Research Article: 2021 Vol: 25 Issue: 1S
Benjamin, R.D., Babcock University
Dada, S.O., Babcock University
Adegbite, S.A., Osun State University
Past studies focused on the role of internal auditors in fraud prevention and internal auditing in relation to good corporate governance and did not explore risk assessment by internal auditor for effectiveness in an organisation with the view to prevent corporate failure. This study investigated the effect of risk assessment by internal auditor on effectiveness of listed companies in Nigeria. The study adopted a survey research design. The population of the study consisted of 24 companies selected from the eleven industrial sub-sectors of the 161 listed companies on Nigerian Stock Exchange as at 30th November, 2019. The sample frame is 5012 and sample size of 501 (comprising 401 internal auditors and 100 top management staff) representing 10% of the population. Structured questionnaire with a five point Likert – scale was administered with 87.43% response rate. Random sampling technique was adopted in the selection of the 24 companies with each chosen company representing each sector. The research instrument was subjected to content validity and test and re-test method of reliability which yield Cronbach alpha value of 0.798. Result indicated that risk assessment (RA) by internal auditors has positive effect on effectiveness (EFFTV) of listed companies in Nigeria with β = 0.194, t (438) = 9.827, p<0.05. F-Statistics of 12.653; Adjusted R2 = 0.051 with p – value of 0.000 which is statistically significant at p < 0.05. Therefore, companies’ management are advised to strengthen the internal auditors in the assessment of risk that might impact on the effectiveness of an organisation to be able to avert organisational emerging risk.
Corporate failure, Effectiveness, Internal auditor, Risk Assessment.
In time past, many organizations count on the external auditors for the annual review of their internal controls thereby neglecting the internal audit within the organization (Crawford & Stein 2002). Several unexpected events had taken place in recent times which have made it mandatory for the business world to device better ways in ensuring better corporate performance and stability in form of going concern and consistent growth of the business. Studies such as Boynton & Johnson, (2006) revealed that audit failure has resulted in the collapse of business organizations and loss of investments. In the opinion of ACFE, (2010) due to the various recent corporate scandals and the corresponding audit failure in the last two decades, the pubic and market confidence in audit is low. The succession of corporate shocks that have occurred over the last two decades from global level, both developed and developing nations has led different countries to introduce various reform in accounting and auditing profession.
The internal audit seems to have been relegated to the background while they could be commissioned to review the organization internal control on a continuous basis for prompt corrective measures. Corporate failures in the last two decades in which the organizational internal and external auditors failed to discover and address certain errors in managerial system has been a concern (Holm & Laursen, 2007; Laursen, 2007). Audit committee’s review of internal control system has been expanded to include the risk assessment of organizations and they expect internal auditors to monitor the effectiveness of internal control systems (Fraser & Henry, 2007). According to Al-Twaijry at al. (2003); the establishment of internal audit department within an organization is in two fold, that is, internal audit unit improves organizational operations by ensuring adherence to established policies and manages risk and as well helps an organization in the prevention and detection of mistakes or fraud and the safeguarding of assets. According to Achua & Alabar (2014), risk is inevitable in any organisation and risk management function facilitate the development of effective policies, procedures and processes for achieving effective operations and efficient value delivery. It is a fact that every business has their inherent risk which must be identified, measured and provision made to avert such risk. In nearly all business organizations, the internal audit functions both as internal control reviewer and also played an essential role as business risk assessor. Although, Dibia, (2016) argue that the function of internal audit has changed due to the shifts in global business practice, but internal audit department could provide consulting services to management and assist board of directors to manage risk.
Internal auditors are expected to estimate risk and then set up strategies to handle the risk through improvement of systematic and structured control procedures. Internal Auditors’ expertise is imperative for providing internal audit and auditors that could help meet the evolving stakeholders’ interest at large on the premise that audit profession could be a driver for change and develop more discerning audit for a complex business environment. It is perceived that there is an urgent need for reassessment of internal auditors’ processes to help address emerging risks and provide counsel to management in meeting the evolving needs and expectations of the organisation and stakeholders especially as risk management is becoming complex due to emerging risk (Ismajli, 2017).
There have been studies in the area of internal auditing but not much has been directed towards the effectiveness on internal auditing in risk assessment of an organisation that focus on risk based audit approach of internal auditors of the listed companies in Nigeria that could guarantee consistent growth in business, stability in operation without jeopardizing the going concern of the organisation. Internal auditors are expected to continually review the internal control system of the organisation and doubled as business risk assessor especially emerging risk. Therefore, the findings of previous studies in the area of internal audit lacked consensus, thus showing a research gap which calls for further researches on this topic which motivated for this study.
Considering the recent pandemic economy characterised by physical distancing of reducing contact with one another in public place; increasing virtual activities and automation of business operation which automatically lead to increase in operation cost of organisations. It is against this background that this study investigated the effect of risk assessment by internal auditor on effectiveness of listed companies in Nigeria.
This article is structured as follows: this introduction which refers to the need of risk assessment by internal auditor, theoretical framework that support the analysis developed, methodology and research procedures, the findings and conclusion of this study on how risk assessment by internal auditors could enhance the effectiveness of listed companies in a view to ensure their continuous survival in Nigeria.
The theoretical framework developed to support this research dwell on in-depth discourse of the concept of internal auditor, effectiveness, risk assessment, corporate governance and the role of internal auditor and the theory of inspired confident. This section is further divided into three segments: conceptual review, theoretical review and empirical review.
Internal auditors are employees of the organisation saddled with the responsibility of providing independent and objective assessment of a company’s operations by ensuring the effectiveness of the internal control system. They objectively assess company’s business processes through assessing the risks and the efficacy of its risk management efforts and ensuring that the organisation is complying with relevant laws and statue. Internal auditing is a careful examination of the financial records or otherwise or transactions of a business to ascertain that due process has been strictly adhered to as stipulated by the management. Internal auditing is performed in most medium and large-size companies and the persons who carry out the auditing function are mostly employees of the company.
Institute of Internal Auditors, (2000) defined internal audit as an independent, objective assurance and consulting activity intended to add value and improve organization’s operations. The internal auditor is an employee of the organisation saddled with the responsibility to carry out the auditing function for the company. Internal audit has been given various definitions by different researcher over the years across the globe. The institute posited that internal auditor helps an organization achieve its objectives by bringing an orderly and disciplined method to evaluating and improving the effectiveness of risk management, control and governance processes. Internal auditors have the advantage to assist the management in achieving the organisational goal because they are part of the system they audit. They participate in the day to day activities of the organization and can prompt the management of anything that constitutes a variance to the organizational goals. In most business organizations today, the internal audit functioned both as internal control reviewer and also played an important role as business risk assessor as a pro-active measure.
Unegbu & Kida, (2011) also defined internal audit as a feature of the internal control system established by management of an organisation in order to ensure proper compliance with the specific policies and procedure in order to achieve management objectives. The internal auditor ensures compliance with the laid down rules, procedures, regulations and guidelines of the organization.
Effectiveness in this study refers to performance in terms of achieving the organization’s mission or goals. Achieving organisational goal requires setting appropriate internal control system for the organisation. As an internal control of an organisation can be said to be effective if only it achieve the three main objectives of reliability of financial reporting, efficiency and effectiveness of operations and compliance with rules and regulations. Arnaboldi & Azzone, (2006) described effectiveness as the capability to achieve outcome that is consistent with targeted objectives of an organisation. Mizrahi & Ness-Weisma, (2007) submitted that it is important to examine internal auditor effectiveness. In their view, internal auditor effectiveness is an indication of the quality of performance and can ascertain whether or not the internal audit function is performing in a satisfactory manner. Internal audit could serve as a motivator for an organization to improve their performance. Their study further reaffirmed that internal audit is important for achieving managerial accountability in the policy making process as they are product of evaluation and auditing.
Effectiveness of internal auditor in term of risk assessment of an organisation have impact on both short term and long term effectiveness of the organisation in achieving their goals of consistent business growth and sustainability of stable operation especially in anticipation of emerging risk in a dynamic business environment.
However, the Committee of Sponsoring Organization of the Treadway Committee, (1992) argued that the work of internal auditor is to majorly focus on the internal control system in an organization. Internal control system is been described as a set of policies and procedures established by management to facilitate the organization to achieve its objectives. Also, as a process designed to offer practical assurance concerning the achievement of business objective internal auditor is expected to assess risk and then set up strategies to manage the risk through promotion of systematic and structured control measures. Ferdinand & Mahzan, (2013) affirmed that internal auditing is typically broader in scope or coverage than the auditing carried out by the external auditors when they audited financial statement which is a statutory audit.
The concept of risk arises from the fact that every organisation faces threats to its capital and earnings, and therefore its continued solvency and long term stability. Risk management which is the sole responsibility of the management in conjunction with the internal auditors has been described as the identification, appraisal and prioritisation of various risks followed by coordinated and effective utilisation of resources to reduce, monitor and regulate the probability and/or impact of disastrous events. Risk management cycle therefore is an interactive process of identifying risks, assessing their impact and prioritising actions to control and reduce risks. In risk management, the objective is not to eliminate risk but to identify and estimate the costs in an attempt of minimising organisational risk.
Risk assessment in this study means the consideration of the probable occurrence material effects of uncertain events that could jeopardise the going concern of an organisation. That is, the process of identification, measurement and prioritization of risks and auditable areas. According to Bett and Memba, (2017), it is the organisation that control activities, risk assessment among other strategies that guarantees achieving regular financial performance desire. Mary, Albert and Byaruhanga, (2014) defined risk assessment as the identification of potential errors and implementation procedures, policies and control to detect those errors and prevent them. The possibility of risk element in any business transaction necessitates risk management in every organisation. Consideration for an element of risk in every business transaction should be adequately provided for in order to be able to avert such occurrences. Umar and Umar-Dikko, (2018) described risk assessment as the process of identifying and responding to business risk. This submission asserted that risk assessment is among the component of internal control system in an organization and risks threatens the achievement of organizational objectives.
Dibia, (2016) submitted that internal audit as a risk management mechanism and posited that internal auditor add value to an organization as they could give assurance that the organisation’s exposure to risk are understood and well managed. Internal auditors are expected to monitor the risk profile of the organization and improve the risk management procedures and affirmed that an organization ought to develop risk base culture in order to build a strong organizational commitment of risk management.
The Theory of Inspired Confidence
Theory of inspired confidence was developed in the 1920 by Professor Theodore Limperg who submitted that the demand for audit services is the direct upshot of the involvement of outside stakeholder of the company. This is also refers to as the theory of rational expectations. It came with view to ensure to supply of audit assurance Limperg, (1932). The theory of inspired confidence is based on the demand and the supply for audit services. This assumption is that the demand for audit services is the direct consequence of the contribution of third parties in the company. These third parties require accountability from the management in return for their funds in the company and accountability is achieved through the issuance of periodic financial reports to the various stakeholders. Since the information provided by the management may be influenced and outside parties have no direct means of monitoring, hence an audit is essential to assure the reliability of this information.
(Limperg, 1932) suggested that auditor should constantly endeavour to meet the public expectations because it is the credibility of the work of an auditor that inspires the confidence of the various users of financial report of an organization. The responsibility then lies on the internal auditor to ensure credibility of their work which would translate to improved corporate performance of the organization. In support of Limperg, (1932) submission, Flint, (1980) submitted that even though Limperg was writing 50 years earlier in different world, different economic and social conditions, with different ideas of accountability than those of today and government, state, public economic and financial activity and involvement being different, that the theoretical framework from which he was writing was still sound and relevant. Because, there are systematic and logical relationships in the elements of the audit process which are enduring and universal. Limperg Institute, (1985) further explained that the theory of inspired confidence connects the community needs for reliability of financial information to the ability of audit techniques to meet these needs and it stressed the development of the need of the community and the techniques of auditing in the course of time. Limperg Institute, (1985) further submitted that changes in the need of the community and the changes in the auditing techniques result in change in the auditor’s function.
Carmichael, (2004) argued that the theory of inspired confidence does not prescribed definite rules about the behaviour of the auditor in each particular case, but that it is a principle based approach. He said that the Public Company Accounting Oversight Board (PCAOB) and the social responsibility of auditors 2004 focused on the role of the PCAOB and its performance in restoring the confidence of investors in the independent auditors of public companies. As against Limperg submission that when the confidence the society has in the effectiveness of the auditor and the opinion of the audit is lost, then, this could cast aspersion on the social usefulness of the audit. According to Carmichael, (2004), the theory of Limperg are relevant in the phase of the development of the audit function on the premise that we have a particular need in our current environment to try to understand and appreciate the social significant of auditing and the implication concerning in which way an audit should be formed.
However, Pathan, (2009) reaffirmed that the inspired confidence theory is associated with the society’s need for dependability of commercial information to the capacity of audit and the board oversight to meet the needs. It further emphasized the improvement of the desires of the community and the procedures of auditing and oversight in the course of time. It then implied that the function of the oversight bodies emanated from the confidence that the society places in the efficiency of the bodies (Lary & Taylor, 2012).
Peltier-Rivest & Lanoue, (2015) also asserted that the normative basic of the theory of inspired confidence is that the oversight bodies are obliged to carry out their work in such a way that they do not betray the anticipation of the stakeholders and the public. The study believed that corporate board of directors and external auditors and by extension internal auditors, are expected to play their oversight role with professionalism such that the control the stewardship of the organization which is expected to lead to a well-managed organization is maintained. Therefore, this study in anchored on the theory of inspired confidence.
Several studies have been carried out relating to internal auditing with varying desired and much emphasis such as firm performance of banks, credit control risk in bank, effectiveness and role of internal audit in public sectors.
Nnam & Eneh, (2018) examined the effect of risk assessment practices of the some selected companies in Nigeria to determine the presence and the impact of the practice. The finding showed that there is a positive and significant relationship between risk assessment and fraud in Nigerian organisations. Abu et al. (2018) investigated the issues of audit failures in the insurance companies in Nigeria using 15 out of 25 insurance companies for the period from 2008 to 2017. The findings revealed that audit committee meetings and independence have positive and significant effect on audit quality of listed insurance companies in Nigeria. This is in consonant with the fact that audit committee for every organisation is primarily established due to the frequent audit failures resulting to collapse of most corporations.
Hickman, (2017) in his study on the importance of soft skills for internal auditing submitted that internal auditors are expected to monitor not only traditional risks but also emerging risk, that is, the things nobody might have imagined and must understand environmental, political and economic risks inherent to their respective organisations. The function of an internal auditor is found to be relied upon to identify operational risks and they are expected to provide strategic insight on every aspect of the organisation. It is perceived that risk management is where internal audit can have a positive effect on the long term earning and performance of an organisation. Internal auditors are supposed to be proactive business adviser and not mere reactive or assurance-based role. While the audit committee are important to internal audit teams on the premise that they are a chief audit executive considered a primary stakeholders (Hickman, 2017).
Ismajli et al. (2017) examined the role of internal auditor in risk management: evidence from private sector of Kosovo. The study adopted a survey research design using structured questionnaire in conjunction with interview on 21 largest private companies in Kosovo. The findings revealed that the role of internal auditors in the risk management is very important but this was undermined by the presence of many activities within the companies which must be improved in order to achieve fully functional internal audit department. These activities are restriction of access from business owner to core and confidential information, inexperience internal audit staff, insufficient fund allocation to internal audit department and lack of management interest at the barriers identified.
Muhammed (2016) assessed the role of internal auditing in both privates and public organisation in Ethopia using both primary and secondary data. The findings revealed that some private and public companies do not have audit committee, audit charter and members of the audit committee where they exist do not have professional certificate in the field. Also, internal auditor were playing different activities in the organisation as compared to the standard expected of them. The importance of the role of internal auditor cannot be over-emphasis as a key component of good corporate governance. Etale & Ujuju (2018) investigated risk management, risk concentration and the performance of deposit money banks in Nigeria. The study adopted ex-post facto design using the audited and published annual reports of sampled listed banks and Nigerian Stock Exchange fact book for the period covering 1997 to 2016. The findings revealed that risk management or concentration has positive effect on the performance of deposit money banks in Nigeria.
Yasir et al. (2015) investigated the acceptance of risk based internal audit in the listed companies in Pakistan. The findings revealed that internal audit department is highly involved in managing the risk which ultimately paved way for the use of risk based approach while planning the annual audit. Pins & Muthuveloo, (2015) examined the implementation of enterprise risk management on firm performance of public listed companies on main market in Bursa Malaysia based on COSO 2004 framework with the moderating role of board of directors, monitoring, firm complexity and firm size. The result revealed positive and significant relationship between enterprise risk management and firm performance. Karagiorgos et al. (2015) examined the relationship between internal audit and its contribution to the effective risk management. The findings revealed that internal audit is vital in the efficient risk management and consequently in the business survival and success.
Ngoepe, (2014) using quantitative data examined the role of records management as a tool to identify risks in the public sector in South Africa and argued that the appropriate records management can alleviate risk through compliance with legislation, minimization of information loss and provision of evidence of transactions. Also that record keeping is viewed in the perspective of a key enabler without which risk management becomes unsuccessful. Odoyo et al. (2014) in their study on an analysis of the role of internal audit in implementing risk management in Kenya using cross-sectional survey design submitted that the internal auditor provides guarantee on the process that management uses and to consult on Enterprise Risk Management (ERM), also provide activity that does not endanger the internal auditor independence and objectivity. Also, that internal auditor could provide consulting services that improve on organisation’s governance, risk management and control process. The study also found that the core role of internal audit in relation to ERM is to provide assurance to the organisation about the effectiveness of risk management.
Saidin & Badara, (2014) from the perspective of empirical evidence antecedents of internal audit effectiveness in Nigeria perspective considered background of internal audit such as: risk management, effective internal control system, audit experience and collaboration between internal and external auditors and performance measurement. The survey found that all the antecedents have a significant positive relationship with internal audit effectiveness. They concluded that for local government or other public sector to achieve the effectiveness of their internal audit, these antecedents must be considered. Omolaye, 2017 investigated the role of internal auditing in enhancing good corporate governance practice in an organisation. The study adopted both quantitative and qualitative design to explore how internal auditing impacts organisational performance and provide understanding to why internal auditing is relevant in an organisation. The findings revealed that there is positive relationship between internal auditing function and performance of banks through operational efficiency, organisational growth, higher profitability, solvency and continuity in business. The study concluded that compliance with corporate governance principles especially internal auditing function leads to better organisational performance in the banking sector in Nigeria.
Arens et al. (2000) argued that audit risk cannot be completely eliminated but some level of risk will have to be accepted and they submitted that an auditor will need to quantify its acceptable level of audit risk. Acceptable audit risk is therefore a measure of how willing the auditor is to accept that the financial statements may be materially misstated after the audit is completed. Arens et al. (2000) described audit risk as the risk that the auditor draws an invalid conclusion and gives an inappropriate opinion when the financial statements are materially misstated. Audit risk is the risk (chances) that the auditor reaches an inappropriate (wrong) conclusion on the area under audit. For instance, if the audit risk is 5%, then this implies that the auditor accepts that there will be only a 5% risk that the audited item will be misstated in the financial statements, and a 95% chance that it is materially correct. Therefore audit risk is assessed at the organizational level by looking at the financial statements/accounts as a whole and at the transaction level.
This segment describes the instruments and method, as well as procedures that were employed in gathering, analyzing and interpreting the data for the study. This study employed survey research design. The study employed the use of primary data in this study. Structured questionnaire was considered as the primary data collection instrument on companies listed on the Nigeria Stock Exchange.
This study adopted survey research design. Surveys approach is a common and important tool for internal auditors and company managements who use them to assess objective and subjective data. Surveys are suitable for reviewing intangible issues such as risk, integrity, values, leadership, accountability and competence because they are complex issues to assess. This study sought to interpret the perceptions of the professionals who work in this area and the top management of each of those selected companies in the various sub-sector of the listed companies in the Nigeria economy. Thus, it was possible to achieve the envisaged goals with the gathering of the perception of the professional without tampering with individual cases studied.
Questionnaire was used for this study on the premise that only primary data is applicable and secondary data may not be appropriate. In order to achieve the research objective, the questionnaire adopted for this study was adapted from the work of Wen-Hsien et al. (2017) with inclusion risk assessment by internal auditor variables.
The questionnaire was divided into two sections. Section A for bio-data of respondent and section B was the questions on risk assessment (RA) which is the independent variable to investigate the effect of risk assessment by internal auditors for effectiveness of listed companies in Nigeria. The measurement of these variables, responses to these questions was measured to weight the considering variables of risk assessment by internal auditor and effectiveness of listed companies in Nigeria. The questionnaire comprising of positive statements designed on five steps Likert scale ranging from “Strongly Agree (SA =5)”, “Agree (A = 4)”, “In-difference” (ID = 3), “Disagree (D = 2)” and “Strongly Disagree (SD = 1)”. The five-point Likert scale encompassed within the range of 1 to 5, where 5 = Strongly Agreed and 1 = Strongly Disagreed.
Population and Sample
The population of the study consisted of 24 companies selected from the eleven industrial sub-sector (Agriculture, Conglomerates, Construction, Consumer goods, financial services, Services, Health Care, ICT, Industrial goods, Natural Resources and Oil and Gas sectors) of the 161 listed companies on Nigerian Stock Exchange as at 30th November, 2019 with sample frame of 5012 and sample size of 501 representing 10% of the population. Structured questionnaire of a five point Likert – Scale was administered with 87.432% response rate. 501 copies of questionnaires came correctly completed and were used for the study. Random sampling technique was adopted in the selection of the 24 companies with each chosen company represents each sector. The research instrument was subjected to content validity and test-re-test method of reliability which yield Cronbach alpha value of 0.789 before field survey. The reliability test yielded Cronbach’s Alpha Coefficient of the constructs was 0.798. Both descriptive and inferential statistics were employed to analyse the research data.
Sample Size and Sampling Technique
Random sampling technique was adopted in selecting 24 companies from the eleven (11) industrial sub-sectors of economy. The sample size of ten percent (10%) of the population was considered adequate and representative of the population for this research (Yomere & Agbonifoh, 1999). A total sample of 24 companies representing fifteen percent (15%) of one hundred and seventy-three (161) companies listed on the Nigerian Stock Exchange as at 30th November, 2019, which is above the minimum 10% recommended by Yomere & Agbonifor, (1999). The companies were selected randomly and scientifically derived based on the number of companies in each sub-sector of the economy. The number of respondents per company was derived in proportion to the total number of internal auditors and management staff in the company.
The sample size mathematically derived using the Taro Yomene’s formula, (1999).
n = number of sample size
N= total population size = 2,950 + 2062 = 5,012
e = level of significance = 5% or 0.05
But with intention to minimize standard error in this study, the robustness and considering the fact that not all questionnaires would be retrieved, we considered a sample size of 501 which is 10% of the population.
Validity of Research Instrument
Attention was accorded the validity of the research instrument. The validity of the scale used in this study was assessed for content and construct validity. Content validity was enhanced through the combined process of logical validation and expert opinion in the accounting and auditing field. Scales of the study variables were tested for construct validity to ensure that they measure intended theoretical construct it was designed to measure.
We also put into consideration the validity of the questionnaire in relation to the ability to measure aptitudes, opinions or satisfaction that may influence the tendencies from people to give desirable and the social answers to questionnaire items. Internal and external validity of the questionnaire was also considered and the instrument was adjudged to have met this requirement. Internal validity is the degree to which questions within an instrument agrees with each other while external validity is the ability to make generalization about a populations beyond that of the sample tested which were in agreement with reviewed literature published in scientific journals (Wen-Hsien et al, 2017; Haislips et al, 2016; AbdulGaniyy, 2013 and Barac et al 2013; 2016).
Reliability of Research Instrument
A pilot study was conducted. Also, the reliability of the instrument was measured using the Cronbach Alpha of variables ranges of 0.789 while the combined Cronbach Alpha was 0.798 respectively which is a function of the mean correlation of all the study items. The result of the pilot study met the minimum coefficient of Cronbach’s Alpha of 0.7. Therefore the research instrument was adjudged to be reliable and was used for the final field survey of all the 24 selected listed companies on Nigerian Stock Exchange.
Data Analysis and Results
Characteristics of the Respondent
Factors considered relevant to the results were: age; educational qualification of the internal auditors and the management; professional qualification, job description and how long they have worked in the organisation. The sample showed a pattern seniority of the respondents. 33.1% above 41 years old while 36.3% were between 31 years and 40 years. 62.6% were B. Sc / HND graduates while 27.6% were Master degree holders.31.1% are professional while 68.9% were in the cadre of management staff and others. Also 52.5% were internal auditor cadre, 18.3% were principal auditor while 19.6% were management staff. And lastly 44.5% were between 6 to 10years in the organisation, 20.3% were between 11 to 15 years and 21.9% were below 5 years in the organisation.
The questions posed paid attention to the perception of the respondents considering the risk assessment by internal auditors in achieving effectiveness of an organisation and understanding the implications of the key risk that might impact on the corporate performance as the internal audit must ensure risk averting strategies.
Risk Assessment by Internal Auditor and Effectiveness
The second part of the questionnaire focussed on capturing the perception and knowledge of respondents in regard to risk assessment by internal auditor in achieving effectiveness in an organisation.
From the experience and perception of the respondents on risk assessment by internal auditor towards achievement of effectiveness of an organisation, the result revealed that 56.4% of the respondent affirmed that the work of an internal auditor must be such that could guarantees a consistently high standard of financial risk management that will ensure effectiveness of an organisation. Also, 56.4% of the respondents submitted that internal auditor work must be such that align audit goals with the organisational goals and ensure tangible effectiveness of the organisation.
Also, 60% of the respondent perception revealed that effectiveness of an organisation could be achieved when internal auditors work incorporate risk element in their procedure to guarantee audit assurance and 49.3% of the respondent perception further support the fact that internal auditors must have a clear objective of the organisation in order to be able to ensure effectiveness on the organisation.
Simple Regression Analysis Results for the Effect of Risk Assessment by Internal Auditor on the Effectiveness of Listed Companies.
The results in Table 1a show that risk assessment explained 5.5% of the variability in effectiveness of listed companies R = 0.234, R2 = 0.055, with 94.5% being explained by other variables not captured in the study. While Table 1 (b) show that the regression model was statistically significant at F Statistic = 12.653 with p value = .000b which is lower than the level of significant 0.05 adopted for the study (F = 12.653, p < 0.05). The means that risk assessment has a significant effect on the effectiveness of listed companies. Similarly, the un-standardized coefficient indicates that risk assessment makes a statistically significant contribution to effectiveness of listed companies (β = 0.185, t = 4.082, p < 0.05) and is therefore a good predictor of effectiveness of listed companies. Therefore, the null hypothesis which states that risk assessment by internal auditor has no significant effect on the effectiveness of listed companies in Nigeria is hereby rejected Table 2.
|Table 1a Reliability of Research Questionnaire Alpha Coefficient for Each Section of The Research Questionnaire|
|Overall or combined Cronbach Alpha||0.798|
|Table 1 b The Goodness-of-FIT|
|Model||R||R Square||Adjusted R Square||Std. Error of the Estimate|
|a. Predictors: (Constant), Risk Assessment|
|Table 2 Overall Significance ANOVAa|
|Model||Sum of Squares||Df||Mean Square||F||Sig.|
|a. Dependent Variable: Effectiveness|
|b. Predictors: (Constant), Risk Assessment|
The regression model that explains the variation in effectiveness of listed companies as results of the direct influence of risk assessment can thus be stated as follows:
The regression model is stated thus:
EFFTV (Y)= f(RA)
The above regression model is translated into an econometric equation as stated below:
Model = EFFTV = β0 + β1RA +μi
EFFTV = β0 + β1RA +μi
EFFTV= 3.093 + 0.185 + μi ………………………………………. (Equation i)
EFFTV = Effectiveness
RA = Risk Assessment
μi = Error Term
The above regression model Table 3 shows that there is a positive effect of risk assessment on effectiveness of listed companies. The model shows that the coefficient of risk assessment complied with a priori expectation which states that risk assessment will have significant effect on effectiveness of listed companies. The result indicates that risk assessment by internal auditor enhances the effectiveness of listed companies. From the model the intercept is 3.093 which implied that if risk assessment is zero, effectiveness of listed companies would be 3.093. The un-standardized regression coefficient of risk assessment was 0.185 implying that a 1 unit increase in risk assessment will contributes 0.185 units increase in effectiveness of listed companies. The result therefore establishes that risk assessment has a significant effect on effectiveness of listed companies in Nigeria.
|Table 3 Regression Coefficients|
|Model||Unstandardized Coefficients||Standardized Coefficients||t||Sig.|
|a. Dependent Variable: Effectiveness
Source: Field Survey, 2020
The result of the findings negates the hypothesis which states that risk assessment by internal auditor has no significant effect on the effectiveness of listed companies in Nigeria. Findings revealed that risk assessment has significant effect. The result of the regression analysis indicates that risk assessment has positive and significant effect on the effectiveness of listed companies in Nigeria Table 4-. The result of our finding is consistent with the study of Wen-Hsien et al. (2017) and Odoyo et al. (2014); Dibia, (2016); Hickman, (2017) although with some variation.
|Table 4 Details of the Estimated Number of Staff Covered Per Company|
|S/N||Company (HQ/Branch)||Sector||Staff per company|
|1.||Zenith Bank Plc||Financial Services||20|
|2.||Wema Bank Plc||Financial Services||20|
|3.||B.O.C. Gases Nigeria||Natural Resources||20|
|4.||SCOA Nigeria Plc||Industrial Goods||20|
|5.||Julius Berger Nigeria Plc||Construction/Real Estate||20|
|7.||United Bank of Africa Plc||Financial Services||20|
|8.||PZ Cussons Nigeria Plc||Consumer Goods||20|
|9.||Honeywell Flour Mill Nigeria Plc||Consumer Goods||20|
|10.||UAC Nigeria Plc||Conglomerates||20|
|11.||Omatek Ventures Plc||Information, Communication and Technology||20|
|12.||Diamond Bank||Financial Services||20|
|13.||DN Meyer Plc||Industrial Goods||20|
|14.||EMZOR Pharmaceutical Limited||Health Care Services||20|
|15.||7-Up Bottling Company Plc||Consumer Goods||25|
|16.||Nestle Nigeria Plc||Consumer Goods||25|
|17.||FCMB Group Plc||Financial Services||20|
|18.||FBN Holdings Plc||Financial Services||20|
|19.||Ikeja Airport Hotel Plc||Consumer Services||25|
|20.||John Holt Nigeria Plc||Industrial Goods||25|
|21.||Total Nigeria Plc||Oil and Gas||20|
|22.||Red Star Express||Services||20|
|23.||First City Monument Bank||Financial Services||20|
|24.||Livestock Feeds Nigeria Plc||Agriculture||20|
Wen-Hsien et al. (2017) and Odoyo et al. (2014) only evaluated enterprise risk management in general but failed to consider risk in relation to internal auditing for sustaining effectiveness of listed companies in Nigeria. Our findings also linked the level of risk assessment by internal auditors to the effectiveness of an organization. This implies that risk assessment tends to enhance the effectiveness of listed companies in Nigeria. In support of this study, Hickman, (2017) affirmed that internal auditors are expected to monitor not only traditional risks but also emerging risk, that is, the things that nobody might have imagined and must understand environmental, political and economic risks inherent to their respective organisation. He posited that the function of an internal auditor is found to be relied upon to identify operational risks and that they are expected to provide strategic insight on every aspect of the organisation.
While Arens et al. (2000) argued that audit risk cannot be completely eliminated but some level of risk will have to be accepted and they submitted that an auditor will need to quantify its acceptable level of audit risk. While Odoyo et al. (2014) submitted that the internal audit provides guarantee on the process that management uses and to consult on Enterprise Risk Management (ERM) and also provide activity that does not endanger the internal audit independence and objectivity. In line with this, Dibia, (2016) submitted that internal audit is a risk management mechanism. They posited that internal auditor add value to an organization as they could give assurance that the organisation’s exposure to risk are understood and well managed. Internal auditors are expected to monitor the risk profile of the organization and improve the risk management procedures.
On the strength of this fact, un-standardized coefficient indicates that risk assessment makes a statistically significant contribution to effectiveness of listed companies (β = 0.185, t = 4.082, p < 0.05) and is therefore a good predictor of effectiveness of listed companies. Therefore, the null hypothesis which states that risk assessment by internal auditor has no significant effect on the effectiveness of listed companies in Nigeria is hereby rejected (Tables 4-9).
|Table 5 List of Selected Listed Companies|
|S/N||Sector||Number of companies on NSE||Population||Sample|
|Internal Auditor||Management Staff||Total||Internal Auditor||Management Staff||Total|
|3.||Construction/ Real Estates||7||163||112||275||15||05||20|
|11.||Oil and Gas||9||176||132||308||15||05||20|
|Table 6 Reliability of Research Questionnaire Alpha Coefficient for each section of the research Questionnaire|
|Overall or combined Cronbach Alpha||0.798|
|Table 7 Model Summaryb|
|Model||R||R Square||Adjusted R Square||Std. Error of the Estimate||Change Statistics||Durbin-Watson|
|R Square Change||F Change||df1||df2||Sig. F Change|
|Table 8 ANOVAa|
|Model||Sum of Squares||df||Mean Square||F||Sig.|
|Table 9 Coefficientsa|
|Model||Unstandardized Coefficients||Standardized Coefficients||t||Sig.||95.0% Confidence Interval for B|
|B||Std. Error||Beta||Lower Bound||Upper Bound|
|The internal audit findings must ensure risk averting that will enhance corporate performance||0.124||0.061||0.097||2.035||0.042||0.004||0.243|
|The internal auditor must understand the implications of key risk that might impact on the corporate performance||0.185||0.045||0.194||4.082||0.000||0.096||0.273|
This research examined how risk assessment by internal auditors could improve the effectiveness of listed companies in Nigeria, taking the perception of 438 professionals who work in internal auditing and management staff of the selected companies. Thus, from the research question that is rallying round the risk assessment strategies on which procedures are deemed appropriate to improve effectiveness in organisations. In the perception of respondents, internal auditors must be able to understand the implication of key risk elements that might impact on the organisation’s effectiveness by ensuring appropriate risk averting approach and be able to safeguard the organisation from emerging risk
Risk assessment has positive and significant effect on the effectiveness of listed companies in Nigeria. Internal auditor work should be able to avert emerging risk and enhance effectiveness of listed companies in Nigeria.
The theory of inspired confidence displays reciprocity between demand and supply of audit services and the involvement of outside stakeholder of a company. Internal auditor should constantly endeavour to meet the public expectations because it is the credibility of the work of an internal auditor that inspires the confidence of the various users of financial report of an organization.
Based on the above findings, the following recommendations are made;
1. Internal auditor must understand the implications of key risk that might impact on the effectiveness of the organization.
2. Internal auditor must guarantee a consistently high standard of financial risk management that would ensure effectiveness.
3. Internal auditor must ensure that company auditing is conducted based on auditing standard that would avert risk to guarantee effectiveness of the organization.
4. Internal auditor must be able to assist the management in identifying and adequately estimating emerging risk in order to achieve the effectiveness that would ensure long term solvency and stability of the organization.