4 5809846082850525662 Edited

INTERNAL AUDITING PRACTICE IN THE CASE OF
COMMERCIAL BANK OF ETHIOPIA
ST. MARY’S UNIVERSITY SCHOOL OF GRADUATE STUDIES

COLLEGE OF BUSINESS AND ECONOMICS DEPARTMENT
OF BUSINESS ADMINSTRATION
BY: SAMI ELIAS
ADVISOR: Proff. ASMAMAW GETE
A RESEARCH PAPER SUBMITTED TO THE SCHOOL OF

GRADUATE STUDIES OF ST. MARY’S UNIVERSITY IN
PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR
THE MASTERS OF BUSINESS ADIMINISTRATION IN
ACCOUNTING AND FINANCE
JUNE, 2024
ADDIS ABABA, ETHIOPIA
ST. MARY’S UNIVERSITY SCHOOL OF GRADUATE STUDIES

COLLEGE OF BUSINESS AND ECONOMICS DEPARTMENT
OF BUSINESS ADMINSTRATION
A THESIS TO BE SUBMITTED TO THE SCHOOL OF GRADUATE

STUDIES DEPARTMENT OF BUSINESS ADMINSTRATION IN PARTIAL
FULFILMENT OF THE REQUIREMENTS FOR THE AWARD OF
DEGREE OF MASTERS OF BUSINESS ADMINISTRATION (MBA) IN
ACCOUNTING AND FINANCE.
INTERNAL AUDITING PRACTICE IN THE CASE OF

COMMERCIAL BANK OF ETHIOPIA SARBET BRANCH
BY; SAMI ELIAS

SGS/0112/2015A
ADVISOR: Proff. ASMAMAW GETE
JUNE 2024
ADDIS ABABA, ETHIOPIA
ST. MAR Y’S UNIVERSITY
SCHOOL OF GRADUATE STUDIES
COLLEGE OF BUSINESS AND ECONOMICS
DEPARTMENT OF BUSINESS ADMINSTRATION
BY; SAMI ELIAS
APPROVED BY BOARD OF EXAMINER‟S
Dean, Graduate Signature Date

studies
Advisor Signature Date
Internal Examiner Signature Date
External Examiner Signature Date
June ,2024
Addis Ababa, Ethiopia
DECLARATION
I, the undersigned declare that this thesis is my original work. All material used for this
thesis has been properly acknowledged, as well, I confirm that this has not submitted
either in part or in full to other higher education institution for the purpose of earning
any degree.
SAMI ELIAS
_____________________
Signature
_____________________
Date
ENDORSEMENT
i
This thesis has been submitted to St. Mary‟s University, School of graduate studies for
Examination with my approval as university advisor
Proff. / Asmamaw Gete ____________________

Advisor Signature
St. Mary‟s University

Addis Ababa, Ethiopia
June, 2023
Acknowledgment
Sincere thanks to almighty God. Without his support nothing can be accomplished even
work done is impossible.
i
i
This research has drown on the talents, advice and encouragement of more people that
the researcher can possibly acknowledge. I wish to express my gratitude and
appreciation to my advisor Proff./ Asmamaw Gete whose dedication and support have
made possible the completion of the activities of this study. It is a great chance to
express my deepest appreciation and thanks to many peoples and friends whose
unreserved guidance and constructive ideas have brought about the successfull
completion of my paper. In addition, I wish to say thanks to employees, internal
auditors and manager of commercial Bank of Ethiopia for providing the relevant data.
In addition my deepest gratitude goes to my families for their support in fulfilling the
necessary financial and other material support.
Abstract
The purpose of the study would be seek to assess the internal auditing practice of
commercial bank of Ethiopia .Conformity with the International Internal Audit
Standards (IIASs) is an essential part of internal audit to ensure that the Internal Audit
Functions (IAF) effectiveness, the reliability of the audit reports and to enhance and
protect organizational value by providing risk-based and objective assurance. Hence,
this study aims at asses the internal audit practices of the Commercial Bank of
Ethiopia. The study utilized a mixed research approach both qualitative and
quantitative research approach. Data were collected from primary and secondary
i
i
i
sources which includes; a self-administrated questionnaire, semi-structured in-depth
interviews, and documentary review. The survey design, in turn, uses purposive
sampling and the target populations of the study were internal auditors of CBE at the
head office. The collected data were analyzed by descriptive statistics with the support
of SPSS and presented by using tables. Based on the research results, the current
practices of internal audit in CBE through taking the Mandatory Guidance
requirements of IPPF as a benchmark could be summarized into four groups: standards
that are adequately, fairly, inadequately, and poorly complied. The major findings
revealed that in CBE; a detailed audit work program is prepared, an audit plan is
properly implemented, internal audit reports are prepared adequately as per the
standards, Internal Audit Activities (IAAs) have an approved internal audit charter, and
also the findings disclosed independence & objectivity of internal audit activities were
aligned with the IPPF. More the code of ethics adequately complied and govern both
the behavior of individuals and the bank. However, gaps were stated regarding the
internal audit staff proficiency and due professional care and quality assurance and
improvement program (QAIP) standards inadequately and poorly complied
respectively. However, the mandatory guidance requirements conformance level in CBE
fairly complied with the IIASs. Finally, CBE should pay much attention to raising the
application of IIASs where attribute standards principally need much attention relative
to performance standards.
Keywords: Commercial Bank of Ethiopia (CBE), Attribute Standards, Performance

Standards, Code of Ethics.
ACRONYMS AND ABBREVIATIONS
AC---Audit Committee
ACCA----The Association of Chartered Certified Accountants
AD---- Anno Domini
AML----Anti Money Laundry
ASQ---American Society for Quality
BC---- Before Christ BOD----Board of Directors
CAE---Chief Audit Executive
i
v
CBE----Commercial Bank of Ethiopia
CFE----Certified Fraud Examiner
CFT----Combat Financing Terrorism
CIA----Certified Internal Auditor
CISA----Certified Information System Auditor
COSO----Committee of sponsoring organization
FI---Financial Institutions
IA---Internal Auditor/s
IAA---Internal Audit Activities
IAF---Internal Audit Function
IAS---International Auditing Standards
IBRD----International Bank for Reconstruction and Development ICAN-----Institute of
chartered accountants of Nigeria
IFB----Interest Free Banking
IFRS----International Financial Reporting Standard
IIA---Institute of Internal Auditors
IIASB---International Internal Audit Standards Board
IPPF---International Professional Practices Framework
IPPFOC---International Professional Practice Framework Oversight Council
IS----Information System
ISACA----Information Systems Audit and Control Association
ISIA---International Standards of Internal Auditing (Standards)
ISO----International Standard Organization
ISHOPA----Imperial Savings and Home Ownership Public Association IT----
Information Technology
LCB----Licensed Commercial Banks
MGE---Mandatory Guidance Elements
MOF---Ministry of Finance
NBE----National Bank of Ethiopia
NG----Net Guardian
PCIDSS---- payment card industry data security standards
QAIP---Quality Assurance and Improvement Program
SD-----Standard Deviation
v
SOE---State Owned Enterprise
SPSS---Statistical Packages for Social Scientists
SNNPRS----South Nation Nationality People Representative State
USA----United States of America
V/P----- Vise President
v
i
Contents
DECLARATION........................................................................................................................i
ENDORSEMENT.....................................................................................................................ii
Acknowledgment.....................................................................................................................iii
Abstract....................................................................................................................................iv
ACRONYMS AND ABBREVIATIONS..................................................................................v
CHAPTER ONE.......................................................................................................................1
INTRODUCTION....................................................................................................................1
1.1. Backgrounds of the study...............................................................................................1
1.2. Statement of the problem...............................................................................................3
1.3. The objectives of the study............................................................................................6
1.3.1. General Objectives..................................................................................................6
1.3.2. Specific Objectives.................................................................................................6
1.4. Research Questions........................................................................................................7
1.5. The hypothesis of the study...........................................................................................7
1.6. Significance of the Study..............................................................................................8
1.7. Scope of the Study........................................................................................................9
1.8. Limitations of the Study.................................................................................................9
1.9. Organization of the Research.......................................................................................10
CHAPTER TWO.....................................................................................................................11
REVIEW OF RELATED LITERATURE...............................................................................11
2.1. Theoretical literature review........................................................................................11
2.1.1. History of Internal Auditing..................................................................................11
2.1.2. The Institute of Internal Auditors (IIA‟s).............................................................14
2.1.3. International Professional Practices Framework (IPPF).......................................14
2.1.3.1. Core Principles...................................................................................................16
2.1.3.2. Definition of Internal Auditing..........................................................................16
i
2.1.3.3. Code of Ethics....................................................................................................16
2.1.3.4. The purpose of the Standards is to:....................................................................16
2.1.3.5. Categories of internal audit standards................................................................17
2.1.4. Theories of auditing..............................................................................................18
2.1.4.1. Stewardship Theory:..........................................................................................18
2.1.4.2. Stakeholder Theory:...........................................................................................19
2.1.4.3. Policeman Theory:.............................................................................................19
2.1.4.4. Credibility theory:..............................................................................................19
2.1.4.5. The theory of inspired confidence (Theory of rational expectations):...............20
2.1.4.6. Communication Theory:....................................................................................20
2.1.4.7. Agency Theory:..................................................................................................21
2.2. Review of Empirical Evidences...................................................................................23
2.4. The Research Gap........................................................................................................30
CHAPTER THREE.................................................................................................................32
RESEARCH DESIGN AND METHODOLOGY...................................................................32
3.1. Introduction..................................................................................................................32
3.2. Research Design...........................................................................................................32
3.3. Types and Sources of Data...........................................................................................33
3.4. Target Population.........................................................................................................33
3.5. Sample Size and Sampling Techniques.......................................................................33
3.6. Methods of Data Distribution and Collection..............................................................34
3.7. Methods of Data Analysis............................................................................................35
3.8. Tools of Interpretation..................................................................................................35
CHAPTER-FOUR..................................................................................................................36
RESULTS AND DISCUSSION..............................................................................................36
4.1. Results..........................................................................................................................36
i
i
4.1.1. Qualitative Aspect In depth semi structured interview & Document Analysis.....36
4.1.2. Quantitative Aspect- Survey Results.....................................................................39
4.1.2.1. Reliability Analysis and demographic Profile of respondents...........................39
4.1.2.2. Compliance with the International Auditing Standards.....................................44
1.1.2.2.1. Conformance with Attribute Standards...........................................................44
4.1.2.2.2. Conformance with Performance Standards.....................................................50
4.1.2.2.3. Conformance with the Code of Ethics............................................................57
4.2. Discussion....................................................................................................................58
4.2.1. Internal Audit Activity (IAA)................................................................................59
4.2.2. Objectivity & Independence.................................................................................60
4.2.3. Proficiency & Due professional Care...................................................................60
4.2.4. Quality Assurance & Improvement Program (QAIP)...........................................62
4.2.5. The Code of Ethics................................................................................................62
4.3. Conclusion...................................................................................................................63
CHAPTER FIVE.....................................................................................................................64
SUMMARY, CONCLUSION AND RECOMMENDATION.................................................64
5.1. Introduction..................................................................................................................64
5.2. Summary of research Major Findings..........................................................................64
5.3. Conclusions..................................................................................................................66
5.4. Recommendations........................................................................................................69
5.4.1. Recommendation on the research findings...........................................................69
5.4.2. Directions for future research areas......................................................................70
References...............................................................................................................................72
Appendix I: Questionnaire..............................................................................................75
i
i
i
TABLE OF TABLES
Table 4.1: Reliability Statistics….………………………………………...……………41

Table 4.2: Respondents Gender & Age….…………………………………….……………42
Table 4.3: Respondents area of study, educational level and……………………………….42
Certification related to the profession……………………..………………….………….…42
Table 4.4: Respondents position and years of experience……….…………………………44
Table 4.5: Auditing department staffing………………………………………….………...45
Table 4.6: Internal Audit Objectivity……………………………………….……………46
Table 4.7: Internal Audit Independency...…………………….…...………….…………47
Table 4.8: Internal Audit staff Proficiency & Due Professional Care……….…….………..48
Table 4.9: Internal Audit quality assurance & improvement program(QAIP)……….……..50
Table 4.10: Summary of Attributes Standards Conformance ………………………....,,,…52
Table 4.11: Managing the Internal Audit Activity………………..…………………..52
Table 4.12: Nature of the Audit Work……………………...………..…………………..….54
Table 4.13: Engagement Planning…………………………………….………………….…55
Table 4.14: Performance the Engagement…………………...………………………..…56
Table 4.15: Communicating Result…..………………………….…………………….……57
Table 4.16: Monitoring Progress……………………………….…………………………...58
Table 4.17: Summary of Performance Standards Conformance ………..…….…………...59
Table 4.18: Summary of Attribute and Performance Standards Conformance…………....59
Table 4.19: The Code of Ethics...…………………………………………………….…….60
i
v
TABLE OF FIGURES
Figure: 2.1. Conceptual framework of the study…………………………………………..30
v
CHAPTER ONE
INTRODUCTION
1.1. Backgrounds of the study

Throughout the world auditing is performed in divers‟ environment and taking increase
importance in the day global organization. Auditing is a systematic process of objectively
obtaining and evaluating evidences requiring assertion about economic action and events
to ascertain the degree of correspondence between those assertion and established criteria
and communicating the result to increased users. The objectives of auditing is to ascertain
the degree of correspondence between the assertions and establish d criteria and also
auditors undertake to gather evidences and provide high level of assurance that the
financial statement follows appropriate basis of Accounting. Auditing can be internal
auditing or external auditing. (Bradley J, Larry E, 2020)
Internal auditing is conducted in diverse legal and cultural environments; within

organizations that vary in purpose, size, complexity, and structure; and by persons within
or outside the organization. While differences may affect the practice of internal auditing in
each environment, conformance with the IIA‟s International Standards for the Professional
Practice of Internal Auditing (Standards) is essential in meeting the responsibilities of
internal auditors and the internal audit activity (Leona, 2020).
The Institute of Internal Auditors (IIA) is an international professional association that was
established in 1941. The IIA is the internal audit profession's global voice, recognized
authority, acknowledged leader, chief advocate, and principal educator. Generally,
members work in internal auditing, risk management, governance, internal control,
information technology audit, education, and security. Globally, the IIA has more than
230,000 members including 400 members in Ethiopia.
According to the definition of IIA, Internal auditing is an independent, objective assurance

and consulting activity designed to add value and improve an organization's operations. It
helps an organization accomplish its objectives by bringing a systematic, disciplined
approach to evaluate and improve the effectiveness of risk management, control, and
1
governance processes. Internal auditing (IA) serves as an important link in the business
and financial reporting processes of corporations. Internal auditors play a key role in
monitoring a company‟s risk profile and identifying areas to improve risk management
(International Professional Practices Framework, 2017).
The aim of internal auditing is to improve organizational efficiency and effectiveness

through constructive criticism (Goodwin-Stewart and Kent, 2016). Ellis (2020) asserts that
the value of internal audit had been affected by the perception that internal auditing only
appraises accounting functions, is past and post-operative contrary to proactive and
therefore does not have a big effect on organizational performance. The internal audit
practices are different from one organization to the other. Accordingly, the Institute of
Internal Audit (2010) defined internal audit effectiveness “as the degree (including quality)
to which established objectives are achieved”. Internal audit effectiveness means the extent
to which an internal audit office meets its purposes (Mihret and Yismaw, 2017).
Internal audit function plays an important role in the organizational process, and therefore
it is not only required to perform ordinary assurance activities, but also to serve as a
strategic partner of the organization and add value to its activities towards improving
organizational processes and ensuring their effectiveness and efficiency. Organizations
with effective and efficient internal audit function are able to detect fraud more than those
that have not such a function within their organizations (Corama, Fergusona and Moroney,
2008). Effective internal audit function could be a major asset for improving public
confidence in financial reporting and corporate governance.
The internal audit activity can be regarded as an important governance mechanism, being
an important monitoring function inside the organization. The internal audit activity has
the potential to help the management to fulfil its governance responsibilities and enhance
the effectiveness of other corporate governance mechanisms which consequently impact to
the quality of the financial reporting as well as the firm‟s performance (Johl et al., 2018).
The policy makers as well as many governance regulatory bodies recognized that the IA
has the potential to impact the corporate governance quality and the company‟s
performance. The IIA‟s Code of Ethics (2020) when it defined competency indicated that
internal auditors shall perform internal auditing services in accordance with the
International Standards for the Professional Practices of Internal Auditing. This reflects the
importance of compliance with the standards in ensuring efficient internal audit activities
2
and effective role as a governance mechanism. The Standards identified the roles and
responsibilities of internal auditing as providing a basis for measuring performance and
improving the practice of internal auditing.
The objectives of internal auditors are considerably broader than the objectives of External
auditors, providing flexibility for internal auditors to meet their company‟s needs. At one
company, internal auditors may focus exclusively on documenting and testing controls for
Sarbanes–Oxley Act Section 404 requirements. At another company, internal auditors may
serve primarily as consultants, focusing on recommendations that improve organizational
performance. Not only may internal auditors focus on different areas, but the extent of
internal auditing may vary from one company to another. (Ashenafi, 2018).
Finally Internal auditing as a strategic partner of the organization adds value to its activities
towards improving organizational processes and ensuring their effectiveness and efficiency
an organization to accomplish its objectives by bringing a systematic, disciplined approach
to evaluate and improve the effectiveness of risk management, control, and governance
processes. Effective internal audit function are able to detect fraud and could be a major
asset and serves as an important link in the business for improving public confidence in
financial reporting and corporate governance.
Conformance with the IIA‟s International Standards for the Professional Practice of
Internal Auditing (Standards) is essential in meeting the responsibilities of internal auditors
and the internal audit activity.
1.2. Statement of the problem

We are living in a dynamic globe. Every business activity, every day, including its culture
is under continuous change and improvement. While the complexity of business activities
becoming more and more, its internal control systems should also be well strong and
adequate to protect the interests of the organization and its stakeholders. One of the
functions of management in any organization is participation in controlling activity. Today,
this controlling activity has been supported by a profession called an internal audit activity
(IAA). It helps an organization achieve its objectives by introducing a systematic, rigorous
approach to assess and improve the effectiveness of risk management control and
governance.
3
The IIA provides internal audit professionals worldwide with authoritative guidance that is
organized in the IPPF as mandatory and recommended guidance. Conformance with the
principles set forth is required and essential for the professional practices of internal
auditing. Effective January 2017, the International Internal Audit Standards Board (IIASB)
has released one of the mandatory guidance elements of IPPF, the revised standards of
internal auditing. These standards together with the code of ethics encompass all
mandatory requirements of the IPPF. Hence, by taking this mandatory guidance a
requirement of IPPF into consideration, this research evaluates the current practices of
internal audit in the Commercial Bank of Ethiopia.
The following cases elaborate on the existing internal audit practices and the related
research gaps detected from a review of the related literature regarding Ethiopian private
and government-owned organizations, which derived the researcher‟s attention to dwell
much time and effort in the subject area. The following studies highlight some of the issues
that need further investigation.
 The existing audit practices in financial institutions of Ethiopia revealed that the
internal audit practices did not comply with the IPPF guidelines promulgated by IIA
(Tamiru Tsegaye (2018); Ashenafi Sida, (2018)).
 Most internal auditors undertake their day-to-day internal audit activities

traditionally and did not have profound knowledge of the IPPF ( Addisu Gemeda, 2014);
 The internal audit function needs to enhance its proficiency to have a positive
impact on the corporate governance of the Commercial Bank of Ethiopia (Abreham
G/Georgis, 2011).
 Since to date, the internal audit profession in Ethiopia was not discovered
adequately (Tamiru Tsegaye (2018); Very few researches have been done regarding
assessing the practices of internal audit rather than concentrating on the effectiveness of
internal audit in
Ethiopian organizations (Tadiwos Misganaw (2016), Abraham Yalew (2018), Desalegn
Getie (2020)).
 Ethiopian SOE's internal audit function lacks essential business knowledge &
4
insight; combined assurance was in its infancy, & there was a high degree of non-
compliance with quality assurance & improvement program
standards (P-Radas and K-Barac
(2018,”p.103”).
The above studies show previously limited studies done in Ethiopia; limited researchers
conduct research on part of IPPF guidance (mandatory guidance) in different industries.
Hence, there is a need to enrich previously conducted, studies that are related to internal
audit practices, and in the meantime to assess the current practices of internal audit in the
Commercial Bank of Ethiopia.
 Financial institutions like banks are the most risk of loss involved sectors related to
other sectors most of the time the following risks happen in banking: price risk, liquidity
risk, operational risk, compliance risk, strategic risk, reputational risk, credit risk, and IT
and cyber risk. In addition to this financial institutions should have a clear outline of their
policies and procedures. This is therefore it requires an objective look to ensure the
organization is operating in compliance with these policies and procedures. Since internal
audit has become a value creator for improving the effectiveness of risk management,
control, and governance systems (Dellai & Omri, 2016). Conforming, the financial
institutions internal auditing practices using international standards is a vital role for
financial institutions to enhance and protect organizational value by providing risk-based
and objective assurance, advice, and insight.
 CBE is the largest and leading commercial bank in Ethiopia. Conforming the IIASs
has been mandatory related to other organizations; this is therefore studying in these
organizations is necessary and used to be a benchmark for other privately owned banks and
organizations.
 Finally now a day a large amount of money transactions are performed with digital
banking and it increased the risk of digital payment crimes. The risk happened in both
internal and external parties‟ actions. Bring up some cases; retrieving and using
customers‟ confidential information for their own or other party benefits by staff (member
of staff fraud), third parties accessing the bank's computer system (hacking and cracking
the computer system), and in the other hand innocent customers do not follow bank‟s
instructions (simply biased by other persons). In fact, fraud is a major challenge in the
5
banking industry and this makes all banks vulnerable and distressed. The management of
each bank spends its hardearned money to curtail its occurrence. Moreover, it puts question
marks on the integrity of the employees and management of the banks and also gives rise
to an absolute loss of customers‟ confidence in banking. Adeyemo (2022) asserted that
banking frauds are made possible with insider or staff collaboration. The management and
staff of every bank are expected to carry out their responsibilities with ultimate sincerity of
purpose devoid of fraudulent practices to enhance public gain, trust, and goodwill.
According to this problem the studies that related to internal audit practices, and in the
meantime to assess the current practices of internal audit in Commercial Bank of Ethiopia
using IPPF as a benchmark. Since the IIASs are used to provide a framework for
performing and promoting a broad range of value-added internal audit activities (IAA) and
delineate basic principles that represent the practice of internal auditing as it should be.
1.3. The objectives of the study
1.3.1. General Objectives

The general objective of the study was to assess the internal audit practices of the
Commercial Bank of Ethiopia using the international professional practices.
1.3.2. Specific Objectives

Specific objectives that have to be addressed in the study were:
 To describe how IAA performed in Commercial Bank of Ethiopia;
 To check whether the IAAs in the Commercial Bank of Ethiopia lead by an approved
internal audit charter;
 To assess the internal audit objectivity and independence organizationally;
 To examine internal auditors' professional competency and their due professional care;
 To evaluate the quality assurance and improvement program of the Commercial Bank
of Ethiopia
 To evaluate both internal and external assessments in the Commercial Bank of Ethiopia;
 To evaluate how the code of ethics governs the behavior of individuals and
6
organizations in conducting audit activities;
1.4. Research Questions
The following research questions were developed to conduct the study; the main research
question in this study was: What looks like the practices of internal audit in Commercial
Bank of Ethiopia regarding international auditing standards and the code of ethics?
Additional sub-questions relating to the concept were:
I. How different steps of internal audit; risk assessment and prioritization, planning,
fieldwork, reporting, and follow-up on audit reports are undertaken in Commercial
Bank of Ethiopia?
II. Whether the IAAs in the Commercial Bank of Ethiopia led by an approved internal
audit charter?
III. How the internal audit objectivity and independence managed organizationally?
IV. Do the internal audit staffs maintain the expected proficiency (knowledge, skill,
etc) and exercise due professional care?
V. Whether the development and maintenance of a quality assurance and improvement

program of the Commercial Bank of Ethiopia cover all aspects of the internal audit
activities?
VI. Do both internal and external assessments conduct in the Commercial Bank of
Ethiopia?
VII. Whether the development and maintenance of a quality assurance and improvement
Program made that covers all aspects of the internal audit activity and that includes
both internal and external assessments?
VIII. Does the code of ethics govern the behavior of individuals and organizations in
conducting audit activities?
1.5. The hypothesis of the study

Based on the conceptual framework and in examining the internal audit practice of the
commercial bank of Ethiopia using IPPF the following hypothesis was developed to
7
address the research problem:
H1: practices of attribute standards significantly predict the conformity of IPPF by
CBE.
H2: Practices of performance standards significantly predict the conformity of IPPF by

CBE.
H3: Practices of code of ethics significantly predict the conformity of IPPF by CBE.
1.6. Significance of the Study

As a cornerstone of good corporate governance, an internal audit is conducted in diverse
legal and cultural environments; organizations that vary in purpose, size, complexity, and
structure. To achieve the objectives of the organization, it is also essential for ensuring the
appropriateness and adequacy of internal control systems designed by the Top
Management and Board of the organization. Furthermore, the effectiveness and efficiency
of operations regarding compliance with the existing financial regulations, instructions,
policies, and procedures; and proper utilization of company resources are other domains of
the internal audit activity.
Compliance with the IIASs is an essential part of internal audit to ensure the IAF
effectiveness, and the reliability of the audit reports and to enhance and protect
organizational value by providing risk-based and objective assurance, advice, and insight.
The main importance of this research work is to benefit the CBE by updating IAA and
indicating the gaps that affect the conformity of IPPF. And it‟s going to help stakeholders
to have a better understanding of IPPF.
Accordingly, conducting this research is considered to benefit different financial

institutions. Since the study results identified the internal audit activities of the
Commercial Bank of Ethiopia against non-conformance with the mandatory guidance
requirements of the IPPF. In the meantime, the identified weakness areas (findings) with
their respective recommendations are forwarded for further improvements and
adjustments. Furthermore, this study is adding value to the existing internal audit practice
that has been conducted in the Commercial Bank of Ethiopia by comparing the quality
level that is promulgated by IPPF. On the other hand, this study helps in increasing the role
and image of internal audits in commercial banks to make them more effective and
8
professional. It helps the shareholders appreciate the role of the internal audit as one of the
most important managerial control systems in an organization required to safeguard their
interests. Besides, this study benefited potential researchers who have an interest in the
area for their future study. .
1.7. Scope of the Study

Since the area of the study was too vast and fertile, it required ample time and cost to
address 100% of the existing commercial banks. Due to time and cost constraints,
therefore, the study was limited only to cover the Commercial Bank of Ethiopia. The study
results reflected from the Commercial Bank of Ethiopia would be generalized and
considered to represent the internal audit practices of almost all Commercial Banks in
Ethiopia.
Commercial Bank of Ethiopia was selected purposely by its large size and as a leading
commercial bank in Ethiopia. A large organization is assumed to have internal audit
functions and may use sophisticated auditing activities.
The study focuses on evaluating the current practices of internal audit of the Commercial
Bank of Ethiopia regarding revised mandatory and recommended guidance requirements
of IPPF, (2017).
1.8. Limitations of the Study

In carrying out this study, it is important to have a set of assumptions to base the study on
whether the responses to the questionnaires are true and accurate. The internal audit unit in
the bank has adequate knowledge of the practice of the organization. And the respondents
cooperated by giving the information demanded from them without reservation.
Certain problems and limitations are expected to face study like this; such problems are
lack of resources or time to study or go ground another division of the bank such as
different branches. Also, some staff may not like to reveal information. The main method
of data and information collection will include both primary and secondary sources. The
primary sources will be personal interviews with the intense Audit department‟s staff. The
questionnaire will also be designed and distributed. The secondary sources are; bank
internal control manuals, procedures, textbooks, and journals. Moreover, the level of the
respondents‟ knowledge regarding the standards set for the audit profession and the code
9
of ethics also was considered a limiting factor that could influence and blur the outcomes
of the study.
1.9. Organization of the Research

The structure of this research incorporates five chapters. The first chapter is an
introductory part. The background of the study is presented along with the objective of the
study and the related research questions. Statement of the problem and rationale of the
study are presented in the chapter as well. Review of the related literature; the theoretical
and empirical parts including the research gap are discussed thoroughly in the second
chapter. The third chapter focuses on the research design and methodology. Types and
sources of data, the target population, sample size, and sampling techniques, method of
data collection are described accordingly. In the fourth chapter, an exhaustive analysis of
the collected data is discussed and interpreted. In the last chapter, the major findings,
conclusions, and recommendations drawn based on the research results are forwarded to
the respective management, auditees, and users for their future proper implementation and
view.
10
CHAPTER TWO
REVIEW OF RELATED LITERATURE

Concepts are abstractions derived from experience and observation and are designed to aid
understanding of the similarities with in a subject matter and the difference from other
subject matters. Much like engineering, physics, economics, and Sociology and other
physical and social sciences, auditing is based up on a series of fundamental concepts. The
importance of auditing concept is that they are the basis for standards, the guidelines or
measures of quality from which audit procedures are derived. Together, therefore auditing
concepts, standards and procedures are related.
The study of literature is an important part of any thesis because it investigates the main
theories in the field of study, and thus helps in discovering what knowledge exists related
to the researched topic. Increasing this knowledge will ultimately lead to the generation of
original ideas and will show the relevance of the topic as compared to previous studies.
When the existing literature on the topic has been reviewed, the researcher will be able to
extract the key factors to be used in building a data collection tool. This will justify the
proposed methodology and help in avoiding duplication of results. To reach a full
understanding of the topic, a thorough study of the related literature is needed, and this is
the only way to truly understand the significance of the research topic. Without such an
understanding, the study will be fragile, unreliable, and most probably worthless. Building
upon this solid knowledge, and starting from where others have left off, will almost
certainly ensure original, relevant and valuable research.
The remainder of this chapter is divided into two parts, the first reviews theoretical aspects
of the research. The second part talks about previous studies and models addressing the
research topic in different counties.
2.1. Theoretical literature review
2.1.1. History of Internal Auditing

The term audit is derived from the Latin word “auditor” where “Far” describes that
auditing is an ancient science known in China since about 2000 BC. The auditor at that
time was independent and responsible for his work and profession. In the sixteenth century
11
AD, auditing was concerned with government and family issues. They used two clerks
called "Sofer" to document and keep copies of records and financial transactions to prevent
fraud and disappearance. And when the industrial revolution occurred and the owners‟
ownership separated from the investor‟s capital of the company and the management of its
business, there was a change in the concept of auditing, which Brown described in two
directions; The first change: is the urgent need for a unified accounting system, and the
second change represented by: the need for an independent audit of the business of
companies (institutions).
In the middle of the nineteenth century AD, auditing was expensive and inefficient, so the
owner of the company checked the production and matched it with the financial statements
of the records, and later the great expansion of industrial activities and the large size of the
companies became difficult to conduct a comprehensive audit, but the samples were taken
completely, which led to control and prevention of fraud and theft (Saud& Marchand,
2019: (Qabas Abdulrazzaq et al. (2021).
Internal audit is practiced in different and diverse legal and cultural environments, for the
benefit of organizations that differ in objectives, size, complexity, and structure. These
differences affect the practice of internal auditing in each environment, but the extent of
adherence to international standards for the professional practice of internal auditing is
essential to enable internal auditors to fulfil their responsibilities The internal audit
standards are divided into two main groups, the first is the attributes standards and the
second is the performance standards, which will be dealt with in detail in the practical
aspect, and the purpose of the internal audit standards is represented in (The Institute of
Internal Auditors, 2017: 3-4):
1. Directing compliance with the mandatory elements of the international framework

for professional practices.
2. Providing a reference framework for the performance and development of a wide
range of added value for internal audit activities.
3. Laying the foundations for evaluating the performance of the internal audit.
4. Promote the improvement of the facility's operations and paths.
The profession of auditing in general, and internal auditing, in particular, is ancient;

(Pickett, 2020, “p.8”). It was the “father of modern internal auditing” Lawrence Sawyer
12
who said that word auditing comes from ancient Rome. Ancient officials were performing
public and oral verification of records that was called “hearing of accounts”. This event
was later described by the term, “audit”. It is derived from the Latin “audits” which
means”a hearing” (Pickett, 2020). The roots of internal auditing are long and profound,
tracing to centuries B.C. However, the birth of modern day internal auditing is perceived
by many to happen with the formation of the IIAs. It was established in 1941 in the United
States, with first 24 members Olga (2017) IIA‟s fast growth, worldwide expansion,
continuous research, and development fueled growth in the internal audit profession.
Internal audit function started mainly as protection against fraud and asset loss.
Organizations grew in size and complexity which led to their decentralization.
Management needed to internally evaluate accounting information that was used for
making decisions. They also needed to control role efficiency of work and to ensure that no
deceitful actions took place.
Historically, organizations viewed the internal audit function as a policeman or even a

watchdog, which means that it was viewed only as an entity that is forced upon the
company to monitor its employees and operations. Over the years, this profession has been
struggling to be viewed and considered as an added value to the company and as a partner
in the company‟s achievement. Today, the internal auditor is not only a controller but also
an advisor.
The IIA implemented a new definition of internal auditing that is considered to be globally
accepted; in the form that is known today (Na.theiia.org, 2017):
“Internal auditing is an independent, objective assurance and consulting activity designed

to add value and improve an organization‟s operations. It helps an organization accomplish
its objectives by bringing a systematic, disciplined approach to evaluate and improve the
effectiveness of risk management, control, and governance processes.” The Definition of
Internal Auditing states the fundamental purpose, nature, and scope of internal auditing.
The IIA‟s Internal Auditing definition reflects the changing role of internal auditors. They
are expected to provide value to the organization through improved operational
effectiveness, while also performing traditional responsibilities, such as: reviewing the
reliability and integrity of financial and operational information, ensuring compliance with
policies and regulations & safeguarding assets (Ashenafi, 2018).
13
Furthermore, the definition underscores internal audit‟s contribution to the
accomplishment of organizational objectives (Desalegn, 2020)
2.1.2. The Institute of Internal Auditors (IIA’s)

The Institute of Internal Auditors (IIA) is an international professional association with
global Headquarters in Altamonte Springs, Florida, USA. IIA was established in 1941.
Currently, the Institute of Internal Auditors expanded into 271 countries and territories with
over 230,000 members world-wide. The IIA is the internal audit profession's global voice,
recognized authority, acknowledged leader, chief advocate, and principal educator.
Generally, members work in internal auditing, risk management, governance, internal
control, information technology audit, education, and security. Globally, The IIA members
enjoy benefits offered by the North American Service Centre including local, national, and
global professional networking; world-class training; certification; standards and guidance;
research; executive development; career opportunities; and more. The IIA‟s Audit
Executive Centre provides chief audit executives with relevant and timely thought
leadership and connections to peers for benchmarking and sharing best practices. The IIA
continuously conducts research and develops practices that allow internal audit to adjust
and respond to ever-changing needs of organizations.
The profession of Internal Audit gets its comprehensive guidance from the International
Professional Practices Framework (IPPF) set by the IIA. The IPPF identifies the official
definition of internal auditing, the Code of Ethics, the Position Papers and Practice Guides,
the Practice Advisories, the International Standards for the Professional Practice of Internal
Auditing (the Standards), and developmental and practice aids. The conformance of all
members of The IIA and Certified Internal Auditors with the Standards and the Code of
Ethics set by the IPPF is mandatory. (theiia.org)
2.1.3. International Professional Practices Framework (IPPF)

The International Professional Practices Framework (IPPF) is the conceptual framework
that organizes authoritative guidance promulgated by the IIAs. It‟s universally
acknowledged as the trustworthy, global, guidance setting body, providing internal audit
professionals worldwide with knowledge and methodologies.
The scope of the IPPF is only authoritative guidance developed by an IIA international
technical committee (International Internal Auditing Standards Board, Professional Issues
14
Committee, Global Ethics Committee, and Public Sector Committee) following
appropriate due process. The Framework has been developed to organize the full range of
internal audit guidance from IIA Global in an accessible way. The Global Institute of
Internal Auditors has developed a comprehensive range of standards, guidance, and guides
to help internal auditors around the world in their work.
The Framework includes two types of guidance:

1. Mandatory Guidance: IIA members are required to comply with mandatory
guidance. This guidance is developed after consultation with members. These are: Core
Principles; Definition of Internal Auditing; Code of Ethics and International Standards of
internal auditing.
2. Recommended Guidance: IIA members are recommended to comply with this

guidance. It describes practices for the effective implementation of mandatory guidance,
therefore, compliance is strongly recommended. (The Core Principles, the IIA's Code of
Ethics, and the International Standards for the Professional Practice of Internal Auditing
(International Standards).
The Mission of Internal Audit “To enhance and protect organizational value by providing
stakeholders with risk-based, objective and reliable assurance, advice and insight.”
describes internal audit‟s primary purpose and overarching goal. Achievement of the
mission is supported by the entire IPPF, including the mandatory elements of the
Definition, Core Principles for the Professional Practice of Internal Auditing, the Code of
Ethics, and Standards, as well as all recommended guidance.
Assurance: An objective examination of evidence to provide an independent assessment

on governance, risk management, and control processes for the organization.
Advice: Advisory, the nature and scope of which are agreed with the client, are intended to
improve an organization's governance, risk management, and control processes without
assuming management responsibility.
Insight: To be truly effective, IA should focus proactively on key risks and issues facing
organizations with catalyst, analysis, and assessments.
15
2.1.3.1. Core Principles
The Core Principles, taken as whole articulate internal audit effectiveness. For an IAF to be
considered effective, all Principles must be present and operating effectively. How an
internal auditor, as well as an IAF, demonstrates achievement of the Core Principles may
be quite different from organization-to-organization but, failure to achieve any of the
Principles imply that an IAA was not as effective as it could be in achieving IA‟s mission.
2.1.3.2. Definition of Internal Auditing

Internal auditing is an independent, objective assurance and consulting activity designed to
add value and improve an organization‟s operations. It helps an organization accomplish
its objectives by bringing a systematic, disciplined approach to evaluate and improve the
effectiveness of risk management, control, and governance processes. The Definition of
Internal Auditing is the statement of fundamental purpose, nature, and scope of internal
auditing. The definition is authoritative guidance for the internal audit profession from the
Global Institute of Internal Auditors. It is part of the IPPF.
2.1.3.3. Code of Ethics

The Code of Ethics is a statement of principles and expectations governing behaviour of
individuals and organizations in the conduct of internal auditing.
2.1.3.4. The purpose of the Standards is to:

 Provide a framework for performing and promoting a broad range of value-added
internal auditing services.
 Guide adherence to the mandatory elements of the IPPF.
 Establish the basis for the evaluation of internal audit performance.
 Foster improved organizational processes and operations.
The Standards are a set of principles-based, mandatory requirements consisting of:
 Statements of core requirements for the professional practice of internal auditing

and for evaluating the effectiveness of performance that is internationally applicable
at organizational and individual levels.
 Interpretations clarifying terms or concepts within the Standards.
16
The Standards, together with the Code of Ethics, encompass all mandatory elements of the
IPPF; therefore, conformance with the Code of Ethics and the Standards demonstrates
conformance with all mandatory elements of the IPPF. Furthermore, the Standards use the
word “must” to specify an unconditional requirement and the word “should” where
conformance is expected unless, when applying professional judgment, circumstances
justify deviation.
2.1.3.5. Categories of internal audit standards

a) Attribute standards: Attribute Standards address the characteristics of
organizations and parties performing internal audit activities. Numbered in 1000s; govern
the responsibilities, attitudes, and actions of the organization‟s internal Audit function
(IAF) and parties performing internal audit activities. Apply to IAAs and individual
internal auditors.
b) Performance standards: Performance Standards describe the nature of internal

audit activities and provide criteria for performance evaluation. Numbered in the 2000s,
govern describes the nature of internal audits and provides quality criteria to measure the
performance of IAA. Apply to IAAs and individual internal auditors.
c) Interpretations: are provided by the IIA to clarify terms and concepts referred to
in Attribute of Performance Standards.
d) Implementation Standards: expand attribute and professional standards and apply

them to specific types of assurance or consulting engagements. They may deal with
industryspecific, regional or specialty types of auditing services. They have unique formats
Example 1000 A1 for Assurance “A” and 1000C1 consulting “C”.
The Standards comprise two main categories: attribute and performance standards.
• Attribute Standards address the attributes of organizations and individuals

performing internal auditing.
• Performance Standards describe the nature of internal auditing and provide

quality criteria against which the performance of these services can be
measured.
Attribute and Performance Standards apply to all internal audit
17
services.
Implementation Standards expand upon the Attribute and Performance Standards by
providing the requirements applicable to assurance (.A) or consulting (.C) services.
Assurance services involve the internal auditor‟s objective assessment of evidence to

provide opinions or conclusions regarding an entity, operation, function, process, system,
or other subject matters. The nature and scope of an assurance engagement are determined
by the internal auditor.
Consulting services are advisory in nature and are generally performed at the specific
request of an engagement client. The nature and scope of the consulting engagement are
subject to agreement with the engagement client ([email protected]).
2.1.4. Theories of auditing

Theories on the demand for auditing provide a general framework for auditing, or at least
for understanding it. Mautz and Sharaf (1961) define the purpose of theory in the following
way: “One reason, then, for a serious and substantial investigation into the possibility and
nature of auditing theory is the hope that it will provide us with solutions or, at least, clues
to solutions, of problems which we now find difficult”.
In the field of audit developed numerous theories of internal audit to analyze the IAA and
IAF that can the internal auditors to be objective and independent, competent, exercises
due professional care. Furthermore, the code of ethics governs the behavior of individuals
and the organization. For the purpose of this study, the following theories will be
employed:
2.1.4.1. Stewardship Theory:

is a framework which argues that people are intrinsically motivated to work for others
or for organizations to accomplish the tasks and responsibilities with which they have
been entrusted. Stewardship theory was proposed by Donaldson and Davis
(1991;1993). Stewardship theory has been framed as the organizational behaviour
counterweight to rational action theories of management (Donaldson and Davis,
1991;1993). This theory posits that there is no conflict of interest between managers
and owners and that the goal of governance is, precisely to find the mechanisms and
structure that facilitate the most effective coordination between the two parties
18
(Donaldson, 1990). Stewardship theory is presented as an alternative to agency theory.
2.1.4.2. Stakeholder Theory:

Stakeholder theory was propounded by Freeman and Reed (1984). The stakeholder
theory is fundamentally a theory about how business works at its best, and how it could
work. This theory is about value creation and trade and how a business is managed
effectively. The stakeholder theory argues that other individuals matter such as
customers, lenders, creditors, employees, communities, and so on.
2.1.4.3. Policeman Theory:

This was the most widely held theory on auditing until the 1940s. Under the policeman
theory, an auditor acts as a policeman focusing arithmetical accuracy and on the
prevention and detection of fraud. However, due to its ability to explain the shift of
auditing to, „verification of truth and fairness of the financial statements‟, the theory
seems to have lost much of its explanatory power. The policeman theory narrows
auditor‟s responsibilities to prevention and detection of fraud. The theory describes the
expectations the stakeholders have of the auditors, including protection against fraud,
warning of future insolvency, and general re-assurance of financial well-being.
The detection of fraud is, however, still a hot topic in the debate on the auditors‟
responsibilities, and typically after events where financial statement frauds have been
revealed, the pressure increases on increasing the responsibilities of auditors in detecting
fraud. (Hayes et al. 2005)
2.1.4.4. Credibility theory:

Credibility theory was developed by Limperg (1932). It suggests that the primary function of
the audit is to add credibility to the financial statements. In this view the service that the
auditors are selling to the clients is credibility. Audited financial statements are seen to have
elements that increase the financial statement users‟ confidence in the figures presented by
the management (in the financial statement). users‟ are perceived to gain benefits from the
increased credibility.
2.1.4.5. The theory of inspired confidence (Theory of rational
expectations):
(Limperg 1932) addresses both the demand and the supply for audit services. The demand for
audit services is the direct consequence of the participation of third parties (interested parties
of a company) in the company. These parties demand accountability from the management, in
19
return for their investments in the company. Accountability is realized through the issuance of
periodic financial reports. However, since this information provided by the management may
be biased, and outside parties have no direct means of monitoring, an audit is required to
assure the reliability of this information. About the supply of audit assurance, Limperg (1932)
suggests that the auditor should always strive to meet the public expectations.
2.1.4.6. Communication Theory:

In accords of the IIA as the professional body that takes care of internal auditing, several
studies such as those by Davidson (1991), Quinn and Hargie (2004) and Golen (2008),
confirm the importance of and the need for effective communication skills in all organization
functions. Studies done by Lewis and Graham (1988) and Smith (2005) suggested some ways
to improve these communication skills. Previous studies by Hahn (2008) and Golen (2008)
discussed communication barriers and how they can be overcome. At the same time, several
previous studies have dedicated their work to communication in organizations. These studies
evidenced that, effective communication and interpersonal relationships between managers
and staff have a strong contribution to improving profitability, an improving activity; and it
leads to higher quality of services and products, and reduction in costs (Clampitt & Downs,
1993). According to both IIA Standards and previous studies, the study of effective
communication in internal auditing is necessary, and hence this study should consider the
communication theory for its achievement. Davidson (1991) confirms that all auditors can
benefit from the knowledge of current communication concepts, and even those who believe
they are good communicators need to work consciously on assessing, improving, and
applying their skills. Davidson‟s communication theory is based on three basic truths about
communication. These are:
(1) It is impossible not to communicate;
(2) Communication is a multilevel phenomenon, and
(3) Message sent does not always equal the message received.
2.1.4.7. Agency Theory:

Agency theory was propounded by Jensen and Meckling (1976). Agency theory illustrates the
conflict between principal and agent; where the principal (owner) lacks reasons to trust his or
her agents (directors) because of information irregularities and contradictory motives.
20
Information asymmetry deals with the study of decisions in transactions where one party has
more or superior information than the other party or parties. External auditors are used as a
third party to try to align the interests of agents with principals and to allow principals to
assess and manage the behaviour of their agents and strengthen the trust. However, this
creates a new concept of the auditors as agents, which leads to threats to objectivity and
independence. When an auditor performs an audit for a company, they are acting as agents for
the principals and this relationship develops similar threats to trust and confidence as the
director-shareholder relationship.
(Watts and Zimmerman 1978, 1986a, 1986b) suggests that the auditor is appointed in the
interests of both the third parties as well as the management. A company is viewed as a web
of contracts. Several groups (suppliers, bankers, customers, employees etc.) make some kind
of contribution to the company for a given price. The task of the management is to coordinate
these groups and contracts and try to optimize them: low price for purchased supplies, high
prices for sold goods, low-interest rates for loans, high share prices and low wages for
employees. In these relationships, management is the agent, which tries to gain contributions
from principals (bankers, shareholders, employees, etc). The most prominent and widely used
audit theory is the agency theory.
Peursem and Pumphrey (2005) considered internal auditors as agents and monitors for a
variety of the internal audit users that include the board, audit committee and senior
management. Agency problems could occur when the board or its audit committee is
inefficient, and hence, the senior management is likely to be a powerful influence over the
internal audit. Internal auditors often are employed by senior management, but at the same
time, they are also agents of the board and audit committee who trust in the internal auditors‟
ability to evaluate senior management works. However, internal auditors may have varying
motives to act against the board of directors‟ interests and its audit committee and these
motives include financial rewards from managers, personal relationships with them, and the
power of senior management in shaping the future position of internal auditors and their
salaries. In such a work environment, internal auditors as agents may have an incentive to be
bias in information flows, which leads to new concerns of the board and audit committee
about their trust on the internal auditors‟ objectivity, and preventing such threats of
objectivity becomes necessary for the board and its audit committee. Internal auditors as
agents must perform audit processes at the professional level requiring education and
professional certifications, experience, and other competencies needed to perform their
responsibilities perfectly. Having internal auditors with such requirements and the existence
of training programs for internal auditors would increase the confidence level of the board
21
and audit committee in the internal auditor competence. At the same time, internal auditors,
by proving their duties in accordance with the professional level, can refute charges of
neglecting their duties. The internal audit department works are achieved under the
supervision of the chief audit executive who is the main responsible individual for putting the
internal audit plan, reporting internal audit findings and following-on up on internal audit
recommendations. The organization members are required to evaluate the internal control
system (SOX, Section 404, 2022), and to achieve this requirement they depend on the
internal audit department. During this evaluation, internal auditors should collect sufficient
and reliable evidence support their assessment of the internal control system. The existence of
such evidences will increase the confidence level of organization members in the work
performed by the internal audit. Hence, internal audit department performance is a crucial
requirement for organization members to consider internal auditors as agents. Internal
auditors, as agents of the organization members, need their support. The existence of an
effective audit committee in the organization enhances internal audit independence and also,
reduces senior management interferences either in internal audit scope or its performance.
Linking Theories of the Study Research in auditing has traditionally been conducted under
the framework of agency theory (Pilcher et al., 2021). However, Mihret et al. (2020) argued
that the neoclassical economic theories including agency theory were the main reason for
limited research in internal auditing. They criticized the assumption that organizational
phenomena are only driven by maximizing the self-interest of individuals, and they
confirmed that the behaviour of individuals cannot be abstracted from the social settings.
Thus, they suggested institutional theory. The use of more than one theory in one
combination enables considering social and behavioural aspects and the economic
dimensions. Several previous studies have adopted both agency and institutional theories
(Yamak & Suer, 2015; Christopher et al., 2009; Yaqi et al., 2022).
Agency theory is extensively employed in the accounting literature to explain and predict the
appointment and performance of external auditors. Argues that agency theory also provides a
useful theoretical framework for the study of the internal auditing function. Proposes that
agency theory not only helps to explain and predict the existence of internal audit but that it
also helps to explain the role and responsibilities assigned to internal audit function is likely
to be affected by organizational change. Concludes that agency theory provides a basis for
rich research which can benefit both the academic community and the internal auditing
profession. Adams, M.B. (2014).
22
According to EduBirdie, (2022) Auditor independence is linked to agency theory. If the audit
team is not independent from management then they cannot be trusted by stakeholders and
the original principle-agent problem between stakeholders and management persist.
Stakeholders cannot trust an audit firm that is not independent from management as they may
be manipulated by, influenced by or in, collusion with management to fulfil their own
professional and personal self-interests. There are many reasons why management may not
be considered trustworthy, such as their own financial reward, job security or relationships
with third parties who are not relevant to the principle. Auditors too have many incentives to
act unprofessionally and therefore ignore the independent requirement of the auditing role;
these include the large audit fees paid for by management and the threat of losing
employment by the audit client or company.
Furthermore, EduBirdie, (2022) states that, auditor independence is linked to the credibility
theory. Today, creditability consists of five fundamental principles; integrity, objectivity,
professional competence and due care, confidentiality, and professional behavior. By
focusing on independence, we can see how easy it is for fundamental principles such as
integrity and objectivity to be neglected as a result of independence being compromised,
leading to overall creditability decreasing at a detrimental rate.
For the purpose of this research, the agency theory is considered as the major underpinning
theory. The results of the research work would be related to this theory, and conclusions
would be drawn based on it.
2.2. Review of Empirical Evidences

Several studies on internal auditing have been carried out both locally and globally.
Different researches were conducted on the existing practices of internal auditing in the
Ethiopian context as well as internationally. The focus of those papers varies in terms of
sectors, industries, institutions and different variables. Highlights of some previous research
papers on similar subject areas including the research conclusions and recommendations are
discussed as part of the assessment of previous empirical evidences and presented as follow:
Nancy (2019) investigated the effect of internal audits on the financial performance of
commercial banks in Kenya. The study purposively selected one senior manager in the
finance department. The researcher administered a survey questionnaire to each member of
the target population since it was the most appropriate tool to gather information.
Quantitative analysis and regression analysis were used as data analysis technique.
Descriptive statistics such as mean, standard deviation and frequency distribution were used
23
in the analysis of data.
According to the findings, internal audit standards, independence of internal audit,
professional competency and internal control had a positive relationship with the financial
performance of commercial banks, The study recommends that management in commercial
banks in Kenya should adopt effective internal audit practices such as internal auditing
standards, independence of internal audit, professional competency and internal controls to
enhance financial performance of the banks.
Getaneh (2020) addressed the embodiment the of Role of Internal Audit: A Case of the
Commercial Bank of Ethiopia. The objective of the study was to assess what roles internal
audit plays in the achievement of organizational objectives. The study result shows that
internal audit plays an indispensable role in the achievement of organization‟s objectives
through ensuring effective and efficient utilize at resources source, advocating ethical
conducts throughout the organization, assessing and identifying system inefficiencies, and
providing a recommendation for better achievement. Moreover, a finding shows that
compliance / traditional audit is the dominant type of audit practiced. The study also
identifies absence of sufficient training, no / little encouragement by management, and lower
acceptability of findings as major barriers to efficient audit function. Based on the findings
the researcher recommended the audit department extend its scope in assessing risks
proactively, create continuous and direct contact with management, have a hormone-nous
relationship, and develop their value-adding role.
Wubishet and Dereje (2019) investigated that factors determining internal audit quality in
Ethiopian commercial Banks. The study adopted a quantitative research approach.
Selfadministered questionnaires distributed to 160 internal auditors‟ cross-sectional of 15
commercial banks. Out of 160 distributed questionnaires 154 questionnaires have been
collected. The results of the study indicate that internal auditors in Ethiopian commercial
banks believe the performance, competence and use of information technology by internal
auditors as significant factors affecting internal audit quality. “Performance” is the highest
determinant factor of internal audit quality, followed by “competence” and “Information
technology” respectively. The study surprisingly addressed objectivity of internal auditors‟ is
not a factor that determines the internal audit quality in Ethiopian commercial banks. The
study recommends that Ethiopian commercial banks must work to ensure the availability of
the key factors to achieve the quality of internal audit function.
24
Fenet (2018) investigated corporate governance, internal audit and financial performance in
private commercial banks in Ethiopia. The study used a quantitative approach data collection
method and adopted cross-sectional survey design and employed questionnaires to collect
data from respondents. The study revealed a significant positive relationship between
corporate governance, internal audit, and financial performance. And concluded that
corporate governance is a higher predictor of financial performance than internal auditing.
This implied that the importance of corporate governance in enhancing the banks‟ financial
climate for performance is significant. It also recommended that managers should always
share their resolution with all bank staff and that managers should provide options where
there is easy access to information regarding the bank‟s financial performance and also
manger should give training to the internal auditor and audit team to make them competent to
perform their job and enhance financial performance.
Salawu and Mary (2017) assessed the effectiveness of the Institutional Regulatory
Framework of Auditor Independence in Nigeria. The study revealed that identified weakness
inherent in the regulatory framework assessed such as ineffective whistle-blowing blowing in
Nigeria; violation of Auditor‟s reporting independence; negligence on the Part of Audit
Regulators and External Auditors in Nigeria; absence of unified code of corporate governance
on the Nigeria and proliferation of accounting professional bodies and decline in ethics.
The study recommended that, harmonisation of the multiplicity of corporate governance
codes and accounting professional bodies in Nigeria by Financial reporting Council of
Nigeria is a pre-requisite for promoting auditor independence among external auditors. Also,
regulators in Nigeria should create more stringent regulatory procedures to detect fraud, meet
appropriate discipline measures sure, and well as penalized companies and audit firms for
erring. Furthermore, the accountancy professional body the institute of chartered accountants
of Nigeria (ICAN) should promote the dignity of its members by making the appointment of
external auditors less dependent on the executive directors and more dependent on the
nonexecutive directors, audit committees, and shareholders.
Meseret (2016) investigated the determinants of internal audit effectiveness in the case of
Ethiopian private commercial banks. The study employed a combination of descriptive and
explanatory research methods. The study conducted only by taking six private commercial
banks out of sixteen private commercial banks in Ethiopia. Based on the result of the
25
regression output all of these five factors (the influence of management support,
management‟s perception of IA‟s values, organizational independence, adequate competent
internal audit staff, and presence of approved internal audit charter) contribute to internal
audit effectiveness in private commercial banks positively and significantly and making
82.9% contribution to internal audit effectiveness. The study recommends that Ethiopian
private commercial banks must work to ensure that the availability of the key factors to
achieve the effective internal audit functions.
Rihana (2021) assessed the Internal Audit Practices of State Owned Enterprise (SOE‟s) in
Ethiopia using the International Professional Practice Framework (IPPF) as a benchmark. The
study employed a mixed research approach (both qualitative and quantitative method)
combining survey design, in-depth semi-structured interviews, and documentary reviews. A
self-administered questionnaire was distributed to all internal auditors of the five Ethiopian
SOEs; the study also used a purposive sampling design. Commercial Bank of Ethiopia is one
of the five SOEs. The major findings reveal that t detailed audit work program is prepared,
the audit plan is properly implemented, internal audit reports are prepared as per the
standards, and also the finding discloses quality assurance and improvement program,
independence & objectivity of internal audit activities of SOEs were aligned with the IPPF.
However, gaps were sated regarding due professional care and development that are as a lack
of certification at the professions demand to be, staff shortages and there is a lack of
development training programs.
Leona (2020) investigated the roles and challenges of internal auditing in the banking
industry in Kenya. The research design employed in this study was descriptive. The target
population in the study was the 43 licensed commercial banks in Kenya. Primary data was
collected using a semi-structured questionnaire. The study used the quantitative method of
data analysis, that is, mean and mode. To ensure easy analysis, and minimize the margin of
error, a questionnaire was coded according to each variable. Based on the findings, the study
concluded that the general roles of internal auditing is to provide guarantee that internal
controls are efficient, examine and assess the banks policies, procedures, manuals and
recommending best practices and risk evaluation and management. The study further
concludes that the challenges faced by internal auditors on their daily operations were those
of realigning skills to address new requirements and implementing the new international
professional practices framework (IPPF). The study recommends that the banks should hire
auditors from other fields to introduce new techniques in the bank counts auditing to
26
overcome the challenges encountered by internal auditors in their operations. The study also
recommends that there should be continuous training and development of audit staff, in order
to enhance their competence and also there should be acquisition of an audit system in all the
banks.
Bizuayehu (2016) assessed internal audit from perspective of Ethics and standard practices in
the case of selected government sectors in SNNPRS, Ethiopia. The study used both
qualitative and quantitative approaches cording to the result the problem associated with
internal audits were the lack of necessary qualifications and competencies for auditors and
limitations of to management in solving the problem associated with the internal audit
concerning ethical standards, application of internal audit principles and ethical standards
were not based on the IA principles, and the extent of application of internal audit principles
in real-world practice was smooth. The study recommend that recommends bodies of the
government should take measures that help the internal audit department in each public sector
in the region to work according to the standard practice and adhering to principles of internal
audit would be essential.
Worku (2021) investigated the internal audit practice in Ethiopian private insurance
companies. The internal auditing practice of the private insurance companies was studied in
terms International of Standards for the Professional Practice of Internal Auditing; attributed
standard, performance standard standards of ethics. The study employed descriptive design
and a purposive sampling technique and only used primary data (questionnaire). Based on the
findings the study concluded the standards were complying well by the private insurance
companies in Ethiopia. The study point out points in order to comply with the mandatory
guidance elements promised by IPPF, all private insurance companies should enhance their
internal audit staffs trough continuous training and certifications. Besides, to gain more
benefit from their audit unit, they should give due consideration to satisfy the adequacy of
their audit staffing and allocation of the related resources. In addition, the mandatory
guidance elements of IPPF should be followed to add value and improve performance.
Madurasinghe & Tennakoon (2019) investigated in the research entitled „‟ the application of
international internal audit standards by licensed commercial banks (LCB) in Sri Lanka‟‟ a
quantitative research was carried out to reach the research objective. Closed ended;
selfadministrated questionnaire was distributed among the internal auditors of LCBs. The
study was used descriptive statistics and multivariate analysis. The study results suggested a
moderate level application of IIASs by LCBs. However, the extent of IIAS‟s application
27
found significantly varies month g three categories of IIASs. The attribute standards seemed
the heavily applied IIASs category by Sri Lankan LCBs compared to performance standards
and implementation standards. The least level of application was evidenced concerning to
performance standards.
Tamiru Tsegaye (2018) studied the assessment of internal audit practices in private
commercial banks of Ethiopia; the aforementioned Mandatory Guidance Elements were
taken as a benchmark for the study. The sample of the research was only focused on five
private banks selected by using purposive sampling technique. Both qualitative and
quantitative data types were applied in the study. Based on the research results the study
concluded the mandatory guidance requirements conformance level within the selected
Private Commercial Banks of Ethiopia did not move up to the expectation that satisfies the
IAS. As a result, the researcher recommended that The existing healthy conformance with
certain mandatory Guidance requirements of the IPPF should be kept up and goes to the
sound conformance level by all elements; the existing inadequate conformance have to
make improvements until it satisfies the needs of all stakeholders; and lastly, it was
attached with poor/below the expectation/ conformance, the Quality Assurance and
Improvements Program (QAIP) standard; should be carried out properly by all Private
Commercial Banks of Ethiopia.
Bekele W/Senbet (2019) studied the assessment of internal audit practices in Oromia
regional state the case of selected public sectors. By taking the mandatory guidance
requirements of IPPF as a benchmark. The research was only focused on six sectors that
were selected by using g purposive sampling technique. Both qualitative and quantitative
data types were applied in the study. The primary means of date collection, a
selfadministered questionnaire, was employed and distributed to the respective internal
auditors. Moreover, the secondary data was reviewed from the related IASs and various
literatures, journals, articles, and automated documents. The findings indicated that the
mandatory guidance requirements conformance level within the selected sector Oromia
regional state did not move up to the expectation that satisfies the IAS.
The existing healthy conformance with certain mandatory Guidance requirements of the
IPPF should be kept up and goes to the sound conformance level by all elements; the
existing inadequate conformance have to make improvements until it satisfy the needs of
all stakeholders.
Alemberhan Seyoum (2021) examined the assessment of Internal Audit Practices in Textile
28
Manufacturing Companies. In the Case of Some Selected Companies. The study employed
a descriptive research method and purposively selects four textile manufacturing
companies located in and around Addis Ababa. The study employed census method and
selected all the 73 internal audit employees working at the four selected textile
manufacturing companies. Out of 73 distributed questionnaires 68 questionnaires were
correctly filled and returned. The collected data was analyzed using descriptive statistical
tools. The findings showed that though there are internal audit charters in the selected
textile organizations, there is a gap in making the content and nature of the charters comply
with International Standards for the Professional Practice of Internal Auditing (ISPPIA)
attribute standards for internal audit charter. In line with the findings of the study, it was
suggested that the textile manufacturing companies need to improve and periodically
review their respective audit charters. Moreover, the study recommend that the
organizations to enhance their internal staffs by giving trainings.
Arwa (2017) evaluated and investigated the effectiveness of internal auditing procedures in
Jordanian commercial banks. The descriptive approach was used. Results revealed that the
internal auditing program used in the commercial banks included procedures that achieve
internal auditing procedures and the role of the board of directors ensured the effectiveness
of the internal auditing in the information technology. Additionally, results showed that the
internal auditing program included risk based auditing program and the internal auditing
procedures ensure the internal auditor‟s independence. The study recommended the
necessity to enhance the current procedures followed in the internal auditing
implementation for its effectiveness and the necessity to clarify the internal controls and its
levels to ensure the success of the auditing program.
2.4. The Research Gap

Tamiru Tsegaye (2018) studied the assessment of internal audit practices in private
commercial banks of Ethiopia using IPPF and found out the mandatory guidance
requirements conformance level within the selected Private Commercial Banks of Ethiopia
did not move up to the expectation that satisfies the IAS. Finally, due to limited studies
done in Ethiopia, he suggested further studies on issues that related to the practices of
internal audit in different industries including government-owned banks by taking the same
29
benchmark, the mandatory guidance elements of IPPF. In addition to this, he mentioned
„‟since to-date, the internal audit profession in Ethiopia was not discovered adequately.‟‟
Thus, his research would benefit all private commercial banks of Ethiopia and other
stakeholders that are concerned with adequately establishing their internal audit
department/unit and benefit from the profession by viewing sound practices of internal
auditing as a criterion.
Various researchers that are interested in the study area could select the mandatory and
recommended guidance elements of the IPPF separately and even focus on specific areas
of IPPF based on their will and the upcoming research gaps.
Previously very little research has been done regarding internal auditing-related topics at
various organizations in Ethiopia. By the definition of IIA, the internal audit is expressed
as a profession that is moving from its traditional view (approach) to the new risk-based
view (approach). Since internal auditing today is different from internal auditing yesterday
and before, it is under a continuous review and progress (Olga (2017). Therefore, as a
global guidance-setting body, the IPPF organizes authoritative guidance promulgated by
the IIA. The IIA provides internal audit professionals worldwide with authoritative
guidance organized in the IPPF as mandatory guidance and recommended guidance.
Conformance with the principles outlined in mandatory guidance is required and essential
for the professional practice of internal auditing. These mandatory guidance elements are
categorized into two namely attribute standards and performance standards. The standards
together with the code of ethics encompass all mandatory elements of the IPPF. As it is
mandatory guidance, no previous research was made in the Commercial Bank of Ethiopia
by taking into account the mandatory and recommended guidance elements as a whole.
the revised International Standards for the Professional Practice of Internal Auditing
(Standards) that was released by the International Internal Audit Standards Board (IIASB)
effective January 2017 and the code of ethics. It could be seen from the above discussion
that the majority of the previous studies concentrated on the effectiveness of internal audits
in various organizations in Ethiopia and globally. Very few studies were conducted in the
area of assessing internal audit practices in different sectors and industries. As well, since
to-date, almost no research has been done paying special attention to assessing the
practices of internal audit the in Commercial Bank of Ethiopia by taking both the
mandatory and recommended guidance elements of IPPF: the revised international auditing
standards and the code of ethics as a benchmark. So the forgoing research gaps were
30
identified and derived the attention the researcher to dwell his time on the stated gaps.
CHAPTER THREE
RESEARCH DESIGN AND METHODOLOGY
3.1. Introduction
This chapter explains the research techniques which were adopted for the study to achieve the
research objectives. It elaborates on the research design and provides details regarding the
population, sample and sampling techniques, and the research instruments used in collecting
data for the study. It also discusses the data collection methods and data analysis plan.
The first section presents the research design and types and sources of data, the target
population, sample size, and sampling techniques were presented in the subsequent sections.
Finally, methods of data distribution and collection, and methods of data analysis by
preceding methods of data interpretation and presentation, are briefed accordingly.
3.2. Research Design

To ensure sound corporate governance and internal control system the existence of internal
audit play a vital role in organizations. According to the IIA definition, internal auditing is an
31
objective assurance and consulting activity designed to add value and improve an
organization‟s operations. Since internal auditing is conducted in diverse legal and cultural
environments, the differences may affect the practices of internal auditing in each
environment; conformance with the IIA‟s standards is essential in meeting the
responsibilities of internal auditors and the internal audit activity. As there is no option to
non-conformance, therefore, this study examined the current internal audit practices in the
Commercial Bank of Ethiopia by using the IPPF both the mandatory and recommended
guidance requirements international auditing standards and the code of ethics as a
benchmark. It was revised in October 2016 and Effective January, 2017.
Based on the research problem and the objectives of the study and supporting research
approaches, a mixed research approach was implemented. Since, CBE was a mix of primary
and secondary data. To get the benefits of a mixed method approach and to mitigate the bias
in adopting only a quantitative or qualitative approach. The mixed method research had an
objective to evaluate the internal audit practices of CBE. In addition to this the objective of
the study was to approach both the perspective of qualitative and quantitative research
method.
3.3. Types and Sources of Data

Both qualitative and quantitative data were use in the study. Furthermore, the sources of data
were both primary and secondary. Primary data was obtained through in-depth semistructured
interviews and questionnaires. Secondary data includes materials published by CBE and on
their website or in printed publications.
Developing and distribution of questionnaires to the concerned bank auditors was the primary
and major source of data gathered in instruments. Review of the related literature, especially
the IPPF standards-2017, journals, research articles; CBE internal audit charter, internal
control framework, and internal audit procedure and websites were used as a secondary
means of data collection. In addition to this based on pre-planned interview guide which
contains specific topics but not limited and allows for deviation from the study guide, both in
questions and answers, in depth semi-structured interview was initiated for this study. An
interview was chosen as data collection method because it meets the needs, time frame and
limitations of this study. In addition to this it is used as a data collection method in both
quantitative and qualitative research but most widely employed in qualitative research.
32
(Bryman and Bell, 2017, p.472).
3.4. Target Population

To achieve the representativeness of the sample; the target population of the study was direct
to all Commercial Bank of Ethiopia Internal Audit managers, internal audit team leaders,
senior internal auditors, and internal auditors that have been currently working at Head
Office. Hence target population was the total number of respondents or the entire population
working at Head Office. Since Auditors were not easily accessible as they are a field working
at different branches
3.5. Sample Size and Sampling Techniques

The sample size references the total number of respondents of all Commercial Bank of
Ethiopia, internal auditors, internal audit managers, and team leaders at the head office level,
was selected by using the purposive sampling method. Regarding the existing internal audit
practices since the scope, characteristics, knowledge, and exposure of internal auditing
activities at head office (particularly) is wider, the study employed only internal auditors who
are assigned at head office- Internal Audit (Control) Departments of the bank. Moreover, to
satisfy the adequacy and representativeness of the sample, all internal audit staffs (Audit
Directors/supervisors/Officers) of the Departments/units were assumed for filling out the
developed questionnaire.
From the total number of employees, it will used samples which amount to 70 will be
selected using simple random sampling Technique. Because it was given equal chance of
inclusion in the sample.
Where, n= sample size, e= significance error=0.05, N= the total number of population size
3.6. Methods of Data Distribution and Collection

The study used both primary and secondary data collection methods. The primary source of
data is in-depth semi-structured interviews conducted with internal audit managers, internal
33
audit team leaders, and senior auditors. It was a pre planned interview guide allows obtaining
information in the same time but not limit to the exploration of topics of the subject, which
was very interesting and exploratory, and helpful to find out what was happening and to seek
new insights‟.
This self-administered, structured questionnaire was used. Five point likert scales followed
through indicating scores (1) indicated strongly disagree, (2) disagree, (3) neutral, (4) agree
and (5) strongly agree. The questionnaires were distributed to 70 internal Audit managers,
internal audit team leaders, senior internal auditors and internal auditors under their own and
particular departments through formal letters. The study succeeded with 55 valid responses
from the internal audit departments. This is 79% of the total respondents. It indicated the
validity of the survey.
Furthermore the secondary means of data collection related documents were considered and
the IPPF standards-2017, CBE internal audit charter, internal control framework, and internal
audit procedure and websites were used and reviewed. The document examination was used
to confirm the patterns that evolved from the data collected via questionnaires and in-depth
semi structured interviews; hence the validity of the findings could be enhanced.
3.7. Methods of Data Analysis

To analyze the collected data, since it is the most common user-friendly package by social
scientists in recent years (Dawson, 2002; Singh, 2017), the researcher was employed the
Statistical Package for Social Sciences (SPSS) IBMSPSS Statistics version 29.0.1.0 To gather
information through questionnaires, the Likert scale model (5-rating scale) was used by the
researcher. After the data is entered into the SPSS software, to assess the reliability and
consistency of the instrument, the Cronbach‟s Alpha (α) analysis was conducted. To
generalize the average mean value we were set the following measurement for the
conformance level of the standards: if the average mean values > 4 = adequate/best; in
between 4 >3.5= well/fair/good/healthy; between 3.5< and > 3.0 = inadequate; and average
mean values < 3.0= poor conformance level.
3.8. Tools of Interpretation

The analyzed data were described and summarized by using the descriptive statistics
methods, particularly by measure of central tendency mean values, frequency, percentage,
measure of central dispersion (standard deviation). Then, the results of the study have been
34
present by using various tables, and conclusions and recommendations were forwarded.
CHAPTER-FOUR
RESULTS AND DISCUSSION

This chapter presents the results and interpretation of data obtained from different source in
the context of the existing knowledge as reviewed in chapter two. As already shown in the
first chapter, the broad objective of this research was evaluating the internal audit practices
of Commercial Bank of Ethiopia using the IPPF as a benchmark. Accordingly, this chapter
arranged into three sections; the first section presented the results of the qualitative & the
quantitative aspect, the second section presented discussions of result, & the third and the
last section presented conclusions.
4.1. Results
The subsequent section outlines the results of qualitative & quantitative aspect.
Specifically, section 4.1.1 Present the results of qualitative aspect it included in depth semi
structured interview result & document review. Section 4.1.2 presents results of the
quantitative aspect with are survey result.
4.1.1. Qualitative Aspect In depth semi structured interview &

Document Analysis
In depth semi structured interview & document analysis was used in qualitative approach.
The In depth semi structured interview was conducted with banking operation managers of
corporate audit, managers of Credit and IFB finance audit, managers of Fraud investigation
and managers of Branch Internal audit. Banking operation managers‟ of credit and IFB
35
finance audit follow up, managers‟ of branch audit follow up and banking operation
managers‟ corporate audit follow up, Banking operation team leader branch internal audit
and senior internal auditors. In addition to in depth semi structured interviews document
review was taken placed. Accordingly, CBE internal audit charter, CBE internal control
framework, CBE Internal Audit Procedure & CBE Quality Management and Control
Procedure ,NBE directives, and the IPPF standards-2017 documents related to internal
auditing practices were taken as documentary sources.
Regarding internal audit activities, the respondents noted that the internal audit performs
based on a systematic approach. The systematic process consists of specifically audit
planning, examining and evaluating information from fieldwork, report findings, and
follow up based on the agreed management rectification action plan. The V/P Internal
Audit clarify that the head internal auditor monitors the entire audit process from planning
to completion & all the audit work documented in the audit work papers, including
evidence of follow-up procedures and the disposition of deficiencies. The conclusions
drowned within the audit reports are back by comprehensive supporting documents and
competent, sufficient, and relevant evidence. In the in depth semi structured interview, the
audit managers specified that the internal auditors used these processes to determine audit
priorities, set objectives, and audit resources and they mentioned the responsibility for
constructing and implementing a risk-based plan is the V/P Internal Audit. The V/P
Internal Audit review and adjust the plan, as necessary, in response to changes in the
bank‟s business, risks, operations, programs, systems, and controls. The respondents stated
the plan considers the bank‟s organizations strategies, objectives, and risks relevant to the
engagement and reporting also includes significant risk and control issues, including fraud
risks, governance issues, and other matters that require the attention of senior management
and the board. The Banking operation audit follow up managers established a follow-up
process to monitor and ensure that management actions have well implemented.
Concerning objectivity and independence, most of the respondents‟ state that perform
their duties and responsibilities with highest level of professional objectivity and
competency there is no problem observes about objectivity. The respondents mention that
the V/P Internal Audit assured that the auditors perform their tasks objectively by the
procedures set by the Bank & the standard of IAS. The respondent revealed, internal
auditors won‟t assign to audit areas they participated & they are free from any biased
attitude & conflict of interest. According to the document review the CBE Internal Audit
36
charter states that all internal auditors shall perform their duties and responsibilities with
highest level of professional objectivity and competency in providing an independent
objective assurance and consulting service designed to add value. They shall be neutral and
impartial in performing their tasks; avoid any conflict of interest which includes: not
participate in any activity or relationship that may impair or be presumed to impair their
independency; disclose all material facts known to them, if not disclosed, may distort the
essence of audit activities under review; should not provide assurance service relating to
operations for which he/she had responsibilities within previous one year. Moreover,
auditors are strongly encouraged to refer to practice advisories in the interpretation &
implementation of the specific standards. (CBE internal Audit Charter March, 2021 p.2)
The in depth semi structured interview result regarding due professional care & continues
training the respondents stated the Internal auditors apply the due professional care and
skill expected of a reasonably prudent and competent internal auditor but, a gap observed
in the enhancement of their knowledge & skill through continues professional development
education or training. All most all of the respondents‟ state that they are willing to take
professional certification but they do not obtained the opportunity, the training programs
didn‟t get much attention and low deliberation was preset to the internal audit department.
Moreover some of the internal auditors by their motives and expense participate and
earned CIA professional certification.
According to the standard the IA charter of CBE states that all internal auditors shall
understand professional competence, motivation and continuing training are the
prerequisites for the effectiveness of the IA; all internal auditors shall be responsible for
maintaining the required knowledge, skills and abilities; and perform engagements with
proficiency and due professional care. And all internal auditors shall be enrolled in
continuing professional education/training of acceptable standards each year, based on the
needs assessment and the annual training plan. In addition to this, all internal auditors shall
be encouraged to have relevant certifications like Certified Internal Auditor (CIA),
Certified Fraud Examiner (CFE) and Certified Information System Auditor (CISA), and
perform IA service in accordance with the international standard for the professional
practices of internal auditing. (CBE IA Charter March, 2021 p.3)
Regarding the quality assurance and improvement program CBE IA charter states, the V/P
IA has to develop an effective QAIP to insure that the audit work is of high standard and it
37
includes both internal & external assessments. The internal assessment takes place by the
internal auditors; And in accordance, the external quality assurance review shall be conduct
at least once every five years, by individuals with appropriate professional knowledge and
abilities and must be independent of the CBE. But, a gap observed, there is no objective
evidence that showed external assessment conducted by independent assessor. And the
respondents also state that for the long period of time CBE did not conduct the external
assessments.
The IA Charter of CBE also states the Code of Ethics as its values or code of conduct.
Respondents mentioned that the code of ethics governs the behavior of individuals in
conducting internal auditing. The respondent warranted that the code of ethics consider
integrity, objectivity and impartiality, confidentiality & Professional competency. Internal
auditors make a balanced assessment of all the relevant circumstances, and they are not
unduly influenced by their interests or by others in forming judgments. And they
mentioned that internal auditors respect the value & ownership of the information they
receive; do not disclose information without appropriate authority unless there is a legal or
professional obligation so to proceed.
In general CBE Internal audit charter, internal control framework, Internal Audit
Procedure, Quality Management and Control Procedure and other audit manuals includes
all the mandatory standard & set up. The working paper also clearly include the overall
planning, risk assessment and prioritization, fieldwork, reporting, and also used team net
application for follow-up of the audit trail.
4.1.2. Quantitative Aspect- Survey Results

The self-administered questionnaires were distributed to 70 employees at home office
internal audit department however, the survey response was collected only 55 respondents
15 failed to respond. Wollela,(2008) stated the response rate of 71.8 percent was
reasonably good in consideration of the difficulty to collect data in poor developing
countries, Ethiopia in particular. For this study, 55 useable questionnaires were obtained
with a response rate of 79 percent, which is fairly representative.
Accordingly, this section classified into two, the first section presents reliability analysis
and demographic Profile of respondents which includes gender, age, area of study, auditing
experience and internal audit department enrolment, and the second one presents
38
statements regarding attribute standards, performance standards & the code of ethics.
To generalize the average mean value we were set the following measurement for the
conformance level of the standards: if the average mean values > 4 = adequate/best; in
between 4 >3.5= well/fair/good/healthy; between 3.5< and > 3.0 = inadequate; and average
mean values < 3.0= poor conformance level.
4.1.2.1. Reliability Analysis and demographic Profile of respondents

Reliability Analysis
To measure the consistency of the questionnaire particularly the Likert-type scale, the
reliability analysis is essential in reflecting the overall reliability of constructs, which it is
measuring. Cronbach's alpha quantifies the level of agreement on a standardized 0 to 1
scale. Higher values indicate higher agreement between items. High Cronbach's alpha
values indicate that response values for each participant across a set of questions are
consistent. To carry out the reliability analysis, Cronbach‟s Alpha (α) is the most common
measure of scale reliability and a value greater than 0.700 is very acceptable (Field, 2009;
Cohen and Sayag, 2010). 0.78 is considered a statistically reliable internal consistency
(Ahdika, 2017).
According to the under listed Table 4.1, the reliability analysis result of all variables
revealed 0.979 and here by the responses generated for all of the variables‟ used in this
research were reliable enough for data analysis.
Table 4.1: Reliability statistics

N %
VALID 49 89.10
EXCLUDED 6 10.9
TOTAL 55 100
Cronbach‟s alpha N of Items
.979 60
Source: Reliability statistics analysis by SPSS.
Table 4.2: Respondents‟ gender and age

Variable Classifications of variables Frequency percent
39
Male 44 80
Gender Female 11 20
Total 55 100
18-25 -
26-35 7 13
36-45 30 55
Age
46-55 14 25
56 and above 4 7
Total 55 100
Source: Survey Result & Own Computation

In terms of gender, the survey data revealed that about 80 percent were Male while the
remaining respondents were Female. Similarly, as the data showed 55 percent participants
were in the range of 36-45 years of age. It implies that the respondents‟ greater part of the
internal audit activity was undertaken by more productive and well matured aged and
experienced auditors who are capable of assessing the audit function of the bank and
qualified enough in commenting the application of IIASs and competent to undertake their
day to day internal audit activities well.
Table 4.3: Respondents area of study, educational level and certification related to the
profession.
Variable Classifications variables of Frequency percent
Area of Study Accounting 25 45
Management 19 35
Economics 7 13
Other 4 7
Total 55 100
Educational level Diploma - -
Bsc/Ba 28 51
Msc /Ma /Mba 27 49
Others -
Total 55 100
40
Any certification related to ACCA - -
the
profession
CPA - -
CIA 11 20
No related certification 44 80
Others - -
Total 55 100
Source: Survey Result and own computation

The survey indicated 45% of the respondents were accounting qualified while 35 % of the
respondents were Management qualified.13% of the respondents were Economics
qualified and 7% of the respondents qualified in other fields. Whereas, 51% of the
respondents have earned degree qualification and the remaining 49% had their post
graduate qualifications. Thus prove to be qualified enough in commenting the application
of IIASs and competent to undertake their day to day internal audit activities well.
Regarding certification related to the profession, 80% of the respondents do not have
related certification. The remaining 20% have earned CIA professional certification. It was
contrary to IPPF audit standard of Proficiency and due professional care. Based on the
results, the existing internal auditors‟ practice of Commercial Bank of Ethiopia did not
support their profession by the related adequate trainings and professional certifications.
Table 4.4: Respondents position and years of experience
Variables Classification of Variables Frequency Percent
Manager 14 25
What is your current
Team Leader 7 13
position in the bank
Senior internal Auditor 6 11
Internal Auditor 24 44
Other 4 7
Total 55 100
Less than 5 years 16 29
41
5-10 years 7 13
Total years of auditing
11-15 years 12 22
experience including the
current position
16-20 years 9 16
Above 20 years 11 20
Total 55 100
Source: Survey Result& Own Computation
According to the survey 44% of the respondents are Internal Auditors and 25% of the
respondents are managers. 13% of the respondents are Team Leaders and 11% of the
respondents are senior Internal Auditors. The remaining 7% of the respondents are engaged
in other positions like Fraud investigation officers. In the other hand 29% of the
respondents have less than 5years Audit experience. 22% of the respondents have 11 to 15
years experience. And 20% of the respondents have above 20 years Audit experience. The
remaining 16% and 13% of the respondents have 16 to 20 years and 5 to 10 years audit
experience respectively. It indicates that most of the respondents are senior Internal
Auditors and have above 11 years Audit experience in Commercial Bank of Ethiopia and
qualified enough in commenting the application of IIASs and competent to undertake their
day to day internal audit activities well.
Table 4.5: Auditing department staffing
Variables Classification of Variables Frequency Percent
Adequately staffed 18 33
In terms of
Number Moderately staffed 32 58
Poorly staffed 5 9
Total 55 100
In terms of competency Adequately staffed 16 29

(skill and Knowledge) Moderately staffed 34 62
Poorly staffed 5 9
Total 55 100
Source: Survey Result & Own Computation
42
Regarding the survey 58% of the respondents stated as internal audit department
staffing in terms of number moderately staffed, 33% of respondents stated as
adequately staffed and the remaining 9% of the respondents stated as poorly staffed.
According to internal audit department staffing in terms of competency 62% of the
respondents stated as moderately staffed, 29% of respondents stated as adequately
staffed and the remaining 9% of the respondents stated as poorly staffed. Hence,
internal audit department staff in CBE was moderately staffed in terms of number and
competency.
4.1.2.2. Compliance with the International Auditing Standards

This section focused on internal audit practice compliance of Commercial Bank
of Ethiopia with the international auditing standards. It holds statements
regarding the Standards, together with the Code of Ethics, it encompass all
mandatory elements of the IPPF.
1.1.2.2.1. Conformance with Attribute Standards

Attribute stand address characteristics of organizations and parties performing Internal
Audit Activities (IAA). It governs responsibilities, attitudes, and actions of organizations
internal audit function (IAF) and parties.
Table 4.6: Internal Audit Objectivity
A. Statements N Min Max Mean SD
The internal audit charter defines the internal audit 55 3 5 4.49 .605
activity‟s purpose, authority and responsibility.
The mandatory elements of the international 55 2 5 4.35 .751

professional practices framework are recognized in
the internal audit charter.
The internal audit activities are independent, and 55 1 5 4.16 .811

internal auditors are objective in performing their
work.
43
There is a dual reporting relationship the head of 55 3 5 4.16 .739
Audit report functionally to the audit committee and
to the president
Internal auditors have an impartial, unbiased attitude 55 1 5 4.18 .819

and avoid any conflict of interest.
If independence or objectivity is impaired in fact or 54 2 5 3.89 .793

appearance, the details of the impairment are
disclosed to appropriate parties.
Source: Questionnaire Result analysis by SPSS.

Internal Audit Objectivity
The above six questions were derived from the attribute standard, internal audit
objectivity used as a standard to analyze the quality level of compliance within
Commercial Bank of Ethiopia.
According to the first question it could be understood from the respondents‟ result that
the internal audit charter in Commercial Bank of Ethiopia encompassed and well defined
the IAA‟s purpose, authority and responsibility by the mean value of 4.49. The
perception of the responding auditors regarding the standard was taken as considerable
and represented as by the standard deviation value of 0.605 it was below 1. It indicates
that the perception of the respondents not differed one from another or the variation is
low. Similarly the other questioners from the second question to the sixth one shows
there is a positive relationship and also the respondents‟ perception is below 1 it indicates
the variation is low.
To sum up the internal audit objectivity with a mean average value of 4.20 stated as
adequate and best. The highest mean value showed in the first and second questions
which was internal audit charter defines the internal audit activity‟s purpose, authority
and responsibility and the mandatory elements of the IPPF are recognized in the internal
audit charter. The respondents moreover confirmed IAAs are independent, and internal
auditors are objective in performing their work and internal auditors have an impartial,
unbiased attitude and avoid any conflict of interest. The V/P IA report functionally to the
BOD/Audit committee and administratively to the President. In addition to this the
variance in perception among internal auditors that responded for the standard is
represented as low by the average standard deviation value of 0.753.
44
Table 4.7: Internal Audit Independency
B. Statements N Min Max Mean SD
The internal audit activities are free from interference in 55 2 5 4.07 .836
determining the scope of internal auditing, performing
work and communicating results.
Organizational independence is achieved when the chief 54 1 5 4.11 .793

audit executive reports functionally to the board.
Internal auditors do not participate in audit of activities for 54 1 5 3.65 1.276

the operation of which they were responsible.
Internal auditors feel free to include any audit findings in 54 1 5 3.96 .910
their audit reports.
Source: Questionnaire results analysis by SPSS.
Internal Audit Independency

The above four questions were derived from the standard, internal audit independency
used as a standard to analyze the quality level of compliance within Commercial Bank of
Ethiopia. According to the third question it could be understood from the respondents‟
results that internal auditors do not participate in audit of activities for the operation of
which they were responsible by mean value 3.65. The perception of the responding
auditors regarding the standard was taken as considerable and represented as by the
standard deviation value of 1.276 it‟s above 1. It indicates that the perception of the
respondents differed one from another or considered as high. The other questions
positively related and the aggregate value of the internal audit independence standard
conformance within Commercial Bank of Ethiopia was specified as healthy, and
supported by the average mean value, 3.95. Also, the variance in perception among
internal auditors that responded for the standard was represented as low by the average
standard deviation value, 0.954.
Table 4.8: Internal Audit Staff Proficiency and due Professional Care
C. Statement N Min Max Mean SD
45
Internal auditors possess the knowledge, skills, and other 55 1 5 4 .745
competencies needed to perform their individual
responsibilities.
Internal auditors are encouraged to demonstrate their 54 1 3 1.63 .831

proficiency by obtaining appropriate professional
certifications and qualifications.
Internal auditors have sufficient knowledge to evaluate the 54 1 5 3.57 .882

risk of fraud and the manner in which it is managed by the
organization.
Internal auditors have sufficient knowledge of key 54 1 5 3.44 .945

information technology risks and controls and available
technology based audit techniques to perform their
assigned work.
Internal auditors always apply the care and skill expected 53 3 5 3.91 .687
of a reasonably prudent and competent internal auditor.
Internal auditors consider the use of technologybased audit 55 2 5 3.69 .836

and other data analysis techniques.
Internal auditors are alert to the significant risks that might 54 1 5 3.83 .818
affect objectives, operations, or resources.
Internal auditors enhance their knowledge, skill, and other 54 1 3 1.43 .815
competencies through continuing professional
development.
Internal Audit Staff Proficiency and Due Professional Care

The above Eight questions were resulting from the internal audit staff proficiency and due
professional care attribute standard and used as a benchmark to analyze the quality of
conformance within the Commercial Bank of Ethiopia and the results were presented as
follow.
According to the first question it could be understood from the respondents‟ result that
46
the internal auditors possess the knowledge, skills, and other competencies needed to
perform their individual responsibilities replied as well by the mean values 4. The
perception of the responding auditors regarding the standard was taken as considerable
and represented as by the standard deviation value 0.74. It indicates that the perception of
the respondents not differed one from another or the variation is low.
In contrary the second and the last questions the respondents‟ result that internal auditors
are encouraged to demonstrate their proficiency by obtaining appropriate professional
certifications and qualifications and internal auditors enhance their knowledge, skill, and
other competencies through continuing professional development replied as inadequate
by the mean values 1.63 and 1.43. The perception of the responding auditors regarding
the standards were taken as considerable and represented as by the standard deviation
value 0.83 and 0.81 respectively. It indicates that the perception of the respondents not
differed one from another or the variation is low. According to the respondents, other
questions positively related to the standards.
In general the above table shows that the compliance level of the attribute standard
internal audit proficiency and due professional care was inadequate by the average mean
values of 3.19. Furthermore, the variance in perception among internal auditors that
responded for the standard is represented as low by the average standard deviation value
of 0.82.
Table 4.9: Internal Audit Quality Assurance and Improvement Program (QAIP)
D. Statement N Min Max Mean SD
The quality assurance and improvement program includes both 54 1 3 1.28 .685
internal & external assessments.
Sufficient knowledge of internal audit practices requires at 54 1 4 1.96 1.273

least an understanding of all elements of the International
Professional Practices Framework.
Ongoing monitoring is an integral part of the daytoday 53 1 5 3.79 .863

supervision, review, and measurement of the internal audit
activity.
Periodic assessments are conducted to evaluate conformance 54 1 3 1.37 .734

with the Code of Ethics and the
Standards.
47
The external assessment is conducted at least once every five 54 1 3 1.22 .572
years by a qualified, independent assessor from outside the
organization.
The chief audit executive communicates the results of the 53 1 5 3.70 .845
quality assurance and improvement program to senior
management and the board.
The internal audit activity conforms with the code of ethics and 53 1 5 3.94 .718
the standards when it achieves the outcomes described therein.
The chief audit executive discloses the nonconformance and the 52 2 5 3.58 .723
impact to senior management and the board.
Quality Assurance and Improvement Program (QAIP)

The above eight questions are based on quality assurance and improvement programs
include both internal and external assessments that use as a benchmark to analyze the
quality of conformance within Commercial Bank of Ethiopia and the results have
presented as follows.
According to the above table from the total eight questions four of them shows inadequate
conformance of the standard. It includes: The QAIP includes both internal and external
assessments by mean value 1.28 and SD value of 0.685; sufficient knowledge of internal
audit practices requires at least an understanding of all elements of IPPF by mean value
1.96 and the SD of 1.27; Periodic assessments are conducted to evaluate conformance
with the Code of Ethics and the Standards by mean value of 1.37 and SD value, 0.73; and
the external assessment is conducted at least once every five years by a qualified,
independent assessor from outside the organization by mean value of 1.22 and SD value
of 0.57. The other four survey results showed a positive relationship and the highest mean
value showed in the questions which was the IAA conforms with the code of ethics and
the standards when it achieves the outcomes described therein by mean value 3.94 mean
value and the variance in perception among the respondents was considered as low and
reflected by SD value, 0.72
Finally as per the survey results that were collected from internal auditors regarding the
attribute standard, quality assurance and improvement program, a significant portion of
48
the responses were reflected that the standard did not comply within Commercial Bank of
Ethiopia by 2.60 average mean values. Moreover, the variance in perception among
internal auditors was considered as low and reflected by the average standard deviation
value, 0.80. The QAIP standard regarding all its components; conformance level within
Commercial Bank of Ethiopia, based on the respondent internal auditors‟ reply, could be summarized and
defined as poor. This result more elaborates that Commercial Bank of Ethiopia lack awareness regarding
the benefits that could be gained from the standard.
Summary of Attributes Standards Conformance Level Table
4.10: Summary of Attributes Standards Conformance
N Valid 55
Missing 0
Mean 3.307
Median 3.346
Standard deviation 0.606

The aggregate conformance level of the attributes standards by Commercial Bank of
Ethiopia could be represented by the mean value 3.307 and the standard deviation of
0.606 values. The results reflected that the standards did not adequately comply with the
bank. The variance in perception among respondent auditors was low. According to the
above four standards that represented the attributes standards in general, the conformance
level within Commercial Bank of Ethiopia could be represented as inadequate.
4.1.2.2.2. Conformance with Performance Standards

Performance Standards describe the nature of internal auditing activities (IAA) and
provide criteria for performance evaluation. This section focused on the results of
different performance standard statements.
Table 4.11: Managing the Internal Audit Activity
E. Statement N Min Max Mean SD
The internal audit activity adds value to the organization and its 52 1 5 4.25 .813
stakeholders when it considers strategies, objectives, and risks.
49
While developing the risk-based audit plan, the chief audit 53 2 5 3.94 .745
executive consults with senior management and the board and
obtains an understanding of the organizations strategies, key
business objectives, associated risks, and risk management
processes.
The chief audit executive communicates the internal audit activity‟s 51 2 5 3.82 .740
plans and resource requirements,
including significant interim changes, to senior management and the

board for review and approval.
The chief audit executive ensures that internal audit resources are 52 2 5 3.83 .857
appropriate, sufficient, and effectively deployed to achieve the
approved plan.
The chief audit executive establishes policies and procedures to 52 1 5 4.08 .763
guide the internal audit activity.
The chief audit executive shares information, coordinate activities 49 2 5 3.80 .676
and consider relying upon the work of other assurance and
consulting service providers.
The chief audit executive reports periodically to senior 51 3 5 4.06 .676

management and the board on the internal audit activities and
performance relative to its plan and on its conformance with the
Code of Ethics and the Standards.
Managing the Internal Audit Activity

The above questions were derived from managing the IIA performance standards and
used as a yardstick to measure the quality level of the internal audit activities
management within Commercial Bank of Ethiopia and the results summary are as
follows.
The results of managing internal audit activity standard conformance level within
Commercial Bank of Ethiopia was fair and exhibited by the average mean value of 3.97.
Each statement holds a high mean value. Moreover, the average standard deviation value
50
of 0.75 showed that no significant variance prevails among the participated internal
auditors' in connection to the application of managing the Internal Audit Activities within
performance standards. The participated internal auditors' perception variation regarding
the activity was low.
Table 4.12: Nature of the Audit Work

F. Statement N Min Max Mean SD
The internal audit activity assesses and makes appropriate 53 1 5 4.13 .810
recommendations to improve the organizations governance
processes.
The internal audit activity evaluates the effectiveness and 52 2 5 4.04 .791
contributes to the improvement of risk management processes.
The internal audit activity assists the organization in 52 2 5 4.15 .724

maintaining effective controls by evaluating their
effectiveness and efficiency and by promoting continuous
improvement.
Nature of the Audit Work

The above three questions were constructed from the nature of the audit work standards
and used as a benchmark to measure the quality level of the work how it is managed in
Commercial Bank of Ethiopia and the results were then summarized as follows. The
standard nature of the audit work, with an average mean value of 4.11 implies, these three
pillars of the standard, assessment of the Bank‟s corporate governance, evaluation of the
risk management process, and evaluation in maintaining an effective internal control
system in the organization activities were adequately recognized. The variation in
perception among internal auditors that participated was low and represented by the
average standard deviation value of, 0.77.
Table 4.13: Engagements Planning
G. Statement N Min Max Mean SD
51
In planning the audit engagement, internal auditors 53 3 5 4.13 .556
consider the strategies and objectives of the activity being
reviewed.
Objectives established for each audit engagement 53 2 5 3.96 .649

concerning reflecting the results of the assessment, the
probability of significant errors, fraud, noncompliance, and
other exposures.
The established scope is sufficient to achieve the 53 1 5 4.02 .772

objectives of the engagement: it includes consideration of
relevant systems, records, personnel, and physical
properties.
Internal auditors determine appropriate and sufficient 53 1 5 3.87 .900

resources to achieve engagement objectives based on the
nature and complexity of each engagement, time
constraints, and available resources.
Internal auditors develop and document work programs 53 3 5 4.15 .568

(include procedures) that achieve the engagement
objectives.

Engagements Planning
The above five questions were results from the engagements planning standards and used
as a benchmark to measure the compliance level within Commercial Bank of Ethiopia
and the related result present as follows.
The results of engagements planning standard conformance level within Commercial
Bank of Ethiopia was adequate and exhibited by the average mean value of 4.03. Each
statement holds a high mean value. The variance in perception among internal auditors
that participated in the study was exhibited by the average standard deviation value of
0.69 and it indicates that the variation was low.
Table 4.14: Performing the Engagement
H. Statement N Min Max Mean SD
52
Internal auditors identify, analyze, evaluate, and document 53 2 5 4.11 .640
sufficient information to achieve the engagement‟s
objectives.
Internal auditors identify sufficient, reliable, relevant, and 53 2 5 4.17 .753

useful information to achieve the engagement‟s objectives.
Internal auditors base conclusions and engagement results 52 3 5 4.06 .574

on appropriate analyses and evaluations.
Internal auditors document sufficient, reliable, relevant, 52 3 5 4.15 .607

and useful information to support the engagement results
and conclusions.
Audit engagements are properly supervised to ensure that 53 2 5 3.94 .745

objectives are achieved, quality is assured and staffs is
developed.
Performing the engagement

The above five questions derived from performing the engagements standards were used
as a benchmark to measure the conformance level within Commercial Bank of Ethiopia
and the results are as follows:
According to the survey result, majority of internal auditors replied and confirmed
regarding the standard, performing the engagement, for its quality and its conformance
within CBE was adequately complied by 4.09 average mean values. Besides, the variance
in perception among auditors was low and figured out by the average standard deviation
value of, 0.66.
Table 4.15: Communicating the Results
I. Statement N Min Max Mean SD
Communications include the engagement‟s objectives, scope, 53 3 5 4.17 .509

and results.
Communications are accurate, objective, clear, concise, 52 2 5 4.13 .715

constructive, complete and timely.
53
While a final communication contains a significant error or 53 2 5 3.74 .625
omission, the chief audit executive communicates the
corrected information to all parties who received the original
communication.
Engagements are conducted in conformance with the 52 2 5 3.79 .776

International Standards of Internal Auditing and it supported
by the results of the quality assurance and improvement
programs.
When non-conformance with the Code of Ethics or the 52 2 5 3.69 .579

Standards impacts a specific engagement, the results disclose
with which full conformance was not achieved, the reason, its
impact and the communicated engagement results.
The chief audit executive review and approve the final 53 2 5 3.74 .711
engagement communication before issuance and for deciding
to whom and how it will be disseminated.
When an overall opinion is issued, it takes into account the 53 2 5 3.85 .662
strategies, objectives, and risks of the organization.
Communicating the Results

The above seven questions derived from communicating the results standard were used as
a benchmark to measure the quality of conformance in Commercial Bank of Ethiopia, and
the results were also summarized as follows.
It could be understood from the above table 4:15 that performance standards of
communicating results adequately complied within CBE and exhibited by the average
mean value of, 3.87. The variance in perception of auditors regarding the standard was
low and identified by the average standard deviation value of, 0.65.
Table 4.16: Monitoring Progress

J. Statement N Min Max Mean SD
54
The chief audit executive establishes a follow-up process to 53 2 5 3.98 .720
monitor and ensure that management actions have been
effectively implemented or that senior management has
accepted the risk of not taking action.
When the chief audit executive concludes that management 53 1 5 3.66 .898
has accepted a level of risk that may be unacceptable to the
organization, s/he discusses the matter with senior
management. If the matter has not been resolved, s/he
communicates the matter to the board.

Monitoring Progress (Follow-up) Standards
The above questions was derived from the standard, monitoring progress, and used as a
benchmark to analyze the quality level of conformance within Commercial Bank of
Ethiopia and the related result are as follow.
The above survey result under table 4:16 that produced by SPSS regarding monitoring
progress standard disclosed that majority of respondent internal auditors of the bank
believed that the mentioned standard was fairly exercised and its result was supported by
3.82 average mean values and followed by the average standard deviation, 0.81 value. It
showed that the variance in perception among the responding internal auditors was low.
Summary of Performance Standards Conformance Level
Table 4.17: Summary of Performance Standards Conformance
N Valid 55
Missing 0
Mean 3.791
Median 4
Standard deviation 1.044

The aggregate result of the above table regarding the performance standards revealed that
the standards were well complied within Commercial Bank of Ethiopia by the average
mean value of 3.79; and the variance in perception among the respondent auditors was
high and presented by the average standard deviation value, 1.044.
55
According to the entire performance standards analysis results, it could be understood that
the standards awareness and adherence to within Commercial Bank of Ethiopia was fairly
reflected and well responded by the respective internal auditors of the Bank. Summary of
Attributes and Performance Standards Conformance Level
Table 4.18: Summary of Attributes and Performance Standards Conformance
Descriptive statistics Attribute Performance Total standards
standards standards
Average value
N Valid 55 55 55
Missing 0 0 0
Mean 3.307 3.791 3.55
Median 3.346 4 3.67
Standard deviation 0.606 1.044 0.83

While we viewed to the total standards conformance (the attributes and performance
standards) level within Commercial Bank of Ethiopia, it could be summarized as fair and
exhibited by 3.55 average mean values. The average standard deviation value of the result
reflected as low and represented by the average standard deviation value of 0.83; that
showed there is no significant variance in perception among the respondent internal
auditors. The analysis results of the entire standards (attributes and performance
standards) conformance level within Commercial Bank of Ethiopia was revealed by an
average mean value of 3.55 and it stood below the acceptance (It corresponds to below
the value level “agree” as denoted by the scale of response agree = 4.00) level. Even
though, the aggregate results stood below the fair value, certain components of the
standards were complied well by Commercial Bank of Ethiopia.
4.1.2.2.3. Conformance with the Code of Ethics

The Code of Ethics is a statement of principles and expectations governing behaviour of
individuals and organizations in the conduct of internal auditing.
Table 4.19: Code of Ethics
Statement N Min Max Mean SD
The integrity of internal auditors establishes trust and thus 52 1 5 4.17 .734
provides the basis for reliance on their judgment.
56
Internal auditors are familiar with the laws and regulations 53 3 5 4.25 .585
relevant to the banking industry and jurisdictions within
which the bank operates.
Internal auditors exhibit the highest level of professional 53 2 5 4.02 .635

objectivity in gathering, evaluating, and communicating
information about the activity or process being examined.
Internal auditors respect the value and ownership of 52 1 5 4.27 .717

information they receive and do not disclose information
without appropriate authority unless there is a legal or
professional obligation to do so.
Internal auditors apply the knowledge, skills and experience 53 2 5 4.17 .700
needed in the performance of internal auditing services.

The above five questions were derived from the code of ethics and used as a benchmark
to measure the quality of conformance within Commercial Bank of Ethiopia and the
related results were as follows.
According to the survey result Table 4.19 revealed that the code of ethics was considered
adequate by an average mean value of 4.18. While the average standard deviation value
of 0.67 was exhibited and witnessed that the variance of perception among internal
auditors was low. The ethical frameworks or code of ethics conformance level of
Commercial Bank of Ethiopia was adequate.
4.2. Discussion
This section discusses the findings gathered from in depth semi structured interview,
document reviewed and questioner results with Commercial Bank of Ethiopia.
Three components of IIASs namely, attribute standards; performance standards and code
of ethics were assumed to be affecting the practices of IPPF by CBE. These assumptions
were statistically supported by the descriptive statistics and multivariate analysis.
According to the finding the discussion presented as follows.
57
4.2.1. Internal Audit Activity (IAA)
Internal auditors are responsible for, independent, objective assurance and consulting
activity designed to add value and improve the public body operations. The
responsibilities include providing value-adding service to the organization.
The interview showed that the internal audit activity based on a systematic approach and,
it includes the overall audit activity process which is planning, examining, and evaluating
information from fieldwork, report, and follow-up. The result also specifies the scope,
authority, and responsibility of IA and guides the conduct and documentation of internal
audit work. This finding consistent with the finding of Rihana (2021) with recognized,
internal assurance and consulting engagements must be performed in a systematic and
disciplined manner to truly add value and improve operations.
Whereas the results infer, managing the IAA standard conformance level within
Commercial Bank of Ethiopia was healthy and exhibited by the average mean value of
3.97 toward the standard. The interview and document reviewed result shows that when
developing the risk-based audit plan in Commercial Bank of Ethiopia, the V/P of IA
consults with senior management and the board of directors to understand the strategies,
key business objectives, associated risks, and risk management processes. Furthermore,
the engagement planning survey result shows, when planning the audit engagement,
internal auditors consider the strategies and objectives of the activity & objectives
established for each audit engagement. According to the survey findings, engagements
standard conformance level was satisfactory. The average mean statistic value was above
4.00 which denoted the “strongly agree” level of the response scale. Moreover, the
average standard deviation of 0.7 showed that no significant variance prevails among the
participated CBE Internal Auditors in connection to the standards and implemented
according to the stated standard within Commercial Bank of Ethiopia.
Furthermore, the study regarding the reporting standard reflected that Commercial Bank
of Ethiopia was healthy which showed the average mean value of 3.87. the audit standard
as stated here under: communications include the engagements, objectives, scope, and
results; communications are accurate, clear, concise, constructive, complete, and timely;
& the V/P IA review and approve the final engagement communication before issuance,
and the overall opinion is passed taking into consideration of the Commercial Bank of
Ethiopia strategies, objectives, and risks of the Bank. As Sawyer et al (2013) stated, in
every situation, internal auditors must recognize and know how to effectively
58
communicate at each different level of communication. When high levels of
communication are developed with management, auditors can acquire knowledge that
will significantly support audit evaluations. Fadzil et al. (2005) found that the audit work
performance and scope greatly affect the communication and information perspectives of
the internal control system.
In general, the overall results regarding the internal audit activity of Commercial Bank of
Ethiopia showed internal audit functions in Commercial Bank of Ethiopia was performed
according to the stated standard.
4.2.2. Objectivity & Independence

According to IIASs and the Public Enterprise proclamation of Ethiopia No. 25/1992
internal auditors need to have an impartial, unbiased attitude and avoid any conflict of
interest. Regarding internal audit independence in Commercial Bank of Ethiopia, the
reviewed document and the interview clarifies that; internal auditors do not participate in
audit activities on operation areas of which they were responsible, internal auditors feel
free to include any audit findings in their audit reports & if independence impairs in
appearance, the details of impairment disclosed to appropriate parties of the bank.
Moreover, auditors are strongly encouraged to refer to practice advisories in the
interpretation & implementation of the specific standards.
The results of the study revealed that regarding objectivity & independence, there is no
problems were observed in the bank. The internal audit objectivity and independence
standard conformity showed as adequate and healthy in CBE by an average mean value
of 4.2 and 3.95 respectively. Raghunandan and Mchugh (1994) recollect IA effectiveness
as a characteristic of independence and objectivity. According to Christopher, Sarens &
Leung (2009), Objectivity is essential for internal auditors' proper discharge of
responsibilities. The interview, survey & document analysis results noted the internal
audit objectivity & independence of Commercial Bank of Ethiopia confirm well with the
standard.
4.2.3. Proficiency & Due professional Care

The survey result showed that the Commercial Bank of Ethiopia is dominated by older
adulthood, more productive and well matured aged and experienced auditors who fall
59
between 36-45 years of age with a study background of accounting and management,
almost an equal share possess by degree and master holders. Concerning certification
related to an internal audit of 99% of participants have no related certificate. In
accordance, they state their internal audit department as moderately staffed.
Weakness in staffing can lead to mismanagement, error and neglect, and fraud, which can
affect other controls. The size of internal audit staff and the competency of internal audit
are the critical characteristics of internal audit quality that can‟t be separated. This means
at the absence of one dimension the other cannot contribute to the quality of internal
auditors.
With regard to an interview and survey result, there is a gap in professional development
training programs. The interviewees‟ state that, the training programs didn‟t get much
attention and low deliberation was preset to the internal audit department. Moreover some
of the internal auditors by their motives and expense participate and earned CIA
professional certification. According to the survey result the compliance level of the
attribute standard internal audit proficiency and due professional care standard was
inadequate by the average mean values of 3.19. Furthermore, the variance in perception
among internal auditors that responded for the standard is represented as low by the
average standard deviation value of 0.82.
Both the amount of audit attempt and the fine of expert care exercised will decide the
general fine of the inner audit work (Cohen and Sayag, 2010; Belay 2007). Arena and
Azzone, (2009) moreover said that IA effectiveness grows particularly while the ratio
among the wide variety of professional inner auditors and personnel grows. This
shows that a sufficiently large number of skilled professionals enable the internal auditors
to do their duties.
Technical competence and continuous training are considered essential for effective IA.
Consistent with this thinking, Gramling, and Meyers (1997) discover that certification of
internal auditors is perceived as an indicator of competence. Also, Al-Twaijry, Brierley,
and Gwilliam (2003) argue that internal auditors could not have power unless they
possess the necessary competencies. Given the comprehensive scope of contemporary IA,
an IA department should employ internal auditors with a variety of skills to be able to
undertake audits beyond financial activities (Flesher & Zanzig 2000). Furthermore, Butt
(1988) and Libby & Frederick (1990) propose the importance of auditor experience in
enhancing auditors‟ knowledge. Similarly, Bonner and Lewis (1990) deliberate years of
60
experience as an indicator of auditors‟ knowledge and expertise.
4.2.4. Quality Assurance & Improvement Program (QAIP)

With regard to document review, an interview and survey result, CBE IA charter states,
the V/P IA has to develop an effective QAIP to insure that the audit work is of high
standard and it includes both internal & external assessments. The internal assessment
takes place by the internal auditors; And in accordance, the external quality assurance
review shall be conduct at least once every five years, by individuals with appropriate
professional knowledge and abilities and must be independent of the CBE. But, a gap
observed, there is no objective evidence that showed external assessment conducted by
independent assessor. In addition to this the interviewees‟ also state that for a long period
of time CBE did not conduct the external assessments.
Furthermore, the survey result showed that the attribute standard, quality assurance and
improvement program, a significant portion of the responses were reflected that the
standard did not comply within Commercial Bank of Ethiopia by 2.60 average mean
values. Moreover, the variance in perception among internal auditors was considered as
low and reflected by the average standard deviation value of 0.80.
The QAIP standard regarding all its components; conformance level within CBE, based
on the above facts, could be summarized and defined as poor. This result more elaborates
that CBE lack awareness regarding the benefits that could be gained from the standard. In
this consider Okibo & Kamau (2012) state compliance with quality assurance standards
means carrying out both internal and external quality assessments.
To generalize the finding responses for an attribute standards had an average mean
statistic of 3.307 and weak determinant for the practice of IPPF by CBE. Responses for
performance standards had an average mean statistic of 3.79 and strong determinant for
the practice of IPPF by CBE. Many researches including, Dellai, et al. (2016), Marais, et
al. (2009), Turaev (2017), and Shaban (2013) have identified performance standards as an
important determinant of IPPF compliance.
4.2.5. The Code of Ethics

According to the document reviewed and interview, the interviewees‟ mentioned that the
code of ethics governs the behavior of individuals in conducting internal auditing. The
respondents warranted that the code of ethics consider integrity, objectivity and
impartiality, confidentiality & Professional competency. According to the CBE IA charter,
61
internal auditors make a balanced assessment of all the relevant circumstances, and they
are not unduly influenced by their interests or by others in forming judgments. And they
mentioned that internal auditors respect the value & ownership of the information they
receive; do not disclose information without appropriate authority unless there is a legal
or professional obligation so to proceed.
The survey result also revealed that the code of ethics was considered adequate within
CBE by an average mean value of 4.18. Moreover, the standard deviation value, 0.67,
was exhibited and witnessed that the variance of perception among internal auditors was
low. The ethical frameworks or code of ethics conformance level within Commercial
Bank of Ethiopia was adequate.
According to Burnaby et al (2009 p.831) to Compliance with the IIA‟s Code of Ethics
and Standards is mandatory for those who provide internal auditing services. Thus, the
findings of the present study appear to apply for the entire financial institutions
particularly within commercial banks in Ethiopia.
4.3. Conclusion
In general, the discussions in this chapter endeavored to integrate the result of the
qualitative & quantitative approaches to address the broad research objective inclusive of
the research question. A mixed method applied the qualitative method was presented at
the start of the research result & followed by the quantitative outcome at the second.
Mainly the in depth semi structured interview with Managers, Team leaders, senior
internal auditors & internal auditors to evaluate the internal audit practices of Commercial
Bank of Ethiopia using the IPPF as a benchmark. Thus the survey result supports the in
depth semi structured interview, the data gathered through the questionnaire tested to
verify the reliability of the instrument & subsequently analyzed using descriptive
statistics. The descriptive statistics included mean value and standard deviation of each
statement shows alignment with the performance standards and the code of ethics.
According to attribute standard the survey result showed poor conformance. Hence,
conformance with the Code of Ethics and the Standards demonstrates conformance with
all mandatory elements of the IPPF. The standards, together with the Code of Ethics,
encompass all compulsory features of the IPPF. As a final point, thus the subsequent
chapter presented a conclusion & recommendation on this base.
62
CHAPTER FIVE
SUMMARY, CONCLUSION AND RECOMMENDATION
5.1. Introduction
Agreement of procedures with the IIA‟s International Standards for the Professional
Practice of Internal Auditing (Standards) is essential in meeting the responsibilities of
internal auditors and the internal audit activity. Considering these factors and basically
dwelling the IIA International Professional Practicing Framework (IPPF) as a yard stick,
this research assessed the internal audit practices of Commercial Bank of Ethiopia.
Different parts of the IPPF were taken as a benchmark to gauge the current practices of
internal auditing in Commercial Bank of Ethiopia.
These standards together with the code of ethics encompass all mandatory requirements
of the IPPF. Hence, by taking this mandatory guidance a requirement of IPPF into
consideration, the previous chapter presented results and analysis of the finding, while
this chapter deals with the major findings, conclusions and recommendations provided
based on the results of the responses from Interview, questionnaires and documents
review. It has four parts; the first part presents summary of the findings and then followed
by the conclusions that made for the study as a second part. The third and the last part of
the chapter, highlights constructive recommendations that were supposed to curve the
findings, and followed by possible future research areas that related to the topic under
investigation.
5.2. Summary of research Major Findings

This research work has been able to evaluate the internal audit practices of CBE using the
IPPF as a benchmark; hence based on the previous chapters and data analysis the findings
of the research could be summarized into five parts and their detail is discussed as follow.
1. Findings that detected from respondents’ profile:
 Out of 55 respondents that were participated in responding the research questionnaire,
only 11 respondents (20%) were possessed the related certificates to the profession: 11-
CIA certificates. Hence, the results clearly revealed that almost all internal auditors in
Commercial Bank of Ethiopia have been conducting their IAAs through experiences and
without acquiring adequate trainings and did not detach from the traditional way.
63
 With the exception of few respondents that responded about the adequacy of their audit
staffing, majority of the respondents replied that their audit departments moderately
staffed in terms of number and competency.
2. Findings that detected from attribute related standards:
 Statements regarding internal audit objectivity and independence standard:
if independence or objectivity is impaired in fact or appearance, disclosure of the
impairment to the appropriate parties; internal auditors do not participate in audit of
activities for the operation of which they were responsible; and internal auditors feel free
to include any audit findings in their audit reports conformance was agreed (by average
mean values nearly 4 (agree)) but did not arrive to the point that satisfies the expectations
of sound international auditing practices.
 The level of conformance with standards that related to internal audit staff proficiency
and due professional care: including encouraged to demonstrate their proficiency by
obtaining appropriate professional certifications and qualifications; application of the care
and skill that expected from prudent and competent internal auditor; and whether internal
auditors enhance their knowledge, skill and other competencies through continuing
professional development, was inadequate and do not comply with the IASs.
 Regarding the QAIP conformance within Commercial bank of Ethiopia, almost all
internal auditors responded that, QAIP standards have not been well known and carried
out in their respective organizations by average mean values below 3 (normal).
2. Findings that identified from total attribute standards:
The aggregate results that reflected by attributes standards shown that in Commercial
Bank of Ethiopia did not adequately comply with the standards by average mean and
standard deviation values 3.307 and 0.606 respectively. Since the conformance level was
inadequate or below fair, it did not satisfy the IAS (between agree and strongly agree; 4
and 5).
3. Gaps that observed in relation to performance standards:
Conformance with certain components that derived from performance standards:
managing the IAA, communicating results and monitoring progress (follow up), was fair
in Commercial Bank of Ethiopia and represented by average mean values nearly 4
(agree); however, their quality level was not raised as much as satisfactory (between
agree and strongly agree; between 4 and 5).
4. Findings that related to the entire performance standards
64
While the aggregate conformance with all performance standards reflected that
Commercial Bank of Ethiopia familiarized well and witnessed by the average mean and
median values 3.79 and 4.00 respectively. The variance in perception among the
respondent auditors was taken as high by average standard deviation value, 1.044;
However, the quality level was not as much as satisfactory (between agree and strongly
agree; 4 and 5).
Findings that related to the overall standards Review of the total standards (attributes and
performance) exhibited that the conformance level at Commercial Bank of Ethiopia was
healthy and supported by 3.55 average mean values and the average standard deviation
value of 0.83. It reflected that there was no considerable variation among auditors
perception. The level of conformance was not as much as satisfactory (between agree and
strongly agree; 4 and 5).
5.3. Conclusions
The main objective of the study was to evaluate the internal audit practices of
Commercial Bank of Ethiopia using the IPPF as a benchmark. In doing so, previous
studies related to internal auditing were reviewed. Previously very few researches have
taken into consideration internal audit-related topics in Ethiopia & to date, no research
has been done by paying attention to the practices of internal audit in Commercial Bank
of Ethiopia by considering the mandatory guidance standards. This situation heightened
the need for more research to understand the internal auditing practices in Ethiopia. Three
main components of IPPF namely, attribute standards; performance standards and code of
ethics were tested against their impact towards the extent of practices of IPPF. The study
were applied a mixed approach to get an advantage on the drawbacks of using one
approach. Findings aided in concluding that the internal auditing within CBE was
practiced to the expectation that satisfies the IPPF at a moderate level. Further, it was
observed that all three components of IPPF are practiced at varying level by CBE. Among
them, performance standard and code of ethics were fairly and adequately practiced at
CBE while inadequate level of practice was noted in attribute standards. Accordingly, it
can be concluded that CBE practices using IPPF in their internal audit function and
among the IIASs, code of ethics and performance standards are practiced fairly while
attribute standards are applied at inadequate level. The conclusions of the research could
be summarized into the following parts and their detail is discussed as follow.
1. The analysis showed that in Commercial Bank of Ethiopia female internal auditors
65
participation was low & dominated by older adulthood & experienced internal auditors.
With a study background of accounting and management, almost equal share by degree
holders & master holders. The majority of the respondents from the internal auditors of
Commercial Bank of Ethiopia replied that their department was moderately staffed in
terms of number of staff and competency of the internal auditors.
2. The results reflected the internal audit activity of Commercial Bank of Ethiopia based on a
systematic approach, & it included the overall audit activity processes which are planning,
risk assessment & prioritization, fieldwork, report, and follow-up. The documented audit
trial result supports this result. Whereas the analysis results imply, managing the IAA
standard conformance level within Commercial Bank of Ethiopia was healthy and
exhibited by the average mean value of 3.97 in aspects of the standard. All the related
responses revealed that the standard has adequately complied with Commercial Bank of
Ethiopia. These activities mainly related to the V/P of IA: while developing the audit plan
consults the management; the IAAs plan and resource requirements including significant
interim changes are communicated to the management for approval; ensures the
appropriateness of resources; establishing policies and procedures to guide the IAA; shares
information, coordinate activities and consider minimizing duplicate efforts; reports all
IIAs periodically to the management and final consideration of the plan for review.
3. The results indicated that regarding Internal audit objectivity and independence in internal
audit practices of Commercial Bank of Ethiopia is in light with the requirements that
include the existence of a dual reporting relationship among the audit department and the
concerned organs of the Bank, the management, and the board. While the analysis results
imply, the internal audit objectivity and independence standard conformance level within
Commercial Bank of Ethiopia was adequate and healthy, and exhibited by the average
mean value of 4.2 and 3.95 respectively, in aspects of the standard. Moreover, this shows
that Commercial Bank of Ethiopia confirm the IA objectivity and independence standard.
4. The study revealed Internal auditors apply the needed care and skill expected from a
reasonably prudent and competent internal auditor but, a gap was observed regarding
continuous professional development training. The respondent clarifies this gap as a result
of the training programs didn‟t get much attention and low deliberation was preset to the
internal audit department. Almost equal share of all internal audit employees of the internal
audit department are degree and master holders and capable to compute and effectively
66
operating due professional. However, the internal audit process is not giving the necessary
training and development program that could enhance the auditors‟ skills and experience
to audit all the Banks systems by preparing a proper plan for risk identification. The
internal auditors in the internal audit process in general do not have an additional required
certification that may help the internal auditors to conduct an effective audit. Gaps were
observed in due professional care & development regarding professional development
training and certification. The survey result showed that in Commercial Bank of Ethiopia
only 20% internal auditor has CIA or audit related certification. In addition to this the
analysis results imply, internal audit proficiency and due professional care standard level
within Commercial Bank of Ethiopia was inadequate and exhibited by the average mean
value of 3.19 in aspects of the standard.
5. The quality assurance and improvement program include both internal & external
assessments. The external quality assurance review shall be conduct at least once every
five years, by individuals with appropriate professional knowledge and abilities and must
be independent of the CBE. But, a gap observed, in Commercial Bank of Ethiopia there is
no objective evidence that showed external assessment conducted by independent assessor.
In addition to this the internal Auditors‟ also state that for the long period of time CBE did
not conduct the external assessments. While the analysis results imply, quality assurance,
and improvement program, conformance level within Commercial Bank of Ethiopia was
poor and exhibited by the average mean value of 2.60 in aspects of the standard and there
was a high degree of non-compliance with quality assurance & improvement programs
standards.
6. The professional ethical frameworks integrity, objectivity, confidentiality, and competency
in Commercial Bank of Ethiopia exhibited as per the international professional practices
framework and conventional in all aspects.
To sum up, the finding of this study indicated conformance with certain components that
derived from attributes related standards: internal audit objectivity and independence
standard, adequate to the point that satisfies the expectations of sound international
auditing practices. However, gaps were observed in quality assurance & improvement
program, due professional care & development regarding professional development
training and certification. As well as conformance with certain components that derived
from performance standards; managing the IAA, monitoring progress & communicating
67
results was fair in Commercial Bank of Ethiopia. Engagement planning, nature of work,
and performing the engagement results was adequate in Commercial Bank of Ethiopia.
Institute of Internal Auditors (IIA) declared the Standards, together with the Code of
Ethics, encompass all mandatory elements of the IPPF; therefore, conformance with the
Code of Ethics and the Standards demonstrates conformance with all mandatory elements
of the IPPF.
In general, the mandatory guidance requirements conformance level within the
Commercial
Bank of Ethiopia moves up to the expectation that satisfies the IPPF. This finding rejects
Bekele W/senbet (2019) finding that concluded, internal auditing was not practiced to the
expectation of international standards by many government organizations of Ethiopia.
And Tamiru (2018) and Ashenafi (2018), findings that related to financial institutions
specifically selective private commercial banks in Ethiopia did not move up to the
expectation that satisfies the international auditing standards.
5.4. Recommendations
5.4.1. Recommendation on the research findings

Based on the conclusions of the research the following recommendations were given:
1. Due to poor conformance with QAIP standards:
• The V/P of IA should develop a QAIP that covers all aspects of the IAA that
includes both internal and external assessments;
• CBE should provide training to auditors that provide sufficient knowledge of
internal audit practices requires at least an understanding of all elements of the
IPPF.
• CBE should conduct a periodic assessment to evaluate conformance with the code
of ethics and the standards.
• The external assessments should be conducted at least once every five years by a
qualified, independent assessor outside of CBE.
2. Due to inadequate conformance with the IA staff proficiency and due professional care:
• CBE should encourage internal auditors to demonstrate their proficiency by
obtaining appropriate professional certifications and qualifications. And approve a
budget for professional certification and qualification and continuing professional
developments for Internal Auditors.
68
• CBE should enhance internal auditors‟ knowledge, skill, and other competencies
through continuing professional development.
• To produce effective audit, Commercial Bank of Ethiopia should offer opportunity
for certification in CIA, CISA, CEF and ACCA.
3. Well conformance with certain mandatory guidance requirements:

The existing healthy conformance with certain mandatory guidance elements of the IPPF
should be kept up and goes to the sound conformance level by all elements in
Commercial Bank of Ethiopia with regard to: management of the audit charter; the
internal audit objectivity and independence; engagements planning; performing the
engagement (field work); nature of the audit work; and the code of ethics.
Finally to gain more benefit from their audit department, Commercial Bank of Ethiopia
should give due consideration to satisfy the adequacy of their audit staffing and allocation
of the related resources.
5.4.2. Directions for future research areas

Since to-date, the internal audit profession in Ethiopia was not discovered adequately.
Thus, this research would benefit Commercial Bank of Ethiopia and other stakeholders
including government enterprises and all private commercial banks that are concerned to
adequately establish their internal audit department and benefit from the profession
through viewing sound practices of internal auditing as a criterion.
Due to limited studies done in Ethiopia, and now a day the global internal audit standards
ready for revision the proposed standards released for public comment after a few months
may late 2023 release the new standards more researchers are encouraged to conduct
research on issues that related to the practices of internal audit in different industries
including private owned banks by taking the same but revised bench mark, the mandatory
guidance elements of IPPF.
Since it is so fertile and wide in scope to set the whole IPPF as a criteria, various
researchers that are interested in the study area could select the mandatory and
recommended guidance elements of the IPPF separately and even focus on specific areas
of IPPF based on their will and the upcoming research gaps. Furthermore future research
directions could also be identified to determine whether complying IIASs by using IPPF
is beneficial for Commercial banks; to examine how CBE should most effectively
coordinate their in-house, outsourced and co-sourced IAFs; and to determine how internal
69
auditors should be educated and trained so that they obtain the desired business
intelligence and insights most effectively doing their profession.
References
Addisu, G., (2014). An Assessment of Internal Audit Practice:On case of Selected Public
Enterprises in East Arsi zone. Jimma University, Jima, Ethiopia
Alemberhan, S., (2021). Assessment of Internal Audit Practices in Textile Manufacturing
70
Companies: In the Case of Some Selected Companies. Saint Mary‟s University, Addis Ababa,
Ethiopia
Arwa, H., (2017). The effectiveness of the internal auditing procedures in the Jordanian
commercial banks. International Business Research; Vol. 10, No. 3; 2017. Published by
Canadian Center of Science and Education. Al-Zaytoonah University of Jordan, Amman,
Jordan URL: https://doi.org/10.5539/ibr.v10n3p203
Ashenafi, S., (2018). Assessment of internal audit practices in private commercial banks in
Ethiopia. Saint Mary‟s University, Addis Ababa, Ethiopia
Bekele, W. (2019). The assessment of internal audit practices in Oromia regional state the
case of selected public sectors. Addis Ababa University, Addis Ababa, Ethiopia
Bizuayehu, W., (2016). Assessment of internal audit from perspective of Ethics and standard
practices in the case of selected government sectors in SNNPRS, Ethiopia. Hawassa
University,Hawassa,Ethiopia
CBE, internal audit charter INA/CH/01/2.0/21 Revised: March 2021
CBE, internal control framework QMC/FR/02/2.0/21 March, 2021; V.2.0 CBE internal audit
procedure INA/PR/01/3.0/21 April, 2021; V.3.0.
Code of Ethics Implementation Guides IPPF (2019).the institute of Internal
Auditors.www.globaliia.org. www.theiia.org
Combanketh.et. En.wikipedia.org/wiki/commercial_bank_of_ethiopia
Fenet, G., (2014). Corporate governance, internal audit and financial performance in private
commercial banks in Ethiopia. Cavendish University, Uganda Framework for setting Internal
Audit standards in the Public Interest (2022).IPPF
Oversight Council. Global Head-quarters. The institute of Internal
Auditors.www.globaliia.org. www.theiia.org
Getaneh, Y., (2020). Role of Internal Audit: A Case of Commercial Bank of Ethiopia.
European Journal of Business and Management.Vol.12, No.22, 2020. www.iiste.org.
International Professional Practices Framework (IPPF) standards (2017).
International Standards for the Professional Practice of Internal Auditing (Standards)
Revised: October 2016 Effective: January 2017.Institute of Internal Audit (2016).
Kinfu, (1990). Accounting and auditing practices in Ethiopia: review, analysis, and
conclusions. EXCEL International Journal of Multidisciplinary Management Studies. Vol.2
Issue 6, June 2012, ISSN 2249 8834. Online available at http://zenithresearch.org.in/
Leona, C., (2010), the roles and challenges of internal auditing in the banking industry in
71
Kenya. University of Nairobi, Nairobi, Kenya
Madurasinghe & Tennakoon, (2019). The application of international internal audit standards
by licensed commercial banks (LCB) in Sri Lanka. Wayamba Journal of Management 11(1).
Faculty of Business Studies & Finance. Wayamba University of Sri Lanka.
Mgr.lon-Bogadan , (2004). Internal audit in banking organizations. BIATEC,Volume
XII,7/2004. Narodna banka slovenska.
Meseret A, (2016). Determinants of internal audit effectiveness in the case of Ethiopian
private commercial banks. Saint Mary‟s University, Addis Ababa, Ethiopia
Na.theiia.org,https://na.theiia.org/membership/Pages/Membership.aspx
Nancy, (2013). Effect of internal audit on financial performance of commercial banks in
Kenya. University of Nairobi, Nairobi, Kenya
NBE, Appointment of External Auditor of a Bank Directive No SBB/86/2023. NBE,
Licensing and Supervision of Banking Business risk based internal audit Directive
No.SBB/76/2020.
Olga, B., (2017). Importance of internal audit and internal control in an organization - case
study. International Business study
P-Radas and K-Barac, (2015). Internal audit in state-owned enterprises: Perceptions,
expectations and challenges. Southern African Journal of Accountability and Auditing
Research Vol 17(2): 2015 (95-106).
Proclamation No.13/1987, Proclamation No. 68/1997.
Rihana A, (2021). Internal Audit Practices of State Owned Enterprise in Ethiopia.
Addis Ababa University, Addis Ababa, Ethiopia
Salawu and Mary, (2017). The effectiveness of the Institutional Regulatory Framework of
Auditor Independence in Nigeria.
Tadiwos, M., (2016). Factors Determining the Effectiveness of Internal Audit in Ethiopian
Commercial Banks. Addis Ababa University, Addis Ababa, Ethiopia
Tamiru T, (|2018). The assessment of internal audit practices in private commercial banks of
Ethiopia: the case of selected private banks. Addis Ababa University, Addis Ababa, Ethiopia
Tesfaye, B., (2014). The determinants of Ethiopian commercial banks performance.
European Journal of Business and Management.Vol.6, No.14, 2014. www.iiste.org.
Theiia.org., [email protected].
Tigabu Y, (2016). Internal audit practices in the Ethiopian financial sector; as compared to the
international professional practicing framework (IPPF). Addis Ababa University, Addis
Ababa, Ethiopia
72
Worku, A., (2021). Internal audit practice in Ethiopian private insurance companies.
Saint Mary‟s University, Addis Ababa, Ethiopia
Wubishet and Dereje, (2014). Factors determining internal audit quality in Ethiopian
commercial Banks. Research Journal of Finance and Accounting.Vol.5, No.23, 2014.
www.iiste.org.
Appendix I: Questionnaire
ST. MARY‟S UNIVERSITY
SCHOOL OF GRADUATE STUDIES
COLLEGE OF BUSINESS AND ECONOMICS
DEPARTMENT OF BUSINESS ADMINSTRATION
Questionnaire
Dear Participant:
The title of this thesis is “internal auditing practice in the case ofCommercial bank of
ethiopia”The name of the researcher is Sami Elias who is currently an Msc in Business
73
administration in Accounting and Finance student at the College of Business and
Economics of the St.Mary University.
The aim of this study is to assess the internal audit practices of Commercial Bank of Ethiopia.
This questionnaire is prepared to supplement the data obtained from other sources and being
distributed to get relevant information from respondents and participation is totally voluntary.
The investigator respectfully requests your kind cooperation in answering the whole question
as frankly as possible and your response will be recorded anonymously and strict
confidentiality will be maintained.
Thank you in advance for your time and kind cooperation.
For further information, please contact using the following address:
Tel. (mobile): 0922423330
E mail: [email protected]
Part One: Demographic Data of the Respondent (Please  tick the box for the alternatives
that best describes your choice)
1. Gender :
Male Female
2. Age:
18-25Years 56 36-45 Years and above
26-35 Years 46-55Years
3. Area of study:
Accounting Other Management Economics please specify…...
4. Educational Level:
BSC/BA Diploma
MSC/MA/MBA Others please specify…..…
5. Any certification related to the profession:

ACCA Others CPA CIA No related certification please
specify. ...
6. What is your current position in the bank?

Manager Team Leader Senior Internal Auditor Internal auditor
74
Others please specify…...................
7. Total years of auditing experience including the current position:

Less than 5 years 5-10 years 11-15 years
16-20 years Above 20 years 8. Your internal

audit unit/department staffing in terms of:
(a) Number
Adequately staffed Moderately staffed Poorly staffed
(b) Competency (skill and knowledge)
Adequately staffedModerately Poorly
staffed staffed
Part Two: Relating the study variables

The following statements on attributes of internal audit practices in your organizations,
please show your choice the scale ranging from strongly disagree to strongly agree by
circle the number closest to your view under the appropriate cell in the table.
Where: SD – Strongly Disagree D – Disagree N – Neutral A – Agree SA – Strongly
Agree The value of the Likert scale types are:
1=Strongly Disagree, 2=Disagree, 3=Neutral, 4=Agree 5= Strongly Agree
S.No Subject Attribute Standards SD D N A SA
1 A. Statement regarding internal audit objectivity
1.1. Internal charter audit The internal audit charter defines the internal audit activity‟s 1 2 3 4 5
purpose, authority and responsibility.
1.2. Internal charter audit The mandatory elements of the international professional 1 2 3 4 5
practices framework are recognized in the internal audit
charter.
1.3. Independence and The internal audit activities are independent, and internal 1 2 3 4 5
auditors are objective in performing their work.
Objectivity
1.4. Organizational There is a dual reporting relationship the head of Audit report 1 2 3 4 5
functionally to the audit committee and to the president.
Objectivity
75
1.5. Individual objectivity Internal auditors have an impartial, unbiased attitude and avoid 1 2 3 4 5
any conflict of interest.
1.6. Impairment to If independence or objectivity is impaired in fact or 1 2 3 4 5

appearance, the details of the impairment are disclosed to
independence or
appropriate parties.
objectivity
2 B. Statement regarding internal audit

Independency
2.1. Organizational The internal audit activities are free from interference in 1 2 3 4 5
independence determining the scope of internal auditing, performing work
and communicating results.
2.2. Organizational Organizational independence is achieved when the chief audit 1 2 3 4 5

independence executive reports functionally to the board.
2.3. Individual Internal auditors do not participate in audit of activities for the 1 2 3 4 5
independence operation of which they were
responsible.
2.4. Individual Internal auditors feel free to include any audit findings in their 1 2 3 4 5
independence audit reports.
3 C. Statements regarding the internal audit staff proficiency and

due professional care
3.1. Proficiency Internal auditors possess the knowledge, skills, and other 1 2 3 4 5
competencies needed to perform their individual
responsibilities.
3.2. Proficiency Internal auditors are encouraged to demonstrate their 1 2 3 4 5

proficiency by obtaining appropriate professional
certifications and qualifications.
3.3. Proficiency Internal auditors have sufficient knowledge to evaluate the 1 2 3 4 5

risk of fraud and the manner in which it is managed by the
organization.
76
3.4. Proficiency Internal auditors have sufficient knowledge of key information 1 2 3 4 5
technology risks and controls and available technology based
audit techniques to perform their assigned work.
3.5. Due Professional Internal auditors always apply the care and skill expected of a 1 2 3 4 5
reasonably prudent and competent internal auditor.
Care
3.6 Due Professional Internal auditors consider the use of technologybased audit and 1 2 3 4 5
other data analysis techniques.
Care
3.7. Due Professional Internal auditors are alert to the significant risks that might 1 2 3 4 5
affect objectives, operations, or resources.
Care
3.8. Continuing Internal auditors enhance their knowledge, skill, and other 1 2 3 4 5
competencies through continuing professional development.
Professional
Development
4 D. Statements regarding Quality Assurance and

Improvement Program (QAIP)
4.1. QAIP Require The quality assurance and improvement program 1 2 3 4 5
includes both internal & external assessments.
4.2. Internal Sufficient knowledge of internal audit practices requires at 1 2 3 4 5

least an understanding of all elements of the International
Assessments
Professional Practices Framework.
4.3. Internal Ongoing monitoring is an integral part of the daytoday 1 2 3 4 5

supervision, review, and measurement of the internal audit
Assessments
activity.
4.4. Internal Periodic assessments are conducted to evaluate conformance 1 2 3 4 5

with the Code of Ethics and the Standards.
Assessments
4.5. External The external assessment is conducted at least once every five 1 2 3 4 5
years by a qualified, independent assessor from outside the
Assessments
organization.
77
4.6. Reporting on the The chief audit executive communicates the results of the 1 2 3 4 5
quality assurance and improvement program to senior
QAIP
management and the board.
4.7. Use of conform with The internal audit activity conforms with the code of ethics 1 2 3 4 5
standards and the standards when it achieves the outcomes described
therein.
4.8. disclosure the The chief audit executive discloses the nonconformance and 1 2 3 4 5
non-conformance the impact to senior management and the board.
II. Performance Standards
5 E. statement regarding managing the internal audit activity
5.1. Managing the The internal audit activity adds value to the organization and 1 2 3 4 5
its stakeholders when it considers strategies, objectives, and
Internal Audit
risks.
Activity
5.2. Planning While developing the risk-based audit plan, the chief audit 1 2 3 4 5
executive consults with senior management and the board and
obtains an
understanding of the organizations strategies, key business

objectives, associated risks, and risk management processes.
5.3. Communication The chief audit executive communicates the internal audit 1 2 3 4 5
activity‟s plans and resource requirements, including
& Approval
significant interim changes, to senior management and the
board for review and approval.
5.4. Resource The chief audit executive ensures that internal audit resources 1 2 3 4 5
are appropriate, sufficient, and effectively deployed to achieve
Management
the approved plan.
5.5. Policies & The chief audit executive establishes policies and procedures to 1 2 3 4 5
guide the internal audit activity.
Procedures
78
5.6. Coordination The chief audit executive shares information, coordinate 1 2 3 4 5
activities and consider relying upon the work of other
&Reliance
assurance and consulting service providers.
5.7. Reporting to the The chief audit executive reports periodically to senior 1 2 3 4 5
management and the board on the internal audit activities and
Senior
performance relative to its plan and on its conformance with
management&
the Code of Ethics and the Standards.
the Board
6 F. Statements regarding nature of the work
6.1. Governance The internal audit activity assesses and makes appropriate 1 2 3 4 5
recommendations to improve the organizations governance
processes.
6.2. Risk The internal audit activity evaluates the effectiveness and 1 2 3 4 5
contributes to the improvement of risk management processes.
Management
6.3. Control The internal audit activity assists the organization in 1 2 3 4 5

maintaining effective controls by evaluating their
effectiveness and efficiency and by promoting continuous
improvement.
7 G. Statements regarding engagements planning
7.1. Planning In planning the audit engagement, internal auditors consider 1 2 3 4 5

the strategies and objectives of the activity being reviewed.
Considerations
7.2. Engagement Objectives established for each audit engagement concerning 1 2 3 4 5

reflecting the results of the assessment, the probability of
Objectives
significant errors, fraud, noncompliance, and other exposures.
7.3. Engagement The established scope is sufficient to achieve the objectives of 1 2 3 4 5

the engagement: it includes consideration of relevant systems,
Scope
records, personnel, and physical properties.
79
7.4. Engagement Internal auditors determine appropriate and sufficient 1 2 3 4 5
resources to achieve engagement objectives based on the
Resource
nature and complexity of each engagement, time constraints,
Allocation and available resources.
7.5. Engagement Internal auditors develop and document work programs 1 2 3 4 5

(include procedures) that achieve the engagement objectives.
Work Programs
8 H. Statements regarding performing

the engagement
8.1. performing the Internal auditors identify, analyze, evaluate, and document 1 2 3 4 5
engagement sufficient information to achieve the engagement‟s objectives.
8.2. Identifying Internal auditors identify sufficient, reliable, relevant, and 1 2 3 4 5

useful information to achieve the engagement‟s objectives.
Information
8.3. Analysis and Internal auditors base conclusions and engagement results on 1 2 3 4 5
appropriate analyses and evaluations.
Evaluation
8.4. Documenting Internal auditors document sufficient, reliable, relevant, and 1 2 3 4 5

useful information to support the
Information
engagement results and conclusions.
8.5. Engagement Audit engagements are properly supervised to ensure that 1 2 3 4 5

objectives are achieved, quality is assured and staffs is
Supervision
developed.
9 I. statement regarding communicating result
9.1. Criteria for Communications include the engagement‟s objectives, scope, 1 2 3 4 5

and results.
Communication
9.2. Quality of Communications are accurate, objective, clear, concise, 1 2 3 4 5

constructive, complete and timely.
Communication
80
9.3. Errors & While a final communication contains a significant error or 1 2 3 4 5
omission, the chief audit executive communicates the
Omissions
corrected information to all parties who received the original
communication.
9.4. Conformance with Engagements are conducted in conformance with the 1 2 3 4 5

Standards International Standards of Internal Auditing and it supported
by the results of the quality assurance and improvement
programs.
9.5. Disclosure of When non-conformance with the Code of Ethics or the 1 2 3 4 5

Standards impacts a specific engagement, the results disclose
Non- Conform
with which full conformance was not achieved, the reason, its
impact and the communicated engagement results.
9.6. Disseminating The chief audit executive review and approve the final 1 2 3 4 5
engagement communication before issuance and for deciding
Results
to whom and how it will be disseminated.
9.7. overall opinion When an overall opinion is issued, it takes into account the 1 2 3 4 5
strategies, objectives, and risks of the organization.
10 J. Statements regarding monitoring progress
10.1. Establishing The chief audit executive establishes a follow-up process to 1 2 3 4 5

monitor and ensure that management
Follow up
Process actions have been effectively implemented or that senior

management has accepted the risk of not taking action.
10.2. Communicating the When the chief audit executive concludes that management 1 2 3 4 5
Acceptance of Risks has accepted a level of risk that may be unacceptable to the
organization, s/he discusses the matter with senior
management. If the matter has not been resolved, s/he
communicates the matter to the board.
III. Code of Ethics
81
11.1. Integrity The integrity of internal auditors establishes trust and thus 1 2 3 4 5
provides the basis for reliance on their judgment.
11.2. Integrity Internal auditors are familiar with the laws and regulations 1 2 3 4 5
relevant to the banking industry and jurisdictions within which
the bank operates.
11.3. Objectivity Internal auditors exhibit the highest level of professional 1 2 3 4 5

objectivity in gathering, evaluating, and communicating
information about the activity or process being examined.
11.4. Confidentiality Internal auditors respect the value and ownership of 1 2 3 4 5

information they receive and do not disclose information
without appropriate authority unless there is a legal or
professional obligation to do so.
11.5. Competency Internal auditors apply the knowledge, skills and experience 1 2 3 4 5
needed in the performance of internal auditing services.
If you have any additional comment regarding the topic, please specify -----------------------
--------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------
--
Again thank you so much, for your responses!
82

4 5809846082850525662 Edited

Uploaded by

Copyright:

Available Formats

4 5809846082850525662 Edited

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

4 5809846082850525662 Edited

Uploaded by

Copyright:

Available Formats

INTERNAL AUDITING PRACTICE IN THE CASE OF

COMMERCIAL BANK OF ETHIOPIA

ST. MARY’S UNIVERSITY SCHOOL OF GRADUATE STUDIES

BY: SAMI ELIAS

ADVISOR: Proff. ASMAMAW GETE

A RESEARCH PAPER SUBMITTED TO THE SCHOOL OF

ST. MARY’S UNIVERSITY SCHOOL OF GRADUATE STUDIES

A THESIS TO BE SUBMITTED TO THE SCHOOL OF GRADUATE

INTERNAL AUDITING PRACTICE IN THE CASE OF

BY; SAMI ELIAS

APPROVED BY BOARD OF EXAMINER‟S

Dean, Graduate Signature Date

Advisor Signature Date

Internal Examiner Signature Date

External Examiner Signature Date

Proff. / Asmamaw Gete ____________________

St. Mary‟s University

Keywords: Commercial Bank of Ethiopia (CBE), Attribute Standards, Performance

ACRONYMS AND ABBREVIATIONS

ACRONYMS AND ABBREVIATIONS..................................................................................v

1.1. Backgrounds of the study...............................................................................................1

1.2. Statement of the problem...............................................................................................3

1.3. The objectives of the study............................................................................................6

1.3.1. General Objectives..................................................................................................6

1.3.2. Specific Objectives.................................................................................................6

1.4. Research Questions........................................................................................................7

1.5. The hypothesis of the study...........................................................................................7

1.6. Significance of the Study..............................................................................................8

1.7. Scope of the Study........................................................................................................9

1.8. Limitations of the Study.................................................................................................9

1.9. Organization of the Research.......................................................................................10

REVIEW OF RELATED LITERATURE...............................................................................11

2.1. Theoretical literature review........................................................................................11

2.1.1. History of Internal Auditing..................................................................................11

2.1.2. The Institute of Internal Auditors (IIA‟s).............................................................14

2.1.3. International Professional Practices Framework (IPPF).......................................14

2.1.3.1. Core Principles...................................................................................................16

2.1.3.2. Definition of Internal Auditing..........................................................................16

2.1.3.4. The purpose of the Standards is to:....................................................................16

2.1.3.5. Categories of internal audit standards................................................................17

2.1.4. Theories of auditing..............................................................................................18

2.1.4.1. Stewardship Theory:..........................................................................................18

2.1.4.2. Stakeholder Theory:...........................................................................................19

2.1.4.3. Policeman Theory:.............................................................................................19

2.1.4.4. Credibility theory:..............................................................................................19

2.1.4.5. The theory of inspired confidence (Theory of rational expectations):...............20

2.1.4.6. Communication Theory:....................................................................................20

2.1.4.7. Agency Theory:..................................................................................................21

2.2. Review of Empirical Evidences...................................................................................23

2.4. The Research Gap........................................................................................................30

RESEARCH DESIGN AND METHODOLOGY...................................................................32

3.2. Research Design...........................................................................................................32

3.3. Types and Sources of Data...........................................................................................33

3.4. Target Population.........................................................................................................33

3.5. Sample Size and Sampling Techniques.......................................................................33

3.6. Methods of Data Distribution and Collection..............................................................34

3.7. Methods of Data Analysis............................................................................................35

3.8. Tools of Interpretation..................................................................................................35

RESULTS AND DISCUSSION..............................................................................................36