Part of the Contributions to Management Science book series (MANAGEMENT SC.)


Purpose: The aim of this chapter is to introduce the general research idea, purpose and the research method as well as to provide an overview of the general thesis structure and content.

Synopsis: This thesis will study the accounting and auditing approach to control where the concept of internal control has developed along with the theory and practice of auditing and its stated objectives. The concept of internal control goes back over 100 years and was first recognized in formal literature on auditing in 1892. Since the concept was first established, there has been a century of debate as to its definition and content and official definitions have often proven to be controversial. During the last 15 years, there have been loud calls for better and stronger corporate governance. Continuing corporate malfunctions, changes in shareholder patterns and the legal climate are some of the key drivers behind these calls. Demands have been made for greater accountability and transparency and the independent audit activity has hereby become the primary tool for securing accountability. An important joint development with the emerging audit society has been the rise of internal control systems. Internal control, once a private matter for technical assurance specialists, has risen to be an autonomous field or expertise and a mode of organizing uncertainty. Traditionally internal control had a fairly direct relationship to the accounting records. With the introduction of broader definitions, internal control has significantly expanded its domains into general management control and corporate governance. However the concept seems to be under-explored by social scientists and thus there is a need for more research into this area. The purpose of this research enterprise is to provide an account of existing research on internal controls. This will be done based on a literature review where academic papers published by other researchers on the subject have been surveyed. This thesis comprises of six chapters in total.  Chapter 1 provides an introduction to the general research idea and method. In the following chapters, theories that explain the need for control systems will be discussed as well as a practical framework on internal control.  Chapter 4 provides a regulatory perspective and  Chap. 5 takes up those common themes and issues which frequently occur in existing research on internal control. The final chapter makes concluding observations and provides suggestions for future research.


Risk Management Internal Control Corporate Governance Audit Firm Management Control System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. Apostolou, B., Hassell, J. M., & Webber, S. A. (2001). Fraud risk factors: Ratings by forensic experts. The CPA Journal, 71, 48–52.Google Scholar
  2. Arwinge, O., & Munkby, T. (2011). Intern kontroll i finansiell sector – en studie av brister [Internal control in the financial sector – a study of deficiencies]. Balans, No.6/7, 25–29.Google Scholar
  3. Bebbington, J., Larrinaga, C., & Moneva, J. M. (2008). Corporate social reporting and reputation risk management. Accounting, Auditing and Accountability Journal, 21(3), 337–361.CrossRefGoogle Scholar
  4. Berle, A. A., & Means, G. C. (1932). The modern corporation and private property. New York: Harcourt, Brace & World.Google Scholar
  5. Bhasa, M. P. (2004). Global corporate governance: Debates and challenges. Corporate Governance, 4(2), 5–17.CrossRefGoogle Scholar
  6. Birkenshaw, J., & Jenkins, H. (2009). Risk management gets personal. Lessons from the credit crisis. Executive Briefing. Advanced Institute of Management Research (AIM Research). Available at
  7. Brown, R. (1962): Changing audit objectives and techniques. The Accounting Review, 37(4), 696–703. In Lee, T. A. (ed.). (1988). The evolution of audit thought and practice. New York: Garland.Google Scholar
  8. Bryman, A. (2004). Social research methods (2nd ed.). Oxford: Oxford University Press.Google Scholar
  9. Bryman, A. (2006). Paradigm peace and the implications for quality. International Journal of Social Research Methodology, 9(2), 111–126.CrossRefGoogle Scholar
  10. Bryman, A., Becker, S., & Sempik, J. (2008). Quality criteria for quantitative, qualitative and mixed methods research: A view from social policy. International Journal of Social Research Methodology, 11(4), 261–276.CrossRefGoogle Scholar
  11. Burns, J., & Nixon, W. A. J. (2005). Introduction: Management control in the 21st century. Management Accounting Research, 16, 260–268.CrossRefGoogle Scholar
  12. Chapman, C., Hopwood, A., & Shields, M. D. (Eds.). (2007). Handbook of management accounting research. Oxford: Elsevier.Google Scholar
  13. COSO (Committee of Sponsoring Organizations of the Treadway Commission). (1992). Internal control – Integrated framework. New York: AICPA.Google Scholar
  14. COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2004). Enterprise risk management – Integrated framework, executive summary. New York: AICPA.Google Scholar
  15. COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2009b). Effective enterprise risk oversight – the role of the board of director. New York: AICPA. Available at
  16. COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2009c). Strengthening Enterprise Risk Management for Strategic Advantage. New York: AICPA. Available at
  17. COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2010a, December). Board risk oversight – a progress report. Where boards and directors currently stand in executing their risk oversight responsibilities. Research commissioned by COSO. Available at
  18. COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2011). Embracing enterprise risk management. Practical approaches to getting started. Research commissioned by COSO. Available at
  19. D’Aquila, J. M. (1998). Is the control environment related to financial reporting decisions? Managerial Auditing Journal, 13(8), 472–478.CrossRefGoogle Scholar
  20. DesJardins, J. R., & McCall, J. J. (2005). Contemporary issues in business ethics (5th ed.). Belmont: Wadsworth/Thomson.Google Scholar
  21. Dolphin, R. R. (2004). Corporate reputation – A value creating strategy. Corporate Governance, 4(3), 77–92.CrossRefGoogle Scholar
  22. Far, S. R. S. (2009). Samlingsvolymen 2009 Revision [Swedish Audit Standards 2009]. Stockholm/Sverige: FAR SRS Förlag.Google Scholar
  23. Finansinspektionen [The Swedish Financial Supervisory Authority]. (2011, Maj 24). Tillsynsrapport 2011. Erfarenheter från tillsyn och regelutveckling [Oversight report 2011. Learnings from oversight and policy development], Finansinspektionen, Stockholm. Available at
  24. Franck, P., & Sundgren, S. (2010). Den upplevda nyttan med intern kontroll: En studie av svenska noterade bolag. Ekonomiska Samfundets Tidskrift, 2, 81–93.Google Scholar
  25. Handley-Schachler, M., Juleff, L., & Paton, C. (2007). Corporate governance in the financial services sector. Corporate Governance, 7(5), 623–634.CrossRefGoogle Scholar
  26. Haun, R. D. (1955). Broad vs. narrow concepts of internal auditing and internal control. The Accounting Review, 30(1), 114–118.Google Scholar
  27. Hay, D. (1993). Internal control: How it evolved in four English-speaking countries. The Accounting Historians Journal, 20(1), 79–102.Google Scholar
  28. Heier, J. R., Dugan, M. T., & Sayers, D. L. (2005). A century of debate for internal controls and their assessment: A study of reactive evolution. Accounting History, 10(3), 39–70.CrossRefGoogle Scholar
  29. Hermanson, D. R., & Rittenberg, L. E. (2003). Research opportunities in internal auditing chapter 2: Internal audit and organizational governance. Florida: IIA (Institute of Internal Auditors) Research Foundation.Google Scholar
  30. Holland, T. R. (2009, December). Reputation risk is tricky. Internal Auditor, 11.Google Scholar
  31. Holmes, S. A., Langford, M., Welch, O. J., & Welch, S. T. (2002). Associations between internal controls and organizational citizenship behavior. Journal of Managerial Issues, 14(1), 85–99.Google Scholar
  32. Humphrey, C. (2007). Auditing research: A review across the disciplinary divide. Accounting, Auditing and Accountability Journal, 21(2), 170–203.Google Scholar
  33. IAASB (International Auditing and Assurance Standards Board). (2006, December). Redrafted International Standards on Auditing 240, 300, 315, 330. New YorkGoogle Scholar
  34. Jensen, M. C., & Meckling, W. H. (1976). Theory of the firm: managerial behaviour, agency costs and ownership structure. Journal of Financial Economics, 3, 305–360.CrossRefGoogle Scholar
  35. Jokipii, A. (2006). The structure and effectiveness of internal control – A contingency approach. (diss.) Åbo Akademi University, Turku.Google Scholar
  36. Jonnergård, K., & Larsson, U. (2007). Developing codes of conduct: Regulatory conversations as means for detecting institutional change. Law & Policy, 29(4), 460–492.CrossRefGoogle Scholar
  37. Kinney, W. R., Jr. (2000). Research opportunities in internal control quality and quality assurance. Auditing: A Journal of Practice and Theory, 19(Supplement), 83–90.CrossRefGoogle Scholar
  38. Kirkpatrick, W. W. (1962). The adequacy of internal corporate controls. The ANNALS of the American Academy of Political and Social Science, 343(1), 75–83.CrossRefGoogle Scholar
  39. Lazarides, T., & Drimpetas, E. (2008). The missing link to an effective corporate governance system. Corporate Governance, 8(1), 73–82.CrossRefGoogle Scholar
  40. Lee, T. A. (1971). The historical development of internal control form the earliest times to the end of the seventeenth century. Journal of Accounting Research, 9(1), 150–157.CrossRefGoogle Scholar
  41. Lee, T. A. (Ed.). (1988). The evolution of audit thought and practice. New York: Garland.Google Scholar
  42. Maijoor, S. (2000). The internal control explosion. International Journal of Auditing, 4, 101–109.CrossRefGoogle Scholar
  43. McEvily, B., Perrone, V., & Zaheer, A. (2003). Trust as an organizing principle. Organization Science, 14(1), 91–103.CrossRefGoogle Scholar
  44. Mikes, A. (2009). Risk management and calculative cultures. Management Accounting Research, 20, 18–40.CrossRefGoogle Scholar
  45. Mintzberg, H. (1983). Power in and around organizations. Englewood Cliffs: Prentice-Hall.Google Scholar
  46. Netter, J., Poulsen, A., & Stegemoller, M. (2009). The rise of corporate governance in corporate control research. Journal of Corporate Finance, 15, 1–9.CrossRefGoogle Scholar
  47. OECD (Organization for Economic Co-operation and Development). (2004). OECD principles of corporate governance. Paris: OECD Publications Service. Available at
  48. OECD (Organization for Economic Co-operation and Development). (2009a). The corporate governance lessons from the financial crisis. OECD Publications. ISSN 1995–2864. Financial Market Trends. Available at
  49. OECD (Organization for Economic Co-operation and Development). (2009b, June). Corporate governance and the financial crisis: Key findings and main messages. OECD Publications. Available at
  50. Parker, L. D., & Roffey, B. H. (1997). Methodological themes. Back to the drawing board: Revisiting grounded theory and the everyday accountant’s and manager’s reality. Accounting, Auditing and Accountability Journal, 10(2), 212–247.CrossRefGoogle Scholar
  51. Pathak, J. (2005). Guest Editorial: Risk management, internal controls and organizational vulnerabilities. Managerial Auditing Journal, 20(6), 569–577.CrossRefGoogle Scholar
  52. Pharoah, A. (2003). Corporate reputation: The board room challenge. Corporate Governance, 3(4), 46–51.CrossRefGoogle Scholar
  53. Power, M. (1997). The audit society: Rituals of verification. New York: Oxford University Press.Google Scholar
  54. Power, M. (2000). The audit society – Second thoughts. International Journal of Auditing, 4, 111–119.CrossRefGoogle Scholar
  55. Power, M. (2003b). Evaluating the audit explosion. Law & Policy, 25(3), 185–202.CrossRefGoogle Scholar
  56. Power, M. (2004). The nature of risk: The risk management of everything. Balance Sheet, 12(5), 19–28.CrossRefGoogle Scholar
  57. Power, M. (2006). Special research symposium: Organizations and the management or risk. Journal of Management Studies, 43(6), 1331–1337.CrossRefGoogle Scholar
  58. Power, M. (2007). Organized uncertainty: Designing a world of risk management. New York: Oxford University Press.Google Scholar
  59. Power, M., Scheytt, T., Soin, K., & Sahlin, K. (2009). Reputational risk as a logic or organizing in late modernity. Organization Studies, 30, 301–324.CrossRefGoogle Scholar
  60. Radin, A. J. (2008). A practical approach to finding management override. The CPA Journal, 10, 6–9.Google Scholar
  61. Ramamoorti, S. (2003). Research opportunities in internal auditing, chapter 1: Internal auditing: History, evolution and prospects. Florida: IIA (Institute of Internal Auditors) Research Foundation.Google Scholar
  62. Roberts, J., & Scapens, R. (1985). Accounting systems and systems of accountability – understanding accounting practices in their organisational context. Accounting, Organizations and Society, 10(4), 443–456.CrossRefGoogle Scholar
  63. Senior Supervisors Group. (2009, October 21). Risk management lessons from the global banking crisis of 2008. Available at
  64. Sherer, M., & Turley, S. (1997). Current issues in auditing (3rd ed.). London: Sage.Google Scholar
  65. Skinner, D., & Spira, L. (2003). Trust and control – A symbiotic relationship? Corporate Governance, 3(4), 28–35.CrossRefGoogle Scholar
  66. Smith, A. (1776). The wealth of nations. Cannan edition. New York.Google Scholar
  67. Solomon, J., Solomon, A., Norton, S., & Joseph, N. (2000). A conceptual framework for corporate risk disclosure emerging from the agenda for corporate governance reform. British Accounting Review, 32, 447–478.CrossRefGoogle Scholar
  68. Spira, L. F., & Page, M. (2003). Risk management: The reinvention of internal control and the changing role of internal audit. Accounting, Auditing and Accountability Journal, 16(4), 640–661.CrossRefGoogle Scholar
  69. Strauss, A., & Corbin, J. (1990). Basics of qualitative research. Grounded theory procedures and techniques. London: Sage.Google Scholar
  70. Tackett, J., Wolf, F., & Claypool, G. (2004). Sarbanes-Oxley and audit failure: A critical examination. Managerial Auditing Journal, 19(3), 340–350.CrossRefGoogle Scholar
  71. Tannenbaum, A. (1968). Control in organizations. New York: McGraw-Hill.Google Scholar
  72. The Walker Review. (2009). A review of corporate governance in UK banks and other financial industry entities, Final recommendations, 26 November 2009.Google Scholar
  73. Vinten, G. (2002). The corporate governance lessons of Enron. Corporate Governance, 2(4), 4–9.CrossRefGoogle Scholar
  74. Vinten, G. (2003). Enronitis – Dispelling the disease. Managerial Auditing Journal, 8(6/7), 448–455.CrossRefGoogle Scholar
  75. Williamson, O. E. (1985). The economic institutions of capitalism: Firms, markets, relational contracting. New York: The Free Press.Google Scholar
  76. Woods, M. (2009). A contingency theory perspective on the risk management control systems within Birmingham city council. Management Accounting Research, 20, 69–81.CrossRefGoogle Scholar
  77. Yakhou, M., & Dorweiler, V. P. (2004). Dual reforms: Accounting and corporate governance. Managerial Auditing Journal, 19(3), 361–377.CrossRefGoogle Scholar
  78. Zannetos, Z. S. (1964). Some thoughts on internal control systems of the firm. The Accounting Review, 39(4), 860–868.Google Scholar
  79. Jensen, M.C., Meckling, W.H., (1976) Theory of the firm: Managerial behaviour, agency costs and ownership structure, Journal of Financial Economics, V3, No.4: 305–360.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Department of Finance and AccountingUppsala UniversityUppsalaSweden

Personalised recommendations