Evaluation of external audit services: An empirical approach on health care organizations

How to cite this paper: Drogalas, G., Karagiorgos, A., Mitskinis, D., & Antonakis, N. (2019). Evaluation of external audit services: An empirical approach on health care organizations. Risk Governance and Control: Financial Markets & Institutions,


INTRODUCTION
External audit is a key monitoring tool for the shareholders and a basic element of corporate governance because it helps confirm the credibility of accounting information provided by the administration (Lin & Liu, 2009). The confirmation of the credibility of financial statements through the quality work of an external auditor is necessary, especially after the recent economic breakdowns in the business world. Every company is obliged by law to audit its financial statements, and this may be conducted by either an internal or an external auditor. The internal auditor is responsible for providing independent and objective assessments for the financial and operational business activities of the organization, including corporate governance. The external auditor is responsible for auditing the financial statements as well as filling out a report for the accuracy and reliability of such statements, (Mihret & Admassu, 2011) confirming that they reflect the true and fair view of the audited entity (Alifantis, 2016).
The notion of a true and fair view, according to Kershaw (2006) means compliance with applicable and relevant accounting standards. External audit focuses on providing reasonable assurance of financial statements (Zain et al., 2015) in order to be free of errors and omissions. In this context, external audit is defined as a systematic process of obtaining and evaluating business data, regarding assertions about economic actions, to ascertain the degree of correspondence between these assertions and the actual results (Eilifsen et al., 2010).
In fact, the importance of external auditing arises from the evaluation of its role. The external audit differs from the internal, although, both are important for businesses. Of course, there are many opportunities for cooperation and coordination between the two that can deliver quality results, such as higher quality controls and economic benefits (Gramling et al., 2004;Sarens, 2009). The objective of the external auditors is to assure all interested parties of a company about the truth and fairness of the financial statements. In order to achieve this goal, external auditors should assess the company's internal audit system to ensure that this system is able to prevent and detect significant misleading statements or information (Haron et al., 2004).
The existing literature consists of studies conducted in the broader public sector (Glass, 2005;Brody, 2012;Pilcher et al., 2013;Goddard & Malagila, 2015) as well as in public hospitals and health care organizations (Krishnan, 2005;Chien et al., 2010;Musau & Vian, 2010). The majority of these studies focus on the relationship between internal and external auditors, the collaboration between them, the use of internal audit by the external auditors and the process through which the technical skills of internal auditors are being used by the external auditors to better understand the environment of the audited company. The audit market dramatic changes have increased the audit requirements demands (Abdallah, 2018).
The purpose of this paper is to evaluate external auditing services in health care organizations in accordance with International Standards on Auditing. This research aims to investigate the quality of the audit work performed and the influence of factors such as general principles and responsibilities, risk assessment, audit evidence and the use of the work of others.
The results of the research prove that there are three important factors that positively influence the quality of the audit work. Our findings contribute to the existing literature, evidencing the most important factors related to the quality of audit in public health care organizations. Moreover, the research contributes to the evaluation of the external auditing services according to International Standards on Auditing and aims to become an incentive for future research both in health care organizations and in the wider public sector.
In the course of the present paper, the relevant literature review is being presented along with a thorough presentation of the research hypotheses. In its third part, the selected sample, the questionnaire as well as the methodology of research are further described. The fourth part focuses on the presentation of the findings deriving from the statistical analysis. Finally, the conclusions and the directions for further research are suggested in the fifth part.

Literature review
The existing literature consists of studies conducted in the broader public sector and public organizations in general (Glass, 2005 An international financial architecture was formed during the first half of the 1990 in order to prevent the type of financial disharmony developed as a result of Mexico's devaluation of the peso in 1994. However, it was not until the widespread financial crisis in Asia in 1997/ 8 that action was taken (Wade, 2007a). This further induced the use of standards to ensure financial stability (Wade, 2007b). The inclusion of ISAs in the FSFs recommended list of standards (which also included the IMF's 'Code of Good Practices on Fiscal Transparency' and BCBS's 'Core Principles for Effective Banking Supervision') was significant. The ISAs were set by the International Auditing and Assurance Standards Board (IAASB). Public authority was placed behind private standards, giving a more important status in terms of corporate reporting processes (Humphrey et al., 2009).
Auditing won few negative critics since few reports blame auditors for the collapse of financial institutions. Furthermore, while FSF34 and BCBS (Basel Committee) reports supporting the significance of the external audit function, through a substantial number of recent reports and policy proposals of financial regulation and responses during periods of financial crisis make very little reference to audit (Humphrey et al., 2009).
In her work Colbert (2002) mentions that under International Standards of Auditing (ISAs), external auditors are responsible to communicate certain matters discovered during the financial statement audit with those charged to govern the respected entity. The standards encompass confidentiality as well as related to applicable laws and regulations. External Audit is limited to matters related to financial statements, explained by the fact that the demand arises from external users' desire for high quality and credible financial statements. Glass (2005) studied the relationship between internal and external audit in public sector and given the principle of independence of the external auditor, he noted that procedures and, all work of the external auditor in general, should be independent. Brody (2012) noted in his research that cooperation between internal and external audit in public services is important. In addition, he observed that the internal audit influences the way of work and the control tests of external auditors.
Correspondingly, Pilcher et al., (2013) attempted to determine the factors that play an important role in the efficient and effective interaction between internal and external audit in public administration, in the Australian public sector. Through a series of structured interviews, these researchers noted that regarding safeguards, external auditors prefer to rely on internal auditors' technical skills that have a deeper insight into the company. Finally, Goddard & Malagila (2015) studied the external audit of the public sector in Tanzania and noted that external audit procedures enhance the government's accountability to the public and protect the government from corruption.
In the literature concerning health care organizations, Krishnan (2005) studied the quality of external audit in public hospitals and noted inter alia that the auditor's term of office is an important factor in the quality of the external audit. The researcher noted that there is a negative correlation between the auditor's term of office and the quality control measures, such as discretionary accruals, the probability of failures in audit reports and the frequency of internal control problems. Marquez (2001) reviews a number of theoretical perspectives in order to increase the understanding of key determinants regarding health worker performance, including theories of behavior change, diffusion of innovation, health education, and social influence. Furthermore, he describes the main types of interventions that have been implemented in order to encourage health workers performance in accordance with standards. Notably, the audit of clinical performance and feedback of the information to the provider after the activity is mentioned as grave information linked to performance.
Management support includes provision of resources and structural changes to support performance according to standards, incentives and regulatory interventions. Information linked to performance, such as audit affects organizational factors that influence motivation, competence, and behavior. Furthermore, in 2008 Trig et al. argued that audit could establish the knowledge of different healthcare workers in order to ensure control precautions within clinical environments. Chien et al. (2010) studied the effectiveness of external control in large US public hospitals. In particular, they studied the role and quality of public hospital audit committees in controlling problems in financial reporting, based on audit reports submitted over a specific period of time. The researchers noted that the presence of a committee and the committee's specific quality characteristics of independence, financial expertise, and increased activity, positively correlate with reduced frequencies of internal control problems. Finally, Musau and Vian (2010) studied the ways to combat health care fraud focusing mainly on public hospitals, and they noted that external audit is highly effective in finding fraudulent activities, although fraud detection is not the primary objective of an external audit.

The quality of audit
The quality of the audit work is determined by the extent to which the external auditor complies with the Code of Professional Ethics, while its effectiveness depends on the auditor's knowledge and experience. External auditors follow the existing quality standards to ensure quality and efficient work. Furthermore, the quality of their work is formed through their cooperation with the employees of the audited entity.
Previous researches focused on the factors that influence the quality of audit of external auditors. Knechel (2016)

Principles and responsibilities of the external auditor
International Standards on Auditing define the principles and responsibilities of an external auditor. The external auditor needs to be independent in the performance of the audit work and when agreeing on the terms of the audit, ensure a common understanding of the responsibilities between him and the administration. Also, the auditor evaluates compliance with applicable laws and rules and communicates with corporate governance. Additionally, in accordance with the standards, the auditor requires from the administration to notify on the potential risks in cases the financial statements are found materially incorrect.
Independence is a fundamental principle of external audit. Audit independence refers to the ability and willingness of the external auditor to resist the pressure of the audited customer (Tepalagul & Lin, 2015). The International Standards on Auditing define that it is necessary for the external auditor to act independently in order to plan and conduct an effective and quality audit (Glass, 2005). The principle of independence helps the confirmation of the external auditor's financial reports since in the absence of this principle, the role of an external auditor would be unreasonable and their work would be conducted by internal auditors.
Moreover, an external auditor is responsible for obtaining reasonable assurance that the financial statements taken as a whole, are free from material misstatement, whether caused by fraud, error or omission (ISA 240). Finally, external auditors are required to express their opinion on the credibility of the financial statements as neutral and professional observers and without being influenced by personal bias during the audit (Alifantis, 2016).
Hence, we can formulate the first hypothesis that relates to the quality of the audit work with the general principles and responsibilities.
H 1 : The quality of the audit is positively related to the general principles and responsibilities.

Risk assessment by the external auditor
International Standards on Auditing set out the order of procedures undertaken by the external auditor for the risk assessment. The external auditor requests information from the administration regarding the entity's legal and regulatory framework of compliance, and at the same time collects sufficient information to understand the entity's environment. In addition, auditors assess the risk of material misstatement and plan the audit to ensure its effectiveness in accordance with the standards. Furthermore, they place the existing internal audit system under scrutiny to ascertain its adequacy and effectiveness.
The external auditor is responsible to plan the audit of the financial statements in such a way in order to be effective and efficient (ISA 300). The external auditor has to assess the fact that the risk of material misstatement affects external audit procedures and audit effectiveness (Lee & Park, 2016). The planning of the audit requires the auditor's understanding of the entity and its environment to be able to follow the appropriate control strategy and deliver the desired result.
In accordance with International Standard on Auditing 315, the auditor's understanding of the audited entity's environment gives him the ability to identify and assess any material risk as well as any inaccuracies or errors in the financial statements (Ho & Hutchinson, 2010). The auditor's objective based on his experience, professional judgment and training, is to set an acceptable level of sampling control (Lumiotis, 2013) in order to carry out quality work.
The above discussion leads to the second hypothesis that relates to the quality of the audit work with the risk assessment by the external auditor.
H 2 : The quality of the audit is positively related to the risk assessment.

Audit evidence
The International Standards on Auditing set out the actions of the external auditor to obtain sufficient and appropriate audit evidence. In the beginning, the auditor shall obtain sufficient and appropriate audit evidence to base his opinion. Then, among other things, he sends confirmatory letters and determines the way to collect samples so that he can identify any possible omission or error. At the same time, the auditor provides sufficient evidence to support the accounting estimates and seeks written representations from the entity's administration when auditing the financial statements.
The role of the external auditor is to investigate and examine the financial statements of the entity for possible mistakes, omissions or misleading information (Eilifsen et al., 2010), to ensure that the information provided is accurate and reliable for the users. Furthermore, according to Mihret and Admassu (2011), the external auditor is responsible for the audit of financial statements as well as the explanatory statement confirming to all interested parties that financial statements are reliable and true.
The external auditor is required to carry out quality audits to ensure the reliability and correctness of the financial statements. The quality of the audit is directly linked with the audit evidence, which is the collection of evidence in sufficient quantity and of the adequate quality in order to base the auditor's opinion on the reliability of the financial statements (Budescu et al., 2012). Audit evidence is acquired primarily through audit procedures but also from other sources. Audit procedures to obtain audit evidence can include inspection, observation, confirmation, recalculation, reperformance, analytical procedures and exploratory questions (ISA 500).
Hence, we can formulate the third research hypothesis that relates to the quality of the audit work with the audit evidence.
H 3 : The quality of the audit is positively related to the audit evidence.

Using the work of internal auditors
International Standards on Auditing define the actions an external auditor should perform in order to be able to use the work of internal auditor for the audit. Either using the work of third parties or not, the activities of the internal auditors need to be assessed. In addition, auditors have the option of using the services of a qualified expert whose work is then evaluated. Of course, the necessity of an expert's contribution is decided by the external auditor.
An important factor in the relationship between internal and external audit is the extent to which the external auditor can rely on internal audit (Al-Twaijry et al., 2004). Previous literature on the external audit of public services points out the importance of the internal and external audit cooperation (Brody, 2012) while Pilcher et al. (2013) observe that external auditors prefer to rely on internal auditors' technical skills.
The above discussion leads to the fourth hypothesis that relates to the quality of audit with the use of the work of others.
H 4 : The quality of the audit is positively related to using the work of others.

Research sample -questionnaire
The survey sample consists of 74 questionnaires answered by employees, men and women of various levels of education employed in the Economic Departments of the biggest health care organizations in Northern Greece.
The questions are based both on previous surveys and on discussions with internal and external auditors with previous experience in health care organizations. For the collection of the data, the questionnaire was sent to the relevant internal audit department of the health care organizations. Closed questions were used to avoid controversial interpretations, facilitate coding the answers and facilitate statistical analysis.
This questionnaire used closed questions, multiple choice questions and Likert-scale questions where the respondents were asked to state their degree of agreement or disagreement in a series of questions concerning the assessment of external audit services according to International Standards on Auditing and the quality assessment of the audit, which is moreover the subject of this research. The Likert-scale questions had the following options: "not at all", "to a small extent", "to a moderate extent", "to a great extent", "very much".
Descriptive statistics were used to analyze and interpret the data collected from a sample of 74 questionnaires.

Model
Considering the above literature review, five variables were selected to be considered in this research. The first is the "quality of the audit work", which is the dependent variable, while the other four independent variables are "general principles and responsibilities", "risk assessment", "audit evidence" and "use of the work of others". Consequently, four research hypotheses were developed for each of the independent variables.
Multiple regression analysis was performed to estimate the effect of the independent variables. The Ordinary Least Squares regression (OLS) was: The variables used are the following: QAW -Quality of audit work; PR -General principles and responsibilities; RA -Risk assessment; AE -Audit evidence; WO -Use of the work of others.

Generally
Demographic characteristics of the respondents regarding their position, educational level, age, work experience and gender are shown in Table 1. The table shows the total percentage of participants (100%), of which 87.8% are accountants and the remaining 12.2% occupies a different position from those proposed. Most of them have received higher education (55,4%) while 29,7% has a postgraduate degree. Regarding the age, 40.5% are between the ages of 41 to 45 and 25.7% are over 46. The work experience of the majority, that is the 68.9%, is over 10 years and 77% of respondents were men while 23% were women. Table 2 shows the descriptive statistics for the evaluation of the general principles and responsibilities of external auditors which were given through questions 6 to 10. Fifty percent of the respondents said that the auditor is "very much" independent during the audit while 32.4% that he is independent "to a great extent". Regarding the understanding of the responsibilities between auditor and administration 63.5% consider that it is "to a great extend" ensured. Furthermore, 43.2% said that the auditor evaluates the compliance to applicable laws and regulations "to a moderate extent" while 31.1% believes this to happen "to a small extent". Communication between external auditors and the administration is done "to a great extent" according to 45.9% of the respondents, while 44.6% of the respondents believe that written representations are requested by the administration "to a great extent" and 29.7% "very much". Table 3 shows the descriptive statistics for the evaluation of risk assessment by external auditors which were given through questions 11 to 15. Regarding the risk assessment, most respondents, 55.4%, consider that information concerning the legal and regulatory framework of the organization's compliance are requested by the administration of health care organizations "to a great extent". A majority of 54.0% of respondents believe that auditors collect all sufficient information to understand the environment of the organization "to a great extent". As for the risk assessment of material misstatement, 45.9% think that it is done "to a great extent" while 39.1% said it is done "to a moderate extent". 47.2% and 41.9% believes that the auditor is planning the audit to ensure its effectiveness at "to a great extent" and " to a moderate extent", respectively. According to 60.8% of the respondents, the checks on the effectiveness of the internal audit system are done "to a great extent". Table 4 shows the descriptive statistics for the evaluation of audit evidence obtained by external auditors which were given through question 16 to 20. A percentage of 39.2 of the respondents said that the auditor provides sufficient and appropriate evidence to establish his audit opinion "to a great extent" while 31.0% "to a moderate extent". The majority of 52.7% of respondents said that confirmatory letters are sent by the external auditors "to a great extent". Regarding the sample selection methods, 58.0% said that are followed "to a great extent" and 14.9% "very much". When asked whether the auditor provided enough evidence to support the accounting estimates he adopted, 51.3% replied that this was done "to a great extent" while 25.7% "to a moderate extent". Finally, as far as written representations are concerned, 52.7% and 31.1% said that are requested "to a great extent" and "very much" respectively. Table 5 shows the descriptive statistics for the evaluation of the use by the external auditors of the work of others which were given through questions 21 to 25. The fact that external auditors use the work of internal auditors during the audit "to a moderate extent" was stated by a 66.2% of the respondents, while 52.7% said that evaluation of the activity of internal auditors is done "to a great extent" and 37.8% "to a moderate extent". The help of a qualified expert is asked "to a moderate extent" by the external auditors, said 40.5%, but according to the 36.4% is asked "to a small extent". The work of a qualified expert is evaluated by the external auditors "to a moderate extent" according to the 39.2% of respondents and "to a great extent according to the 36.4%. Finally, 47.2% believe that the work of a qualified expert is "very much" necessary and 39.2% that is necessary "to a great extent". Table 6 shows the descriptive statistics on the evaluation of audit performed by external auditors which were given through questions 26 to 30. The Code of Professional Ethics is followed by the auditors "to a great extent" according to 55.4% of the respondents. Half of the respondents believe that the auditors have "very much" the appropriate professional knowledge to ensure the effectiveness of the audit and 37.7% "to a great extent". According to 44.6% of respondents, the auditors have "very much" the required experience to ensure the effectiveness of the audit. Moreover, the majority i.e. 64.8% believe that the audit follows the required quality standards "to a great extent". Finally, the cooperation of the external auditors with the employees of the health care organizations takes place "to a great extent" according to 48.6% and to "to a moderate extent" according to 40.6% of the respondents. Table 7 shows the analysis of variance ANOVA, in order to estimate the significance of the model and determine if there is a linear relationship between our variables. We see that there is a linear relationship between the variables. Therefore, independent variables contribute significantly to the interpretation of the quality of external audit and the model is statistically significant. According to Table 8, our first variable is the use of the work of others (variable WO, Beta = 0.309), the second is the risk assessment (variable RA, Beta = 0.250), the third variable is the audit evidence (variable AE, Beta = 0.244) and the fourth variable is the general principles and responsibilities (variable PR, Beta = 0.208).

Regression analysis
Moreover, in Table 8 we see that t = 0.200, and the p-value = 0.842 > 0.05. That means that the constant is not statistically significant for the model.
The same applies to the variable PR, which is the general principles and responsibilities. The t value is 1.849 and the p is 0.069 > 0.05. Therefore, the PR variable is not statistically significant for the model and we can remove it. For RA variable that is the risk assessment, t = 2.032 and p = 0.046 <0.05 and thus is statistically significant. For AE variable that is the audit evidence, t = 2.179 and p = 0.033 <0.0 and thus is statistically significant. The WO variable is the use of the work of others, with t = 3.800 and p = 0.00 0 <0.05 and is therefore statistically significant.
Consequently, we conclude that if we increase the "risk assessment" by one unit, the quality of the audit work will increase by 0.262 units, keeping all other variables stable. Furthermore, if we increase the variable "audit evidence" by one unit, then the quality of the audit work will increase by 0.286 units, keeping all other variables stable. Finally, if we increase by one unit the "use of the work of others" we will see the quality of the audit work to increase by 0.344 points, with all the other variables stable.

DISCUSSION
It is understood that quality is a very important factor in the proper functioning of the audit within an organization. From our initial assumptions, three out of four were confirmed as statistically significant.
More specifically, the first hypothesis (H 1 ) concerned the relationship between the quality of control and its positive effect on General Principles and Responsibilities. This relationship was not statistically significant. It could be understood that healthcare in Greece has not yet managed to deepen the compilation of audit standards with the general principles and responsibilities governing a health organization. This could be because of the lack of time required to encourage the administrative and audit staff to operate the above-mentioned concepts. At the same time, it should be noted that the public sector of Greece is logical to play a very important role in the qualitative application of both administrative and audit standards. Based on the effects of the economic crisis, the state mechanism seems to have several possible improvements in the application of international standards, mechanisms and rules.
The second hypothesis (H 2 ) conducted in this work concerned the relationship between the degree of audit quality and the improvement of Risk Assessment procedures. This relationship was confirmed and found to be significant and positive. This result can be interpreted by thinking about how one of the greatest goals for exploiting control is to prevent the risks and problems that arise through the operation of an organization or foundation. This seems to affect the quality of the work of external auditors as a mean of achieving risk avoidance and better coordination objectives.
The third hypothesis (H 3 ), depending on the audit quality relationship and the data emanating from it, appears to be confirmed by the statistics. This relationship appears to have similar characteristics to the second hypothesis. At the same time, there is also a reactive relationship between the elements of control and the necessary procedures. In the international literature, the audit is used for both corrective and preventive purposes. However, the lack of a significant correlation between audit quality and general principles but a simultaneous existence of a significant relationship with risk assessment shows that health organizations are mainly concerned with the treatment of problems rather than the optimal application of administrative and control standards.
The fourth hypothesis (H 4 ) examined the relationship between the quality of external audit and the work of third parties such as internal auditors and experts. The findings are also supported by similar works as found in the relationship of internal and external audits (Oussii & Taktak, 2018;Compernolle, 2018). The positive and significant correlation confirmed the hypothesis that the higher the quality of the third party processes and controls, the easier and more qualitative the work of external auditors. This could be the explained if audit in Greece is conducted mainly internally, through organizational processes and for specific cases. On the contrary, it appears that external control has not yet reached an important level in the Greek health organizations.

CONCLUSIONS
The present research investigates the correlation between the quality of audit and the influence of the factors of general principles and responsibilities, risk assessment, audit evidence and the use of work of internal audit in health care organizations of Northern Greece. The results are interesting considering the economic state and country size as understood by similar cases such as Cumbe and Inácio's (2018) which evaluated the impact of external audit on the management of the Common Fund of the Mozambique National Institute of Statistics (INE).
External auditors, when carrying out their work, comply with International Standards on Auditing about general principles and responsibilities. Regarding the risk assessment, it appeared that the adequacy and effectiveness of the existing external audit system was satisfactory, as 60.8% of the respondents find it satisfactory "to a great extent". As far as audit evidence is concerned, the respondents said that there are insufficient alternatives for acquiring audit evidence. The work of others is not used at all or is used to a very little extent, because most people believe that the auditors have the appropriate professional knowledge and expertise to ensure the effectiveness of the audit work.
The results of the multiple regression analysis showed that the first independent variable, which is the general principles and responsibilities, is not statistically significant variable, meaning it does not positively affect the quality of the audit work. On the other hand, the other three independent variables, risk assessment, audit evidence and the use of work of others, are statistically significant variables, meaning that they positively influence the quality of the audit work. This paper demonstrates how the quality of audit increases and improves depending on the level of the risks the health organization is trying to face, the necessary data needed and the work of internal auditors and experts. However, it appears that the general principles governing a health organization do not affect quality. This combination of hypotheses showed that Greek health organizations need to improve their functions and regulations to incorporate the audit standards and rules into their day-to-day administrative functions.
There are some limitations on our research, which should be taken into consideration when interpreting our results. Initially, the use of a questionnaire may threaten the internal validity of the research. Secondly, researchers recognize that other factors may be important in the evaluation of the external audit services complying with International Standards on Auditing. Thirdly, the survey was conducted in a single geographical area of the country and is based on a limited sample.
Proposals for further research include a nationwide research that will give a much larger sample and will cover all health care organizations. It is also proposed, a new research that could add more factors related to the evaluation of the work of external auditors such as the reduction of corruption (Farooq & Shehata, 2018). Finally, a worthwhile research could compare the evaluation of the audit work in health care organizations of Greece with those of the rest of Europe.