We examine the role of firm IT capability in contributing to internal control and external audit in the post-SOX environment. Specifically, we measure the effectiveness of both the overall internal control and the five components of internal control as defined by the Committee of Sponsoring Organizations of the Treadway Commission's Internal Control—Integrated Framework (COSO 1992). Our findings support the concern that accounting professionals have regarding the impact of the use of IT on business risks and controls relevant to the audit. Specifically, IT capability directly mitigates audit fee increases, but not audit delay increases, indicating high IT capability signals lower business risks associated with the use of IT and reduces the auditor's risk premium. Further, IT capability has pervasive impacts on both the effectiveness of internal control and the components of effective internal control, which in turn further restrain audit fee and audit delay increases. Overall, our results suggest that a firm's IT capability has the additional benefits of supporting the functioning of internal control and the efficiency of the audit process.

You do not currently have access to this content.