Recent Developments on Internal Auditing Legislation in ... Recent Developments on Internal Auditing

  • View

  • Download

Embed Size (px)

Text of Recent Developments on Internal Auditing Legislation in ... Recent Developments on Internal Auditing

  • Recent Developments on Internal Auditing Legislation in Public Institutions of Turkey:

    A Hospital Case

    Kiymet CALIYURT1, Cuneyt AGUN2, Ayse PAMUKCU3

    Today, the fundamental aims of business enterprises are to become current throughout the world

    and to expand in this competitive environment, and to increase the value and profit of shares. The

    realization of the aims of business enterprises depends on making right decisions as well as an

    efficent and effective work. Right decisions are only made by means of reliable, true, relevant,

    well-timed information. The most effective element in the provision of these information in the

    business enterprise is Internal Auditing Department working efficiently.

    The function and department of internal control both in public and private institutions have

    gradually gained importance. Sarbanes Oxley Law (SOX) , published in 2002 especially after the

    fraud experienced and the Section 404 about internal auditing have proven that internal and

    external control are the most effective factors in the prevention of fraud at business enterprises.

    There are a number of different definitions of the term internal control. For the purposes of

    Section 404, the great majority of companies and all the CPA firms use the definition in COSO

    (Committee of Sponsoring Organizations of the Treadway Commission)s Internal Control

    Integrated Framework. COSOs definition relates to all aspects of internal control, not just that

    over financial reporting. The following is from the reports executive summary:

    Internal control is broadly defined as a process, effected by an entitys board of directors,management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:

    effectiveness and efficiency of operations reliability of financial reporting compliance with applicable laws and regulations4

    1 Corresponding Author, Associated Prof., Trakya University, Faculty of Business Administration and Economics, Edirne TURKIYE E-mail: 2 Lecturer, Havsa Vocational College, Havsa Edirne TURKIYE 3 Ph.D., Marmara University, Faculty of Business Administration and Economics, Department of Accounting and Finance 4 The Institute of Internal Auditors, Sarbanes Oxley Section 404: A Guide for Management by Internal Controls Practitioners, Professional Guidance Setting the Standard, 2nd Edition, January 2008, p.11

  • Internal control is an integral process that is effected by an entitys management and personnel

    and is designed to address risks and to provide reasonable assurance that in pursuit of the entitys

    mission, the following general objectives are being achieved:

    executing orderly, ethical, economical, efficient and effective operations;

    fulfilling accountability obligations;

    complying with applicable laws and regulations;

    safeguarding resources against loss, misuse and damage.5

    The practice of internal control that is widely used at international scope has become an

    inseperable part of public`s internal financial control systems. The accounting frauds that appear

    lately at international markets have made the examination of internal control system and process

    of auditing a current issue once again enabling the reliability of financial reports. Considering

    these developments in Turkey, it has become inevitable to make the official regulations of

    international standarts about internal control system , internal auditing and risk management.

    Especially, in candidate countries of European Union , the necessity of forming an effective

    internal auditing system to sustain financial transparency and accountability in the administrative

    activities the government has appeared . As a result of this, internal auditing system has been

    regulated in the frame of laws and secondary regulations in these countries.

    Especially with the help of reforms recently implemented in the field of finance

    administration in Turkey, it is aimed at making Turkish public system of Finance Management

    suitable for international standarts. At this scope, with the 10.12.2003 dated and 5018 numbered

    Public Finance Management and Control Law (Law 5018) coming into effect, not disregarding

    the facts and needs of Turkey, and by means of developing principles and methods, aiming at

    contributing to the works of public administrations and developing them to form internal

    auditing mechanisms for enabling the use of public resources in an economic, effective and

    efficient way are intended.

    However, problems are being confronted as experienced in the practice of other laws.In

    order to bring up the problems ,internal control and the practice of new law have been examined

    through applications at a public university hospital adherent to circulating capital using the

    internal control techniques. Among the serious problems defined in the natural risks of the public

    5 Guidelines For Internal Control Standards For The Public Sector, Internal Control Standards Committee,, p.6

  • hospital, there are the important finanacial problem, the treatment costs` being determined by

    the state , the delay in the money received from the patient, inability to follow the accounting

    process and the Public Procurement Law. Among the problems due to the internal auditing are

    that the internal auditors are not trained well enough , the risk-centered internal control is not

    considered sufficiently, the internal auditors are not sufficient in number, and the application of

    the law has not become prevalent yet.

    KEYNOTE: internal audit, accounting, corporate governance, public institutions


    CCSA: Certified Control Self Assesment

    CGAP: Certified Government Auditing Pofessional

    CIA: Certified Internal Auditor

    CISA: Certified Information System Auditor

    COSO: Committee of Sponsoring Organizations of the Treadway Commission

    CPA: Certified Public Accountant

    EU: European Union

    IIA: Institution of Internal Auditors

    Law 5018: Public Finance Management and Control Law

    SEC: Security and Exchange Commission

    SOX: Sarbanes Oxley Act

    USA: United States of America


    Corporate governance refers to the method by which an organisation is governed, administrated,

    directed or controlled, and the goals for which it is governed (Dellaportas and, 2005: 118) .That has

    become one of the most commonly used phrases in the current global business vocabulary. (Solomon,

    2007: 11) The development of a common understanding of corporate govenance is generally agreed to

    have started with the Cadbury report. (Cadbury Committee, 1992), which identified the principles of good

    governance integrity, openness and accountability. The report was the first of several on corporate

    governance in the private sector, the most recent contributions being the Higgs report on non-executive

    directors (Higgs Report, 2003) and the Smith report on audit committees (Audit Committees Combined

    Code Guidance, 2003). In the public sector, the Nolan Report (Nolan and his Committee, 1995) was

    particularly important in setting out the principles of public life (Audit Commission, 2003) which based

    itself on the principle selflessness, integrity, objectivity, accountability, openness, honesty and


  • leadership. (

    The report made the following general recommendations (those which had general application

    across the entire public service).

    Principles of public life: The general principles of conduct which underpin public life

    need to be restated.

    Codes of Conduct: All public bodies should draw up Codes of Conduct incorporating these principles.

    Independent Scrutiny: Internal systems for maintaining standards should be supported by independent scrutiny.

    Education: More needs to be done to promote and reinforce standards of conduct in public bodies, in particular through guidance and training.

    As in private sector, there appear problems in public sector in abiding by the rules.

    Problems in public world have more specialites than private sector. Even in the corporate

    governance public has following failues: closed culture, poor strategic risk management, poor

    working relations, low levels of accountability, lack of clarity, poor leadership, poor information

    for decision makers, lack of clarity.

    The most important work to be done at public and private sectors is to form the Internal Auditing

    Department and to enable its running in order to comply with the laws and internal control

    procedures. This subject has become the firstcoming one in business world after the important

    scandals are experienced in the 2000`s. According to this part under the heading of Assessment

    of Internal Control of Sarbanes Oxley 404 enacted in 2000 ,

    Under Section 404 of the Act , management is required to produce an internal control

  • report as part of each annual Exchange Act rep