Title: Influence of internal audit functions on enterprise risk management: evidence from Malaysian transportation industry

Authors: Suaad Jassem

Addresses: Department of Accountancy, Faculty of Business and Accountancy, University of Malaya, Kuala Lumpur, Malaysia

Abstract: This study investigates the impact of core and legitimate functions of internal auditors defined by the Institute of Internal Auditors Position Paper 2009 on the five enterprise risk management components defined by the updated Enterprise Risk Management Framework 2017 declared by the Committee of Sponsoring Organizations. It also examines whether presence of a chief risk officer influences the above relationships. The analysis is based on data obtained from the transportation sector in Malaysia. The results suggest that internal auditors perform 70% of their core roles in enterprise risk management and 65% of legitimate roles, while they are also performing about 50% of prohibitive roles in enterprise risk management. Chief risk officer has non-significant influence except for two enterprise risk management components. Finally, linear regression analysis indicates significant influence of core and legitimate functions of internal auditors on four out of five enterprise risk components.

Keywords: enterprise risk management; ERM; internal audit function; chief risk officer; CRO; COSO framework; IIA position paper.

DOI: 10.1504/IJBEX.2022.121583

International Journal of Business Excellence, 2022 Vol.26 No.2, pp.196 - 223

Received: 04 Jul 2019
Accepted: 01 Nov 2019
Published online: 21 Mar 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article