Academy of Accounting and Financial Studies Journal (Print ISSN: 1096-3685; Online ISSN: 1528-2635)

Research Article: 2022 Vol: 26 Issue: 2S

Internal audit effectiveness, role of internal audit function and performance of state-owned enterprises

Henry Mukono, Cape Peninsula University of Technology

Job Dubihlela, Cape Peninsula University of Technology

Citation Information: : Mukono, H., & Dubihlele, J. (2022). Internal audit effectiveness, role of internal audit function and performance of state-owned enterprises. Accounting and Financial Studies Journal, 26(S2), 1-16.


The purpose of this study is to assess the role of internal audit functions in Zimbabwean State-owned enterprises. A qualitative research approach by way of a case study research design. Data were gathered from the auditor general’s reports and apposite literature followed by in-depth interviews with audit managers, senior internal auditors, chief audit executives, chief executive officers, audit committees and board of directors of Zimbabwean state-owned enterprises. A thematic content analysis was used to analyze data. Responses were analyzed using ATLAS.ti software version 8. The findings revealed that IAFs are critical in SOEs in Zimbabwe and they play various roles such as oversight, deterrence, insight, foresight, detection, evaluation of the risk management, internal control and corporate governance processes as well as consulting, assurance and value-adding roles. Consequently, this paper proposed a practical IAF effectiveness framework that is aligned to the needs of SOEs. The IAF effectiveness model presented in this paper is expected to serve as a practical IAF effectiveness model/tool for use by SOEs since it was well informed by the empirical outcomes and best practice, as chronicled in the literature. This paper contributes to internal auditing literature in the SOEs sector. Furthermore, this is a first of its kind empirical study to explore the being of the pivotal components of a nifty IAF effectiveness model framework in SOEs, as stated by best practice.


Internal Auditing, Internal Audit Functions, State Owned Enterprises, Zimbabwe, Role of Internal Auditing, Value-Adding, Audit Framework


State-Owned-Enterprises (SOEs) provide goods and services to the populace as long as resources are available as enunciated in the Constitution of the Republic of Zimbabwe (Constitution, 2013). SOEs are strategic actors for the nation and hence they are ideal for the creation of jobs, service delivery and economic value creation. These milestones can only be achieved if accountability, transparency, financial probity and greater performance of managing SOEs are enhanced. SOEs thrive in vital sectors and hence they are known as strategic providers since they provide services that are of interest to the country (Aproskie, Hendriksz & Kolobe, 2014) and significant to the developmental agenda of the government (Ngonini, 2014). There is profound literature of SOEs, nevertheless, there is a lacuna of data on IAFs in Zimbabwe (Fourie, 2001; PWC & IoDSA, 2012). SOEs are obliged to conform to good corporate governance mosaic. Literature on SOEs is well discussed (Fourie 2001; PwC & IoDSA 2011) however, there is a paucity of literature on the role of internal audit functions in SOEs. Okibo & Kamau (2012) opine that committees of audit and management anticipate IAFs in SOEs to assess and enhance risk management and corporate governance processes, however, the role of an SOE’s Internal Audit Function (IAF) in an emerging nation such as Zimbabwe remains not discussed in detail. This results in a gap in the literature, and the purpose of the study reported in this article is to address this gap. This study thus is directed to get a comprehension of the role of IAFs on the performance of SOEs in an emerging country. Chauke (2019) conceded that ethical standards are manifesting in SOEs and this is shown by senior management of corporate entities such as Arthur Anderson, Lehman Brothers and WorldCom in the United States, Satyam Computer Services of India etc. One entity in South Africa which has grown up tremendously, that is, Steinhoff, was also seriously caught up in ethical dilemmas (Agbin, 2018; Naude, Hamilton, Ungerer, Malan & de Klerk, 2018). This study is perpetrated by the fact that numerous negative or qualified audit reports have been obtained from the Auditor General of Zimbabwe (AGZ) for many years. This paper examined the role of IAFs on the performance of Zimbabwean SOEs in a bid to fill the gap of knowledge on internal auditing and the sustainability of SOEs. IAFs are eyes of management and anticipate support from audit committees and hence management support is required and is of cardinal importance in terms of skills and resources as well as independence and objectivity of the unit.

Well-versed and better acquainted and skilled IAFs play vital roles in helping SOEs in alleviating allegations of epidemic corruption, scandals, lowering the weaknesses as well as barriers engulfing the SOEs. The Institute of Internal Auditors (IIA) (2018) asserted that IAFs are vital internal assurance systems in public financial controls and monitoring tools as well as assessing activities done by management before examination by the independent auditors. SOEs should conform to good corporate governance. Value for money for public procurement, strengthened transparency and fairness as well as decreased corruption are enhanced and ensured by internal auditors. IAFs are responsible for making sure that public spending is limited and is within the specified confines or budgetary provisions, specific mechanisms are followed when making payments, reconciliation is timely done, management have effective systems in place as well as ready mechanisms for accounting of financial and physical assets. Furthermore, SOEs are able to perform very well given the fact that IAFs pinpoint and report findings to the audit committees that are unbiased and this result in SOEs being able to ameliorate obstacles easily and hence good and helpful audit outcomes, that is, unqualified audit reports are obtained from the Auditor General of Zimbabwe. Therefore, the role carried out by IAF is without doubt important for any SOE entity and if this role is carried out wholeheartedly unqualified audit outcomes could be obtained. Sambo (2019) opined that independent auditors and IAFs inclusively are having a myriad of challenges as far as auditing of SOEs are concerned and SOEs representing the public sector put more force to auditors so that misrepresentation of the outcome of audits and avoidance of disclosure of irregular expenditure is done. Mankins & Steele (2005); Putu, Mimba, Van Heden & Tillema (2007); Brand (2019) opined that underperforming SOEs are still existing in emerging economies against anticipations.

This research give evidence that is verifiable from an emerging economy’s view point and this will help and contribute to expand and shape internal auditing as a profession with reference to Zimbabwe and entirely in Africa. The study ends with derivation of a model framework that can be espoused to execute the effectiveness of the IAFs roles. This model framework gives a useful contribution to the existing body of knowledge and could open substantial prospects in SOEs and the public sector at large precisely with respect to the reasoning and operation linked with CG, SOE performance and internal auditing.

Brief Review of Related Literature

Foregoing the initial section in this paper, the introduction, a review of related literature on internal auditing in general as well as the anticipated roles of the internal audit functions in SOEs is given. Following that the authors highlighted the regulation of internal audit, the SOEs in Zimbabwe, because of the paucity of literature peculiar to SOEs. This article progressed by looking at the methodology and results and discussion. To conclude that section, after the findings from the study are presented, the conclusion was rendered whereby the IAF effectiveness model was presented, the implications, recommendations, limitations and areas for future research are reflected.

Internal Auditing

There is a wide complaint in the Zimbabwean context that the performances of some SOEs do not satisfy the expectations of the society. This could be due to social, cultural, economic, historical and political factors. Notwithstanding an avalanche of theoretical contributions rendered by many scholars on the role of IAFs literature, not much has been said on their roles to SOEs, and it appears that some SOEs are not performing according to plan. Research on the role of the IAF on the performance of SOEs in Zimbabwe is limited. According to (Sarens, 2009; Lenz & Hahn, 2015) they echoed that there is a dearth of research which can be in part ascribed to the fact that, internal auditing, as an academic discipline, is in its infancy and is therefore still a relatively unexplored area. It is in light of this context that the study intends to address the gap in the literature that exists due to the limited research done in this field. The IIA(2013b) defined Internal auditing as an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

The Enron corporate misconduct gave rise to the stumble of its auditor, Arthur Anderston entity collapsing in 2001 resulted in too much attention given to the audit profession (Camfferman & Wielhouwer, 2019; Saito & Takeda, 2017). A trail of indistinguishable global corporate impropriety epitomised by WorldCom, Tyco, Xerox and Lehman Brothers superseded the Enron corporate misconduct (Akhtar, 2019; Camfferman & Wielhouwer, 2019). Repercussions such as a general fall out and loss of confidence in the auditing profession resulted due to these misconducts (Handley & Li, 2018). The corporate failures precipitated interested groups to probe and carefully examine the auditing process, as well as the role of auditors and management deputed with the wealth of the shareholders (Chartered Accountants in England and Wales (ICAEW), 2005). According to Munyoro (2015), after the global development of events of the post-Enron era to the Zimbabwean setting, numerous corporates collapsed and SOEs included after they have been furnished with an unqualified audit opinion by the auditors. Furthermore, it was concerted these corporate failures was due carelessness and misgovernance methods by the board of directors and management (ibid).

IAF is strongly recognised these days than before in both the public and private sectors (Carcello, Hermanson & Raghunandan, 2005). The spate of corporate scandals such as WorldCom, Enron, Parmalat and the Willowvale cash gate have made entities to give special attention to CG, strong internal controls and intended oversight which resulted in IAFs in enterprises being imperative. These variations led to favorable situations or circumstances as well as obstacles to the IAF, thus putting great importance to its mandate in CG. The roles of the IAF is augmented by the demands for accountability and transparency from executive management, management, other levels of management, be it the board of directors or audit committee. In addition, Cohen & Sayag (2010) argued that funding is a vital ingredient that shows that IAFs are benefitting from the support of management, and this also gives room for other employees to support and work hand and gloves with IAFs. Internal auditing is increasingly becoming very important as the economies develop and wish to build sustainable success, therefore, it means that the government will try and fight fraud and corruption and as well, donors and development agencies work towards assurance on the responsible distribution of funds.

There is need for competent internal auditors in order to surge the performance of SOEs. Despite this paucity, existing literature researched on internal auditing in the public sector has indicated that there is scant of competent internal auditors as an important deterrent to service delivery and the quality of the IAF (Erasmus, Barac, Coetzee, Fourie, Motubatse, Plant, Steyn & Van Staden, 2014). In Zimbabwe, a system of internal audit is also a requirement. The IAF should be conducted by employees within the SOEs, but exemptions are permitted in terms of Treasury Regulations 3.24 provided selection is in accordance with government tendering process.

The Anticipated Roles of the Internal Audit Functions in SOEs in Zimbabwe

Having looked at the review of IAF roles, it is opportune to quickly look at the anticipated roles to be carried out by the IAF. It is surmised by Soh & Martinov-Bennie (2011) that IAFs functionally reports to the AC and hence this gives an AC an opportunity to make sure that they have power which can enable them to push internal auditors to work effectively. AC meets six times a year and hence they must make sure that IAF is well resourced in order to carry out its activities well. In order to perform their assignments, IAFs must have sufficient know-how of controls, technology-based audit techniques as well as information technology risks as enunciated by Standard 2110.A3. Internal auditors are expected to perform many roles and these roles are outlined below in their various forms.

Assurance and Consulting Services

From the definition of internal auditing stated above, the internal auditor provides assurance and consulting services. Assurance in the context of internal auditors means an objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the entity (IIA, 2009). The internal auditor’s role is to optimize performance and to ensure sustainable business success. Assurance services according to Coetzee et al., (2012) means the evaluation of evidence in order to give an independent and objective opinion by the IAF and include activities such as making sure that management’s set procedures and policies are followed; taking into consideration that the organization is following as well as complying with appropriate and well considered laws and regulations; and discovering whether internal controls put in place by management are in a position to alleviate uncertainties threatening objectives set by management.

According to IIA (2013) consulting services refers to advisory and related client service activities, the nature and scope of which are agreed with the client, are intended to add value and improve an entity’s governance, risk management, and control processes without the internal auditor assuming management responsibility. Consulting (advising) services may be conducted as a routine activity or upon the requests of management. An engagement client specifically requests for a consulting service to be performed since these services are advisory in nature. Proper arrangements should be rendered with the engagement client since the scope and nature of the consulting engagement is done by him. Coetzee, et al., (2012) echoed examples of consulting services activities as that of carrying out training to staff; giving guidance, counsel/advice to management on issues to do with risk management, internal controls and governance processes; helping in developing and preparing policies; and taking part in quality teams.

The Evaluation of Enterprise Risk Management (ERM), Internal Controls and Governance Processes

Alviunessen & Jankensgard (2009) defined ERM as a careful and harmonised approach to evaluate and responding to all risks that have an effect on the attainment of an entity’s strategic and financial objectives. In addition, ERM is also defined according Acharyya (2013) & Hardy (2010) as a procedure whose purpose is to investigate, assess and control all the uncertainties that have an adverse effect on achieving the objectives of the entity. ERM is in infancy in SOEs. ERM units work well with and forms a part of the IAF. Notwithstanding the fact there are differences between the roles and responsibilities of the second line of defence (IIA, 2013), the two functions are devoted to boost the management of risks in their businesses.

Internal auditors can train management on ways of answering to the risks that they face. If the ERM framework is not fledging in its execution in the public sector organisations, it is the prerogative of the internal auditors to promote the creation or the strengthening up of the ERM of their entity (IIA, 2004).

According to the IIA (2013), control is defined as any action taken by management, the board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. This (Control) falls under the Nature of work which is a Performance standard 2130. COSO (1999); Miller, et al., (2013) asserted that an internal control system was designed and was meant to stop and identify the presence of risks. Management control can be used interchangeably with internal control. IAFs are required to report to the senior management of SOEs on the performance of the internal control systems and recommending advancements/improvements where applicable. Internal audit improves the control and monitoring within the entities to detect fraud (Coram et al., 2007). Internal control systems are ideal for improving the accountability and transparency of the public procurement systems in detecting and preventing corruption (Szymanski & Ross, 2007).

The glossary of the IIA (2013) defined CG as the combination of processes and structures implemented by the board to inform, direct, manage and monitor the activities of the organization toward the attainment of its objectives. Governance falls under the Nature of work which is a Performance standard 2110. The study carried out in the public sector in Ethiopia concluded that the governance role articulated by the IAF is gained when there is capable staff as well as compliance with professional auditing standards is exercised (Agumas, 2015). Furthermore, (ibid) asserted that when compliance with internal standards on auditing and national laws regarding auditing, unrestricted access to books of accounts and any additional information which is vital, formal mandate, top management support and talented leadership as well as enough funding are part of the IAF roles. It is the prerogative of AC members to make sure that internal auditors are respected within an organisation as well as assisting the IAF on the implementation of good CG (Goodwin & Yeo, 2001).

Detection, Deterrence, Foresight, Insight and Oversight roles

Hillison, et al., (1999) echoed that in a study they carried out, internal auditors are better positioned to detect and stop fraud, rather than external auditors, that is, they can detect and report employee fraud easily. Internal auditors should be able to identify fraud risks and should give help to external auditors through the application of Standards on Auditing Standards (SAS). According to the IIA (2006), internal auditors play detection roles using various ways. The detection role played by internal auditors include naming in appropriate, in efficient, illegal, fraudulent, or abusive acts that would have taken place and to gather evidence in order to enhance decisions pertaining to criminal prosecutions, disciplinary actions, or other remedies.

Deterrence is usually to name and decrease conditions that permit corruption. Prosperous detection attempts may have a deterrence result. This means IAFs are supposed to be able to name problematic and risk areas before the risks arise, and make sure the resources of the entity are safeguarded. In order for IAFs to add value to the enterprise, they should be able to employ the right people with specialised skills who can effectively do their work (IIA, 2006). Internal auditors attempt to stop fraud, abuse, and negligent of public trust by evaluating controls for existing or proposed functions; examining an entity or audit-specified risks; assessing contracts for probable conflict of interest; and appraising proposed amendments to the operational laws, rules, and implementation mechanisms.

IIA (2006) asserted that foresight roles pinpoint trends and prominent challenges. Internal auditors should make use of instruments such as financial audits, performance audits, investigations, and advisory services to each of these responsibilities. Foresight roles take the following forms such as the IAF through risk-based auditing give vital and appropriate information to the entity for controlling its risks. Furthermore, an audit approach such as risk- based auditing does an organisational audit of the risk management framework, which can help to name and prevent un acceptable risks; auditors should not only examine the probable abuse of power, but also be apprised of their own power within an entity.

The study by IIA public sector auditing (2006), highlighted that internal auditors must know policies and exhibit more knowledge in this area in order to add value to the organisations. Insight roles help decision makers by giving an independent evaluation of the public sector programs, policies, operations, and outcomes. Insight roles result when auditors should come up with well-informed understanding of operations and make conclusions based on evidence, this can only happen if they work systematically and objectively; and stakeholders are forced to rethink solutions by auditors, if audits can give a profound description of problems, resources, roles and functions which can be put together with the comprehension of the root cause of the problem and useful recommendations (ibid).

Oversight roles look at whether the SOEs, which are public entities, are doing what they are supposed to do and serve to prevent and unearth public corruption such as fraud, waste, or abuse, and other misuses of the power and resources entrusted to government officials (IIA, 2006). According to IIA (2006), internal auditors make sure that SOEs use money for the intended purpose, and are complying with laws and regulations. Insight roles result when it is ideal to mention that audits involving issues to do with insights functions answer the question, “Has the policy been implemented as planned?” And are managers implementing effective controls to lessen risks?” This is supported by auditing when internal auditors find out how companies are committed to rules, regulations and aims. In their oversight function, internal auditors in SOEs evaluate and give feedback on the success of these efforts.

Regulations of Internal Audit Functions

IAFs exist in the Zimbabwean public sector to fulfil the requirements of Pubic Finance Management Act (PFMA) 1 of 1999 section 80 as well as the Constitution of Zimbabwe (Amended) number 20 of 2013. According to RSA (2004), IAF is a furthermore enhanced by the internal audit framework of the public sector which gives the operational guidelines and developments of internal audit functions in the public sector particularly SOEs. The framework is of utmost importance since it gives guidance to the IAFs in SOEs in order to enhance compliance with the statutes such as the PFMA and the Constitution.

The SOEs in Zimbabwe

SOEs form a large sector in emerging economies, and are of cardinal importance for the viability as well as national development of the country particularly in Zimbabwe. SOEs are providers of basic needs and necessities to communities in a sustainable manner such as water, electricity, health, sanitation, telecommunications, and transportation services that are additionally expensive for the private sector (Linna, Pekkola, Ukko & Melkas, 2010). SOEs are branded by different names which include, Government Corporation, parastatals, public enterprises, state-owned entities or units (Price Water Coopers (PWC), 2015). SOEs are viewed as strategic institutions (PwC & IoDSA 2012), thereby leading to the improvement of the quality of life of people (Fourie, 2001). SOEs are government owned entities, and in Zimbabwe they include Zimbabwe National Road Administration (ZINARA), Net-one, Tel-one, the Zimbabwe Electricity Supply Authority (ZESA), Tobacco Industry Marketing Board (TIMB), Telecel, National Railways of Zimbabwe (NRZ), among others, send negative signals on the state of corporate governance in the economy. Along similar lines, SOEs are categorized into two namely commercial SOEs and non-commercial SOEs. They are all government-owned entities or publicly designed to make commercial actions on behalf of the government (Shabalala, 2011).

SOEs are supported financially by the National Treasury. Some essential public infrastructural services which are non-commercial such as water, power, telecommunication as well as broadcasting are delivered by some SOEs (Bantug, 2013). Commercial SOEs provide basic services like banks, air transport, shipping and retailing as well as real estate development are provided to the people or services that reduce the expenditure to sections of the public (ibid). Additionally, commercial SOEs are apparently entrusted at improving the distribution of basic resources (OECD, 2005). The SOEs have different backgrounds since some are profit-oriented and at the same time enhancing and supporting the nation’s goals. The primae face mandate is for the creation of job opportunities on behalf of the country since they are regarded as catalysts for the growth and development of the country (Jurkonis & Petrusauskaitė, 2014). In Zimbabwe, SOEs are legal entities formed in terms of Zimbabwe’s New Companies Act [Chapter 24:31] of 2020 and are regulated under the PFMA, and they authorised to do commercial and development tasks on behalf of the state respectively. SOEs must both be efficient and effective in carrying out their mandates and responsibilities and must equitably use the resources at their disposal in order meet the objectives of the country (Mihaiu, Opreana & Cristescu, 2010).


The author was guided by the interpretivist philosophy. The study was inspired by the interpretivism/constructivism philosophy which states that it is ideal to comprehend the differences between humans in their role as social actors. This informs the differences between carrying out research among people rather than on trucks or computers (Saunders et al., 2009). In this case, Goran (2012) advocates a view of Trauth (2001b) that constructivism is the lens commonly used in qualitative research approaches. A qualitative research approach was used as well as a case study research design in this paper (Hennink, Hutter & Lailey, 2011; Yin, 2011; Patton 2002). Due to its strategic position in terms of its operations in the nation’s emerging market, that is, transport, energy, telecommunication, agriculture and road administration, five SOEs in Zimbabwe were chosen. Notably respondents were chosen in this article due to the fact they are play roles in internal auditing and these are Senior Internal Auditors (SIAs), Senior Managers (SMs), Audit Committees(ACs), Chief Executive Officers(CEOs), Chief Audit Executives(CAEs) and Board Of Directors (BODs) as reflected in the literature (Sarens, De Beelde & Everaert 2009; Goodwin, 2003).

Population and Sampling

The population which was of interest for this study comprised of employees both former and current of the SOE, which was in operational in Harare at the time this research was carried out. The study made use of non-probability, purposive or judgemental sampling technique, some individual choses the sample based upon some applicable features of sample participants (Babbie et al., 2010). The sample is drawn from senior managers, senior internal auditors, chief audit executives, chief executive officers. Audit committees and board of directors in SOEs in Zimbabwe. The sample size is made up of the twenty (20) of the afore-mentioned participants in the study. as shows in Table 1.

Table 1
List And Aggregate Of Respondents
List of respondents Aggregate of  respondents
Audit Committee Members (AC) 2
Senior Managers(SM) 5
Board of Directors(BOD) 2
Chief Audit Executives(CAE) 5
Senior Internal Auditors(SIA) 4
Accounting Officers (CEOs). 2

Zimbabwe has a total of 107 SOEs (Auditor General report, 2016), however, five (5) entities were purposively sampled (Babbie et al., 2010). Conveniently sampling refers to a non-probablity sampling type of procedure where the population targeted meet the following criterias in order to be part of the study, that is, determination or availability to be part of the study, proximity geographically and accessible easily (Etikan, Musa & Alkassim, 2016). Five SOEs entities selected for this study were accessed easily and within the geographically proximity of the researcher.

Data Analysis , Results and Discussions

Data collected from interviews was thematically analysed using ATLAS.ti version 8 software. According to Braun & Clarke (2013), data analysed thematically gives an adjustable theoretically and reachable stance when qualitative data is analysed. Themes captured related views about the data in regard to the research question and exemplifies some levels of responses which are shaped (Maguire & Delahunt, 2017). Even though drawbacks are pronounced in thematic analyses, significance of thematic analysis outweigh the disadvantages, due to the fact that it can be used easily and its flexibility is high and is regarded as an important tool in analyzing the data which is complex in nature (Moloi, 2015b; Braun & Clarke, 2013). For the purpose of this study, six steps were followed when data was analyzed thematically for the role of IAFs on the performance of SOEs in a Zimbabwean set-up as propounded by Braun and Clarke (2013) and these are: data familiarization; initial codes generation; themes searching; themes reviewing; themes defining; and finally report writing

Themes and Sub-Themes

The semi-structured interviews comprised the key source of primary data in this study even though documentary reviews were also used. Hence, the outcomes of the semi-structured interviews are explored first. Documentary reviews are necessary in order to substantiate the findings of the interviews. Table 2. Below reflects the theme and sub-themes that emanated from the interviews and discussion of these sub-themes is rendered below.

Table 2
Themes And Sub-Themes
Theme Sub-themes
Role of internal  audit function. 1.1. Evaluation of the risk management, internal control and corporate governance processes.
1.2. Value-add assurance role.
1.3. Assurance and consulting roles.
1.4.Detection,insight,foresight,oversight,deterrence roles.

Theme 3: Role of Internal Audit Function

According to Grant Thornton (2014), management has the duty to oversee all operational systems within an entity and therefore, it is important to have an effective IAF will clearly defined roles and responsibilities and hence a lot of stakeholders expect management to accomplish set objectives. Figure 1 below shows the nexus between the role of IAF and its sub-themes.

Figure 1: The Nexus Between The Role Of Internal Audit Function And Its Sub-Themes

Source: ATLAS.ti output.

Sub-theme: Evaluation of the Risk Management, Internal Control and Corporate Governance Processes

According to Asare (2009), risk management, internal control and governance systems comprises of methods and systems put in place to enhance the accomplishment of the firm’s objectives.

Respondents made remarks on CG that:

“Competent leadership, competent employees, management support, compliance with professional audit standards, evaluation of risk management and internal controls, the better improvements in the governance systems role of IAF” (Participants, BOD1, BOD2).

Respondents further alluded that:

“To us, the role IAFs is to make sure that procedures and systems of CG are taken into consideration. In SOEs if the objectives and plans are established and accomplished then one can talk of having completed the CG systems” (Participants, CAE1, CAE2, CAE3, CAE3, CAE4, CAE5).

As far as internal control processes in organisations are concerned, most ACs averred that:

“The availability of employees who are competent, proper adherence to professional audit standards and having adequate funding, the better control function of IAFs in the public sector” (Participants, AC1, AC2).

The findings are incongruent with what the IIA (2010) stated that, it is the duty of the IAF to assess risk exposures pertaining to the operations, evaluation of risk management, governance and information systems in regard to the veracity and integrity of financial and operational information, effectiveness and efficiency of programs and operations, compliance with laws, regulations, policies, procedures and contracts as well as safeguarding of assets.'

In the next part, the value-add assurance role of the IAF is discussed.

Sub-theme: Value-add Assurance Role

It is crucial to note that CAEs, ACs and the IAF anticipate genuinely assurance tasks which are supposed to be performed by the internal auditors. One participant interviewed noted that:

“I muse that IAF’s role is to add value to SOEs and nothing else. By so doing their presence as internal auditors should be felt and their contributions should be meaningful in order to evaluate the risk management, internal control and governance processes of the SOEs since these SOEs contribute significantly to the economy in various dimensions” (Participant CEO1).

Concurring with the same notion that IAFs should add value significantly to the organisation, other key participants in top management positions reasoned that:

“IAFs are eyes and ears of management and the board and therefore, their contributions should be significantly felt by SOEs in terms of risk management, internal controls and corporate governance processes as well as adding value to these entities” (Participants, SM1; SM2; SM3; SM4; SM5).

The above findings are in tandem with what was stressed by numerous researchers such as Ramamoorti and Weidenmeier,2004; Burnaby, Hass and Abdolmohammadi, 2006; D’Onza, Paape and Sarens,2006; Hass et al.,2006, Sarens,2007; Christopher et al.,2009; IIA, 2009a; Campbell, 2010; Coetzee et al.,2012; IIA, 2013 and Jones, 2013. It is vital that management of a unit, its AC and the IAF hold the same anticipations considering the assurance functions an IAF should carry out. Staff training, experience and continuous professional education is ideal for internal audit employees in order to enhance the IAF (Davies & Aston, 2011). In the next section, assurance and consulting roles as a sub-theme is going to be explored.

Sub-theme: Assurance and Consulting Roles

Unlike external auditors, internal auditors are employees of the entities they work for and do carry out audits and advisory and consulting and assurance roles. IAF help management in terms of consulting and efficiency as well as helping the AC with matters to do with monitoring on the other note resulting in conflicts of interests (Messier, 2010).

A lot of participants in the IAF agreed that:

“Reasonable assurance should be made to organisations, such that all the objectives and goals planned are carried out as intended leading to the service delivery of goods and services to the public” (Participants, CAE1, CAE2).

“Consulting services roles include business re-engineering, project management and information technology development(IT)” (Participants, SIA1, SIA2, SIA3).

The above findings are in line with what was aired by Chambers (2014) that internal auditors should do more of assurance roles on the board’s behalf. In addition, Sobel (2011) asserts that CAEs should be proactive in getting and developing the right skills within the IAFs so as to satisfy these responsibilities more effectively and efficiently. Lenz and Sarens (2012) states that presently, the role of internal audit is unclear and is lacking a well-defined stakeholder. Stewart and Subramaniam (2010) and Selim, et al., (2003) opined that IAFs play a dual role in the business enterprise in that they provide assurance and consulting roles to management.

Sub-theme: Detection, Insight, Foresight, Oversight, Deterrence Roles

The IAF must perform various roles such as detection, insight, oversight, foresight and deterrence roles. The sentiments shared by the senior managers and board of directors are lamented below.

Many SMs argued that:

“The IAF is not carried out its work to the satisfaction of the stakeholders in these SOEs, that is, there is failure by the internal auditors to deliver their own commitment. They do not perform according to the dictates of the IIA” (Participants, SM1, SM2, SM3, SM4, SM5).

Similar thoughts were expressed by all the BODs who said:

“We expect the IAF to bring into attention to management on emerging challenges before they become crises. They internal auditors should help us to evaluate programs and policies if they are working. IAFs should minimise conditions resulting in corruption, right people to be recruited with specialised skills in order to add value, make sure entities do what they are supposed to do as well detecting illegal, improper, inefficient and fraudulent acts” (Participants, BOD1, BOD2).

The above findings correspond with the internal audit activity (IAA) on public sector auditing (2006) and Khoury (2011) that detection, deterrence, foresight, insight and oversight roles are of cardinal importance in SOEs and should be expeditiously carried out.

Documentary Reviews

Documentary reviews of the audit general took place and the results from the coded schemes are shown in Table 3 below.

Table 3
Coding Scheme For The Auditor General Of Zimbabwe Reports
Focus area. Main categories. Code assigned in AGZ’s reports. Code descriptor.
•What are the main roles of IAFs in SOEs according to AGZ reports. •Internal audit department. • Role of internal audit functions/activity. • Internal audit role. •Any statement or segment in the AGZ reports which shows the role of internal audit should play or anticipated to play.

The IAFs and ACs did not practice their oversight duties in order to make sure that internal controls were monitored and executed. As indicated by the AG reports, at some SOEs, effective and well-resourced IAFs have helped to enhance the internal controls and have had a positive impact on audit outcomes. The main reason for the lack of positive effect was failure by management to address internal audit findings. IAFs were not fully capacitated with skilled and experienced staff. Although IAFs existed in most SOEs, the control environment will be compromised if their findings are ignored and not considered as a serious matter, which lowers the level of assurance that can be put on financial information and the control environment.


Corporate scandals and poor performance of SOEs has made internal auditing a very germane area of research. Notwithstanding the poor performance, malfeasance and malpractices in SOEs in Zimbabwe, there is a lacuna of research on the sustainability of SOEs and the role of IAFs. Many will concede that there is no model for IAF effectiveness in Zimbabwean SOEs. In an endeavour to fill the gap of knowledge, this paper examined the role of IAF on the performance of SOEs in Zimbabwe and later proposed an IAF effectiveness framework for use. The findings revealed that IAF functions do play their roles in SOEs, however, they have to be supported by management in areas such as in the provision of resources, sufficient budgets to carry out their mandates as well as given enough salary. As such, this paper proposes a practical IAF effectiveness framework that is aligned to the requirements of SOEs in Zimbabwe. The framework presented in the paper was informed by the empirical results and best practice as shown in the literature. The aim is to generate a knowledge base that gives a uniting frame which agglomerates and organize these essential components frugally. These facets are reflected in Figure 2.

Figure 2: Internal Audit Effectiveness Model Framework For Soes Implications

Source: Authors’ own compilation.

The findings of this paper has got some academic and industry implications. The article contributes to the body of knowledge and thus results are shown in the proposed framework (see Figure 2) which reflects the effectiveness of the role of IAFs in SOEs. In addition, this paper will assist SOEs in identifying and supporting the roles of the IAFs in their various entities. At both professional and practical levels, gaps in CG and internal auditing have been noticed by the study and therefore, there is need for proactive ways to dwell more on the role of the IAFs as well as increasing CG systems in SOEs should be done in order to strengthen the performance of SOEs. This gives vital implications for the IIAZ and IAFs. The IIAZ should try and influence (lobby) the statutory and regulatory bodies taking part in the propagation of laws that should protect the IAF under CG to enact specific protectionist guidelines and statutory laws.

Limitations and Areas for Future Research

The outcomes of the study depended on a sample size of five (5) SOEs and twenty (20) participants employed by these SOEs. The study used a small sample size from the Zimbabwean SOEs set up which limited the research findings. It is recommended to extent the study to other geographical countries in order to add more value. The number of respondents could be improved in the next study and probability sampling could be used to allow for more representative findings in the near future. The primal limitation of the present research is that it has not been empirically tested. The study was carried out in just one industry sector, that is, SOEs, and took place in Zimbabwe. For this reason, the outcomes cannot be generalised. Future studies could expand on this limitation by including the entire local government sector in Zimbabwe and other developing countries. Comparisons could be made and lessons learnt to inform practices. The outcomes of this study, therefore, cannot be generalised to entities in the private sector and to other economies. In Zimbabwe, the studies related to CG and internal auditing are somewhat scant and have neglected the SOEs, hence, it provides an opportunity to conduct further studies to evaluate the dynamics of CG in SOEs. It is imperative to make further efforts to discuss the role of IAFs using a CG approach from economic and sociological theories which may add to the existing body of knowledge.


Crossref, Google Scholar.

Crossref, Google Scholar

Google Scholar

Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar


Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Google Scholar

Crossref, Google Scholar

Google Scholar


Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Crossref, Google Scholar

Google Scholar

Crossref, Google Scholar

Google Scholar

Crossref, Google Scholar

Google Scholar

Crossref, Google Scholar

Google Scholar

Crossref, Google Scholar

Google Scholar

Received: 26-Nov-2021, Manuscript No. aafsj-21-8568; Editor assigned: 30- Nov -2021, PreQC No. aafsj-21-8568 (PQ); Reviewed: 14-Dec-2021, QC No. aafsj-21-8568; Revised: 19-Dec-2021, Manuscript No. aafsj-21-8568 (R); Published: 04-Jan-2022

Get the App