PCAOB inspections: An analysis of entity-level and application-level control audit deficiencies

Maureen Francis Mascha, Melvin A. Lamboy-Ruiz, Diane J. Janvrin

Research output: Contribution to journalArticlepeer-review

8 Scopus citations

Abstract

The Public Company Accounting Oversight Board (PCAOB) inspection process identifies deficiencies related to how firms conduct audits. Our work extends prior research by examining the type of internal control audit deficiencies (entity-level or application-level). Internal control audit deficiencies of both types may increase the risk of material misstatement, so the PCAOB is concerned with whether audit firms are performing appropriate procedures to identify entity-level and application-level internal control audit deficiencies, including those involving information technology general controls (ITGCs). Using text analysis to examine audit deficiencies by internal control type and firm size, we find that PCAOB inspection reports identify significantly more application-level than entity-level control audit deficiencies. Application-level control deficiencies generally involve revenue, inventory, and accounts receivable accounts whereas entity-level deficiencies often involve lack of centralized controls or controls over period end financial reporting. The number of application-level deficiencies identified for both Big 4 and second-tier firms varied between inspection years 2010 and 2015. However, the number of entity-level deficiencies, including ITGCs for both Big 4 and second-tier firms, held nearly steady during the period. Our findings should be of interest to practicing accountants, regulators, and other users of PCAOB inspection reports.

Original languageEnglish
Pages (from-to)19-39
Number of pages21
JournalInternational Journal of Accounting Information Systems
Volume30
DOIs
StatePublished - Sep 2018

Keywords

  • Application-level control
  • Entity-level control
  • Inspection report
  • Internal control audit deficiency
  • PCAOB inspection

Fingerprint

Dive into the research topics of 'PCAOB inspections: An analysis of entity-level and application-level control audit deficiencies'. Together they form a unique fingerprint.

Cite this