Peter J. Best

Evidence of the audit expectation gap in Singapore

Reports a study in 1996 of the audit expectation gap in Singapore. The main aims were to measure the level and nature of expectation gap in the 1990s and compare with the results of Schelluch, Low and Low et al.. The motivation for performing this research in Singapore was due to lack of research on this issue in recent years and Singapore’s status as one of the “dragon countries”. The research method adopted is a replication of a study by Schelluch. The results found evidence of a wide audit expectation gap in Singapore in the areas of auditor responsibility for fraud prevention and detection, maintenance of accounting records, freedom of the entity from fraud, and auditor judgment in the selection of audit procedures. The results strongly support the adoption of the long‐form audit report in Singapore if Singaporean professionals are serious about reducing the expectation gap and improving decision making by financial statement users.

A framework for separation of duties in an SAP R/3 environment

The majority of medium‐to‐large international organizations have adopted enterprise resource planning systems (ERPs) of which SAP R/3 is the current market leader. This paper proposes a framework for the separation of duties in SAP R/3. Separation of duties is viewed as a critical component of an organization’s internal control structure aimed primarily at reducing opportunities for fraudulent activities. R/3 assigns profiles consisting of authorizations to users. Accordingly, R/3 facilitates the implementation of “role‐based access control”, where these profiles may be designed consistent with organizational roles and assigned to users performing these roles. This paper proposes a framework for adequate separation of duties using a role‐based approach in the financial accounting (FI) module of the R/3 system. Case studies were undertaken to refine the framework and to explore its application in a practical environment. This empirical research provided support for the adequacy of the proposed framework.

Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in enterprise systems. The steps in this process are: (1) threat monitoring-surveillance of security audit logs for ‘red flags’, (2) automated extraction and analysis of data from audit trails, and (3) using forensic investigation techniques to determine whether a fraud has actually occurred. We demonstrate how mySAP, an enterprise system, can be used for audit trail analysis in detecting financial frauds; afterwards we use a case study of a suspected fraud to illustrate how to implement the methodology.

Continuous Auditing and Continuous Monitoring in ERP Environments: Case Studies of Application Implementations

ABSTRACT: The need for continuous auditing and continuous monitoring (CA/CM) has increased in the global digital economy. Modern computer-based systems make it possible to measure and monitor business processes at an unprecedented level of detail in a real- or near real-time basis. This empowers auditors to become increasingly dependent on computer technology and software tools. While there is a growing body of literature related to this domain, there is a need for empirical evidence from actual implementations that document these systems in detail. In this research, we perform such an investigation on three CA/CM systems, namely SAPSECURE, CAMAP, and Bagheera-S™.

The effectiveness of fraud detection instruments in not-for-profit organizations

Purpose - – The purpose of this study is to investigate the effectiveness of fraud detection instruments in not-for-profit (NFP) organizations. Not-for-profit organizations rely on trust and volunteer support. They are often small in size and do not have relevant expertise to prevent fraud. Such organizations are more vulnerable to fraud and, consequently, require effective fraud detection instruments. The existing literature on fraud detection is primarily descriptive and does not measure instrument performance. The authors address this research gap and provide a detailed overview of the impact of nine common fraud detection instruments. Design/methodology/approach - – Data were obtained from an NFP fraud survey conducted in Australia and New Zealand. A set of contingency tables is produced to explore the relationship between the existence of a specific fraud detection instrument and actual detection of fraud. We also investigate the relationship between organization size and fraud detection strategy. Findings - – The findings provide valuable insights into understanding fraud detection mechanisms. Although most fraud detection measures may not lead to more fraud detection, three highly effective instruments emerge, namely, fraud control policies, whistle-blower policies and fraud risk registers. The results also reveal that commonly used fraud detection instruments are not necessarily the most effective. This is true in a significant number of small organizations that appear to be focusing on ineffective fraud detection instruments. Practical implications - – Implementation of more effective fraud detection measures will reduce the damage caused to an organization and is highly relevant for practitioners. Originality/value - – The results show that differences in the effectiveness of fraud detection instruments in the NFP sector exist. This knowledge is directly applicable by related organizations to reduce fraud damage.

The perceived scope of internal audit function in Libyan public enterprises

Purpose - – The aim of this exploratory study is to examine the perceptions of stakeholders regarding the scope of internal audit (IA) work in Libyan state-owned enterprises. Design/methodology/approach - – Data were gathered through semi-structured interviews with chief executive officers, IA directors, administrative affairs managers, financial affairs managers and external auditors, which were supplemented with a review of relevant documentary evidence. Findings - – The results of the study show that the scope of IA in Libyan organizations may not be sufficiently wide ranging to be considered as a value-adding service. The scope of the IA function may need to be expanded to cover a broader range of organizational functions if internal auditors are to offer value-adding services to their stakeholders. Practical implications - – The IA profession has received scant attention in the literature, especially in the context of developing countries such as Libya. Therefore, such settings offer the potential to enhance the understanding of IA practices. As a study on a developing economy, it enhances understanding of the IA profession’s global configuration beyond the predominantly market-driven, industrialized Western economies. Originality/value - – In contrast to most previous studies, this study covers a broad range of IA stakeholders’ views on the role of internal auditors. This coverage enabled an in-depth investigation of the factors affecting IA scope and understanding of stakeholder perceptions on the IA function.

Managing Change Toward Environmental Sustainability: A Conceptual Model in Small and Medium Enterprises:

This article aims to develop a model for managing change toward environmental sustainability (ES) within small and medium enterprises (SMEs) by investigating the main ES change management actions evident from the ES journeys of SME ES champions. Using in-depth face-to-face interviews, the article draws from the ES change management experiences of a sample of 12 ES champions from the SME sector, as well as secondary organization–specific data. A multicase design was adopted to develop the proposed model. A thematic content analysis identified 10 main change management actions along with a number of associated actions. The findings provide an empirically developed ES change management model and practical managerial ES change management guidelines to SMEs embarking on an ES journey.

GRI G4 content index Does it improve credibility and change the expectation-performance gap of GRI-assured sustainability reports?

Purpose Previous studies have argued that the incapacity of the majority of SR stakeholders to identify the different types of assurance processes contributes to the existence of an expectation–performance gap and affects the credibility of such reports. To improve this situation, the Content Index Model was updated by the Global Reporting Initiative (GRI) in its latest sustainability reporting guideline – “G4”. This paper aims to assess, using a qualitative exploratory approach, whether this updated Content Index Model changes the expectation–performance gap of stakeholders on assurance processes for GRI sustainability reports. This paper also assesses whether this Content Index Model improves the credibility of the assurance processes for GRI sustainability reports, considering participants’ points of view. Design/methodology/approach This paper used a qualitative approach to obtain participants’ perceptions in relation to the objectives of the paper. Two questions were used to assess whether the updated Content Index Model improves stakeholders’ understanding in regards to the assurance process of GRI sustainability reports, thus changing the expectation–performance gap and improving the credibility of GRI sustainability reports. The following questions were asked: Does the Content Index Model help SR stakeholders to better understand the scope of the assurance processes? and Why? Does the Content Index Model presented help to improve credibility of assured SR? and Why? Findings Results obtained demonstrate that the updated Content Index Model improves SR stakeholders’ understanding regarding the scope of the assurance processes conducted, thus reducing their expectation–performance gap on assurance processes and improving the credibility of SR. Participants also commented on the relationship among transparency, understand ability, trust and credibility. Research limitations/implications First, participants were responsible for identifying the group that best represents his/her professional experience. The fact that participants have professional experience in more than one of the groups identified in this research (assurers, reporters and readers) could have impacted on their perceptions regarding the assurance process. Second, the interviews do not rely on practical experience with the updated Content Index Model, rather, they rely on participants’ perceptions regarding the hypothetical use of this Content Index Model. Third, descriptive statistical analyses in this paper aim to illustrate participants’ perceptions rather than to develop robust statistically significant conclusions. Fourth, the main author of this paper developed the Content Index Model, and this may have impacted the responses of the participants and/or the analysis of data. Also, the specific geographic area where interviews were conducted, the selection technique used and the non-statistical significance of the analyses presented in this paper must be carefully interpreted and cannot be generalised to a broader context based on this paper alone. Finally, interviews were developed and conducted before May 2013, before the GRI officially launched the GRI G4 Sustainability Reporting Guidelines. Practical implications As the GRI is the most commonly used sustainability report framework to date, this study has the possibility to affect all companies that publish their sustainability reports based on the GRI framework and all assurance providers currently providing assurance services for such report. Also, findings would be very useful for sustainability reports’ readers worldwide. Originality/value As sustainability reports are the most common instruments used by organisations to provide accountability about the environmental and social performance, and assurance is the most common instrument used by organisations to improve credibility of such reports; it is important to assess whether those instruments are achieving their goals and understand the role played by the GRI G4 Content Index Model in this context. As the GRI G4 was recently launched, there is no study published yet assessing the effectiveness of its new content index model.