Audit committee characteristics, internal auditors' contribution to financial statement audits and audit fees : Malaysian evidence

This paper provides empirical evidence on the impact of audit committee characteristics on the extent of internal auditor’s contribution to financial statement audits in an emerging economy. Using a cross-sectional regression model, based on Felix, Gramling and Maletta’s (2001) study, it provides evidence of a positive relationship between internal auditor contribution to financial statement audits and three dimensions of audit committee characteristics: the proportion of independent audit committee members; the extent of audit committee members’ knowledge and experience in auditing, accounting, and finance; and the extent of audit committee review of IA proposal related to program, budget and coordination. A second model examines a relationship between internal audit contribution to financial statement audits and audit fees. However, the results did not yield a significant relationship between the two variables. These results are based on a unique data set comprised of publicly available data matched with survey data from chief internal auditors or financial controllers of 90 firms listed on the Kuala Lumpur Stock Exchange (KLSE).

Anomalies in the oversight of Australian auditors

This commentary identifies and comments on anomalies in the oversight of Australian auditors and audit firms. Regulatory and professional oversight and inspection of Australian auditors and audit firms arise from a number of sources, highlighting its multi-faceted nature. This makes it impossible to identify a single body with ultimate responsibility for auditor oversight. Three recent Australian reviews commissioned by the Financial Reporting Council, together with an evaluation of the roles of the various regulatory and professional bodies, are used in this commentary as a platform from which to identify a number of significant anomalies in oversight processes. Major anomalies highlighted arise from the overlapping nature of the duties and functions of the various bodies and the variation in oversight across different categories of audit service providers. Policymakers should closely examine the issues raised in the paper if auditor oversight is to be undertaken in an effective and efficient manner.

SCLPV: secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors

Cyber-physical-social system (CPSS) allows individuals to share personal information collected from not only cyberspace but also physical space. This has resulted in generating numerous data at a user's local storage. However, it is very expensive for users to store large data sets, and it also causes problems in data management. Therefore, it is of critical importance to outsource the data to cloud servers, which provides users an easy, cost-effective, and flexible way to manage data, whereas users lose control on their data once outsourcing their data to cloud servers, which poses challenges on integrity of outsourced data. Many schemes have been proposed to allow a third-party auditor to verify data integrity using the public keys of users. Most of these schemes bear a strong assumption: the auditors are honest and reliable, and thereby are vulnerability in the case that auditors are malicious. Moreover, in most of these schemes, an auditor needs to manage users certificates to choose the correct public keys for verification. In this paper, we propose a secure certificateless public integrity verification scheme (SCLPV). The SCLPV is the first work that simultaneously supports certificateless public verification and resistance against malicious auditors to verify the integrity of outsourced data in CPSS. A formal security proof proves the correctness and security of our scheme. In addition, an elaborate performance analysis demonstrates that the SCLPV is efficient and practical. Compared with the only existing certificateless public verification scheme (CLPV), the SCLPV provides stronger security guarantees in terms of remedying the security vulnerability of the CLPV and resistance against malicious auditors. In comparison with the best of integrity verification scheme achieving resistance against malicious auditors, the communication cost between the auditor and the cloud server of the SCLPV is independent of the size of the processed data, meanwhile, the auditor in the SCLPV does not need to manage certificates.