Doctoral Degrees (School of Accountancy)

Permanent URI for this collection

http://hdl.handle.net/11660/149

Browse

Browsing Doctoral Degrees (School of Accountancy) by Author "Lubbe, D. S."

Now showing 1 - 3 of 3
  • No Thumbnail Available
    ItemRestricted
    Corporate governance in South African higher education institutions
    (University of the Free State, 2017) Crous, Cornelie; Lubbe, D. S.
    𝑬𝒏𝒈𝒍𝒊𝒔𝒉 Several Universities in South Africa, namely the Tshwane University of Technology (TUT), the Walter Sisulu University (WSU), the Central University of Technology (CUT) and Vaal University of Technology (VUT), were placed under administration since 2011 because of poor administration and governance. Examples of the poor administration and governance practices include, among others, the appointment of Vice-Chancellors with questionable qualifications, the payment of exorbitant remuneration to Vice-Chancellors, malfunctioning of the Councils and accusations and rumours of corruption in the National Student Financial Aid Scheme (NSFAS). The continued national student protests in 2015 and 2016 calling for free and quality higher education have placed renewed focus on the problems experienced by Universities. The soundness of the application of corporate governance principles at Universities, therefore, needed to be investigated. Because of this need, the application of corporate governance principles at South African Universities was addressed in this study. The Regulations for Reporting by Public Higher Education Institutions of 2014 require Universities to disclose their application of the King III principles in their Annual Reports. Although these disclosure requirements provide detail disclosure guidance, no international best practices were included. No tool, instrument or framework could be found to test the Universities’ compliance with the Reporting Regulations and King III principles, which further necessitated this study. By using a qualitative research design, this study used a literature review to develop a framework. The framework was based on the guidance in the Reporting Regulations (which contains the principles of the King III Report), international best practices, and the King IV Report. The framework could be used to determine the level of compliance of disclosures found in the South African Universities’ Annual Reports. Although the implementation date of the King IV Report is 1 April 2017, some Universities were proactive in the application of the principles contained in the King IV Report. The developed framework, therefore, includes additional disclosures, contained in the King IV Report, that were excluded from the Reporting Regulations, as a proactive measure in assessing the disclosure of King IV principles in the Annual Reports of the South African Universities. This framework was used in the empirical portion of the study to analyse the Annual Reports of the South African Universities for the 2011 to 2015 financial years. A total of 113 Annual Reports were analysed against the framework. The framework included 536 items based on the Reporting Regulations of South Africa; 140 items related to the changes from King III principles, as contained in the Reporting Regulations, to the King IV Report; and sixty items based on international best practices. Findings of the study suggest that some Universities in South Africa are proactive in the implementation of the King IV Report, although the implementation date of this report is only 1 April 2017. The disclosures of the South African Universities’ application and compliance with corporate governance principles, according to both South African and international best practice, are lacking in detail. The absence of detail disclosures leads to the concerns about the disclosure practices at these Universities as well as the Universities’ commitment to transparency and accountability. The problems experienced in obtaining the Annual Reports of the Universities raise additional concerns in terms of the Universities’ commitment to transparency and accountability. These problems raise concerns as the Universities are largely funded by state subsidies, which make the Annual Reports of each University information that should be publicly available. The results of the application of the framework clearly indicate that South African Universities need to address the quality of the information contained in their Annual Reports. The Council and Committee members need to be better informed of what their duties and functions are in terms of the disclosures in the Annual Reports. Universities should also ensure that the individual, or group of individuals responsible for compiling the Annual Reports is fully aware of the details that should be included in the Annual Reports. The framework developed in this study can be used by the Department of Higher Education and Training, external auditors of the Universities as well as the Universities themselves, to determine the level of compliance with the disclosure recommendations for Annual Reports. It may further be used as a rating system to rate the South African Universities with regards to the application and disclosure of application of corporate governance principles, or as a warning system to indicate shortages in the corporate governance practices of Universities. ___________________________________________________________________
  • Thumbnail Image
    ItemOpen Access
    A maturity level assessment of the use of generalised audit software by internal audit functions in the South African banking industry
    (University of the Free State, 2016-12) Smidt, Lodewicus Adriaan (Louis); Van der Nest, D. P.; Lubbe, D. S.
    English: Today’s business practices are characterised by accelerating growth in the use of technology and “big data”. It is almost unthinkable now for any organisation to function successfully without relying on its underlying information technology infrastructure: this is especially pertinent within the banking industry. Banking practices are no longer restricted to one country or jurisdiction but are characterised by cross-border transactions in multiple countries under a plethora of different legal and regulatory frameworks. For this reason, banks are reliant on a global network of data processing and information management systems to provide their core banking services and to enable them to effectively manage the macroeconomic elements of their industry. This cross-border interaction between international banks increases the systemic nature of risk in that in the event that an unwanted incident occurs it will almost inevitably affect more than just a single branch or company. The global financial crisis that occurred in 2007 was evidence of the systemic nature of risk to which the financial industry was (and remains) exposed. It further provided proof that no organisation or bank is too big or too powerful to escape unaffected. It further emphasised that excessive risk taking can be detrimental to the existence of an organisation, which in turn validated the necessity for organisations, and especially banks, to make use of reliable and independent assurance functions. As a consequence of the crisis, the banking industry continues to face ongoing and intense scrutiny by investors, the public and the banking industry’s own supervisors. In addition, increased reliance has been placed on the value that an internal audit function can contribute by enhancing a bank’s internal control environment. Internal audit, as one of an organisation’s independent assurance providers, is tasked with the important responsibility of providing an opinion regarding the effectiveness of governance, risk management and the internal controls of an organisation. However, the internal audit function today has to conduct its duties in control environments that are dominated by information technology and big data. In the same way that organisations’ and especially banks’ business models have been transformed as a result of the increased use of technology and the ever growing generation of and reliance on big data, it has equally impacted the manner in which internal audit is practiced today. This study is therefore motivated by the interest in understanding the use of technology-based tools (more specifically the use of GAS) by internal audit functions in the locally controlled South African banks. This study comprises a literature review and an empirical investigation. The literature review was undertaken to gain insight into the extent and applicability of the use of GAS by the internal audit profession, and more specifically the internal audit functions of the locally controlled South African banks. The literature review indicates that the use of GAS by internal audit functions is still at a relatively low level of maturity, despite the accelerating adoption of information technology and generation of big data within organisations. The literature review was then followed by empirical research. The results of this empirical study also confirm that the maturity of the use of GAS by the internal auditors employed by locally controlled South African banks is still lower than expected, given that we are now fully immersed in a technological-driven business environment. The empirical research component was conducted using a structured questionnaire. The structured questionnaire was developed to collect data regarding the use of GAS by the internal auditors employed by locally controlled South African banks, and specifically to address the following objectives: (1) To measure the existing practices of internal audit functions in the locally controlled South African banking industry regarding the use of GAS, against a benchmark developed from recognised data analytic maturity models, in order to assess the current maturity levels of the locally controlled South African banks in the use of this software for tests of controls; (2) To explore and identify the purposes for which GAS is presently being used by these internal audit functions; and (3) To develop recommendations that may assist internal audit functions in the locally controlled South African banking industry to reach their desired maturity levels. Opinions and perceptions were obtained from 9 of the 10 heads of internal audit departments that comprise the locally controlled segment of South Africa’s banking industry. This high response rate enabled the researcher to reach meaningful conclusions and make recommendations regarding the current preferences and applications of GAS employed by these internal audit functions. In addition, the results of this study have provided a deeper understanding of the current level of maturity of the use of GAS by the internal auditors employed by locally controlled South African banks. In addition, the results provide useful insights for internal audit practitioners, GAS vendors, professional auditing bodies (such as the IIA and ISACA), academia and researchers.
  • Thumbnail Image
    ItemOpen Access
    A risk-based audit model for internal audit engagements
    (University of the Free State, 2010-11) Coetzee, Georgina Phillipina (Philna); Lubbe, D. S.
    English: Many factors have played and are still playing contributing roles as to why internal auditors need to perform internal audit engagements more effectively and efficiently. The internal audit profession finds itself within a rapidly changing environment. The external factors affecting the profession include the various pieces of new guidance and legislation that are constantly being issued, the current global financial crisis, the occurrence of corporate and public scandals and the increased globalisation of the business environment, to name but a few. Internal factors within the organisation include management’s increased demand for internal auditing to add value, the enhancement of coordination between all the various assurance providers, such as the external and internal auditors, and the increased role of internal auditing in assisting with the management of risks that threaten the achievement of the organisation’s objectives. Within this environment the internal audit profession is growing at a tremendous rate, but at the same time it is reported that there is still a scarcity of competent internal auditors, especially in the fields of information technology and risk management. The Institute of Internal Auditors, as the governing body of the profession, is attempting to address this need by continuously issuing new professional guidance and performing research studies to provide its members with information and direction. This study investigates the evolution of the internal audit profession as well as the concepts of corporate governance and risk management, and the role of internal auditing within these fields. It specifically focuses on how internal auditors can incorporate risk in the execution of an internal audit engagement to improve their methodology; thus performing engagements more effectively and efficiently. A comprehensive literature review was conducted on these topics and a preliminary risk-based internal audit engagement model was developed based on the literature. Thereafter, organisations in both the private and the public sectors in South Africa were examined via a maturity scorecard to determine which organisations were risk mature. The top five risk mature organisations in each sector were included in the second empirical study, with the main objective of obtaining input from their chief audit executives to refine the initial risk-based engagement model. Lastly, the model was tested in a practical scenario, using a case study approach, to determine whether there may be improvements in the execution of the internal audit engagement. The results of the three empirical studies were then used to finalise the model. The study concludes that the risk-based internal audit model can be used during the planning phase of an assurance engagement, improving the process as follows: • Areas with medium to high operational risks are included in the planning of the internal audit engagement. • Low-risk areas are not included in the planning phase other than on a surprise basis according to the internal auditor’s professional judgement. • High-risk areas (inherent risk) that remain high after appropriate controls have been implemented (residual risk) are reported to management on a timely basis. The use of this model will ensure that internal auditors focus on the areas that need urgent attention and not waste time on areas that are comparatively insignificant. This will mean that scarce internal audit resources can be allocated to areas where they will add the most value to the organisation. Although it was not a main objective of this study, it was found that the risk management framework and processes, and to a lesser extent the role of internal auditing regarding risk-related aspects within the public sector, need improvement to be in line with legislation, other guidance and best practices.