Using triangulation to view internal audit’s governance functioning

Abstract

Internal audit departments of organisations are regarded as an integral component of the combined assurance model alongside the audit committee, management and the external auditors. The primary users of the work of internal audit are the audit committee, senior management, other levels of management and to some extent, the external auditors. This wide audience served by internal audit reinforces the importance of IAFs’ work, which deals with important aspects facing the entity. Internal audit is therefore able to reduce the lack of information availability for the audit committee on matters concerning risk management, internal control and governance. However, a study conducted on audit committee effectiveness, it was found that 40% of audit committees in national government departments in South Africa are not fully effective and are failing to contribute towards improving internal control, risk management, governance and financial reporting practices. Audit committees’ effectiveness in contributing to risk management, internal control and governance was measured at 63%, 76% and 62% respectively, in a comprehensive study on audit committees in the South African public sector. This indicates that their oversight in these areas, especially risk management and governance, is not yet effective. These findings are concerning given that audit committees have a legal mandate to assist government departments in these areas. Internal audit functions are key in assisting audit committees in their governance oversight responsibility. The present study reports on the extent to which internal audit in the eight metropolitan municipalities in South Africa assists audit committees in their governance oversight responsibility, focusing on the scope of work of internal audit with reference to its governance mandate. A data transformation triangulation design was followed to describe internal audit’s functioning