How does Sarbanes‐Oxley affect outsourcing?

Cannon, David M.; Growe, Glenn A.

doi:10.1002/jcaf.20098

Cited by 9 publications

(4 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Following Cannon and Growe [5], Laurent [21], Ge and McVay [11], Doyle et al [8] and Ashbaugh-Skaife et al [1] finding, we expect a negative relation between the ITC quality and the complexity: industry more articulated (banks and insurances), the companies more diversified, internationalized and with the IT given in outsourcing because these characteristics show higher risk.…”

Section: Determinants Of Itc Qualitymentioning

confidence: 77%

“…Therefore it is important that the companies assign the responsibility on compliance with SOX or Italian law 262/2005 to IT auditors together with the auditors on financial reporting. When the company chose the strategy of outsourcing, the ITC can be transferred to the Outsourcer or to a Service Auditor, but the responsibility on the reliability of ICFR is always to the CFO or CEO that should evaluate the ITC outsourced, involving more actors in the audit process [5]. Other researches investigate the IT expertise on audit [6,13,22].…”

Section: Determinants Of Itc Qualitymentioning

confidence: 99%

See 1 more Smart Citation

Determinants of Information Technology Audit Quality

Mazza

Brooks

2015

Lecture Notes in Information Systems and Organisation

View full text Add to dashboard Cite

The research aims to measure the Information Technology Controls (ITC) quality and its determinants within the Internal Controls over Financial Reporting. Data are collected from questionnaires and financial reporting of Italian listed companies. The main objective of the research has been investigated using innovative method of evaluation of ITC quality: we used the characteristics of two of the main relevant phases of the audit cycle: ITC scoping and ITC risk assessment. Taking the determinants from previous audit literature and adding the specific variable "Information Technology Auditors", results show that industry, internationalization and diversification, outsourcing strategy, market capitalization, firm age and corporate governance play a relevant role in determining the efficiency and the efficacy of ITC.

show abstract

Section: Determinants Of Itc Qualitymentioning

confidence: 77%

Section: Determinants Of Itc Qualitymentioning

confidence: 99%

Determinants of Information Technology Audit Quality

Mazza

Brooks

2015

Lecture Notes in Information Systems and Organisation

View full text Add to dashboard Cite

show abstract

“…We hypothesize that contracts, attestation reports from service auditors, direct evaluation of service provider by client and audit provision may be significant measures of AQ of outsourced ITC. The literature indicates that the least preferable situation is the absence of the AQ of outsourced ITC (Cannon and Growe, 2005); the exclusive use of contract is less preferable than the use of a service auditor's report (Denyer, 2006b;Germano and Baker, 2003;Stanton, 2004;Nickell and Denyer, 2007); Type 1 reports are less satisfactory evaluations than Type 2 reports; and direct evaluation is the most preferable type of evaluation (Laurent, 2006;Gazzaway, 2004;Denyer, 2006a), especially when supplemented with a Type 2 report. Among the several measurements of AQ of outsourced ITC, we expect that only the direct evaluation of service provider by client and the Type 2 report (assurance on design and operating effectiveness of ITC) can be considered useful measures.…”

Section: Hypothesismentioning

confidence: 99%

“…The service auditor is an independent auditor engaged by the service provider to guarantee design and operating effectiveness to clients (Figure 1). Cannon and Growe (2005) analyze the responsibility of the client established by SOX, which is retained even when IT is outsourced: the audit can be carried out by a service auditor, but responsibility cannot be transferred and remains with the CFO and chief executive officer of the client firm. The responsibility of the client is one of the main reasons for the relation between the AQ of outsourced ITC and ITAQ.…”

Section: Aq Of Outsourced Itcmentioning

confidence: 99%

Audit quality of outsourced information technology controls

Mazza

Fornaciari

2014

Managerial Auditing Journal

View full text Add to dashboard Cite

Access to this document was granted through an Emerald subscription provided by emerald-srm:198285 [] For AuthorsIf you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service information about how to choose which publication to write for and submission guidelines are available for all. Please visit www.emeraldinsight.com/authors for more information. About Emerald www.emeraldinsight.comEmerald is a global publisher linking research and practice to the benefit of society. The company manages a portfolio of more than 290 journals and over 2,350 books and book series volumes, as well as providing an extensive range of online products and additional customer resources and services.Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee on Publication Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive preservation. AbstractPurpose -This paper aims to test the positive relationship between audit quality (AQ) of outsourced information technology controls (ITC) and information technology audit quality (ITAQ). Design/methodology/approach -Factor analysis, ordinary least squares (OLS) regressions and simulations. Findings -Scoping and planning phases of the audit cycle account for about 69 per cent of ITAQ. The AQ of outsourced ITC is strongly and directly related to ITAQ. Improvement of AQ of outsourced ITC may be achieved through evaluation of control design and operating effectiveness by service auditor as well as direct evaluation by the client in service provider location. Research limitations/implications -Sample size and input items in factor analysis.Practical implications -Companies and auditors could improve ITAQ through a better organization of the scoping and planning activities; they could also improve the AQ of outsourced ITC using direct evaluation in the service provider location supplemented with service auditor reports. Regulators could refine or change laws and frameworks to take into account the factors of ITAQ and the methodology of evaluation of outsourced ITC. Originality/value -Private data collected by questionnaire. The measures of ITAQ and the OLS model could be tested in future research, in countries with different frameworks and regulations related to AQ, different weight of outsourced information technology and other characteristics related to clients, service providers and service auditors.

show abstract

Auditing of Information Technology Controls in Outsourcing

Mazza

Fornaciari

2014

Lecture Notes in Information Systems and Organisation

View full text Add to dashboard Cite

How does Sarbanes‐Oxley affect outsourcing?

Cited by 9 publications

References 2 publications

Determinants of Information Technology Audit Quality

Determinants of Information Technology Audit Quality

Audit quality of outsourced information technology controls

Auditing of Information Technology Controls in Outsourcing

Contact Info

Product

Resources

About