The Pervasive Nature of IT Controls: An Examination of Material Weaknesses in IT Controls and Audit Fees
26 Pages Posted: 22 Apr 2009
There are 2 versions of this paper
The Pervasive Nature of IT Controls: An Examination of Material Weaknesses in IT Controls and Audit Fees
The Pervasive Nature of IT Controls: An Examination of Material Weaknesses in IT Controls and Audit Fees
Date Written: March 2009
Abstract
The complexity of computerized information systems increases the complexity of the external auditor's assessment of the reliability of a client's internal control systems. The purpose of this study is to investigate the impact of weaknesses in IT related internal controls on the cost of a SOX 404 audit of internal controls over financial reporting. We consider the impact on audit fees through three dimensions: (1) percentage increase in audit fees, (2) amount of change in audit fees per outstanding common share, and (3) actual dollar amount of audit fees. Examination of first year reports by accelerated filers yields 131 companies with material IT-control weaknesses. These 131 companies are matched with a similar set of companies with no reported material weaknesses, and for a subset of 54 from the 131 companies in which a good match could be identified, a set of companies having only material non-IT-based control weaknesses were compared. As expected, substantial fee differentials were identified for companies reporting material IT-based control weaknesses as compared to both companies without any material weaknesses and those companies with only non-IT related material weaknesses.
Keywords: Internal control, material weakness, IT audit, Audit pricing, Audit fees, SOX 404
JEL Classification: M40, M41
Suggested Citation: Suggested Citation
Do you have a job opening that you would like to promote on SSRN?
Recommended Papers
-
Sharing Information on Computer Systems Security: An Economic Analysis
By Lawrence A. Gordon, Martin P. Loeb, ...
-
The Impact of the Sarbanes-Oxley Act on the Corporate Disclosures of Information Security Activities
By Lawrence A. Gordon, Martin P. Loeb, ...
-
Information Security Expenditures and Real Options: A Wait-and-See Approach
By Lawrence A. Gordon, Martin P. Loeb, ...
-
The Economic Incentives for Sharing Security Information
By Anindya Ghose and Esther Gal-or
-
SOX: Unintended Dilemmas for Auditing
By Jonathan E. Duchac, Edward B. Douthett, ...
-
Optimal Risk Sharing with Limited Liability
By Semyon Malamud, Huaxia Rui, ...
-
A Strategic Analysis of Information Sharing Among Cyber Attackers
By Anindya Ghose and Kjell Hausken
-
Assessing the Value of Network Security Technologies
By Huseyin Cavusoglu and Hasan Cavusoglu
-
Experiences and Challenges with Using CERT Data to Analyze International Cyber Security
By Stuart Madnick, Xitong Li, ...
-
Information Disclosure and Regulatory Compliance: Economic Issues and Research Directions