THE IMPACT OF DEDICATED INTERNAL AUDIT FUNCTIONS ON STATE GOVERNMENTAL COMPLIANCE AUDIT FINDINGS.

• Author: Nation, Frank

INTRODUCTION

Illinois' government is structured much like the federal government with an executive, legislative, and judicial branch. These branches are subdivided into multiple entities: agencies, departments, boards, commissions, state universities among others. Such entities exist to serve the public needs and provide for their well-being, they in turn are accountable for their operations. The performance of regular compliance audits of state government entities is one way to monitor agencies' compliance with the applicable laws, rules, regulations, and use of funds.

Governmental audits exist to ensure efficient and effective achievement of the objectives assigned to an agency by the enabling legislation. Furthermore, such audits substantiate that governmental entities are acting in such a way that no laws, rules, regulations or contracts are violated; and that citizens, employees, stakeholders and the public are not negatively impacted by the agency's practices. Audit procedures can positively influence the efficiency and effectiveness of an entity's policies and processes. Auditing of state entities provides reassurance to legislators, citizens, agency officials, and other parties that the agency is properly fulfilling its obligation by following applicable rules and regulations.

According to the Illinois Auditing Act (30 ILCS 5) the Auditor General must conduct an appropriate financial audit or compliance examination of every State agency at least once every two years (Illinois Office of the Auditor General, 2017) (Illinois General Assembly (30 ILCS 5/), 2017). The audit report discloses the 'findings,' or items of significant noncompliance. Each audit report lists the total findings, repeated findings (findings from the previous audit that have not been corrected), and prior findings not repeated. All current year findings include observations made by the auditor during the audit, the criteria governing the item, and recommendations for correcting the noted findings. In addition to identifying and disclosing such deficiencies, the Office of the Auditor General (OAG) audit reports offer corrective recommendations for discovered deficiencies to allow the entity to resume operational conformity within the applicable regulatory parameters. The audit report publishes all material noncompliance findings, along with the respective recommendations. The OAG functions as the State's external governmental auditor; as a result, all audit reports for audits performed in conjunction with the Illinois State Auditing Act are publicly available on the OAG's website. The OAG releases audit reports to the public through its website (Illinois Office of the Auditor General, 2016).

In addition to regular compliance audits performed by external auditors, the Illinois Fiscal Control and Internal Auditing Act (30 ILCS 10/) names specific state agencies, defined as "designated State agencies," to maintain a full-time program of internal auditing (Illinois General Assembly (30 ILCS 10/), 2017). Thus, only "designated State agencies" are required to have an internal audit function. Internal audits performed by internal audit function of the "designated State agency" differ from 'external' compliance audits performed by the OAG in several ways. First, internal audit reports typically are not released to the public. Furthermore, internal auditors performing the "designated State agency" audits are employed by that agency (State Internal Audit Advisory Board, 2011).

Hence, this study focuses on two types of state agencies. One type of agency is required to deploy their own agency-dedicated internal audit function. This means that the agency employs people to serve as internal auditors for that agency alone. The second type of state agency is not required to deploy its own dedicated internal audit function. These agencies depend on the OAG to provide audit services. Previous research has identified that the type of auditor influences the number of reported audit findings. However, there has not been an attempt to differentiate between agencies with dedicated internal auditors and those without. Thus, the question motivating this study is:

Is there a significant difference in the number of compliance audit findings between state agencies that deploy dedicated internal auditors and those agencies that do not? To examine this question we must look at the issue from several different points of view. Broadly, we can simply measure the difference for agencies with an internal audit function, as defined above, and those without. However, previous research indicates there are other variables that have a significant effect on the analysis of this question, such as auditor type (Branson, Decker, & Green, 2011), agency size and complexity (Branson, Nation, & Clark, 2016), time devoted to the audit (Branson, Nation, & Stephens, 2016), and appropriation level (Branson, Nation, & Rothe, 2018). Thus, researchers must account for the effects of control variables significant to the number of compliance audit findings.

LITERATURE REVIEW

A high-level measure utilized to assess the effectiveness of both government audits and entity operations is the number of compliance audit findings. Compliance audit findings represent operational weaknesses and significant deficiencies discovered, as well as identified instances of noncompliance with applicable policies, laws, rules, and regulations. This measure has been used in previous studies on government audit effectiveness. Jakubowski (2008) examined 27 local government audit reports in the state of Michigan utilizing the number of compliance audit findings as a dependent variable. This study found that audits completed by state governmental auditors produced significantly more audit findings than audits subcontracted to CPA firms (Jakubowski, 2008). A handful of further studies analyze other factors affecting the number of compliance audit findings reported for Illinois state government audits.

The foundational study on government compliance audits performed in the state of Illinois applied the model used by Jakubowski (2008). Branson, Decker and Green (2011) analyzed compliance audits performed on 24 agencies audited between the years 2000 and 2009 by both OAG staff auditors and CPA firm or Special Assistant Auditors (SAA). The study found that OAG staff auditors discovered and reported an average of 5.56 audit findings, which is significantly higher than the average 2.36 audit finding discovered and reported by SAAs (Branson, Decker, & Green, 2011).

Branson, Nation, and Clark (2016) replicated the study performed by Branson, Decker, and Green (2011), but incorporated control variables based on auditee size and complexity to account for the scope of the audit. The number of employees measured the size of the auditee. The number of mandates, which are the state laws and requirements applicable to each entity, served as a measure of complexity. The study examined 163 audits performed on 48 state entities between the fiscal years 2005 and 2012. Using regression analysis and ANOVA statistical techniques, the study found that the level of complexity and size of an entity had a significant positive relationship with the number of compliance audit findings reports. In addition, this study replicated the finding that OAG staff auditors reported significantly higher levels of compliance findings than the SAA auditors. OAG staff engagements reported a mean of 18.9 audit findings, while contracted SAA engagements reported a mean of 9.02 audit findings (Branson, Nation, & Clark, 2016).

Branson, Nation, and Stephens (2016) extended the study performed by Branson, Nation, and Clark (2016) to examine additional variables, specifically time spent on the audit, affecting the number of findings reported. This study included time spent on the audit as a potential explanation for the gap in the number of findings reported by OAG staff auditors and those reported by SAAs. Suhayti (2012) found that the competitive bidding process, along with time and budget constraints, resulted in decreased audit quality. The results suggest that the SAAs' profitability directly relates to the audit's budget and the contract amount awarded. Therefore, SAA's confront an incentive to tighten time budgets. However, restricting the time spent on the audit process forfeits audit quality to assure profitability (Suhayati, 2012). Branson, Nation, and Stephens (2016) found that the number of employees, actual audit hours, auditor type, and the number of prior year audit findings were all significant to audit findings. These independent variables accounted for 75.9% of the variability observed in the number of compliance audit findings (Branson, Nation, & Stephens, 2016).

Branson, Nation, and Rothe, (2018), replicated the study performed by Branson, Nation, and Stephens, (2016). This study replaced a financial complexity variable found to be insignificant to the number of compliance audit findings reported, entity expenditures, with entity appropriation levels. Appropriation levels represent the amount of money designated for each entity's specific use. This study utilized regression and ANOVA analysis and examined all state entities audited from fiscal years 2010 to 2015. The study found that appropriation levels, number of audit hours spent on the engagement, and the type of auditor, were all significant to the number of compliance audit findings reported (Branson, Nation, & Rothe, 2018).

According to prior research, the variables related to auditee size and complexity, such as number of employees, number of mandates, level of appropriation, and audit hours are related to audit fees, audit reporting lag, and audit budgets. Auditee size and complexity are factors in determining and explaining variability in audit fees, or the cost of performing the audit (Gist, 1992) (Nikkinen & Sahlstrom, 2005). The number of entity employees and the...