Continuous Auditing and Risk-Based Audit Planning

Marc Eulerich∗/ Christine Georgi / Alexander Schmidt

February 7, 2019

Abstract

Due to significant changes in the risk environment of organizations as a result of glob-

alization and digitalization a continuous perspective in audit activities is required. Con-

tinuous Auditing (CA) is one possible way to meet these requirements. Specifically, the

Internal Audit Function (IAF) could use CA as an audit technique in order to add this

perspective to their risk assessment. This study examines factors associated with the use

of CA information in risk-based audit planning (RBAP) of the IAF. We use survey data

from 264 chief audit executives to address our research question. Consistent with our ex-

pectations, we find several factors having a significant positive influence on the use of CA

information in RBAP. From the IAF’s point of view these factors include the collaboration

with the external auditor, the use of rolling planning, the importance of the audit commit-

tee, the importance of data analysis in audit planning and the appropriation of results for

fraud prevention. Finally, we discuss the implications of these findings for research and

practice.

Keywords: Internal Auditing, Internal Audit Function, Continuous Auditing, Risk-based

Audit Plan

JEL-class.: M42, G34, G32, M4, G3

∗
Corresponding author: marc.eulerich@uni-due.de; University Duisburg-Essen, Mercator School of Manage-
ment, Chair for Internal Auditing

Electronic copy available at: https://ssrn.com/abstract=3330570

 INTRODUCTION

In a dynamic and globalized world, organizations are faced with the challenge of a con-
stantly changing environment. Because of these dynamic changes, the risk profile of organiza-
tions is constantly evolving. Considering that, there is a risk that serious developments during
the year will be overlooked in consequence of too cost-intensive risk analyses. The internal au-
dit function (IAF), as an objective and independent assurance body of an organization, should
have the abilities to recognize unfavorable developments immediately and to react to long-term
changes. To cover all relevant risks of an organization the standard 2010 of the international
standards of the internal audit profession requires that ”the chief audit executive must establish
a risk-based plan to determine the priorities of the internal audit activity, consistent with the
organization’s goals” (IIA, 2016).
To meet this requirement the IAF traditionally uses methods based on static and periodic
reviews of an organization’s risk profile (Allegrini and D’Onza, 2003; Coderre, 2005; Vasarhe-
lyi and Halper, 1991). As a consequence, potential changes in the risk landscape might not be
covered in the predefined audit plan. To add a more dynamic perspective in their risk-based
audit planning (RBAP) the IAF needs a paradigm shift in which the static risk assessment is
replaced by methods which make it possible to continuously scan the risk situation. Further-
more, the ongoing risk monitoring could reveal changes in prior defined risk indicators which
make it necessary to immediately adjust the audit plan.
Although Continuous Auditing (CA) has been a research subject since the paper of Groomer
and Murthy (1989) and numerous definitions have been created (e. g. AICPA (1999); Alles
et al. (2002); Helms and Mancino (1999); IIA (2005); Kogan et al. (1999); Rezaee et al. (2002);
Vasarhelyi and Halper (1991); Woodroof and Searcy (2001)), there is no common understand-
ing of the concept of CA yet. Also the terms ”Continuous Monitoring” and ”Continuous As-
surance” are not consistently defined, as some consider them to be synonymous with CA while
others see them as a part of CA or separated from each other (see e.g. Alles et al. (2003, 2006b);
Turoff et al. (2004); Warren Jr. and Smith (2006)).
The interpretation of the American Institute of Certified Public Accountants (AICPA) is
one of the most frequently used definitions. The AICPA defines CA as follows: ”A continuous

Electronic copy available at: https://ssrn.com/abstract=3330570

audit is a methodology that enables independent auditors to provide written assurance on a
subject matter, for which an entity’s management is responsible, using a series of auditors’
reports issued virtually simultaneously with, or a short period of time after, the occurrence of
events underlying the subject matter.” (AICPA, 1999) According to Eulerich and Kalinichenko
(2015) another definition can be:
”CA is a (nearly) real-time electronic support system that continuously and automatically
audits clearly defined “audit objects” based on pre-determined criteria. CA identifies excep-
tions and/or deviations from a defined standard or benchmark, and reports them to the auditor.
With this continuous approach, the audit occurs within the shortest possible time after the oc-
currence of an event.”
In contrast to traditional periodic approaches, the academic literature emphasizes several
benefits of CA like the enhancement of the timeliness of information, the support of the inter-
nal audit function and meeting management‘s regulatory objectives (Brown et al., 2007; Chan
and Vasarhelyi, 2011; Kearns et al., 2011). Additionally, a recent survey by EY reveals that ex-
ecutives see the improvement of risk assessment as the main benefit of adopting forensic data
analytics such as CA (EY, 2018).
Another survey illustrates that chief audit executive (CAEs) defining increased audit cover-
age and efficiency as the main goals of data analytics and CA (Protiviti, 2017). Protiviti identify
that 69% of their participants use CA for their audit planning, concluding that it is necessary
to leverage ”... continuous auditing, develop real-time snapshots of the organization’s risks
and incorporate results into a risk-based audit approach that is adaptable and flexible enough
to focus on the highest areas of risk at any point in time”(Protiviti, 2017). Likewise, the Insti-
tute of Internal Auditors (IIA), in particular the standard 1210.A3, says that ”Internal auditors
must have sufficient knowledge of key information technology risks and controls and available
technology-based audit techniques to perform their assigned work”(IIA, 2016). By bringing
both IIA standards and the findings above together, one can argue, that CA can be a possi-
ble method to include a continuous perspective in the risk assessment process and therefore to
establish a risk-based audit plan.
Although CA could meet the new challenges set by the more dynamic risk environment,

Electronic copy available at: https://ssrn.com/abstract=3330570

it is not commonly used by organizations (EY, 2018). In order to find possible reasons for
this expectation gap, we examine factors that influence the use of CA. Moreover, the empirical
evidence of its use by IAFs remains limited. There are only few prior studies empirically
analyzing factors influencing the use of CA information in practice (Gonzalez et al., 2012;
Vasarhelyi et al., 2012). Therefore, we want to mitigate this lack of research by answering the
following research question:
RQ: Which factors influence the use of information generated through CA in IAF’s
RBAP?

In order to answer the research question, hypotheses with the assumed causal relationships
are tested for their validity in an ordinal logistic regression model. Using a multinational data
set from three countries and a total of 264 observations, we include five different independent
variables to analyze potential effects that influence the use of CA as a source of information for
RBAP. In addition, selected company characteristics are included as control variables, like in-
dustry type, listing status and size of the firm. Our dependent variable measures the intensity of
use of CA information in RBAP. Based on the theoretical considerations and previous research
work, the use of CA in the RBAP is analyzed from different perspectives to identify and dis-
cuss the main drivers behind this use. Furthermore, an additional analysis is performed to gain
insights about potential outcomes of the use of CA information in audit planning. Finally, the
validated results are discussed against the background of their importance for Internal Audit.
The remainder of this paper is organized as follows. The next section presents the current
literature and develops the necessary hypotheses for our empirical approach. Section three
describes the empirical model, the data set and illustrates the descriptive and regression results.
Section four discusses our results and presents our conclusion.

LITERATURE AND HYPOTHESES

The concept of CA is part of the academic literature for almost three decades and was first
introduced by the works of Groomer and Murthy (1989) and Vasarhelyi and Halper (1991).
In the years that followed, there has been an increasing amount of literature on CA including

Electronic copy available at: https://ssrn.com/abstract=3330570

several literature reviews as well as studies, which show further research questions and there-
fore illustrates the relevance of this topic (Brown et al., 2007; Chiu et al., 2014; Eulerich and
Kalinichenko, 2015; Kogan et al., 1999; Kuhn and Sutton, 2010; Vasarhelyi, 2002). In their
review Eulerich and Kalinichenko (2015) group all publications into the following categories:
demand factors, implementation issues, practical applications of CA and effects of CA. They
conclude that the CA literature is focused on non-empirical research methods and that there is
an increase in CA research after the scandals of Enron (2001) and WorldCom (2002).
However, prior studies examine the auditor’s use of CA (Gonzalez et al., 2012; Hardy,
2014; Rikhardsson and Dull, 2016; Vasarhelyi et al., 2012), Continuous Online Auditing (El-
Masry and Reck, 2008; Kogan et al., 1999; Omoteso et al., 2008) and computer-assisted audit
tools and techniques CAATs (Bierstaker et al., 2014; Braun and Davis, 2003; Curtis and Payne,
2008; Janvrin et al., 2009; Mahzan and Lymer, 2014). In their interview study with internal
auditors Vasarhelyi et al. (2012) examine the status of CA adoption and find that the support
by the management and the employee’s expertise of the technology are influential factors of
this adoption. Moreover, the authors show that most of the companies struggle to have a ”full
continuous audit” system. Gonzalez et al. (2012) identify and examine factors influencing the
use of CA by internal auditors. On a basis of 210 surveys of internal auditors, the authors
find that the practicality of CA and the firms respectively the managements commitment to CA
are both affecting the intention to use CA positively. Regarding the use of CAATs, Bierstaker
et al. (2014) survey external auditors and find that factors such as outcome expectations, the
employees education in CAATs, the extent of organizational pressures and technical infrastruc-
ture have a positive impact on the use of CAATs. In their study Braun and Davis (2003) also
conclude that training is necessary and desirable for the auditors to further promote the use of
new audit techniques.
Furthermore, there is a large body of literature paying particular attention to the embedding
of CA or CA-related techniques in Enterprise Resource Planning (ERP) systems (Alles et al.,
2006a, 2008; Debreceny et al., 2005; Haynes and Li, 2016; Kuhn Jr. and Sutton, 2006; Shin
et al., 2013; Singh et al., 2014). Alles et al. (2006a) give an overview of the practical implemen-
tation of a CA approach at Siemens. In doing so, they describe the implemented approach and

Electronic copy available at: https://ssrn.com/abstract=3330570

give an overview of the implementation challenges such as the administration of audit alarms.
Debreceny et al. (2005) investigate the implementation of embedded audit modules (EAM),
which provide the technical basis for continuous monitoring and CA, in existing ERP systems.
The authors find that EAMs are only limitedly supported by the examined ERP systems at that
time. However, a more recent study by Haynes and Li (2016) indicates that there are certain
benefits when CA is implemented in ERP systems, e.g. lower fraud risk and higher efficiency.
Overall, the CA literature is focused on studies in the context of the IAF (Eulerich and
Kalinichenko, 2015; Gonzalez et al., 2012). A reason for that could be that CA is predomi-
nantly used by IAFs than by external auditors. Although the existing literature provides differ-
ent insights in the relationship between the use of CA and the IAF, there is a lack of research
concerning the association between CA and RBAP of the IAF.

Collaboration with the external auditor

A large and growing body of literature has investigated the relation between internal and ex-
ternal auditor who both can be seen as cornerstones of corporate governance (Gramling et al.,
2004). In particular, the reliance decision of the external auditor on the IAF has been in the
focus of research and is linked to several outcome effects such as effects on litigation risk,
audit efficiency, audit fees and financial reporting quality (Bame-Aldred et al., 2013). In addi-
tion, the regulatory attention on this issue has increased in the past two decades. The Auditing
Standard No. 5 of the Public Company Accounting Oversight Board (PCAOB) encourages
the external auditor to use the relevant results of internal audit activities after the verification
of IAF’s competence and objectivity (PCAOB, 2007). The external auditor should cooperate
with the IAF to obtain more ”evidence about the effectiveness of internal control over financial
reporting” (PCAOB, 2007). Thus, the external auditor has an incentive to use IAF’s results in
its own audit work while the extent of this cooperation depends on external auditor’s evalua-
tion of the IAF’s quality. From the perspective of internal auditors the reliance decision of the
external auditor can be seen as an objective quality indicator for their work respectively their
competence and objectivity. According to the IIA’s performance standard 2050, the CAE is
encouraged to coordinate the IAF’s activities with other corporate governance protagonists and

Electronic copy available at: https://ssrn.com/abstract=3330570

to rely on their provided information if possible (IIA, 2016). The reliance decision depends on
the ”competency, objectivity, and due professional care” (IIA, 2016) of the other protagonist
such as the external auditor. Taken together, the IAF and the external auditor have both an
interest in relying on each others work.
However, regarding the context of this study the antecedents of the external auditor’s re-
liance decision are of most interest. Bame-Aldred et al. (2013) summarize the results of prior
studies and conclude that the reliance decision of the external auditor is mainly affected by the
identity, competence, objectivity and work quality of the IAF. Additionally, based on the paper
of Anderson et al. (2012) they suggest that due to its effectiveness and objectivity as an audit
technique, CA could also lead to a higher IAF quality and therefore to a greater extent of exter-
nal auditor’s reliance. Furthermore, the sourcing of the IAF could play an important role. An
outsourced IAF is expected to be more objective (Glover et al., 2008) and to reduce audit fees
(Abbott et al., 2012). These findings suggest that external auditor’s reliance on an outsourced
IAF is higher compared to an in-house IAF. In this context, Davidson et al. (2013) find further
evidence of this relationship by including the IAF’s usage of CA in their study. The authors
find that the usage of CA has a moderating effect on the difference between outsourced and in-
house IAFs regarding the reliance decision of external auditors. Therefore, it seems reasonable
that the IAF’s use of CA can improve the perceived objectivity and competence of IAFs. In
addition, Malaescu and Sutton (2015) use an experimental approach to examine the influence
of CA on the reliance decision. They find that external auditors rely more on IAFs using CA
information in their audit approach than on more traditional IAFs without such technological
audit techniques.
Overall, the empirical results suggest that the use of CA information by IAF influence the
external auditor’s reliance decision in a positive way. Thus, we hypothesize that the IAF is
more likely to use CA information in their RBAP, if the importance of the collaboration with
the external auditors increases.

Hypothesis 1. The higher the importance of collaboration with the external auditor, the
more likely the use of CA information in the RBAP of the IAF.

Electronic copy available at: https://ssrn.com/abstract=3330570

Continuous (rolling) audit planning

The IAF must plan both its audit and consulting assignments to best perform its tasks and
to ensure that its priorities are consistent with and support the organizational objectives. In
doing so, the IAF must develop an (multi-) annual plan, which covers the audit engagements
to be carried out for this time period and also a plan for each individual audit engagement.
According to the IIA standard 2010, the CAE must establish a risk-based audit plan. The
standard further requires that the CAE periodically review and if necessary adjust this audit
plan to respond changes in risk (IIA, 2016). The risks must be identified and assessed at least
once a year (IIA, 2016), standard 2010.A1, but due to globalization and digitalization risks are
changing continuously and faster than ever. Because of the dynamic risk environment risk-
based audit planning becomes more and more difficult for the IAF and a more flexible audit
plan is necessary.
Therefore, it is necessary to continuously monitor and evaluate the risks in the company.
Only an annual assessment of the risks by the IAF can be dangerous e.g. if a previously un-
known or existing low risk develops very quickly, but is not included in the audit plan due to
the assessment already carried out. However, it is not sufficient to monitor the risks contin-
uously, but it is also necessary to adjust the RBAP according to the results from the CA, as
otherwise potential changes would not be included in the audit plan. Therefore, a modern and
highly qualified IAF does not use annual risk-based planning, but a continuous risk-based audit
planning as a rolling forecast. In the case of this rolling audit planning, the audit plan is also
adjusted during the year if changes are required. Previous studies have found that investing in
audit technologies such as CA improves the breadth and depth of audit coverage (Baker, 2009;
Protiviti, 2017). IAFs, which are modern and of high quality, are more likely to rely on CA
in risk-based audit planning, as CA also implements a modern and good IAF. In addition, CA
supports continuous risk identification and assessment.
For this reason, it appears decent that if the RBAP is created on the basis of rolling plan-
ning, then we would expect a positive effect on the use of CA information in risk-based audit
planning.:

Electronic copy available at: https://ssrn.com/abstract=3330570

 Hypothesis 2. The more the IAF uses rolling audit planning, the more likely the use of
CA information in risk-based audit planning of the IAF.

Importance of the Audit Committee for the IAF

According to the IIA definition of Internal Auditing, the objective of the IAF is to create added
value through its assurance and consulting services and to support the organization in achieving
its objectives (IIA, 2016). Accordingly, there is a high level of interest in the results of audit
work and internal audit reports. The standard 1111 demands that ”the CAE must communicate
and interact directly with the board” (IIA, 2016). The board also includes the Audit Committee
(AC). Interaction and communication with the board is further defined in the standards: When
planning, the IAF must take into account not only the input of the senior management but also
that of the board, standard 2010.A1 (IIA, 2016). Likewise, the CAE, in accordance with stan-
dards 2010.A2 and 2410.A1, identify the expectations of the Senior Management and the Board
regarding the IAF‘s assessments and conclusions and consider them in the final communication
of engagement results (IIA, 2016). According to standard 2020, the board must also approve
the audit planning of the IAF (IIA, 2016).
Previous research have found a positive association between greater oversight of the AC
and greater IAF independence (Carcello et al., 2005). One explanation for this association is
that if the senior management has more impact on the IAF than the AC, it may reduce the
independence and objectivity of the IAF. This is so as the IAF fears negative consequences if
it challenges decisions of the senior management (Cohen et al., 2010). There are a few studies,
which figured out, that most IAFs periodically reports to the AC (Allegrini and D’Onza, 2003;
Prawitt et al., 2009). In this context, reporting directly to the AC is mainly used as an IAF
measure of independence and objectivity (Prawitt et al., 2009), which in turn is seen as a major
factor of IAF quality (Abbott et al., 2016). As a supervisory body, the AC is particularly
interested in fact-based reporting in which the individual results are clearly traceable. The
use of CA in audit planning supports this, as deviations can be directly identified through
continuous monitoring and the audit planning is thus fact-based and less influenced by the
expectations of the senior management. Therefore, if the AC is of high importance to the IAF,

Electronic copy available at: https://ssrn.com/abstract=3330570

it can be expected that there will be a positive effect on the use of CA information in the RBAP:
Hypothesis 3. The higher the importance of the AC for the IAF, the more likely the use
of information from CA in the RBAP of the IAF.

Data Analytics

The IAF must plan each individual audit and advisory mission in terms of the objective pursued,
the scope, the time line and the resources required (IIA (2016), standard 2200 and 2201). In
order to determine the individual components, it is necessary to identify and assess the risks
within the auditee and the controls already implemented to mitigate these risks. For the purpose
of this audit preparation, data analytics are often used. According to Standard 1220.A2, internal
auditors ”must consider the use of technology-based audit and other data analysis techniques”
(IIA, 2016).
Tools for data analytics have many different advantages for the IAF, which are also repeat-
edly examined in the literature. This includes increasing the efficiency of audit engagements,
expanding audit coverage or identifying trends (Baker, 2009; Protiviti, 2017). Some research
papers conclude that data analytics increases the independence of internal auditors (Baker,
2009). There are several studies that examine the use of data analysis by the IAF. It turns out
that most of the IAFs use data analysis in form of ACL, Microsoft Excel and Access, IDEA
or similar software tools (Baker, 2009). Having a strong focus on data-driven internal auditing
helps the internal auditors and the whole function to include modern work methodologies in the
audit process. Thus, it seems appropriate that if the IAF uses data analytics in audit preparation,
we would expect also a positive effect on the use of CA information in the RBAP.

Hypothesis 4. The more the IAF uses data analysis in audit preparation, the more likely
the use of CA information in risk-based audit planning of the IAF.

Fraud Prevention

The prevention and detection of fraudulent activities is a main challenge for IAF (Coderre,
2005). According to the IIA, standard 1210.A2, ”Internal Auditors must have sufficient knowl-

10

Electronic copy available at: https://ssrn.com/abstract=3330570

edge to evaluate the risk of fraud”. Furthermore, standard 2120.A2 says that ”the internal audit
activity must evaluate the potential for the occurrence of fraud” (IIA, 2016). Thus, the risk
identification and assessment of potential fraudulent activities is a core task of the IAF. The
academic literature indicates that firms with an IAF are associated with a higher level of fraud
detection and self-reporting (Coram et al., 2008) and that IAF’s quality leads to lower levels of
earnings management (Abbott et al., 2016; Prawitt et al., 2009). However, because of the more
dynamic world with evolving risk profiles of companies, the IAF’s fraud prevention becomes
more complex and challenging.
CA could be a method for the IAF to reduce the risk of fraud and to identify fraud more
timeliness (Coderre, 2005). Forensic data analytics such as CA are effective methods to manage
the risk of financial statement fraud compared to other risks (EY, 2018). Furthermore, fraud
prevention is one main reason for implementing CA in a company (Alles et al., 2006a; Omoteso
et al., 2008). Prior studies find that CA is an effective approach to prevent and detect fraud
(Davidson et al., 2013; Debreceny et al., 2005; Kuhn Jr. and Sutton, 2006) and that, compared
to traditional audit techniques, CA makes it possible to detect fraud shortly after its occurrence
(Chan and Vasarhelyi, 2011). However, by using an experimental approach Gonzalez and
Hoffman (2018) find that the benefit of CA as a fraud prevention technique depends on the
strength of the overall monitoring system.
In sum, the empirical results indicate that CA as an audit technique can improve the fraud
risk management. Based on CA information, the identified risk areas that indicate potential
fraudulent activities can be immediately covered by timely adjustments of audit planning. As
a result, continuous incorporation of information from the CA system into risk-based audit
planning could improve the coverage of potential fraud in the RBAP. Therefore, it appears rea-
sonable that if the results of the IAF are used to prevent fraud, then we would expect a positive
effect on the use of CA information in the context of the RBAP.

Hypothesis 5. The higher the usage of IAF results for fraud prevention, the more likely
the use of CA information in risk-based audit planning of the IAF.

11

Electronic copy available at: https://ssrn.com/abstract=3330570

 EMPIRICAL MODEL AND RESULTS

Data and sample selection

In order to empirically test our conceptual model, we rely on data from CAEs. We collected
data together with the Austrian, German and Swiss Institute of Internal Auditors. The study
covers around 90 questions from different topics of the internal audit profession and tries to
identify common best practices and recent changes and trends. All questions were developed
together with the three institutes to guarantee and high level of relevance for the practitioners
on the one hand and use common quality standards for research on the other. The survey qas
pretested by 7 internal auditors.
The study is a by-invitation-only survey and addressed to 2,450 CAEs. The sample represents
a broad variety of industries and sizes. The type of respondents (CAEs) combined with the
various industries, sizes and the three regulatory regimes can be seen as a good starting point
for our study.
From the invited CAEs a total number of 417 responses were collected, which is a response
rate of 17.02 percent. Because of missing answers in the full sample, the distribution of the
sample may vary.1 For our model we only include those observations, which answered all
relevant variables completely. We hence end up with a relevant subsample of 264 answers.
Overall, the questionnaire consists of 105 different closed and open questions and was com-
pletely anonymous.

Variables

We use a dependent variable which measures the usage of information from CA/Continuous
Monitoring for the RBAP. The variable has a five-point likert scale from “very low” to “very
high”.2 The independent variable Collaboration ExtAud measures the importance of the rela-
tionship to the external auditor also on a five point likert scale from the perspective of the IAF.
The scale reaches from “very low” to “very high”. In addition, there is the value ”0”, which
indicates that the IAF does not cooperate with the external auditor. Our variable RollPlanning
1 The
respondents had the chance to skip single questions or just do not answer a specific one.
2 Howcan you make sure the interviewees know the concept of CA and the sample you have really have CA
implemented?

12

Electronic copy available at: https://ssrn.com/abstract=3330570

measures to what extent an IAF adjusts its audit plan during the year based on a rolling plan-
ning. The survey used also a five point likert scale from “not at all” to “very strongly”. Another
variable with a focus on the cooperation with other stakeholders is Importance AC, which ex-
plains the relevance of the audit committee for the IAF and therefore its potential impacts on
the audit planning and IAF activities. This variable has a five point scale ranged from “very
low” to “very high” and the value ”0”, when the IAF does not report to the AC. The variable
DataAnalysis measures the significance of using data analysis for the preparation of an audit
engagement using a five-point likert scale from “very low” to “very high”. Our last indepen-
dent variable Results Fraud measures for which purposes the results of the IAF are used by
management. The variable has a scale from one to five (“very low” to “very high”) and a value
of ”0”, if the results are not used for fraud topics.
Furthermore, we include different control variables. “Listing” is a dummy-variable with
the value ”1”, if a firm is publicly traded and else ”0”. Industry as a dummy-variable with
the values “1” for the financial industry and “0” for all other industries. “Ln Employees” as
the logarithm of the size of the company measured through the number of employees. One
additional control variable measures the objective of the IAF, here Objective MTG. Covering
if a company uses the IAF as a management training ground, which can often be seen as an
indicator for the quality, qualification and acceptance of the IAF in a company (e.g. (Carcello
et al., 2018)).

Analytical approach

The analytical approach consists of two major elements. First, we expose the data to descriptive
analyses in order to get first insights into their composition. Second, we take an exploratory
approach and test the hypotheses by use of suitable multivariate techniques. All analyses are
conducted using STATA. The descriptive analyses presents the composition of the sample as
well as the distribution of our used variables. It focuses on the frequencies and values of the
different variables. The hypothesis tests are about the multivariate effects of different factors
on our dependent variable. We apply an ordered logistic regression to estimate the parameters

13

Electronic copy available at: https://ssrn.com/abstract=3330570

of our model.3

yCAAudit plan = β0 + β1 xCollaboration ExtAud + β2 xRollPlanning + β3 xImportance AC +

β4 xDataAnalysis + β5 xResults Fraud + β6 xControlVariables + ε

All regressions use robust standard errors, such that single standard errors are estimated and
heteroscedasticity can be ignored. The estimated coefficients are constant, but the standard
errors will slightly shift.

Descriptive Results

Table 1 presents the descriptive results for our 264 firms. Our main dependent variable CAAu-
ditplan has a mean value of 2.346 and a standard deviation of 1.250. Our variables with a
focus on potential stakeholders Collaboration ExtAud and Importance AC show, that the sam-
ple companies evaluate the importance of the collaboration with the external auditor with an
average of 3.385 and the importance of the audit committee with an average of 2.612. Never-
theless, this does not indicate that the collaboration with the external auditor is more important
for IAFs compared to the AC, due to different underlying questions. The rolling planning vari-
able has a mean of 2.382. Our variable about the use of data analysis for the preparation of an
audit engagement has the mean of 4.084 on a five-point likert scale, so that the majority of the
companies in our sample use data analysis before an audit engagement. The results of the IAF
are often used for fraud purposes, since the variable Results Fraud has a mean of 3.356.
We also include different control variables. The variable Industry shows that 30.7 percent
of the company in our sample are from financial industry (mean of 0.307). We also cover the
listing status of the organization in the dummy variable Listing, which has a mean of 0.423.
Thus, most of the companies are from the non-financial industry and there are more non-listed
than listed companies in our sample. The natural logarithm of total number of employees
(Ln Employees) has a mean of 7.975 and a standard deviation of 1.886. Our control variable
about the staffing arrangement has a mean value of 2.273 (Objective MTG) on a five-point likert
3 The focus of our study is to present general results about the use of CA in RBAP. Thus, we did not focus on

country-specific influences and did not control for country-fixed effects.

14

Electronic copy available at: https://ssrn.com/abstract=3330570

scale.

—INSERT TABLE 1 HERE—

Table 2 shows the correlation matrix and the significance levels for all variables. We do not
have variables with a high cross-correlation and most of the single correlations are significant.
Thus, we conclude that the sample does not appear to have a multicollinearity problem.

—INSERT TABLE 2 HERE—

Empirical Results

Our final ordered logistic regression consists of nine independent variables and a total of 264
observations. We find significant effects for 8 out of 9 variables. The Pseudo-R2 for our model
2 of 76.69. All regression results are
is 0.098 with a Log-likelihood of -351.501 and a χ(9)
presented in Table 2.
We find a significant positive effect of Collaboration ExtAud (0.425***) on the use of CA
in audit planning. Thus, companies which collaborate more with the external auditor tend to use
CA for their risk-based audit planning process. Importance AC has also a significant positive
effect (0.132**) on CA. IAFs which evaluate the AC as important tend to use more often CA.
As expected, the importance of the cooperation with the examined stakeholders are associated
with a higher use of CA information in the RBAP of the IAF, which provides support for H1
and H3. Additionally, our analysis finds another significant positive effect for RollPlanning
(0.220***), providing support for H2. This represents the positive effect of the usage of rolling
audit planning to regularly update the RBAP on the intention to use CA information in risk-
based audit planning. Having a strong focus on DataAnalysis for the preparation of an audit
engagement has also a positive significant effect on CA usage (0.396***), providing support for
H4. Our last independent variable Results Fraud shows a significant positive effect (0.400***),
indicating that IAFs with a stronger focus on fraud prediction will use information from CA
for their RBAP. Thus, our last hypothesis H5 is also supported by the results.

15

Electronic copy available at: https://ssrn.com/abstract=3330570

 Regarding our control variables, we do not find a significant effect for Industry (0.001),
whereas we document negative significant coefficients for Listing (-0.577**) and Ln Employees
(-0.159**). Finally, we find a positive effect for the variable Objectives MTG (0.188**) mean-
ing that IAFs that use their function as a management training ground will more often use CA
in their RBAP.

—INSERT TABLE 3 HERE—

Afterwards, we include an additional analysis to identify potential impacts of using information

from CA for the RBAP on different potential outcome measures. With this additional analysis,
we want to extend our view on the effects of CA and identify potential positive or negative
effects on various output measures. Therefore, we include the following dimensions into our
outcome analysis:

• Effects on the intensity of using the IAF’s results by different stakeholder

• Effects on the perceived value added by the IAF

• Effects on the number of audits by the IAF

This additional analysis should shed light on the question, if CA in the context of the RBAP
really matters. We use the control variables from our prior model and let our prior dependent
variable CAAuditplan now be the independent. All results are presented in table 4. The results
indicate that the use of CA in the RBAP is associated with higher intensity of use of IAF’s
results by the AC Int AC, the supervisory board Int SupBoard, the management Int CLevel,
the external auditor Int ExtAud and the auditee Int Auditee. Consistent with these findings, our
variable Sum Int, which add up all intensity variables, has a statistically significant positive
coefficient. Furthermore, the results show that the perception of the IAF’s value adding role
Adds Value is positively affected by the use of CA information in the RBAP. Finally, we also
document a statistically significant positive coefficient of Noaudits indicating that the use of
CA information in the RBAP enables the IAF to perform more audits.

16

Electronic copy available at: https://ssrn.com/abstract=3330570

 —INSERT TABLE 4 HERE—

DISCUSSION AND CONCLUSION

The purpose of this study is to identify and examine factors associated with the use of CA
information in risk-based audit planning of the IAF. One possible argumentation for using CA
as an input for the RBAP can be seen in the dynamization of the risk assessment (Coderre,
2005). A large number of previous studies on this topic have discussed the potential use of
information from CA as an instrument to meet the requirements of an increasing risk orientation
in companies as well as factors influencing the implementation of CA. There are only a few
prior studies empirically analyzing the antecedents of the actual use of CA information in
practice (Gonzalez et al., 2012; Vasarhelyi et al., 2012). This limitation could be mitigated
through the setup of our study. We expect that the importance of cooperation with different
stakeholders, namely the AC and the external auditor, and the relevance of data analysis in audit
planning has a positive influence on the use of CA information in risk-based audit planning of
IAFs. Moreover, we hypothesize that the application of rolling planning in the RBAP and the
appropriation of IAF results for fraud prevention positively affect the use of CA information as
a source of the RBAP.
An ordinal logistic regression analysis is used to answer our research question. Using a
sample of 264 survey responses of CAEs, the findings show that the examined factors have a
statistically significant positive effect on the use of CA information in risk-based audit planning.
In the following, we discuss the results of our regression and the implications of the findings
for research and practice. The results of our model show that the more important the IAF’s
collaboration with the external auditor, the more likely is the extent to which the IAF relies
on information from CA as part of the RBAP. Especially, the usage of CA in the context of
financial reporting quality as well as of an effective internal control system, helps both, the
external and internal auditor. In this context, CA supports an efficient collaboration between
them and helps to avoid duplicate audits and to reduce audit fees.
With increasing importance of rolling audit planning, the extent to which CA acts as a
source of information increases. E.g. based on pre-programmed checks and routines, CA is

17

Electronic copy available at: https://ssrn.com/abstract=3330570

used in this context to search the company’s databases in the ERP system and provides aggre-
gated results so that the IAF continuously receives information about significant risk areas. CA
can enable the IAF to consistently be active where the company’s risks are high. Consequently,
the use of CA as a tool for the improvement of the IAF can better reflect the risk landscape of
the company and cover it through focused audits. In terms of the cost-benefit ratio of the IAF,
the consideration of the current risk information can also offer considerable advantages. In this
way, the IAF can allocate its financial and personnel capacities to the audit areas in which the
risks are most relevant from an audit perspective.
The increasing importance of the AC as an addressee of the audit results will more strongly
cause internal auditing to meet its information needs. The positive influence of the cooperation
with the external auditor and the support of the AC by the IAF on using CA information can
also be seen as a way to comply with regulatory and legal requirements. Both the AC and
the external auditor are interested in detecting potential violations of regulatory and regulatory
compliance.
Furthermore, the consistent use of CA information not only enables the detection of fraud,
but also a short response time, so that any damage to assets can be minimized or even avoided.
On this basis, it can be stated that shorter reaction times as an advantage of CA in comparison
to a traditional audit approach as well as its general function as a support instrument for the
clarification of fraudulent actions within the company are fully performed by the IAF.
Finally, in our additional analysis we examine the impacts of using CA in the RBAP by
the IAF. The significant positive effects on the intensity of use of IAF’s results by different
stakeholders, on the perception of the IAF’s value adding role, and on the number of audits
stress out the importance of CA as a source of information for the work of IAFs. In sum, the
results of both analyses provide further insights about the use of CA information, in particular
about the use CA information as a source in the RBAP of IAFs.
The paper is subject to certain limitations. First, our study is limited to data from German-
speaking countries. This has the advantage that no different regulatory framework influences
the results, but the transfer of the results to countries with other governance systems is not
easily possible. One opportunity for future research could be the consideration of comparable

18

Electronic copy available at: https://ssrn.com/abstract=3330570

data from other countries with e.g. a monistic board system.
Furthermore, only CAEs were addressed in the survey. Consequently, there may be a bias
in the self-perceived position of the IAF by the participants. This is due to the fact that the
data was collected on the basis of a survey of the national audit institutions, without taking into
account the objective of the present research project. For this reason, the perceived intensity
of use of CA is the only proxy available in the dataset. To circumvent this limitation, future
research projects may choose different approaches to directly measure the actual intensity of
CA use. However, as long as the addressees rate the usage on an ordinal scale, it would be
distorted again. Proxies that would have to circumvent this problem, could measure the actual
use for example based on the CA results or time used for audit planning. However, due to
the sensitivity of the content and the difficulty of measuring the intensity directly, the data
collection in such a research approach is extremely difficult to assess. The practical use of CA
can only be approximated on the basis of our questionnaire data. This could be supplemented
in further research projects, for example by experimental approaches or qualitative methods.
Despite these limitations, this paper provides new evidence on the use of CA information by
IAFs.

19

Electronic copy available at: https://ssrn.com/abstract=3330570

 REFERENCES

Abbott, L. J., Daugherty, B., Parker, S., and Peters, G. F. (2016). Internal Audit Quality and Fi-
nancial Reporting Quality: The Joint Importance of Independence and Competence. Journal
of Accounting Research, 54(1):3–40.

Abbott, L. J., Parker, S., and Peters, G. F. (2012). Audit Fee Reductions from Internal Audit-
Provided Assistance: The Incremental Impact of Internal Audit Characteristics. Contempo-
rary Accounting Research, 29(1):94–118.

AICPA (1999). Continuous auditing research report. American Institute of Certified Public
Accountants.

Allegrini, M. and D’Onza, G. (2003). Internal Auditing and Risk Assessment in Large Italian
Companies: an Empirical Survey. International Journal of Auditing, 7(3):191–208.

Alles, M., Kogan, A., and Vasarhelyi, M. A. (2003). Black box logging and teritiary monitoring
of continuous auditing systems. Information Systems Control Journal, 1:37–41.

Alles, M. G., Brennan, G., Kogan, A., and Vasarhelyi, M. A. (2006a). Continuous monitoring
of business process controls: A pilot implementation of a continuous auditing system at
Siemens. International Journal of Accounting Information Systems, 7(2):137–161.

Alles, M. G., Kogan, A., and Vasarhelyi, M. A. (2002). Feasibility and economics of continuous
assurance. Auditing, 21(1):125–138.

Alles, M. G., Kogan, A., and Vasarhelyi, M. A. (2008). Putting Continuous Auditing Theory
into Practice: Lessons from Two Pilot Implementations. Journal of Information Systems,
22(2):195–214.

Alles, M. G., Riccio, E. L., Vasarhelyi, M. A., and Tostes, F. (2006b). Continuous Auditing: the
USA Experience and Considerations for its Implementation in Brazil. Journal of Information
Systems and Technology Management, 3(2):211–224.

20

Electronic copy available at: https://ssrn.com/abstract=3330570

Anderson, U. L., Christ, M. H., Johnstone, K. M., and Rittenberg, L. E. (2012). A post-
SOX examination of factors associated with the size of internal audit functions. Accounting
Horizons, 26(2):167–191.

Baker, N. (2009). Software Trend Spotting. Internal Auditor, 66(4):30–34.

Bame-Aldred, C. W., Brandon, D. M., Messier, W. F., Rittenberg, L. E., and Stefaniak, C. M.
(2013). A summary of research on external auditor reliance on the internal audit function.
Auditing: A Journal of Practice and Theory, 32(suppl.1):251–286.

Bierstaker, J., Janvrin, D., and Lowe, D. J. (2014). What factors influence auditors’ use of
computer-assisted audit techniques? Advances in Accounting, 30(1):67–74.

Braun, R. L. and Davis, H. E. (2003). Computer-assisted audit tools and techniques: Analysis
and perspectives. Managerial Auditing Journal, 18(9):725–731.

Brown, C. E., Wong, J. A., and Baldwin, A. A. (2007). A Review and Analysis of the Existing
Research Streams in Continuous Auditing. Journal of Emerging Technologies in Accounting,
4(1):1–28.

Carcello, J. V., Eulerich, M., Masli, A., and Wood, D. A. (2018). The Value to Management of
Using the Internal Audit Function as a Management Training Ground. Accounting Horizons,
32(2):121–140.

Carcello, J. V., Hermanson, D. R., and Raghunandan, K. (2005). Factors Associated with U. S.
Public Companies’ Investment in Internal Auditing. Accounting Horizons, 19(2):69–84.

Chan, D. Y. and Vasarhelyi, M. A. (2011). Innovation and practice of continuous auditing.

International Journal of Accounting Information Systems, 12(2):152–160.

Chiu, V., Liu, Q., and Vasarhelyi, M. A. (2014). The development and intellectual structure of
continuous auditing research. Journal of Accounting Literature, 33(1-2):37–57.

Coderre, D. (2005). Continuous Auditing : Implications for Assurance , Monitoring , and Risk
Assessment. The Institute of Internal Auditors-Global Technology Audit Guide, pages 1–33.

21

Electronic copy available at: https://ssrn.com/abstract=3330570

Cohen, J., Krishnamoorthy, G., and Wright, A. (2010). Corporate governance in the
post-Sarbanes-Oxley era: Auditors’ experiences. Contemporary Accounting Research,
27(3):751–786.

Coram, P., Ferguson, C., and Moroney, R. (2008). Internal audit, alternative internal audit struc-
tures and the level of misappropriation of assets fraud. Accounting & Finance, 48(4):543–
559.

Curtis, M. B. and Payne, E. A. (2008). An examination of contextual factors and individ-

ual characteristics affecting technology implementation decisions in auditing. International
Journal of Accounting Information Systems, 9(2):104–121.

Davidson, B. I., Desai, N. K., and Gerard, G. J. (2013). The Effect of Continuous Auditing
on the Relationship between Internal Audit Sourcing and the External Auditor’s Reliance on
the Internal Audit Function. Journal of Information Systems, 27(1):41–59.

Debreceny, R., Gray, G. L., Jun-Jin Ng, J., Lee, K. S.-P., and Yau, W.-F. (2005). Embedded
audit modules in enterprise resource planning systems: Implementation and functionality.
Journal of Information Systems, 19(2):7–27.

El-Masry, E. H. E. and Reck, J. L. (2008). Continuous online auditing as a response to the

Sarbanes-Oxley Act. Managerial Auditing Journal, 23(8):779–802.

Eulerich, M. and Kalinichenko, A. (2015). The Current State and Future Directions of Con-
tinuous Auditing Research An Analysis of the Existing Literature. Journal of International
Accounting Research, 90(4):1395–1435.

EY (2018). How can you disrupt risk in an era of digital transformation ? Analytics Survey
2018.

Glover, S. M., Prawitt, D. F., and Wood, D. A. (2008). Internal audit sourcing arrangement and
the external auditor’s reliance decision. Contemporary Accounting Research, 25(1):193–213.

Gonzalez, G. C. and Hoffman, V. B. (2018). Continuous Auditing’s Effectiveness as a Fraud

Deterrent. Auditing: A Journal of Practice and Theory, 37(2):225–247.

22

Electronic copy available at: https://ssrn.com/abstract=3330570

Gonzalez, G. C., Sharma, P. N., and Galletta, D. F. (2012). The antecedents of the use of
continuous auditing in the internal auditing context. International Journal of Accounting
Information Systems, 13(3):248–262.

Gramling, A. A., Maletta, M. J., Schneider, A., and Church, B. K. (2004). The role of the
internal audit function in corporate governance: A synthesis of the extant internal auditing
literature and directions for future research. Journal of Accounting Literature, 23:194–244.

Groomer, S. M. and Murthy, U. S. (1989). Continuous Auditing of Database Applications: An

Embedded Audit Module Approach. Journal of Information Systems, 3(2):53–69.

Hardy, C. A. (2014). The Messy Matters of Continuous Assurance: Findings from Exploratory
Research in Australia. Journal of Information Systems, 28(2):357–377.

Haynes, R. and Li, C. (2016). Continuous Audit and Enterprise Resource Planning Systems: A
Case Study of ERP Rollouts in the Houston, TX Oil and Gas Industries. Journal of Emerging
Technologies in Accounting, 13(1):171–179.

Helms, G. L. and Mancino, J. M. (1999). Information technology issues for the attest, audit
and assurance services functions. CPA Journal, 69(5):62–63.

IIA (2005). Continuous Auditing : Implications for Assurance , Monitoring , and Risk Assess-
ment. Global Technology Audit Guide, 3:1–33.

IIA (2016). International standards for the professional practice of internal auditing. pages
1–22.

Janvrin, D., Bierstaker, J. L., and Lowe, D. J. (2009). An Investigation of Factors Influencing
the Use of Computer-Related Audit Procedures. Journal of Information Systems, 23(1):1–22.

Kearns, G. S., Barker, K. J., and Danese, S. P. (2011). Developing a Forensic Continuous Audit
Model. Journal of Digital Forensics, Security and Law, 6(2):93.

Kogan, A., Sudit, E. F., and Vasarhelyi, M. A. (1999). Continuous Online Auditing: A Program
of Research. Journal of Information Systems, 13(2):87–103.

23

Electronic copy available at: https://ssrn.com/abstract=3330570

Kuhn, J. R. and Sutton, S. G. (2010). Continuous Auditing in ERP System Environments: The
Current State and Future Directions. Journal of Information Systems, 24(1):91–112.

Kuhn Jr., J. R. and Sutton, S. G. (2006). Learning from WorldCom: through Continuous
Assurance. Journal of Emerging Technologies in Accounting, 3(1):61–80.

Mahzan, N. and Lymer, A. (2014). Examining the adoption of computer-assisted audit tools
and techniques: Cases of generalized audit software use by internal auditors. Managerial
Auditing Journal, 29(4):327–349.

Malaescu, I. and Sutton, S. G. (2015). The Reliance of External Auditors on Internal Audit’s
Use of Continuous Audit. Journal of Information Systems, 29(1):95–114.

Omoteso, K., Patel, A., and Scott, P. (2008). An Empirical Examination of Competing Theo-
ries to Explain Continuous Disclosure Technology Adoption Intentions Using XBRL as the
Example Technology. International Journal of Digital Accounting Research, 8(14):45–79.

PCAOB (2007). Auditing Standard No. 5 - An audit of internal control over financial reporting
that is integrated with an audit of financial statements. Exchange Organizational Behavior
Teaching Journal.

Prawitt, D. F., Smith, J. L., and Wood, D. A. (2009). Internal audit quality and earnings man-
agement. Accounting Review, 84(4):1255–1280.

Protiviti (2017). Embracing Analytics in Auditing.

Rezaee, Z., Sharbatoghlie, A., Elam, R., and McMickle, P. L. (2002). Continuous audit-
ing: Building automated auditing capability. Auditing: A Journal of Practice and Theory,
21(1):147–163.

Rikhardsson, P. and Dull, R. (2016). An exploratory study of the adoption, application and
impacts of continuous auditing technologies in small businesses. International Journal of
Accounting Information Systems, 20:26–37.

Shin, I.-h., Lee, M.-g., and Park, W. (2013). Implementation of the continuous auditing system
in the ERP-based environment. Managerial Auditing Journal, 28(7):592–627.

24

Electronic copy available at: https://ssrn.com/abstract=3330570

Singh, K., Best, P. J., Bojilov, M., and Blunt, C. (2014). Continuous Auditing and Continuous
Monitoring in ERP Environments: Case Studies of Application Implementations. Journal of
Information Systems, 28(1):287–310.

Turoff, M., Chumer, M., Hiltz, S. R., Klashner, R., Alles, M., Vasarhelyi, M. A., and Kogan,
A. (2004). Assuring homeland security: Continuous monitoring, control & assurance of
emerging preparedness. Journal of Information Technology Theory and Application, 6(3):1–
24.

Vasarhelyi, M. A. (2002). Concepts in Continuous Assurance. Researching Accounting as an

Information Systems Discipline, pages 1–16.

Vasarhelyi, M. A., Alles, M. G., Kuenkaikaew, S., and Littley, J. (2012). The acceptance and
adoption of continuous auditing by internal auditors: A micro analysis. International Journal
of Accounting Information Systems, 13(3):267–281.

Vasarhelyi, M. A. and Halper, F. B. (1991). The Continuous Audit of Online Systems. Auditing:
A Journal of Practice and Theory, pages 110–125.

Warren Jr., J. D. and Smith, L. M. (2006). Continuous Auditing: an Effective Tool for Internal
Auditors. Working Paper, 21(2):27–35.

Woodroof, J. and Searcy, D. W. (2001). Continuous audit: Model development and imple-
mentation within a debt covenant compliance domain. International Journal of Accounting
Information Systems, 2(3):169–191.

25

Electronic copy available at: https://ssrn.com/abstract=3330570

 APPENDIX A

Table 1: Summary statistics

Variable Mean (Std. Dev.) Min. Max. N

CA Auditplan 2.346 (1.25) 1 5 335
Collaboration ExtAud 3.385 (1.303) 0 5 387
RollPlanning 2.382 (1.443) 1 5 366
Importance AC 2.612 (2.121) 0 5 379
DataAnalysis 4.084 (0.862) 1 5 392
Results Fraud 3.356 (1.168) 0 5 371
Industry 0.307 (0.462) 0 1 417
Listing 0.423 (0.495) 0 1 397
Ln Employees 7.975 (1.886) 1.099 13.305 397
Objectives MTG 2.273 (1.329) 1 5 370

26

Electronic copy available at: https://ssrn.com/abstract=3330570

 Table 2: Cross-correlation table

Variables (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)
CA Auditplan (1) 1.000

Collaboration ExtAud (2) 0.302 1.000

(0.000)
RollPlanning (3) 0.179 0.088 1.000
(0.001) (0.095)
Importance AC (4) 0.112 0.164 0.078 1.000
(0.045) (0.001) (0.147)
DataAnalysis (5) 0.220 0.024 0.089 0.012 1.000

27
(0.000) (0.643) (0.092) (0.820)
Results Fraud (6) 0.308 0.173 0.121 0.117 0.229 1.000
(0.000) (0.001) (0.025) (0.028) (0.000)
Industry (7) 0.110 0.351 0.045 0.184 -0.021 -0.079 1.000
(0.045) (0.000) (0.391) (0.000) (0.679) (0.127)
Listing (8) -0.018 0.237 -0.004 0.400 -0.044 0.113 0.177 1.000
(0.749) (0.000) (0.943) (0.000) (0.394) (0.034) (0.000)
Ln Employees (9) -0.052 -0.059 0.071 0.197 0.064 0.160 -0.359 0.242 1.000
(0.347) (0.250) (0.172) (0.000) (0.207) (0.002) (0.000) (0.000)
Objectives MTG (10) 0.170 0.098 0.176 0.133 0.098 0.193 -0.063 0.198 0.331 1.000

Electronic copy available at: https://ssrn.com/abstract=3330570

(0.002) (0.062) (0.001) (0.012) (0.061) (0.000) (0.226) (0.000) (0.000)
 Table 3: Estimation results: ologit

Variable Coefficient (Std. Err.)

Equation 1: CA Auditplan
Collaboration ExtAud 0.425∗∗ (0.109)
RollPlanning 0.220 ∗∗ (0.081)
Importance AC 0.132∗ (0.062)
DataAnalysis 0.396 ∗∗ (0.135)
Results Fraud 0.400 ∗∗ (0.109)
Industry 0.001 (0.289)
Listing -0.577 ∗ (0.264)
Ln Employees -0.159∗ (0.072)
Objectives MTG 0.188 ∗ (0.092)

N 264
Pseudo R2 0.098
Log-likelihood -351.501
2
χ(9) 76.69
Significance levels: † : 10% ∗ : 5% ∗∗ : 1%

28

Electronic copy available at: https://ssrn.com/abstract=3330570

 Table 4: Additional Analysis:Multiple Regression Results

Independent Variable Sum Int Int AC Int SupBoard Int CLevel Int ExtAud Int Auditee Adds Value Noaudits

CA Auditplan .4134*** .2060** .4162*** .4599*** .3525*** .3359*** .1590* .2505**

Industry .8054** .7181** .5586** -.4097 1.048*** -.3943 -.7932** 2.302***

Listing .7439** .5170* .2688 .3577 .8505*** .3940 -.1170 .0310

29
LN Employees .1692** .1880** .1283* .0210 -.0131 .0870 .0394 .8072***

Objectives MTG .1575 .1750* .0990 .0881 .0441 .1446 -.0285 .0740

R2 .0438 .0460 .0471 .0465 .0679 .0419 .0263 .0687

No. Obs. 181 214 250 305 288 302 304 304

Electronic copy available at: https://ssrn.com/abstract=3330570