We examine the sensitivity of internal auditors' fraud risk assessments and audit effort decisions (i.e., budgeted hours) to variations in management's incentives to intentionally misstate their financial position, and in the quality of a firm's audit committee. Internal auditors are an integral part of an organization's monitoring scheme and it is important to understand how, and how well, their judgments are influenced by factors known to be associated with fraudulent financial reporting. We hypothesize that internal auditors' fraud risk judgments and audit effort decisions will vary with management incentives and quality of audit committee, consistent with documented archival evidence and professional prescriptions. The experimental results, based on responses from 60 internal auditors completing a hypothetical case regarding a potential acquisition target, indicate that internal auditors' fraud risk assessments are responsive to management incentives and variations in the quality of the audit committee. Our results also indicate that internal auditors' budgeted audit hours are sensitive to variations in management incentives to misreport financial information, but are not sensitive to variations in audit committee quality. This latter result implies that internal auditors are aware that stronger audit committees decrease the risk of fraudulent financial reporting, but do not use that knowledge to reduce fraud related work. These results generally hold for a second experiment in which another group of internal auditors was asked to complete the same hypothetical case, but rather than evaluating an acquisition target, they made planning judgments for an audit area of the company in which they were employed. Thus, the results generally hold whether the internal auditors are performing due diligence for a possible acquisition or are auditing their own organization where they may have incentives congruent with organization management, and may have familiarity with the audit committee.
Read full abstract