Chair or Co-Chair
Dana R. Hermanson
Committee Member or Co-Chair
Vineeta D. Sharma
This study investigates the processes audit committees employ to fulfill their obligation to oversee internal control over financial reporting (ICFR). Specifically, I explore audit committee processes within five fundamental internal control components: control environment, risk assessment, control activities, information and communication, and monitoring (COSO, 2013). I consider agency theory and institutional theory, investigating the degree of substantive versus ceremonial processes used by audit committees. Additionally, this study considers comfort theory as it reveals details about how audit committees get “comfortable” with ICFR.
The research questions in this study are examined through a cross-sectional survey of 167 public company audit committee members. Both interval scales and open-ended questions capture insights into audit committee processes. The primary results indicate that audit committees engage in processes aligned with the COSO (2013) framework’s points of focus, yet survey responses suggest wide variation in practices. Audit committees spend the most time in the monitoring activities and control environment areas, and the least time in the information and communication and control activities areas. I find that audit committee members’ age and internal audit experience are significantly positively associated with audit committee ICFR oversight, as are company size and regulated industry. However, I find that audit committee members’ CPA certification is negatively associated with audit committee oversight, a finding that warrants additional research. This study informs regulators, researchers, and practitioners about the processes in which audit committees engage and the individual and organizational characteristics that are most significant in understanding the extent of audit committee ICFR oversight.