Bonnie K. Klamm scite author profile

This paper examines internal controls, from both an information technology (IT) and non-IT perspective, in relation to the five components of the Committee of Sponsoring Organization's Internal Control-Integrated Framework (COSO 1992), as well as the achievement of one of COSO's three objectives-reporting reliability. Our sample consists of 490 firms with material weaknesses reported under Sarbanes-Oxley Section 404 during the first year of compliance. We classify the weaknesses by COSO component and as IT-related or non-IT-related. Our results support the interrelationships of the COSO Framework. The results also show that the number of misstated accounts is positively related to the number of weak COSO components (i.e., scope) and certain weak COSO components (i.e., existence). Firms with IT-related weak components report more material weaknesses and misstatements than firms without IT-related weak components, providing evidence on the pervasive negative impact of weak IT controls, especially in control environment, risk assessment, and monitoring.

show abstract

Determinants of the Persistence of Internal Control Weaknesses

Klamm¹,

Kobelsky²,

Watson³

2012

View full text Add to dashboard Cite

SYNOPSIS This paper analyzes the degree to which material weaknesses (MWs) in internal control reported under the Sarbanes-Oxley Act of 2002 (SOX) affect the future reporting of MWs. Particularly, we examine information technology (IT) and non-IT MWs and their breakdown into specific IT-related entity-level, non-IT-related entity-level, and account-level deficiencies. Analysis reveals that most account-level and entity-level deficiencies occur at a significantly higher rate in SOX 404 reports with at least one IT MW than in MW reports with only non-IT MWs. Further, the presence and count of both types of MWs and all three types of deficiencies are associated with increased future MWs, as are lower profitability, non-Big 6 auditor, and firm complexity. Specific control deficiencies related to senior management, training, and IT control environment have the strongest impact on future MWs. These results indicate that effective corporate governance of both the IT and non-IT domains is pivotal in establishing and maintaining strong internal controls over financial reporting. Data Availability: Data are available from the public sources identified in the paper.

show abstract

Data governance case at KrauseMcMahon LLP in an era of self-service BI and Big Data

Riggins

Klamm

2017

Journal of Accounting Education

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Bonnie K. Klamm

Tax avoidance, tax management and corporate social responsibility

SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology

Determinants of the Persistence of Internal Control Weaknesses

Data governance case at KrauseMcMahon LLP in an era of self-service BI and Big Data

Contact Info

Product

Resources

About