threat to the achievement of high performance. The findings
further showed that there was clarity on the ministry’s key related risks and how these
impacted on the high-level objectives, governance, risk and control tools. Lin (2010)
argues that since the internal audit function’s main task is to oversee that the
organization’s financial reporting and auditing process are sufficient, they need to have
the expertise to understand the issues to be investigated or discussed.
59
The findings further showed that the staff had a good understanding of internal audit
techniques, project management, electronic work papers and process modeling software;
and that there was clear understanding of performance measurement principles against
output targets designed to deliver objectives. These findings are consistent with those of
Paape (2011) who mentioned that lack of adequate knowledge and relevant experience
causes inability and failure of the internal audit function players to understand their roles
and responsibilities in the organization. These findings also support what Haron (2013)
who indicated that absence of technical competency affects the technical aspects of some
of the audit committee’s roles and in particular aspects of internal control evaluation.
The study also found out that the respondents had an average expectation that the
members of the audit committee and senior internal audit staff had competencies on the
techniques on control assessment and risk analysis; internal auditing frameworks and the
links to balanced scorecards. Morgan (2009) posited that internal auditors needed to be
experienced and have the expertise. The uniqueness of internal auditor’s competency is
fostered by ensuring internal auditor’s independence, expertise, integrity and diligence to
perform their role effectively. The ability to relate the organizations risk appetite to the
application of controls in operational areas; skills in data mining, analysis of business
processes, planning on risk-based Internal auditing; techniques on computer-assisted
internal audits; and the use of IT/ICT and tech-based audit techniques and Controls
identification. This finding concurs with those of Morgan (2009) who posited that
internal auditors needed to be experienced and have the expertise and that the uniqueness
of internal auditor’s competency is fostered by ensuring internal auditor’s independence,
expertise, integrity and diligence to perform their role effectively.
The study further found out that the respondents had below average expectations that the
members of the audit committee and senior internal audit staff had technical
competencies on the development of risk management strategy for the ministry; financial
analysis tools and techniques; and data collection and analysis tools and techniques.
These findings are in line with Lin (2010) who indicated that since the internal audit
function’s main task is to oversee that the organization’s financial reporting and auditing
60
process are sufficient, they need to have the expertise to understand the issues to be
investigated or discussed.
5.4 Conclusions
5.4.1 Internal Auditor’s Working Environment
The study concludes that internal auditors working environment was greatly influenced
by internal auditors being praised and recognized in audit publications; the presence of
flexibility of processes and controls to manage the ever changing environment which
brings new risks and operational gaps; internal auditors being recognized at professional
annual audit conferences; and by top management through its support and policies
demonstrating their enthusiasm to cultivating trust, integrity and competency within the
ministry.
The study furthers concludes that internal auditors were represented at meetings and
conferences, they were provided with formal audit training courses and accorded with on-
job skills that suits their work in the internal audit unit. The study also concluded that the
organization’s culture, code of conduct, human resource policies and performance reward
systems support the organizations objectives and that risk management knowledge
facilitates achieving set goals and managing risks effectively.
5.4.2 Auditors Independence and Authority
The study concluded that the ministries offered auditors independence and authority in
that the management policy establishes internal audit unit and the ministry does not
permit internal auditors to audit operations which they have undertaken. Internal auditors
report to top management who are in charged with governance and that legislation and
the audit charter defines clearly and formally the roles and authorities of an internal audit
function. The study also concludes that internal auditors are segregated from functional
and management decisions and the CAE is fully involved in the recruitment process of
internal audit staff.
61
5.4.3 Internal Auditors Technical Competence
The study concludes that the internal auditors technical competence was based on
organization management and operation research skills, how higher-level objectives link
with ministry’s operational objectives, the ministry’s attitude towards identified risks, the
ministry’s key related risks and how they impact their high-level objectives, risk, control
tools and techniques, project management, electronic work papers, process modeling
software and understanding performance and measurement principles verses output
targets designed to deliver objectives.
The study also concludes that the internal auditors technical competence in ministries had
not fully adopted on techniques on control assessment and risk analysis, balanced
scorecard, , data mining, analysis of business processes and use of IT/ICT and tech-based
audit techniques and Controls identification.
5.5 Recommendations
5.5.1 Recommendations for improvement
5.5.1.1 Internal Auditor’s Working Environment
The management in the ministries should keep organizing seminars and workshops where
the internal auditors would be trained frequently by experts either internally or externally.
Internal Auditors must have sufficient proficiency and training to carry out the tasks
assigned to them. The auditor's work must be carefully directed, supervised and
reviewed. The amount of supervision required should correspond to the experience and
skill of the internal auditor.
5.5.1.2 Auditors Independence and Authority
The heads of the internal audit department should be responsible to the
management/board in the organisation with sufficient authority to promote independence
and to ensure broad audit coverage, adequate consideration of audit reports, and
appropriate action on audit recommendations in the public sector.
62
5.5.1.3 Internal Auditors Technical Competence
The management in the concern ministries should procure the latest ICT internal audit
software which will ensure better determination of risks and enhance fast delivery of
services including the detection and prevention of frauds and/or non-compliance with
public expenditure management. Internal auditors should also be fully trained on how to
use the latest internal audit software which should be frequently upgraded to keep abreast
with changing technology. Internal auditors should also be exposed to the developments
in the internal audit frameworks regularly pronounced by the Institute of Internal
Auditors, professional bodies like the Institute of Certified Public Accountants of Kenya
and those promulgated by agencies like the World Bank, IMF and UNDP that support the
enhancement of governance in the public sector.
5.5.2 Recommendations for Further Studies
This study recommends that a similar study be done but to concentrate on the new levels
of government such as the County governments and other arms of government such as
the Judiciary and the legislature. The County governments are particularly important as
these are made up of the County executive and the County legislatures (i.e. County
Assemblies). Also to be included should be a study of the internal audit function in
parastatals, regulatory agencies of government and independent commissions which were
setup under the 2010 constitution. Such studies when combined with the findings of this
study will enable a clearer picture of the challenges facing internal audit in public sector
and will help in enhancing the internal audit function in the public sector in Kenya and
thus positively affecting their performance.
Since this study explored the factors affecting the performance of internal auditors’ in the
public sector, the study also recommends that a similar study should be done in other
private sector institution for comparison purposes and to allow for generalization of
findings on the factors affecting the performance of internal auditors’ in Kenya.
63
REFERENCES
Adel S. M. (2011). Internal audit effectiveness: an expansion of present methods,
Managerial Auditing Journal, 16(8):89-112.
Adeniyi, A. A. (2004). Auditing and Investigations. Yaba College of Technology, Yaba
Lagos.
Ahlawat, S. S. and Lowe, D. J. (2014). An examination of internal auditor objectivity: In
house versus outsourcing. Auditing: A Journal of Practice and Theory. 23: 3.
American Accounting Association-AAA (2011) Response to the Progress Report of the
SEC Advisory Committee on Improvements to Financial Reporting (Release No.
33-8896; File No. 265-284
Anderson, J. Asare, S. K., & Wright, A. (2013), The impact of risk checklists and a
standard audit program on the planning of fraud detection procedures,
University of Florida, Gainesville, FL, working paper, .
Annuar, N. (2011). The effectiveness of the internal auditor in Malaysian listed
institutions. Akauntan Nasional, 14(9):30-53.
Beckmerhagen, I. A. (2013). On the effectiveness of quality management system audits.
The TQM Magazine, 16(1):14-25.
Belay, Z., 2007. A study on effective implementation of internal audit function to
promote good governance in the public sector. Presented to the The
Achievements, Challenges, and Prospects of the Civil Service Reform Program
Implementation in Ethiopia, Conference Ethiopian Civil Service College
Research, Publication and Consultancy Coordination Office.
Brody, R. G. & Lowe, D. J. (2010). The new role of the internal auditor: Implications for
internal auditor objectivity. International Journal of Auditing 4 (2): 169-176.
Brown, P. R. (2013). Independent auditor judgment in the evaluation of internal audit
functions. Journal of Accounting Research, 21(2) :444-455.
Brune, C. (2010). Internal Audit Issues Analyzed. Internal Auditor, 57(5), 14.
64
Cai, C. (1997). On the Functions and Objectives of Internal Audit and their Underlying
conditions, Managerial Auditing Journal, 12(4), 247-250.
Cattrysse, J. (2014). Reflections on Corporate Governance and the Role of the Internal
Auditor. Roularta Media Group.
Chepkorir J. (2009). The challenges and roles of internal auditors in the banking sector in
Kenya. Unpublished MBA Project, University of Nairobi.
Cohen, J.R., Krishnamoorthy, G. & Wright, A. (2008). Form versus substance: the
implications for auditing practice and research of alternative perspectives on
corporate governance, Auditing Journal , 27(2):181-98.
Dess, Gregory G.; Lumpkin, G.T. (Tom); Eisner, Alan B. 2010. Strategic Management:
Creating Competitive Advantages, 5th Edition. McGraw-Hill.
Diamond, M. J. (2002). The role of internal audit in government financial management:
An international perspective. International Monetary Fund, Number. 2-94.
Dittenhofer, M. (2011). Internal auditing effectiveness: An expansion of present methods.
Managerial Auditing Journal, 16(8): 443-450.
Fama, E.F. and M.C. Jensen (2013), Separation of ownership and control', Journal of
Law and Economics, 26(3):301-25.
Eden, D, & Moriah, L. (1996). Impact of internal auditing on branch Bank Performance:
A field experiment’, Organizational Behavior and Human Decision Performance,
68(1), 262–71
Goodwin, J. & Yeo, T. Y. (2011). Two factors affecting internal audit independence and
objectivity: Evidence from Singapore. International Journal of Auditing 5(1):
107-125.
Goodwin, J. (2013). The relationship between the audit committee and the internal audit
function: Evidence from Australia and New Zealand. International Journal of
Auditing 7(2): 263-278.
65
Goodwin, J. (2014). A comparison of internal audit in the private and public sectors,
Managerial Auditing Journal, 19(2):67-78.
Goodwin, J. (2014). A comparison of internal audit in the private and public sectors.
Managerial Auditing Journal, 19(5):640-650.
Goodwin-Stewart, J. & Kent, P. (2006), The Use of Internal Audit by Australian
Companies’, Managerial Auditing Journal, 21(2):56-79.
Hack, S. (2013). Greater expectations for internal auditors. CA magazine, March 2008
issue.
Hung, J.-H., & Han, H.-L. (2008). An empirical study on effectiveness of internal
auditing for listed institutions in Taiwan. Retrieved November 4, 2015.
Holmes, R., & Holmes S. (2002). Profiling violent crimes an investigative tool. Sage
Publications Limited.
The Institute of Internal Auditors Research Foundation (IIARF), 2014. Nine elements
required for internal audit effectiveness in the public sector. 247. Florida:
Maitland Avenue Altamonte Springs 32701-4201.
IIA, (2012). The standards for the professional practice of internal auditing. Altamonte
Springs: The Institute of Internal Auditors, Research Foundation.
Institute of Internal Auditors Research Foundation (2009). International Professional
Practice Framework. Internal Control Weaknesses Managerial Auditing Journal,
19(6): 56-76.
Jamal, A. S. (2011) The Reality and Constraints of Using Analytical Procedures in the
Control of Public Fund Jordanian Audit Bureau Case European Journal of
Economics, Finance and Administrative Sciences ISSN 1450-2275 Issue 34
(2011).
Kadondi, O. N. (2012). Internal audit education: exploring professional competence,
Managerial Auditing Journal, 11 (5): 28-36.
Kamere, N. H. (2013). Challenges faced in professionalizing the internal auditors
function in Kenya’s industrial and Allied companies. Post-Sarbanes-Oxley era:
66
the role of auditors and corporate governance, working paper, George Mason
University.
Kibara, C. W. (2007). A survey of internal auditors’ risk management practices in the
banking industry in Kenya. Unpublished MBA Project, University of Nairobi.
Kibet, P. K. (2008). A survey on the role of internal audit in promoting good corporate
governance in SOEs. Unpublished MBA Project, University of Nairobi.
Kiprono, D. K. (2010). The factors that contribute to the report environment for the
internal auditors in Public Universities in Kenya Unpublished MBA Management
Research Paper, University of Nairobi.
Kirira N., (2010). Public Finance under the New Constitution, Society for International
Development Constitution Working Paper Series 5(1), 1-25.
Kombo, D. K., & Tromp, D. L. (2006). Proposal and thesis writing: An introduction.
Nairobi: Paulines Publications Africa, 10-45.
KPMG’s Audit Committee Institute (2013). An Approach to Effective Audit Committee
Self-evaluation
Krishnan, G. V., & Visvanathan, G. (2013). Reporting Internal Control Deficiencies in
the Post Sarbanes Oxley Era: The Role of Auditors and Corporate Governance.
International Journal of Auditing, 11(2), 73-90.
Lawrence, R. (2013). Risky Business Team with Audit Committee to Tackle It Security
Needs. Journal of Accountancy, www. findarticles.com, June 2006
Lin, S., Pizzini, M., Vargus, M., &Bardhan, I. R. (2011). The role of the internal audit
function in the disclosure of material weaknesses. The Accounting Review, 86(1),
287-323.
Louis O. Maingat, M. & Zeghal, D. (2010). A survey of audit committees in Canada”,
paper presented at the 23rd EAA Annual Congress, 29-31 March, 2000, Munich.
Mahmoud, A. & Ehab, N. (2011). Measuring the Degree of Implementation of Internal
Audit Based on Business Risk in the Banking Sector of Jordan, Arab Journal of
Management, 27 (2): 51-67
67
Maletta, M. J. (2013). An examination of auditors’ decisions to use internal auditors as
assistants: The effect of inherent risk. Contemporary Accounting Research, 9(2) :
508-525.
Margheim, L. L (2013). Further evidence on external auditors’ reliance on internal
auditors Journal of Accounting Research, 24(1):194-205
Messier, W. F., & Schneider, A (2008). A hierarchical approach to the external auditor’s
evaluation of the internal audit function Contemporary Accounting Research,
4(2): 337-353.
Mihret, D. G., & Yismaw, A. W. (2011). Internal audit effectiveness: An Ethiopian
public sector case study. Managerial Auditing, Journal, 22(5), 470-484
Millichamp, G. M. (2012), Risk Management: Changing the Internal Auditor' Paradigm,
Institute of Internal Auditors Research Foundation, Altamonte Springs, F L .
Mizrahi, S, & Ness-Weisman, I. (2007). Evaluating the effectiveness of auditing in local.
Municipalities using analytic hierarchy process (ahp): A general model and the
Israeli example. International Journal of Auditing, 11, 187–210.
Montondon, L. G., & Fischer, M. (2009). University audit departments in the United
States Financial Accountability & Management, 15(1): 85-94.
Morgan, W. J. (2009), An assessment of the newly defined internal audit function,
Managerial Auditing Journal, 17(3):56-83
Mugenda, G. A. (2008) Research Methods Nairobi: Acts Press.
Nagy, A. and Cenker, W. (2002). An Assessment of the Newly Defined Internal Audit
Function. Managerial Auditing Journal, 17(3), 130-137.
OECD (2007). Performance Budgeting in OECD Countries, OECD Paris.
Otieno, S. (2012). Members Lose KShs 60 Million As Kisumu Sacco Collapses. The Star
newspaper (2012, March 28th)
Owens, M. A. (2012). Professionalism, Ethical Codes and the Internal Auditor: A Moral
Argument, Journal of Business Ethics, 24.
68
Owler L. & Brown J. L. (2009). Cost and Management, Accounting Methods Macdonald
& Evans Press London pp.39
Paape, L. (2011). Corporate governance: The impact on the role, position, and scope of
services of the internal audit function. Unpublished PhD dissertation Erasmus
Research Institute of Management Erasmus University, Netherlands.
Pilcher, R., Gilchrist, D, & Singh, I. (2011). The Relationship between internal and
external audit in the public sector – A Case Study 1-23.
Ramsay, I. (2002). Independence of Australian Company Auditors: A Review of Current
Australian Requirements and Proposals for Reform, October 2002.
Scarbrough, D. P., Rama, D. V., & Raghunandan, K. (2008). Audit committee
composition and interaction with internal auditing: Canadian evidence Accounting
Horizons, 12(1): 51-62
Schneider, A. (2014). An examination of whether incentive compensation and stock
ownership affect internal auditor objectivity. Journal of Management Issues 15
(4): 486-497
Smith, M. Normah, Zulkarnain & Ithnahaini (2001). Auditors’ perception of fraud risk
indicators: Malaysian evidence. Managerial Auditing Journal, 20(1):73-85.
Sterck, M., & Bouckaert, G. (2014) International audit trends in the public sector The
Internal Auditor, 63(4): 49-53.
Stoner A. F. (1994). Management. New Jersey: Practice Hall Inc. Company
Veal, A. J. (2005) Business research methods: A managerial approach (2nd ed.). Frenchs
Forest, New South Wales: Pearson Addison Wesley.
Viswesvaran, C. (2012). Perspectives on models of job performance. International
Journal of Selection and Assessment, 8(4), 216-226.
Waweru, N. M., & Riro, G. K. (2013). Corporate Governance, Firm Characteristics and
Earnings Management in an Emerging Economy. The Journal of Applied
Management Accounting Research, 11(1), 43-64.
69
APPENDICES
APPENDIX I : INTRODUCTORY LETTER
Nicodemus Kirima
United States International University – Africa
P.O.Box 14634-00800
Nairobi, Kenya
Dear Respondent
RE: RESEARCH STUDY
I am a graduate student at the United States International University (USIU) – Africa
pursusing a Masters degree in Business Administration (MBA). As part of the program, I
am currently undertaking a research study on “Factors affecting the performance of the
internal audit function in government ministries in Kenya”, with the aim of
identifying the reasons what aspects affect performance of internal audit function in
contributing to effective public financial management in the public sector.
Your participation in this study is essential and will be highly appreciated. Kindly spare
your time to fill in the attached questionnaire which will take you approximately 15
minutes to answer.
I assure you that the information provided will be treated with the utmost confidentiality
and will only be used for academic purposes.
Thank you for your time and kindest regards.
Yours faithfully,
Kirima N Njoroge
70
APPENDIX II : QUESTIONNAIRE
PART A: DEMOGRAPHIC INFORMATION
1. Gender: Male ( ) Female ( )
2. Age group:
25 – 34 years ( ) 35 – 44 years ( ) 45 – 54 years ( ) 55 – 64 years ( )
65 years and above ( )
3. What is your highest qualification achieved?
Certificate ( ) Diploma ( ) Degree ( ) Masters ( )
Others (please specify) _________
4. How many years have you been in the organization?
1– 5 years ( ) 6 – 10 years ( ) 11 – 15 years ( ) 16 – 20 years ( )
21 years and above ( )
PART B: INTERNAL AUDITOR’S WORKING ENVIRONMENT
Rate the extent to which you agree or disagree that the following statements best describe
your organization. Use 5 scale rating whereby: 1=Strongly Disagree, 2. Disagree 3.
Moderately Agree 4. Agree 5. Strongly Agree
Statement 1 2 3 4 5
1. Internal auditors are provided with formal audit training courses
2. Internal auditors are given opportunities to attend attending audit
conferences/seminars/exchange programs
3. Internal auditors are provided with training opportunities in employer
specific operations in a bid to enhance their output
4. Internal auditors are accorded with on-job skills that suits their work
in the internal audit unit
5. The organization has future training plans for each internal audit staff
6. Internal Auditor’s recommendations are recognized and acted on
7. Internal Auditors are represented at meetings and conferences
8. The internal auditors are recognized at annual professional audit
conference and given diplomas, awards, etc.
9. The internal auditors are praised and their role recognized in audit
publications
10. There are travel opportunities to conferences, audit work, trainings,
etc.
71
Statement 1 2 3 4 5
11. There is professional training support
12. There are exchange programs participation (e.g. with the auditor-
general)
13. The audit committee has well laid out plans for managing major risks
identified by internal auditors.
14. There is a precise management policy on risk
15. The organization’s culture, code of conduct, human resource policies
and performance reward systems support the business objectives, risk
management and the internal control system
16. Top management through its support and policies demonstrate their
enthusiasm to cultivating trust, integrity and competence within the
ministry
17. The job description, segregation of duties, authority, coordination and
accountability are clearly defined.
18. The ministry shares upfront its set targets and what is expected of
them and the scope of their freedom to act
19. The internal auditors have the relevant skills, tools and knowledge to
facilitate achieving set goals and manage risks effectively
20. Controls are flexible to manage changing environment, new risks and
new operational gaps
PART C: AUDITORS INDEPENDENCE AND AUTHORITY
Rate the extent to which you agree or disagree that the following statements best describe
the level of independence of internal auditors in your organization. Use 5 scale rating
whereby: 1=Strongly Disagree 2. Partially Disagree 3. Agree 4. Strongly agree
5. Totally Agree
Indicator of Internal Audit Independence and Authority 1 2 3 4 5
1 Management policy establishes internal audit unit
2 The protection of internal auditor independence and authority is
adequate
3 Internal auditor reports to top management and to those charged
with governance
5 Internal auditors are sufficiently immune from any internal
pressure to undertake audits and are report findings and
recommendations objectively without fear of reprisal
6 The ministry does not permit internal auditors to audit operations
which they have undertaken
72
Indicator of Internal Audit Independence and Authority 1 2 3 4 5
7 Legislation and the audit charter defines clearly and formally the
roles and authorities of an internal auditor
8 Internal auditors are segregated from functional and management
decisions (e.g. as heads of operational working groups in
administrative reform projects);
9 Chief Audit Executive (CAE) has adequate powers in establishing
internal audit plans
10 Internal auditors are adequately graded and remunerated according
to their roles and responsibilities
11 During recruitment of internal audit staff, the CAE is fully
involved in the process
12 The CAE has unlimited and direct access to those charged with
governance
13 The CAE seeks for support and administrative interface with those
charged with governance for guidance, accountability and
reinforcement.
14 The internal audit operations are positioned strategically in a bid
obtain cooperation from both management and staff within the
ministry
15 Internal Auditor has free and unrestricted access to all operations,
personnel, assets and transaction records
PART D: INTERNAL AUDITORS TECHNICAL COMPETENCE
Rate the internal Auditor’s knowledge in Risk, Control and Governance in reference to
the following indicators Use five point scale where; Significantly below expectation
2.Below expectation 3.Meets (on average) expectation, 4. Above expectation
5.Exceptionally above Expectation
INTERNAL AUDITORS TECHNICAL COMPETENCE 1 2 3 4 5
1. Internal auditors are aware of various principles of risk
assessment and appraisal as well as risk management
2. There is adequate awareness of risk management strategy for the
ministry
3. There is a deep understanding of the ministry’s attitude towards
identified risks
4. There is awareness of ministry’s key related risks and how they
impact their high-level objectives
5. There is understanding of how higher-level objectives link with
ministry’s operational objectives
6. Internal auditors possess the ability to relate the organizations risk
appetite to the application of controls in operational areas
73
INTERNAL AUDITORS TECHNICAL COMPETENCE 1 2 3 4 5
7. There is understanding of performance measurement principles
against output targets and these are designed to deliver objectives
8. There is knowledge on financial analysis tools and techniques
9. Internal auditors are proficient in the use of IT/ICT and tech-
based audit techniques
10. Internal auditors are proficient in forensic skills/fraud awareness
11. Internal auditors are proficient in project management
12. Internal auditors are proficient in problem-solving techniques and
use of tools
13. Internal auditors are proficient in both management and operation
research skills
14. Internal auditors are proficient in data collection and analysis
tools and techniques
15. Internal auditors are proficient in analysis of business processes
16. Internal auditors are proficient in governance, risk, and control
tools and techniques
17. Internal auditors are proficient in controls identification
18. Internal auditors are proficient in techniques on control
assessment and risk analysis
19. Internal auditors are proficient in understanding business
20. Internal auditors are proficient in process modeling software
21. Internal auditors are proficient in internal audits frameworks and
their link to the balanced scorecard
22. Internal auditors are proficient in planning on risk-based Internal
auditing
23. Internal auditors are proficient in data mining
24. Internal auditors are proficient in continuous/real-time auditing
25. Internal auditors are proficient in the use of electronic working
papers
26. Internal auditors are proficient in techniques on Computer-
assisted internal audit
PART E: PERFORMANCE OF INTERNAL AUDITORS
Rate the internal Auditor’s performance in respect to the following Key Performance
Indicators Use five point scale where; significantly below expectation 2.Below
74
expectation 3.Meets (on average) expectation 4. Above expectation5.Exceptionally above
Expectation
KEY PERFORMANCE INDICATORS 1 2 3 4 5
1. The internal audit function issues the number of reports as
indicated in the audit plan
2. The CAE leads all internal audit plan revisions
3. The actual time spent on specific activities compares to the
budget
4. The plan is implemented throughout the year
5. There is a high number of key risks identified
6. There is a high number of ‘best practice’ recommendations
made that are accepted/implemented by the organization
7. There is high efficiency based on number of hours spent and
coverage in internal audit activities
8. The internal audit covers a high percentage in the coverage
(More than 70%) of the total population
9. There is a high rate (more than 90%) of feedback against the
requests issued
10. The function received results of public feedback which are
considered in the plans.
11. There is timeliness in the undertaking of satisfaction surveys
12. The internal audit staff respond to requests from the Audit
Committee
13. There is frankness and condor during interactions with the
Audit Committee
14. There is constant briefing on the significant findings to the audit
committee
15. Internal auditors have processes that monitor the status of
recommendations
16. There are regular discussions between the internal auditors
across the year
17. There is constant monitoring of the audit plan
18. There is timeliness in issuing audit reports
19. The standard of the internal audit reports can be compared with
the best practices
20. The internal audits cover areas of the priority and high risk
Thank for your cooperation
75
76
APPENDIX III: TIME PLAN
Phase Description Week
1 2 3 4 5 6 7 8 9 10 11 12 13 14
1 Proposal development
1 Data collection 3 weeks
2 Data analysis 2 weeks
3 Result analysis 2 weeks
4 Report writing 2 weeks
5 Compilation and
presentation.