INTERNAL AUDIT FUNCTIONS AND FINANCIAL RISK MANAGEMENT AT GOAL

UGANDA

BY

DENIS TABU

19/MBA/KLA/WKD/0033

A RESEARCH DISSERTATION SUBMITTED TO THE SCHOOL OF MANAGEMENT

SCIENCES IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE

AWARD OF A MASTER’S DEGREE IN BUSINESS ADMINISTRATION

OF UGANDA MANAGEMENT INSTITUTE

JULY, 2023

i
 DECLARATION

I, Denis Tabu, declare that this dissertation entitled “Internal audit functions and financial risk

management, a case of GOAL Uganda” is my own original work and it has not been presented

and will not be presented to any other institution for any academic award. Where other people’s

work has been used, this has been duly acknowledged.

Sign ……………………………………. Date………………………………..

DENIS TABU

19/MBA/KLA/WKD/0033

i
 APPROVAL

This is to certify that this dissertation by Denis Tabu entitled, “Internal audit functions and

financial risk management, a case of GOAL Uganda” has been submitted for examination with

our approval as Institute supervisors.

Sign ……………………………………. Date………………………………...

Assoc. Prof. Gerald Karyeija Kagambirwe

Supervisor

Uganda Management Institute

ii
 DEDICATION

This dissertation is dedicated to my family members, especially my dear wife, my children, my

brothers and my mother for their financial support and moral encouragement.

iii
 ACKNOWLEDGEMENT

I am deeply indebted to my research supervisor Assoc. Prof. Gerald Karyeija Kagambirwe for

his patience with my inadequacies as they guided me through the research process. Without your

parental and professional input, this research would have been difficult to elevate to its current

level.

I acknowledge with gratitude the contributions and co-operation made by the respondents from

GOAL Uganda for their willingness to provide the necessary information when I visited their

company during the research process. Without their cooperation, this study would have been

impossible to accomplish.

I also thank my colleagues at Uganda Management Institute, persons who dealt with secretarial

work and those who read through the questionnaires and perfected the draft report.

I deeply treasure the contributions of all the above persons and ask God Almighty to richly bless

them.

TABLE OF CONTENTS

iv
DECLARATION............................................................................................................................i

APPROVAL...................................................................................................................................ii

DEDICATION..............................................................................................................................iii

ACKNOWLEDGEMENT...........................................................................................................iv

TABLE OF CONTENTS..............................................................................................................v

LIST OF TABLES.........................................................................................................................x

LIST OF FIGURES......................................................................................................................xi

LIST OF ABBREVIATIONS AND ACRONYMS...................................................................xii

ABSTRACT................................................................................................................................xiii

CHAPTER ONE............................................................................................................................1

INTRODUCTION.........................................................................................................................1

1.1 Introduction................................................................................................................................1

1.2 Background to the Study...........................................................................................................1

1.2.1 Historical background.............................................................................................................1

1.2.2 Theoretical background..........................................................................................................4

1.2.3 Conceptual background..........................................................................................................5

1.3 Statement of the problem...........................................................................................................7

1.4 General objective.......................................................................................................................8

1.5 Specific Objectives....................................................................................................................9

1.6 Research Questions....................................................................................................................9

1.7 Hypotheses of the study.............................................................................................................9

1.8 Conceptual Framework............................................................................................................10

v
1.9 Justification of the study..........................................................................................................11

1.10 Significance of the study.......................................................................................................11

1.11 Scope of the Study.................................................................................................................12

1.11.1 Content scope......................................................................................................................12

1.11.2 Geographical scope.............................................................................................................12

1.11.3 Time scope..........................................................................................................................13

1.12 Operational Definitions.........................................................................................................13

CHAPTER TWO.........................................................................................................................14

LITERATURE REVIEW...........................................................................................................14

2.1 Introduction..............................................................................................................................14

2.2 Review of the theory................................................................................................................14

2.3 Internal audit and financial risk management..........................................................................17

2.3.1 Financial audit and financial risk management....................................................................17

2.3.3 Operational audit and financial risk management................................................................21

2.4 Summary of literature review..................................................................................................24

CHAPTER THREE.....................................................................................................................25

METHODOLOGY......................................................................................................................25

3.1 Introduction..............................................................................................................................25

3.2. Research design......................................................................................................................26

3.3 Study population......................................................................................................................26

3.4 Determination of the Sample Size...........................................................................................27

3.5 Sampling techniques and procedure........................................................................................27

3.5.1 Purposive Sampling..............................................................................................................27

vi
3.5.2 Simple random sampling......................................................................................................28

3.6 Data collection methods..........................................................................................................28

3.6.1 Questionnaire survey method...............................................................................................28

3.6.2 Interview method..................................................................................................................29

3.7 Data collection instruments.....................................................................................................29

3.7.1 Questionnaire guide..............................................................................................................29

3.7.2 Interview guide.....................................................................................................................30

3.8 Data quality control.................................................................................................................30

3.8.1 Instrument Validity...............................................................................................................30

3.8.2 Instrument reliability............................................................................................................32

3.9 Procedure of data collection....................................................................................................33

3.10 Data analysis..........................................................................................................................34

3.10.1 Quantitative analysis...........................................................................................................34

3.10.2 Qualitative data analysis.....................................................................................................35

3.11 Measurement of variables......................................................................................................36

3.12 Ethical consideration.............................................................................................................36

CHAPTER FOUR.......................................................................................................................37

DATA PRESENTATION, ANALYSIS AND INTERPRETATION......................................37

4.1 Introduction..............................................................................................................................37

4.2 Response rate...........................................................................................................................38

4.3 Findings on Background Characteristics.................................................................................38

4.3.1 Gender characteristics of the Respondents...........................................................................39

4.3.2: Age of the respondents........................................................................................................39

vii
4.3.4: Time spent in the organization............................................................................................41

4.4 Empirical Findings according to the study objectives.............................................................42

4.4.1 Financial Risk Management.................................................................................................43

4.4.2 Financial audit and financial risk management....................................................................46

4.4.3 Compliance audit and financial risk management................................................................49

4.4.4 Operational audit and financial risk management................................................................52

CHAPTER FIVE.........................................................................................................................56

SUMMMARY, DISCUSION, CONCLUSIONS AND RECOMMENDATIONS.................56

5.1 Introduction..............................................................................................................................56

5.2 Summary of key findings.........................................................................................................57

5.2.1 Financial audit and financial risk management....................................................................57

5.2.2 Compliance audit and financial risk management................................................................57

5.2.3 Operational audit and financial risk management................................................................58

5.3 Discussion of the study............................................................................................................58

5.3.1 Financial audit and financial risk management....................................................................58

5.3.2 The extent to which Compliance audit and financial risk management...............................60

5.3.3 Operational audit and financial risk management................................................................61

5.4 Conclusion...............................................................................................................................62

5.4.1 Financial audit and financial risk management....................................................................62

5.4.2 Compliance audit and financial risk management................................................................63

5.4.3 Operational audit and financial risk management................................................................63

5.5 Recommendation.....................................................................................................................63

5.5.1 Financial audit and financial risk management....................................................................63

viii
5.5.2 Compliance audit and financial risk management................................................................64

5.5.3 Operational audit and financial risk management................................................................64

5.6 Areas for further study.............................................................................................................65

REFERENCES............................................................................................................................65

APPENDICES..............................................................................................................................75

APPENDIX ONE: QUESTIONNAIRE FOR THE ADMINISTRATIVE AND SUPPORT

STAFF...........................................................................................................................................75

APPENDIX TWO: INTERVIEW GUIDE FOR THE HEADS OF DEPARTMENTS AND

THE GOVERNING BOARD.....................................................................................................78

APPENDIX THREE: PLAGIARISM REPORT......................................................................79

LIST OF TABLES

ix
Table 3.1: Sample size determination............................................................................................27

Table 3.2: Results of content validity for research tools...............................................................31

Table 3.3: Reliability test results of research instruments.............................................................33

Table 4.4: Response Rate..............................................................................................................38

Table 4.5: Gender of respondents..................................................................................................39

Table 4.6: Descriptive statistics financial risk management.........................................................43

Table 4.7: Descriptive statistics on financial audit and financial risk management......................46

Table 4.8: Correlation Matrix for Financial audit and financial risk management.......................49

Table 4.9: Descriptive statistics on compliance audit and financial risk management.................50

Table 4.10: Correlation matrix for compliance audit and financial risk management..................52

Table 4.11: Descriptive statistic on operational audit and financial risk management.................53

Table 4.12: Correlation matrix for operational audit and financial risk management...................56

LIST OF FIGURES

x
Figure 1.1: The relationship between internal audit and financial risk management at GOAL Uganda.....10

Figure 4.2: Age of the Respondents...........................................................................................................40

Figure 4.3: Highest Level of Education the Respondents..........................................................................40

Figure 4.4: Time spent in the organization................................................................................................41

LIST OF ABBREVIATIONS AND ACRONYMS

CIAC Commissioner Internal Audit& Compliance

xi
CIIA Chartered Institute of Financial audit

IAC Internal Audit and Compliance

IAPS International Auditing Practice Statement

ICS Internal Control System

IIA Institute of Financial audit

IIARF The Institute of Financial audit Research Background

INTOSAI International Organization of Supreme Audit Institutions

IPPF International Professional Practices Framework

ISSAI International Standards of Supreme Audit Institutions

xii
 ABSTRACT

The study investigated the relationship between internal audit and financial risk management at
GOAL Uganda. The study was premised on the following research objectives; to examine the
relationship between financial audit and financial risk management at GOAL Uganda, to
establish the relationship between compliance audit and financial risk management at GOAL
Uganda and to determine the relationship between operational audit and financial risk
management at GOAL Uganda. The study adopted a cross-sectional survey design where both
quantitative and qualitative approaches were used. Out of the 56 questionnaires administered, 54
were returned correctly filled representing 96%. Out of 11 targeted key informants, 08 were able
to be interviewed implying a response rate of 72%. The Pearson correlation results as presented
in table 4.8 depicts a strong positive relationship between financial audit and financial risk
management at GOAL Uganda (r = .588). The study results further indicated a significant
statistical relationship between the study variables given that p-value (p=.000<0.05). Pearson
correlation results as presented in table 4.10 depicts a strong positive relationship between
compliance audit and financial risk management at GOAL Uganda (r = .477). The study results
further indicated a significant statistical relationship between the study variables given that p-
value (p=.000<0.05). Pearson correlation results as presented in table 4.10 depicts a strong
positive relationship between operational audit and financial risk management at GOAL Uganda
(r = .622). The study results further indicated a significant statistical relationship between the
study variables given that p-value (p=.000<0.05). The study recommended Internal audit
department of GOAL Uganda should keep internal audit control system, whereby those internal
audit control system through physical control and information processing creates strong
supervision, experience, technology improvement and skills to the internal auditors, the study
recommends that there is need for management to formulate dialogue forums with funded
organizations where rules and regulations to be set or already set can be evaluated in order to
enhance compliance levels. The management of the funded organizations in collaboration with
donor staff should evaluate the internal control infrastructure to enhance effective financial
controls that ensure funds are expended as budgeted and all loopholes are sealed. Importantly,
the internal audit function should be strengthened to have day to day controls of financial
transactions.

xiii
 CHAPTER ONE

INTRODUCTION

1.1 Introduction

Financial and non-financial businesses, individuals, and policymakers alike have turned their

attention to financial risk management. However, the investigation of risk stays a moderately

new discipline in finances and keeps on being refined (Lia, Hills & Hertwig, 2020). The troubles

of governing financial risk management have been uncovered by the financial market

emergency that started in 2007. According to Breger, Edmonds and Ortegren (2019), many

businesses that have established an internal audit function reap the benefits of enhanced ability to

respond to both internal and external risk in addition to process enhancements (such as

strengthened internal controls). The additional benefit of robust internal audit programs is that

they assist the organization's leadership in developing and implementing efficient strategic plans.

This chapter presented the background to the study, the statement of the problem, the objectives

of the study, research questions, research hypothesis, significance of the study, justification of

the study, conceptual framework of the study, scope of the study and definition of key terms and

concepts.

1.2 Background to the Study

This section presents the historical, theoretical, conceptual, and contextual backgrounds to the

study.

1.2.1 Historical background

After the Second World War, financial risk management began in Europe (Crockford, 1982).

Utilizing market insurance to shield individuals and businesses from a variety of losses brought

on by accidents has long been associated with risk management. In the 1950s, the realization that

1
market protection was overrated and inadequate led to choices to showcase protection, such as

management’s unadulterated wager. During the 1980s, organizations likewise sped up the

financial management. Financial institutions developed internal risk management models and

capital formulas to reduce regulatory capital and safeguard against unanticipated risks when

international risk regulation began in the 1990s. During this time, integrated risk management

was made available, risk management governance gained prominence, and the first positions of

risk managers were created. However, these guidelines, management rules, and risk management

procedures were insufficient to prevent the financial crisis of 2007 (Dionne, 2013).

In Africa, risk management emerged in 1950's when the vast majority of Ugandans began

opening the credit segments division to give credits to white settlers (Zhilkina and Anna 2022).

As per Worldwide Financial Asset (2016), D.R. Congo is one of the lacking nations in Africa

that has as of now advanced banking systems. The development of the financial system is closely

linked to the emergence of risk management in D.R. Congo. This can be followed back 1960

after the freedom of the country. Conflicts and wars that have impacted the Congo since

Independence Day have caused numerous crises for the country's economy. The nation's

framework, annihilated during the conflict, is immature and tormented with bottlenecks. The

economy has few exports or activities that add value and is heavily dependent on informal

activities and agriculture, which employs the majority of the workforce and accounts for the

majority of GDP (Catherine, 2020).

In Uganda, in the early 2000s, financial risk management in private firms came to light (Musabe,

2015). According to UNCTAD (2012), over 260 people attended a conference in Uganda in 2002

at the International Conference Centre Kampala to learn about financial risk management. The

Minister of Finance, Planning, and Economic Development (2020) stated that shareholders, the

2
Board of Management (BOM), Heads of Departments (HODs), and policymakers' financial

success was the primary cause of concern. However, there is a lack of consensus regarding the

most effective approach to analyzing such results. Researchers use such criteria, with ratios

being the most common, to figure out the financial risk management of the company. However,

other performance metrics like return on investment, added economic value, and return on

income have recently received more attention in addition to the financial aspect.

The history of internal audit is traced back in the Mesopotamia between 4000 and 3500 B.C.

(Ramamoorti, 2003; Sawyer, 2012). Organizations and states in Badara established standard

record-keeping procedures to alleviate concerns regarding assortment expenses and incorrect

receipt and dissemination bookkeeping (Ramamoorti, 2003; As per Badara (2012), public asset

structures in Babylonia, Greece, the Roman Domain, and the City Provinces of Italy all utilize

inner evaluating methods. Ramamoorti (2003) says that, by 3500 B.C., these designs had led to a

coordinated arrangement of checks to prevent accounting errors, distortion, and misdirection.

Starting around 1963, Uganda has followed Useful Inward Review Practices; Uganda gained its

independence from the Colonial Powers (Kaziba, et al., 2015) because it was during this time

that Uganda, a young free state, was establishing tasks to rebuild the entire population

organization with the specific goal of expanding liability, straightforwardness, and corporate

organization. Using a structured and disciplined approach to assess and improve the

effectiveness of financial risk management processes, internal audit can help an organization

achieve its goals, reduce risk, prevent fraud and corruption in public management, and add value

to the organization's processes and performance (Agumas, 2015). A proficient and compelling

affirmation of financial risk management is given by inner reviews, which distinguishes and

assesses the dangers to which the organization might be covered. Inside review, as per

3
Anghelache, Popescu, and Anghel (2018), additionally works with the making of vital

approaches that helped the organization in accomplishing its goals.

1.2.2 Theoretical background

The study adopted COSO model by (Larry, 1992). Committee of Sponsoring Organization of the

Tread Way Commission (COSO) was the major conceptual framework model that supports the

need for and importance of internal control structure in the study.

The COSO model asserts that management of organizations should consider all risks, internal

and external, that could mean that objectives are not achieved. Furthermore, risks that financial

statements could be materially misstated should also be considered. To his end, management

should estimate the significance of risk, determine the likelihood of risk occurring and determine

the impact or consequence of the identified risks on the organization. It is important for

management to identify control activities to mitigate the identified risks (AICPA, 2005; COSO,

1994).

Spencer Pickett (2005) states that organizations should have a process of identifying and

assessing risk. This is a very important aspect of the control system, because of risk is not

identified no foundation exists for knowing how the risks should be managed via implementation

of control activities (Spencer Pickett, 2005; Coetzee, du Bruyn, Fourie & Plant, 2010).

The COSO control framework highlights the objectives of internal audit functions, namely:

“efficient and effective operations; reliable financial reporting; compliance with laws and

regulations and safeguarding of assets” (Applegate & Wills, 1999). The COSO framework

stresses the importance of establishing an environment which makes managers aware of and

sensitive to the risks in their business units; they should then monitor the controls designed to

mitigate risks and take timely corrective action if control activities are not working as intended

4
(Thabit et al., 2017). The COSO framework emphasizes the importance of internal audit

functions and provides a basis for entities, in an attempt to ensure responsible corporate

governance and reliable financial reporting, to maintain due care of their systems of internal

control (Vanasco et al., 1995). Risk assessment involve supply chain activities that fail to arrive

on time, or changes in price and costs. Risk assessment also involves steps in identifying errors

and inaccuracies in transaction records, delays in reporting, and non-existence of financial

records (Mjaku & Pristina, 2019). Feedback from the risk assessment is fundamental to successful

determination of what level of risk the business faces and strategies it implements to counter the

threats (Pham, 2021). An understanding of the organization’s risk for fraud will provide insight

into where to focus management’s assessment efforts and also potentially identify risks that

could result in significant monetary or reputational loss to the organization if not properly

mitigated. Although many organizations have informally contemplated fraud risks in the past, the

2013 Framework highlights several points of focus that should be considered.

1.2.3 Conceptual background

In this section, internal audit functions and financial risk management variables were defined and

their dimensions.

Financial risk management is a practice of minimizing an organization's exposure to

uncertainties and risks. At the point when financial risk management is completed successfully,

it can assist with expanding an incentive for the association. In order to generate value for an

organization, financial risk management simply entails managing both the negative and positive

aspects of risks (Girangwa, Rono & Mose, 2020). According to the Institute of Internal Auditors

(2021), internal audit is a process that aims to improve and add value to a company's operations

5
while maintaining its independence and objectivity. The following definitions of operational

audit, compliance audit, and financial audit are used to measure this:

Financial audit is the examination and verification of a company's financial statements and

records. The auditor checks the company's records and statements to see if they accurately reflect

the financial situation and transactions of the company (Uddin et al., 2022). In addition, the

accounts are checked to see if they adhere to acceptable accounting standards and if the financial

statements were calculated and produced incorrectly or improperly.

Compliance audit means conforming to a rule, such as a specification, policy, standard or law,

(Peursem, 2020). Regulatory compliance describes the goal that organizations aspire to achieve

in their efforts to ensure that they are aware of and take steps to comply with relevant laws and

regulations. Due to the increasing number of regulations and need for operational transparency,

organizations are increasingly adopting the use of consolidated and harmonized sets of

compliance controls.

According to Anderson (2022), operational audit is the analysis of a company's business

practices). The goal is to identify areas for improvement that will make the company more

effective and efficient. Internal auditors typically carry out operational audits, though specialists

can be hired to carry out reviews in their specific fields. The management teams, particularly the

managers of the areas that have been reviewed, are the primary users of the audit's

recommendations (Ondieki, 2021).

1.2.4 Contextual background

GOAL has been working in Uganda since 1979. With a programme expenditure of €8M in 2022,

more than 120 staff work across six office locations. Together they deliver humanitarian and

sustainable development programmes that build community resilience and support socio-

6
economic growth. Within this, there is an active focus on health, WASH, and agricultural

livelihoods. Internal auditing is an activity of strategic importance in what concerns the control

and management processes at the level of the economic entities. It helps an organization

accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve

the effectiveness of financial risk management, control, and governance processes” (Mermod &

Sungun, 2013). The primary objective of an internal audit is to provide leadership (including the

board of directors and the organization’s executive team) with the highest level of independent

assurance and recommendations related to the effectiveness of internal controls, governance, and

financial risk management processes. The primary differences between internal audit and an

external financial statement audit are the concept of materiality and scope. External audit focuses

on providing assurance that financial statements are free from material misstatements. This

means that external financial statement auditors focus primarily on financial reporting risks.

Internal auditors use a broader risk assessment process, which places less weight on the financial

materiality of an audit area and focuses more on the holistic impact a risk event could have on

the organization (Tessar, 2016). In the context of GOAL Uganda, the growth in size, influence

and operations and the increasing use of information technologies has brought complexity of

business transactions and concealed emerging risks, the role of internal audit function is

becoming increasingly important and the range of tasks performed by internal auditors is

growing.

1.3 Statement of the problem

Today, non-profit organizations are experiencing significant global expansion and have a broad

impact on communities; they provide a variety of services that make life better for many people.

Non-profit organizations face constant pressure to demonstrate accountability and performance

7
from authorities, watchdog organizations, rating agencies for charities, funders, and the public

(Panigrahi, 2021). GOAL Uganda faces failure to use appropriate risk metrics, mismeasurement

of known risks, failure to take known risks into account, failure in communicating risks to top

management, failure in monitoring and managing financial risks and mistakes in assessing the

probability or the size of losses (GOAL Uganda performance report, 2022). This is as a result of

lack of compliance with donor terms of contracting that dissuades the latter’s capacity to

disburse funds. Lack of compliance has resulted to massive waste of resources and slowed social

economic development among the beneficiary communities, (Onyeanu et al., 2022). It is

therefore important for GOAL Uganda to adopt strategies, policies, and procedures to be able to

manage its risks effectively and efficiently in terms of financial audit, compliance audit and

operational audit. Despite the above policies, financial risk management at GOAL Uganda

remains a challenge. Financial risks are inherent in the conduct of business of the nonprofit

institutions and can represent both opportunities and threats. Since some undesirable risks cannot

be eliminated entirely, they must be managed based on their significance, for instance the scope

and frequency of the effects they are likely to have on the organization if they materialize (Hull

& John, 2023). It is against this background that the study will investigate the relationship

between internal audit and financial risk management at GOAL Uganda.

1.4 General objective

The overall purpose of the study was to investigate the relationship between internal audit and

financial risk management at GOAL Uganda.

8
1.5 Specific Objectives

i. To examine the relationship between financial audit and financial risk management at

GOAL Uganda.

ii. To establish the relationship between compliance audit and financial risk management at

GOAL Uganda.

iii. To determine the relationship between operational audit and financial risk management at

GOAL Uganda.

1.6 Research Questions

i. What is the relationship between financial audit and financial risk management at GOAL

Uganda?

ii. What is the relationship between compliance audit and financial risk management at

GOAL Uganda?

iii. What is the relationship between operational audit and financial risk management at

GOAL Uganda?

1.7 Hypotheses of the study

H1: There is a positive relationship between financial audit and financial risk management at

GOAL Uganda.

H2: There is a positive relationship between compliance audit and financial risk management at

GOAL Uganda.

H3: There is a positive relationship between operational audit and financial risk management at

GOAL Uganda.

9
1.8 Conceptual Framework

The expected relationship between the study variables is illustrated by the conceptual

framework, according to Swaen and George (2022). It outlines how your research method’s

pertinent objectives fit together to provide logical findings. Internal audit functions are the

independent variable in this situation, and financial risk management is the dependent variable.

Internal Audit Functions (I.V)

Financial Audit
 Expense approvals
Financial risk management (D.V)
 Accrual accounts
H1
 Separation of duties
 Risk Detection
Compliance Audit
H2  Risk Prevention
 Standards & Regulations
 Risk Mitigation
 Policy Controls
 Independence H3

Operational Audit
 Resource allocation
 Asset Security
 Streamline Operations

Figure 1.1: The relationship between internal audit and financial risk management at

GOAL Uganda.

From Figure 1 above, the independent variable is internal audit, and the dependent variable is

financial risk management. The dependent variable is assessed in terms of the financial audit,

which has as its subthemes expense approvals, accrual accounts, and separation of duties, the

compliance audit, which has as its subthemes standards & regulations, policy controls, and

independence, and the operational audit, which has as its subthemes resource allocation, asset

10
security, and streamlining operations. Financial risk management is the dependent variable, and

it is measured with regards to risk identification, prevention, and mitigation. It is anticipated that

any change in any dimensions and or its items of the dependent variable will have change on

dimensions of the independent variable. For example, better financial reviewing will bring about

higher income development.

1.9 Justification of the study

An appropriately coordinated inner review capability can assume an essential part in non-benefit

organizations, by evaluating the arrangement of internal controls, viability of key controls,

administration, and financial risk management processes. Today, as cycles and activities have

become more perplexing and new dangers arose, organizations are presently focusing harder on

financial risk performance (Agon Ferati, Hysen Ismajli, and Mimoza Guda Ferati, 2017). This

study helped stakeholders better understand the significance of the internal audit function as one

of an organization's most important managerial control systems. The administration of the non-

benefit associations actually wants to search for approaches to making internal review a totally

free capability from the administration, in this manner making it more successful (Ondieki,

2013).

1.10 Significance of the study

The study may help management comprehend the role that the internal audit function plays in

their organizations, as well as the challenges they face and the strategies they use to overcome

those challenges. It could enable them to know whether their advantage areas in audit division

are beneficial. Likewise, senior administration ought to know about and study the internal audit

capability’s authenticity and mission to expand its viability in helping administration, control,

and financial risk management frameworks.

11
The study may add to the existing body of knowledge regarding the connection between the

internal audit function and financial risk management. In addition, the study may identify future

research areas that may assist subsequent researchers in carrying out additional research in this

area.

The significance of this study cannot be overstated. The partners of different associations would

enormously profit from this exploration. The aftereffects of this study may fundamentally

decrease the expense of hazard in financial activities.

The study may also aid in the development of knowledge about risk management strategies,

operational risk management, the field of operational financial risk management, and control

practices in organizations.

1.11 Scope of the Study

The scope of the study covered the content scope, geographical scope, and time scope.

1.11.1 Content scope

The study focused on internal audit functions (as the independent variable), and financial risk

management in non-profit organizations. The independent variable is further broken down as;

financial audit, compliance audit and operational audit since they are major variables that

determine internal audit functions.

1.11.2 Geographical scope

The study focused on GOAL Uganda Head office Kampala and Bugiri field office. The locations

are chosen because their composition captured the research objectives, providing a better insight

into the operational areas of the non-profit organization. The respondents are also readily

available to facilitate the research process because there is a high concentration of target

employees and senior management staff in the specified locations.

12
1.11.3 Time scope

The research study reviewed the period between 2013 and 2023, a time space the researcher

believes was adequate to collect information enough to draw credible conclusions. This is

because financial risks are inherent in the conduct of the business of nonprofit institutions and

can represent both opportunities and threats. Since some undesirable risks cannot be eliminated

entirely, they must be managed based on their significance, for instance the scope and frequency

of the effects they are likely to have on the organization if they materialize.

1.12 Operational Definitions

Audit: An independent thorough investigation of something. The possibility of the audit may be

money related, consistency, practical, or performance. Reviews of budget summaries are ended

to ensure that reports on fiscal summaries are exact and ended.

Assurance: Incorporates the decline of weakness and vulnerability. Surveys give confirmation to

clients concerning the object of the audit.

Internal Audit: A kind of impartial, independent assurance and consulting that aims to make an

organization's operations better and make it less likely that it will fail to meet its strategic and

operational goals. By inspecting an association's financial risk management, control, and

administration cycles and covering the discoveries to management, administering sheets, or

partners, it satisfies this capability.

External audits: Reviews are typically carried out by review firms that employ guaranteed public

bookkeepers and are constrained by the content. Although the board and staff are planned to use

these reviews, outside partners are expected to use them.

Audit finding: A review finding, also known as a lack, is a condition in which the outcomes of a

review technique depart from the stated goal, standard, or expected condition.

13
 CHAPTER TWO

LITERATURE REVIEW

2.1 Introduction

This chapter studied and present existing literature on the relationship between internal audit and

financial risk management at GOAL Uganda. The study was specifically premised on the

following research objectives; to examine the relationship between financial audit and financial

risk management at GOAL Uganda, to establish the relationship between compliance audit and

financial risk management at GOAL Uganda and to determine the relationship between

operational audit and financial risk management at GOAL Uganda. Literature was drawn from

secondary sources such as journal articles, policy documents and reports. The literature study

chapter constituted the theoretical, conceptual, the actual study in relation to the specific

objectives of this study and the summary of literature study.

2.2 Review of the theory

The study adopted the Committee of Sponsoring Organization of the Tread Way Commission

(COSO) model) Committee of Sponsoring Organization of the Tread Way Commission (COSO)

was the major conceptual framework model that supports the need for and importance of internal

control structure in the study. The Criteria for Control (COCO), the System Auditability and

Control (SAC), (CORBIT) Models and the Control Objective for Information and Related

Technology are discussed to support the argument that strong internal control system contributes

to growth and sustainability of retail companies (Hayek et al., 2014; Leng & Zhao, 2013).

The purpose of COSO group members was to ensure that businesses have the necessary

information that helped them operate successfully, and meet their objectives (COSO, 2013). In

its IGPG, the IFAC stated that the purpose of COSO was to develop information that business

14
managers could use in implementing internal control systems. The framework serves as a model

that businesses can use to guide against failure, improve operational performance, and enhance

value creation and preservation. In addition, information derived from COSO resulted in

strategies that can promote risk management. An interesting feature of the COSO internal control

model is how applicable it is to all types of business structures and compositions. Big and small

retail companies have the potential to benefit from the models. Furthermore, all the components

of the model complement or build on each other, and as a result, improve enterprise effectiveness

and capabilities (COSO, 2013; Meek, 2013).

Despite the benefits associated with implementing the COSO Framework, it is not without its

limitations. The most significant of these limitations is that the framework can be difficult to

implement for two main reasons. First, the framework is relatively broad in scope, which means

that it can be applied to a wide variety of organizations and processes. But this broad scope also

means that the framework lacks a significant amount of prescriptive guidance. The second

limitation that can make the framework difficult to apply is its organizational structure. The

COSO Framework is broken into a series of rigid categories. Organizations often find that there

are certain processes that could conceivably fall into multiple categories, or that do not align well

with any of the categories. As such, organizations will often have to make some tough decisions

when implementing the framework.

The recent enterprise risk management (ERM) framework published by COSO is new, lengthy,

and inherently flawed. Before it becomes the basis for future regulatory oversight, changes need

to be made, including updating of the internal control framework and an overhaul or removal of

the Evaluation Tools. I can't think of a document that has had more influence on thinking about

internal control than the Committee of Sponsoring Organizations of the Treadway Commission's

15
(COSO's) "Internal Control Integrated Framework." It is endlessly quoted and paraphrased in

control and governance documents for different sectors and has recently become the de facto

standard for controls over financial reporting thanks to the Security and Exchange Commission's

(SEC's) interpretation of the Sarbanes-Oxley Act of 2002 (SOx). Thousands of people have

written hundreds of thousands of pages about their internal controls using formats taken from

this framework.

This theory excludes the possibility of integrated uncertainty management that deals with both

unexpected good and bad events in one approach. Another problem is the many examples of

rating risk items for their probability and impact. When risk register items are rated using (1) a

number for probability of occurrence, and a number for impact on occurrence, their risk is

systematically understated. It is hard to see the problem when ratings are as rough as

High/Medium/Low, but when numbers are given, the fault is obvious. The framework is also

overly narrow, something else that would have been less likely to happen with a shorter

document. For example:

 The framework effectively excludes use of risk management methods that do not involve

explicit event identification and risk assessment. In practice, most risk responses are put

in place without explicit event identification and risk assessment, and this is an efficient

and reliable approach.

 The framework has no place for methods of designing risk responses that do not involve

writing responses against a list of risks. This unnatural method leads to piecemeal design.

Would an architect design a building by listing the required windows, doors, and walls?

Hardly. This way leads to rooms without doors, walls that do not join up, and main

entrances that open directly into the kitchens. The framework is written on the basis that

16
 risk management is a way to be more confident of reaching objectives that are givens.

Uncertainty should be considered in setting and revising objectives.

2.3 Internal audit and financial risk management

This section reviews literature according to the study objectives as indicated below;

2.3.1 Financial audit and financial risk management

As per El Gharboui and Chraibi (2021), changes in financial review, proficient skill, inner

control, and freedom of inside review added to a more noteworthy variety in business

associations' financial risk management. This demonstrates that changes in commercial

organizations' financial risk management July be attributed to shifts in professional competency,

internal control, financial audit, and internal audit independence. Financial audit, independence,

professional competency, and internal control were also found to be strongly correlated with

commercial organizations' financial risk management. Involving Kibaha Region Gathering as a

contextual analysis, Anwer (2021) assessed the inner review benefits unit's viability in

safeguarding public assets in LGAs in Tanzania. An illustration of 25 respondents was used to

give research data. As per the review, the board's laxity in lying out, maintaining, and directing

interior controls added to the committee's assets' absence of sound interior control, as reflected in

the Inner Evaluator's reports. The study also showed that the Internal Audit Unit lacks

independence when it comes to audit functions like reporting and work program. This study

identified a number of other issues that review units faced, including a lack of financial and

material support, executive support for reviewing proposals, fundamental skill deficiencies, and

inadequate financial review knowledge and experience. However from the literature review

much have put forward as criticism by the researcher where the researcher found that much have

been said about internal audit functions and risk management but nothing talked about how

17
internal audit functions can be effective so that to enhance risk management in effective way in

public sector.

Egiyi & Okafor (2022) looked at the independence of internal audits and financial risk

management in small and medium-sized businesses. The financial audit lacked the freedom to

effectively comment on the organizations' financial statements, as the researcher could clearly

see that some Mombasa County construction companies did. A couple of records in specific

affiliations were not gotten to by the evaluators to engage them play out their work thoroughly.

In some businesses, auditors were treated like members of management, making it difficult for

them to form an independent opinion regarding the financial statements. In some cases, the

management of the businesses did not know that the auditors had the right credentials. The

inspectors played their pieces of ensuring that the organization of the associations delivered their

commitments through giving them the normal advice (ElHaddad & Alfadhli, 2020).

Conti, Cesare and Mauri, Arnaldo (2020) explored the impact of internal audit control structure

on money related risk the board in Somalia-Mogadishu private affiliations. The section profile of

the respondents was age, direction, ability and experience. The primary objectives were to assess

the helpfulness of inside control systems in Mogadishu private affiliations and to check out at

money related risk the leaders of private relationship in Mogadishu. The study used descriptive

analysis, and its 33 participants were accountants, finance directors, chief cashiers, and private

organization managers in Mogadishu. A questionnaire was used as a research instrument. Most

of private associations in Mogadishu, as per the review's discoveries, have adequate assets to

accomplish their expected goals. In a similar vein, the division of responsibilities is evident.

However from the literature review much have put forward as criticism by the researcher where

the researcher found that much have been said about internal audit functions and risk

18
management but nothing talked about how internal audit functions can be effective so that to

enhance risk management in effective way in public sector.

The Tony Blunden's Thirlwell, John (2021) investigated what inner review control frameworks

meant for financial risk management in little and medium-sized organizations in the city of

Kisumu, Kenya; specifically assessing the link between internal control systems and return on

investment and assessing an entrepreneur's level of business knowledge regarding internal audit

control systems and their effect on financial risk management. The sample from the study

population was chosen using stratified and simple random sampling techniques. The research

utilized both qualitative and quantitative methods; modifying the research plan for a cross-

sectional study (Horvey et al., 2019). The concentration explicitly found a connection between

critical changes in financial risk management and the frameworks of inside controls. The

findings of the review lead one to believe that the financial risk executives of Kenya's public

water organization face is significantly influenced by the internal control frameworks supported

by the findings.

2.3.2 Compliance audit and financial risk management

As per Bouteina (2021), the consistent survey strategy requires improvement across key periods

of the interaction including arranging, hands on work, revealing, quality confirmation and

documentation. Access to specialized investigative services that provide capacity and directly

relevant expertise for the conduct of compliance investigations would also be advantageous to

the function. The current method focuses on checking every piece of information provided by

donor-funded organizations in their annual disclosure returns for accuracy in detail.

According to Enekwe, Nwoha, and Udeh (2020), testing a smaller sample of transactions in this

manner and allocating the additional time to the risk of understatement could improve efficiency

and ensure that the presented information does not conceal items that should be disclosed in the
19
annual return. There is insufficient evidence or appropriate documentation to support whether

these procedures are being carried out appropriately and inconsistent testing of completeness is

being done. Another criticism put forward by the researcher is that internal audit functions in

public sector does not have full independence where internal auditor can give unbiased opinion

concerning the fraudulent cases found or identified, with this lack of full independence leads to

the internal audit functions in public sector being not effective in revealed all cases regarding

poor management of public resources hence better risk management. Therefore, the researcher

found that much has been talked but the issue of independence in the literature was ignored by

different authors reviewed and this study seeks to cover these gaps.

Normalized, standard and sufficient detailing, in consistence with pertinent administration,

financial bookkeeping and revealing necessities (considering public regulations and worldwide

great practice) address a significant part of NGO straightforwardness, with the view to making

essential information accessible to the general population or oversight bodies on NGO tasks,

(Stanley and Myint, 2022). In certain nations, such exposure explanations and reports are

expected by the state. An annual information return is required of non-governmental

organizations (NGOs) applying for tax exemption in the United States, for instance, to provide

comprehensive data on their finances, organizational structure, and program. Similar restrictions

also be included in the reporting requirements of some management.

The compliance audit approach is the second one. In this method, the audit team looks for

violations of the law and company policies or procedures by sampling portions of the human

resource information system. The team can determine whether the company's policies and legal

regulations are being followed through their facts-finding efforts. Past activities are inspected to

decide whether these conform to regulation and company strategy (Okolocha, 2020). The

20
primary goal of the compliance audit approach is to provide principles and direction to

businesses that are developing, implementing, or enhancing a conformity program. The

consistency review covers lawful prerequisite, industry and hierarchical norms and codes, the

standards of good administration, implicit set of rules and moral principles. The establishment of

a compliance audit is the primary focus, as it will strengthen additional principles of commitment

to implementation, control and measurement for continuous improvement, and effective control

obligation to address the critical points of compliance risk.

2.3.3 Operational audit and financial risk management

Performance auditing is described as engagements that provide assurance or conclusions based

on an evaluation of sufficient, appropriate evidence against stated criteria, like specific

requirements, measures or defined business practices (Bajra, & Čadež, 2018). It is further posited

that control systems play a more vital role in private organizations due to their dynamic and

complex environments, which generate more risks for the firm. As such, Operational audit ought

to be both important and effective in private than in public organizations. Importantly, it is

averred that five standards for internal auditing include interdependence, professional

proficiency, the scope of work, and performance of the audit and management of the internal

audit department. It is asserted that auditors must comply with minimum continuing education

requirements and professional standards published by their relevant professional organizations

and the Institute of internal audit (Thanh, 2022).

According to Favour-Orluogwo, Chimzi and Bosede (2023), the purpose of auditing standards is

to delineate basic principles that represent the practice of Operational audit; provide a framework

for performing and promoting a broad range of value-added internal auditing; establish the basis

for the evaluation of internal audit performance; and foster improved organizational processes

21
and operations. In Nigeria, a study by Jiang, Messier and Wood (2019) indicated that risk based

audit increases the ability of the auditor to detect fraud and as a result be able to assist in

bridging the audit expectation in the country.

Carcello, et al (2018) revealed that risk assessment of material misstatement at the financial

statement level and also at the planning stage, clarifies the direction on performing a combined

assessment of inherent and control risk, thus leaving the ability for the auditors to assess other

risk factors in an audit. In their examination of the effects of the role of the board of directors in

assisting in the formulation of corporate strategies on the auditors’ planning judgments, they

established that auditors respond to the role of the board when making judgments with respect to

control risk assessments.

Abba and Sadah (2020) explored GOAL Uganda financial audit risk assessment practices and

that's what spread out, most relationship in Kenya were as of now drafting the ERM cycle and

methods as per risk assessment. Associations face functional risk notwithstanding credit,

liquidity, and market risk. Even though all of these risks are connected, this thesis only focuses

on operational risks and how to manage them. In this way, any remaining kinds of

disappointments are fundamentally less huge while working misfortune isn't the biggest

misfortune. In addition, ineffective financial risk in management framework as a whole and

ORM, which became particularly significant following the GFC, has caused numerous

businesses to fail and experience financial difficulties. From the literature much have been said

but nothing said about this issue of implementation and the researcher criticize this weakness

found as internal audit functions cannot be effective without proper implementation by the

concerned parties. Another criticism put forward by the researcher is that internal audit functions

in public sector does not have full independence where internal auditor can give unbiased

22
opinion concerning the fraudulent cases found or identified, with this lack of full independence

leads to the internal audit functions in public sector being not effective in revealed all cases

regarding poor management of public resources hence better risk management and this study

seeks to cover the gaps.

Hierarchical funds and their groups can diminish working misfortunes brought about by

surprising and unforeseen events through financial risk management. Moreover, financial risk

the board helps with recognizing valuable open doors and matching an organization's risk

craving to its business system (Fitri, Chomsatu & Dewi, 2020). Financial risk the board intends

to limit the risks associated with a specific project to a level that is satisfactory to the

organization. Financial risk management is the right thing to do because it helps a company find

events and problems that could stop it from achieving its goals. There is no one-size-fits-all

configuration for risk monitoring. This is due to the variety of risks and the possibility that they

originate from multiple sources. Regardless, to quickly recognize and proactively manage

various risks, affiliations should cultivate coordinated, advancing cycles. Affiliations could

perceive, control, moderate, stay away from or yield faces a challenge with thinking about the

get-together of the bet (Girangwa et al., 2020).

From the literature much has been said but nothing said about this issue of implementation and

the researcher criticize this weakness found as internal audit functions cannot be effective

without proper implementation by the concerned parties. Another criticism put forward by the

researcher is that internal audit functions in public sector does not have full independence where

internal auditor can give unbiased opinion concerning the fraudulent cases found or identified,

with this lack of full independence leads to the internal audit functions in public sector being not

23
effective in revealed all cases regarding poor management of public resources hence better risk

management.

Horvey, Alale, and Karikari (2019) noted that enterprise financial risk management (ERM) has

grown in popularity as a more comprehensive, transparent, integrated, and strategic strategy for

identifying and addressing potential risks within an organization. Venture Financial risk

management has in a general sense changed how dangers are conceptualized. Rather than the

regular origination of financial risk the board as an irregular, tight capability, venture financial

risk management is persistent and complete. In contrast to traditional financial risk management,

enterprise financial risk management exploits potential opportunities by taking a more adaptable

approach to risks (Girangwa et al., 2020). Financial risk management is assumed to be

influenced by operating audit in the study.

2.4 Summary of literature review

Several studies (Cohen and Sayag, 2010; Kasiva, 2012); the factors of the ongoing review (risk

assessment, risk-based planning, executive financial risk, internal examining standards, and

board financial risk) have been compared to Cummins. However, it appears that very few, if any;

studies have been done on how internal auditing standards, risk assessment, risk-based planning,

financial risk management, and organizational financial risk management affect Kenya's

insurance companies. The aforementioned research gap had to be filled by the current study.

Among other things, Harrison (2015) looked at how small and medium-sized businesses'

financial risk management was affected by internal audit independence: Kagashe (2008) viewed

at Kibaha Region Board as a contextual investigation to perceive how well the inside review

administrations unit safeguarded public assets in Tanzanian nearby government regions (LGAs).

a case study of a construction company in Mombasa Locale, Kenya; however, the

24
aforementioned studies did not focus on the aspects of internal survey opportunity that influence

the Money-related risk of affiliation chiefs. These aspects include the independence of internal

audit chamber, openness of internal audit board, internal audit reports, plans of internal audit,

and affiliation's financial arrangement. Furthermore, the aforementioned studies did not discuss

the positive outcomes of the components of internal survey opportunity that contribute to

financial risk of affiliation chiefs.

Mwakimasinde, Odhiambo, and Byaruhanga (2014) conducted research on the financial risk that

executives of sugarcane out cultivator organizations in Kenya took as a result of inside review

control frameworks. Abdi (2015) conducted research on the financial risk posed by the board of

private associations in Somalia-Mogadishu by inward review control frameworks. The

characteristics of inward audit control structures, for instance, genuine control, control

conditions, information taking care of and sharing, risk assessment, really looking at money

related activities, and plan of affirmation on splits the difference, that vehemently add to

affiliations' financial bet the leaders were not analyzed in the assessments that investigated the

effects of internal survey control systems on money related bet the board.

CHAPTER THREE

METHODOLOGY

3.1 Introduction

25
This chapter comprised of research design, study population, determination of sample size,

sampling techniques, data collection methods, data collection instruments, quality control, data

collection procedures, data analysis and measurement of variables.

3.2. Research design

Research design is the strategy, plan, and structure of a research project (Sileyew, 2020). The

study adopted a cross sectional survey design. Cross sectional design was employed to obtain

information from a large group of respondents just one time, in a single session without any

follow-up once the information is obtained (Sileyew, 2020). In supplement, the study adopted a

triangulation of both quantitative and qualitative data. Quantitative approaches enabled

collection of numerical data in order to explain, describe, understand, relationship. It enabled

the researcher to quantify the views of respondents towards certain variables and draw statistical

conclusions. Qualitative approach helped the researcher to better understand motivations, needs,

processes, and rationale for behaviors (among other things). It provides deep insights into a

situation, and helps form ideas or hypotheses for potential quantitative research (McCombes,

2023).

3.3 Study population

As defined by Stratton (2021), a population is a complete set of all individuals who share a

common observable characteristic. The participants in this study were GOAL Uganda

employees. The population comprised heads of departments and governing boards and

managerial and support staff. GOAL Uganda will serve as a unit of analysis in this investigation,

while its employees served as a unit of inquiry. The study population clearly defined the

research's scope, goal, and data types. The population category will include 6 Heads of

department and governing board, 5 Governing board members and 70 administrative and support

26
staff was considered for the study.

3.4 Determination of the Sample Size

Mooney (2019) defines a sample size is a subset of a specific selected population. A sample was

chosen from GOAL Uganda's employee population. A total of 67 of the 76 employees in the

population were sampled. Krejcie and Morgan’s statistical tables (Krejcie & Morgan, 1970) were

used to achieve this. Table 1 depicts the sampling methods, sample, target population, and its

composition.

Table 3.1: Sample size determination

Category Population Sample size Sampling technique

Heads of department and 6 6 Purposive sampling
governing board
Governing board 5 5 Purposive sampling
Administrative and support staff 70 56 Simple random
sampling
Total 81 67
Source: GOAL Uganda Human Resources Records (2022)

3.5 Sampling techniques and procedure

The study utilized probabilistic and non-probability strategies to select participants. Particularly,

the study considered using simple random and purposive sampling techniques to attain the

sample.

3.5.1 Purposive Sampling

A non-probability sampling strategy in which researchers employ their expertise to select

specific participants who assisted the study in achieving its objectives is known as "purposeful

sampling" (Nikolopoulou, 2022). These subjects have specific qualities that the specialists need

to assess their exploration question. Because it saves time and money, this method is considered;

According to Thomas (2020), it made it possible for the researcher to acquire a comprehensive

comprehension of the issue as well as information that is more comprehensive, useful, and

27
focused. Purposive sampling was used to select heads of department and governing board.

Interviews were conducted with the determined since they are more informed about the study

problem.

3.5.2 Simple random sampling

Simple random sampling is a type of probability sampling in which the researcher randomly

selects a subset of participants from a population. Each member of the population has an equal

chance of being selected. Data is then collected from as large a percentage as possible of this

random subset (Thomas, 2020). This sampling technique will be used because it ensures that

every member has an equal chance of being recruited into the sample and also eliminates bias in

data collection. The study used simple random sampling to select Administrative and support

staff.

3.6 Data collection methods

The study makes use of both primary and secondary data collection strategies. The essential

information was gathered using quantitative and quantitative methods. The study will use both

primary and secondary sources of data collection. Quantitative and qualitative methods were

utilized to collect primary data (Bhandari, 2023).

3.6.1 Questionnaire survey method

According to Muhammad and Kabir (2018), a questionnaire is a method for collecting survey

data in which information is obtained via written or oral questionnaires. In order to collect the

necessary data for the study, questionnaires were administered to administrative and support

staff. The researcher was able to gather a lot of data quickly and inexpensively by using

questionnaires. This time, respondents were given closed-ended questionnaires with the

assistance of research assistants. This was used to gather their opinions based on the review's

28
specifics (Mutepf, 2019). Also, the surveys gave the respondents more than adequate chance to

think about their reactions, forestalling hurried reactions, which will further develop Validity and

precision.

3.6.2 Interview method

Interview is a conversation between two or more people where questions are asked by the

interviewer to elicit facts or statements from the interviewee. One individual or gatherings are

evaluated at a time through this one individual to another verbal correspondence (George, 2022).

Key informants, such as department heads and governing boards, who are well-versed in the

study problem, were interviewed. It gave the researcher time to look over some of the issues that

were missed by other instruments but are still considered important to the study. The interview

guide was used by the researcher to have a face to face professional interaction with the

respondents to obtain comprehensive explanations of their perception this study.

3.7 Data collection instruments

The researcher adopted a mixed method for data collection whereby self-administered

questionnaires, key informative interview guide was utilized for the process of collecting data as

discussed below.

3.7.1 Questionnaire guide

As per Muhammad and Kabir (2018), a questionnaire is a technique for overview information

assortment wherein data is assembled through oral or composed surveys. The questionnaires was

self-regulated to regulatory and support staff to get the required data for the review. According to

Budianto (2020), the questionnaires were used because they are less expensive, quicker, and

offer confidentiality (Budianto, 2020). The specialist will plan the questionnaires in agreement to

the review goals and factors utilized in the applied system. For this situation close ended

29
questions was regulated to the respondents with help of examination associates. This was used to

find out what they think about the phenomena under study (Mutepf, 2019).

3.7.2 Interview guide

Interviews guide is an alternative tool of data collection whereby researchers collect data through

direct verbal interaction while recording respondent’s answers using interview guide to

supplement other data collection methods (Budianto, 2020). Interviews was conducted with the

key informants such as heads of department and governing board who are well informed about

the study problem. This method was considered since it enabled the researcher to obtain in depth

qualitative information on the study phenomenon. This furthered enrich this study by providing

more relevant information which might not have been obtained through the questionnaires

method as well as allowing further probing (Wang, 2018).

3.8 Data quality control

The researcher pre-tested the instruments used to collect data to ensure that they meet the study's

acceptable standards for reliability and validity.

3.8.1 Instrument Validity

Validity basically means “measure what is intended to be measured” (Chetwynd, 2022). In this

study, validity was measured empirically. Conceptual empirical confirmation of validity, also

called pragmatic validity shall be done to compare information obtained on study themes using

evidenced facts and outcomes found in reality from the primary data that is gathered. Primary

data sources were triangulated as indicated by combining respondent’s categories heads of

department and governing board to improve content validity. However, since social variables

have no obvious facts or outcomes, the primary data gathered was subjected to further

conceptual or constructs confirmation of validity. Conceptual confirmation of validity is

30
conferred from the conceptual evidence the extent to which the variables relationship is

consistent with the deductions in the theoretical review of literature (document review)

(Middleton, 2023). Quantitatively, to establish validity the researcher will conduct the content

validity index (CVI) test to check the validity of the questionnaire contents. The CVI was

computed using the following formula.

CVI = No. of items rated relevant

Total no. of items

Table 3.2: Results of content validity for research tools

Dimensions No of Items Relevant CVI

Financial audit 06 1
06

Compliance audit 1
06 06

Operational audit 1
06 06

Financial risk management 1

06 06

Average % (CVI) 100

Source: Primary Data (2023)

Table 3.2 presents an overall CVI average of 100 and each variable represented by; 1

respectively. Each variable had a CVI that is above 0.7, imply that the tool was valid since it was

appropriately answering / measuring the objectives and conceptualization of the study.

According to Mugenda & Mugenda (2003), the tool can be considered valid when it’s CVI value

is 0.7 and above which is the case for all the four variables provided above.

For qualitative data, the researcher considered the following,

Perceiving examining predispositions and proceeding with basic reflection on strategies to

guarantee adequate profundity and importance of information assortment and investigation;

taking into consideration any personal biases that might have affected the results.

31
A clear decision trail, consistent and transparent data interpretations, and meticulous record

keeping are all required.

Validation of the participants: exhibiting clearness in perspectives during information

examination and ensuing translations remembers requesting that members give criticism to the

interview record and deciding if the subsequent subjects and ideas satisfactorily mirror the

peculiarities being considered.

3.8.2 Instrument reliability

Chetwynd, (2022) refers to the likelihood of obtaining the same results repeatedly when a

measure is repeated in the same conditions. Data triangulation is a technique for bringing

together different points of view and approaches to create a more complete set of results.

Reliability ensures that measurements are error-free and produce the same results when they are

repeated in the same conditions. The instruments were pre-tested by a select group of staff

members prior to their actual use in the study to guarantee their reliability (Yusoff, 2019). While

members fill out the surveys, the researcher actually supervised them and was available for

consultations and clarifications. The researcher double-checked the questionnaires to ensure that

each question was answered correctly. The pre-test improved the questionnaires' credibility,

dependability, and trustworthiness. SPSS, a computer program that has a Cronbach's alpha

coefficient of 0.70 and measures internal consistency above 0.70, was used to code the test's

results (Amirrudin et al., 2021).

he reliability of instruments was established using Cronbach Alpha Coefficient which tests

internal reliability and the average reliability test result for research was 0.84 which is

recommended as given below in 3.3

Table 3.3: Reliability test results of research instruments.

32
 Study variables Cronbach’s Alpha
Financial audit 1
Compliance audit 0.986
Operational audit 1
Financial risk management 1

Average Cronbach Alpha coefficient for variables 99.9

Source: Primary Data (2023)

Through the use of SPSS, the researcher undertook to judge and determine the co- efficient of

reliability of the research instrument. A reliability of 0.99 was considered relevant since a pretest

study was carried out by the researcher on 20 respondents and found 0.827 of 32 items.

For qualitative research, the following methods were utilized to establish reliability tests.

 Refutational examination was explored and figuring out irregularities between individual

assessments.

 Use of thorough data.

 Consistent testing and assessment of data,

 As well as the use of exhaustive of peculiarity cases. These techniques upheld the

exploration's information obtaining, approval, and show processes, as well as the

dependability guarantee with regards to frame and setting.

3.9 Procedure of data collection

The researcher obtained an introduction letter from the Uganda Management Institute (UMI) and

presents it to the authorities at GOAL Uganda following the successful defence of the proposal

in order to obtain permission to carry out the research. The researcher tested the interview guide

and questionnaire on two respondents and a sample of ten respondents, respectively. The

33
researcher made changes to the interview guide and questionnaire based on the feedback from

these respondents. Training on ethical considerations was provided to recruits for research

assistant positions at this point. Appointments were made for the researcher to meet the

respondents and collect the data at the organization (GOAL Uganda). The researcher, assisted by

research assistants, personally delivered the questionnaires to respondents after obtaining

permission from GOAL Uganda authorities. From that point forward, the specialist held face-to-

face meetings with the main respondents, which incorporated a back-and-forth discussion. After

that, the instruments for the examination were collected, and the data was recorded, coded,

deciphered, and dissected.

3.10 Data analysis

The process of bringing request, design, and significance to the mass of data is called

information investigation. The research used both qualitative and quantitative methods of data

analysis prior to the analysis of the data that is discussed in this section.

3.10.1 Quantitative analysis

According to Borgstede and Scholz (2021) Quantitative data analysis is a form of research that

relies on the methods of natural sciences, which produces numerical data and hard facts. This

technique helped in establishing cause and effect relationship between two variables by using

mathematical, computational and statistical methods. Quantitative data analysis involved use of

both descriptive and inferential statistics by using Statistical Package for Social Scientists (SPSS)

for analysis.

Descriptive statistics describes the characteristics of a data set. It is a simple technique to

describe, show and summarize data in a meaningful way. Descriptive statistics entailed

determination of measures of central tendency such as mean, standard deviation; frequency

34
distributions; and percentages. Data was processed by editing, coding, entering, and then

presented in comprehensive tables showing the responses of each category of variables.

Inferential statistics focused on making predictions about a large group of data based on a

representative sample of the population. Inferential statistics helped to draw conclusions and

make predictions based on a data set. Correlation analysis was used to show the relationship

between a set of independent variables and a dependent variable (Marsh et al, 2020).

3.10.2 Qualitative data analysis

Borgstede and Scholz (2021) defined qualitative data analysis as one which provides insights and

understanding of the problem setting. Qualitative data analysis involved both thematic and

content analysis and was based on how the findings related to the research questions.

Content analysis is a research method used to identify patterns in recorded communication (Luo,

2022). To conduct content analysis, the researcher systematically collected data from a set of

texts, which can be written, oral, or visual (Books, newspapers and magazines, Speeches and

interviews). The researcher use content analysis to find out about the purposes, messages, and

effects of communication content. Content analysis was used to quantify the occurrence of

certain words, phrases, subjects or concepts in a set of historical or contemporary texts (Marsh et

al, 2020).

Thematic analysis is a method of analyzing qualitative data. The researcher closely examines the

data to identify common themes, topics, ideas and patterns of meaning that come up repeatedly

(Caulfield, 2022). There are various approaches to conducting thematic analysis, but the most

common form follows a six-step process: familiarization, coding, generating themes, reviewing

themes, defining and naming themes, and writing up. Following this process helped the

researcher to avoid confirmation bias when formulating your analysis.

35
3.11 Measurement of variables

According to IvyPanda (2020), measurement variable is an unknown attribute that measures a

particular entity and can take one or more values. It is commonly used for scientific research

purposes. Measurement variables are categorized into nominal, ordinal. A nominal variable is a

type of variable that is used to name, label or categorize particular attributes that are being

measured. A nominal variable is one of the 2 types of categorical variables and is the simplest

among all the measurement variables. Some examples of nominal variables include gender,

Name, phone, among others (Bhandari, 2022). The five point Likert type scale (1- strongly

disagree, 2-disagree, 3-not sure, 4- agree and 5-Strongly agree) was used to measure the

independent variable and the dependent variable. The nominal and ordinal measurement levels

were utilized to compute study variables with undisputable order. The Likert scale was used in

data collection to measure sentiments and respondents’ perception as per the formulated

variables. Ordinal and Nominal types of measurements was used to measure variables on the

scale of 1-5, represented by strongly disagree, disagree, not sure, agree and strongly agree.

3.12 Ethical consideration

Cammaerts (2020) defines ethics as acceptable behavior used interchangeably in research. The

researcher will know about the meaning of morals in this review, which focused on genuineness,

respectability, and attribution.

36
Confidentiality and privacy: It refers to the obligation of an individual or organization to

safeguard entrusted information. The research participant’s privacy was assured by the

researcher, who kept all the information safely locked up during the research process.

Informed Consent: The research sought informed consent before conducting the data collection

process. The requirements of informed consent for research are that the respondents or subject

must be competent to understand and decide, receives a full disclosure, comprehends the

disclosure, acts voluntarily, and consents to the proposed action which this study adhered to.

Plagiarism: is presenting someone else's work or ideas as your own, with or without their consent

by incorporating it into your work without full acknowledgement. All published and unpublished

material, whether in manuscript, printed or electronic form, were covered in definitions. This

was minimized by paraphrasing, citing, quoting, citing quotes, citing own material, and

referencing.

Voluntary participation: The research participants were informed that their participation in the

study was not to be rewarded in anyway; it was entirely on voluntary basis. All the research

participants were informed of their rights to refuse to be interviewed, or to withdraw at any point

for any reason, without any prejudice or explanation.

CHAPTER FOUR

DATA PRESENTATION, ANALYSIS AND INTERPRETATION

4.1 Introduction

37
This chapter presents the findings, analysis and interpretations to the findings. The findings are

presented according to the objectives of the study. The study investigated the relationship

between internal audit and financial risk management at GOAL Uganda. The study was

specifically premised on the following research objectives; to examine the relationship between

financial audit and financial risk management at GOAL Uganda, to establish the relationship

between compliance audit and financial risk management at GOAL Uganda and to determine the

relationship between operational audit and financial risk management at GOAL Uganda.

4.2 Response rate

Presentation of tabulated data according respondent’s response rate

Table 4.4: Response Rate

Category Planned number Actual Response Response Rate (%)

Questionnaires 56 54 96
Interview guide 11 08 72
Total 67 61 91
Source: Primary Data (2023)

From table 4.4 above, out of the 56 questionnaires administered, 54 were returned correctly filled

representing 96%. Out of 11 targeted key informants, 08 were able to be interviewed implying a

response rate of 72%. The overall response rates were considered good enough since it was over

and above the 50% as recommended by (Amin, 2005).

4.3 Findings on Background Characteristics

This section presents findings on demographic characteristics of the respondents as presented

below.

38
4.3.1 Gender characteristics of the Respondents

The gender characteristics of respondents investigated for this study findings are presented in

Table 4.5 below;

Table 4.5: Gender of respondents

Category Frequency Percentages

Male 28 52

Female 26 48

Total 54 100

Source: Primary Data (2023)

Table 4.5 shows that majority of the respondents were male 28(52%) and female were 26(48%).

The implication of this finding was that no matter the disparity in percentage of males and

females who took part in the study, at least views from both males and females were captured

which is too vital in making a critical analysis on the relationship between internal audit and

financial risk management at GOAL Uganda. This made the study findings fairly representative

and therefore enabled generalization of results.

4.3.2: Age of the respondents

The study looked at age distribution of the respondents by using a frequency distribution. The

results obtained are presented in Figure 4.2 below;

39
 Age bracket

Frequency Percentage
35
30
28

19
16 15

7
4

19-29 years 30-39 years 40-49 years 50 years and

above

Source: Primary Data (2023)

Figure 4.2: Age of the Respondents

From the above Figure 4.2, the majority of respondents who took part in the study were between

40-49 years making a total percentage of 19(35%), 16(30%) were between the age of 19-29

years, those between 30-39 years were 15(28%), and those that were above 50 years were

04(07%). This implies that the data provided was reliable since it was generated from different

respondents with different age brackets.

4.3.3: Education level of respondents

The respondents were also asked to indicate their education levels and findings were as

illustrated in the Figure 4.3 below;

40
 Education level
Masters
13%
Diploma
30%

Degree
57%

Source: Primary Data (2023)

Figure 4.3: Highest Level of Education the Respondents

Findings in Figure 4.3 above indicates that majority of the respondents were degree 31(57%),

diploma holders were 16(30%), masters level 07(13%). These results indicate that the

respondents had good qualifications and the right skills and knowledge to deliver services as

required. Besides, the respondents were able to read, interpret and understand the questions in

the questionnaire and gave relevant responses.

4.3.4: Time spent in the organization

The respondents were also asked to indicate their time spent on the job (in years) in the

organization which is illustrated in the Figure 4.4 below.

41
 Years of services

Percentage Frequency

10 years and 9
above 5

15
7-9 years 8

50
4-6 years 27

26
1-3years 14

Source: Primary Data (2023)

Figure 4.4: Time spent in the organization.

Results from Figure 4.4 above indicate that the majority of the respondents 27(50%) had worked

between 4-6 years, 14(26%) had worked between 1-3years and 08(15%) had between 7-9 years

whereas 05(09%) had worked between 10 years and above years. This meant that majority of the

respondents had a working experience in the organization, thereby having enough knowledge to

provide relevant information on the relationship between internal audit and financial risk

management at GOAL Uganda.

4.4 Empirical Findings according to the study objectives

This section presents the empirical findings of the study according to the objectives. The

empirical findings are analyzed using descriptive statistics, qualitative analysis and testing

hypotheses for the respective findings. For all descriptive findings in this section, item

statements were administered to respondents to establish the extent to which they agreed with

42
them. The responses were measured on a five-point Likert scale ranging from (1 = Strongly

Disagree, 2 = Disagree, 3 = Not sure, 4 = Agree and 5= Strongly Agree). Descriptive data was

analyzed using frequency, mean and standard deviation statistics. It was then collaborated with

qualitative data using narrative and thematic analysis before testing hypotheses.

4.4.1 Financial Risk Management

The items on financial risk management were structured based on the objectives of the study.

Items were measured on a five-point Likert scale where code 1 = Strongly Disagree, 2 =

Disagree, 3 = Not sure, 4 = Agree and 5 = Strongly Agree. The data is presented and analyzed

basing on 05 items which are statistically tabulated and presented in the table below with the

frequencies and percentages according to the responses collected.

Table 4.6: Descriptive statistics financial risk management

Items SD D N A SA Mean Std. D

GOAL Uganda ensures inherent risk 20% 44% 00% 13% 22% 2.84 1.24
management. (11) (24) 00) (07) (12)
GOAL Uganda ensures control risk 15% 30% 00% 44% 11% 3.45 .854
management. (08) (16) (00) (24) (06)
GOAL Uganda ensures detection 17% 35% 06% 13% 30% 2.63 1.17
risk management. (09) (19) (03) (07) (16)
Internal auditors ensure inherent risk 09% 04% 04% 74% 09% 3.80 1.65
is managed from top. (05) (02) (02) (40) (05)
Internal auditors ensure to control 19% 15% 00% 13% 54% 3.49 1.20
financial risks before occurrence. (10) (08) (00) (07) (29)
Auditors ensure financial risks are 09% 48% 00% 15% 28% 3.44 1.21
detected to design corrective (05) (26) (00) (08) (15)
measures
Source: Primary Data (2023)

As to whether GOAL Uganda ensures inherent risk management, 30% of the respondents

strongly disagreed with the statement, 44% of the respondents disagreed with the statement, 07%

being not sure while 04% agreed with the statement and 15% strongly agreed. The findings

therefore show that responses of the respondents were not similar as the standard deviation was

43
1.24. The mean was 2.24 showing that majority of the respondents were not satisfied with the

statement.

With the statement GOAL Uganda ensures control risk management, 15% of the respondents

strongly disagreed with the statement, 30% of the respondents disagreed with the statement, 00%

of the respondents were not sure, 44% of the respondents agreed with the statement and 11% of

the respondents strongly agreed with the statement. The mean was 3.45 indicated respondents

who were fairly satisfied with the statement and the standard deviation of 0.84 indicated those

with deviating responses. This implies that level of control is appropriate it helps to ensure that

necessary actions are taken to address risks to the achievement of the GOAL Uganda objectives.

On the statement GOAL Uganda ensures detection risk management, 17% of the respondents

strongly disagreed with the statement, 35% of the respondents disagreed with the statement and

06% were not sure. A minority of the respondents comprising of 13% agreed with the statement

and 30% strongly agreed with the statement. The mean of 2.63 indicated the respondents who

were unsatisfied with the statement and standard deviation of 1.17 indicated those with deviating

responses from the statement. This implies that identifying risk is the best way to manage

operational risk in an organization. The findings are supported by the key informants who

revealed that:

Management of GOAL Uganda and other relevant personnel identify key risks in
operations through workshops and interviews, brainstorming, use of
questionnaires, and process mapping which involve identifying and mapping the
core operations, processes/value chains (KII/002/20th/07/2023)

As to whether internal auditors ensure inherent risk is managed from top, 09% of the respondents

strongly agreed with the statement, 74% of the respondents agreed with the statement and 04%

44
of the respondents were not sure. A smaller percentage of 04% respondents disagreed with the

statement while 09% strongly disagreed. The mean of 3.80 indicated those who were unsatisfied

with the statement and the standard deviation of 1.65 indicated those with deviating responses

from the statement. The study found out that effective risk identification at GOAL Uganda

considers both internal factors such as the complexity of the GOAL Uganda structure, the nature

of the GOAL Uganda activities, the quality of personnel organizational changes and employee

turnover and external factors such as changes in the industry and technological advances and

how these could adversely affect the achievement of the liquidity objectives of the GOAL

Uganda

For the statement internal auditors ensure to control financial risks before occurrence, 19% of the

respondents strongly disagreed with the statement and 54% of the respondents disagreed to with

the statement, 00% of the respondents were not sure. Whereas 13% of the respondents agreed

and 15% of the respondents strongly agreed with the statement. The mean was 2.49 of the

respondents were unsatisfied with statement and the standard deviation was 1.20 showing that

respondents had differing opinions about the statement.

As to whether Auditors ensure financial risks are detected, 09% of the respondents strongly

disagreed with the statement, 48% of the respondents disagreed with the statement. Minority of

the respondents, 00% were not sure, 15% of the respondents agreed with the statement whereas

28% of the respondents strongly agreed with the statement. The mean of 3.44 indicated those

who were fairly satisfied with the statement and the standard deviation of 1.21 indicated those

with deviating response from the statement. The findings are supported by the key informant

revealed that:

Risk identification is paramount for the subsequent development of viable

operational risk monitoring and control. It was further revealed that, risk
45
 identification helps the GOAL Uganda to meet its financial obligations as they
come due, without disrupting the normal, ongoing operations of the business
(KII/001/20th/07/2023)

4.4.2 Financial audit and financial risk management

The items on financial audit were structured based on the objectives of the study. Items were

measured on a five-point Likert scale where code 1 = Strongly Disagree, 2 = Disagree, 3 = Not

sure, 4 = Agree and 5 = Strongly Agree. The data is presented and analyzed basing on 05 items

which are statistically tabulated and presented in the table below with the frequencies and

percentages according to the responses collected.

Table 4.7: Descriptive statistics on financial audit and financial risk management

Items SD D N A SA Mean Std.D

Internal auditors easily access all records 52% 09% 20% 07% 09% 2.24 1.24
at GOAL Uganda. (28) (05) (11) (04) (05)
Internal auditors perform internal audits 11% 09% 15% 39% 26% 3.63 1.17
dependably at GOAL Uganda (06) (05) (08) (21) (14)
Internal auditors perform their services 52% 19% 11% 22% 15% 2.15 .854
accurately at GOAL Uganda. (28) (10) (06) (12) (08)
Auditors receive the required support 26% 21 00% 07% 46% 3.80 1.65
from stakeholders to perform their duties (14) (11) (00) (04) (25)
at GOAL Uganda
Internal auditors professionally 52% 09% 20% 07% 09% 2.24 1.24
coordinate with and engage staff at (28) (05) (11) (04) (05)
GOAL Uganda
Internal auditors are adequately 67% 15% 06% 13% 07% 1.79 1.20
remunerated to perform their job at (35) (08) (03) (07) (04)
GOAL Uganda.
Source: Primary Data, (2023)

As to whether internal auditors easily access all records at GOAL Uganda, 52% strongly

disagreed, 09% disagreed, 20% were not sure 07% agreed and 09% strongly agreed. The mean =

2.24 indicated that majority of the respondents were not satisfied with the statement and the

standard deviation was 1.24 indicating that those respondents had deviating responses.

46
Relatedly, respondents had this to say on whether internal auditors perform internal audits

dependably at GOAL Uganda, 11% strongly disagreed, 09% disagreed, 15% not sure, 39%

agreed with the statement and 26% strongly agreed. The mean = 3.63 indicated the respondents

who were satisfied with the statement. The standard deviation was 1.17 indicating those who had

deviating responses. This implies that when changes in the risks are recognized and identified,

then appropriate strategies can be designed to mitigate the effect which would otherwise cause a

financial loss to the GOAL Uganda arising from non-performing loans. The findings are

supported by the key informant who revealed that:

Internal audit helps nonprofit organizations or other institutions to accomplish its

objectives by bringing a systematic, disciplined approach to evaluate and improve

the effectiveness of risk management, control, and governance processes. The

internal audit activity evaluates risk exposures relating to the organization's

governance, operations and information systems (KII/004/21th/07/2023)

With respect to whether internal auditors perform their services accurately at GOAL Uganda,

52% strongly disagreed with the statement, 19% disagreed, 11% not sure, 22% agreed with

statement, and 15% strongly agreed. The mean = 2.15 which indicates that majority of the

respondents were not satisfied. The standard deviation of 0.854 indicated those with deviating

responses from the statement. Therefore, the study found that system approval and authorizations

helps for controlling all financial transactions and organization activities, whereby through

proper authorization practices serve as proactive approach for preventing invalid financial

transactions

As to whether Auditors receive the required support from stakeholders to perform their duties at

GOAL Uganda, 26% strongly disagreed, 21% disagreed, 00% not sure, 07% agreed and 46%

47
strongly agreed. The mean of 3.80 meant that respondents were satisfied with the statement. The

standard deviation was 1.65 explaining deviating responses. Therefore, due to the response

provided by the respondents implies study assessment influence the financial risk management

by providing high returns on equity, liquidity assets, profitability, and financial efficiency of

GOAL Uganda.

Risks assessment contributes to financial risk management of GOAL

Uganda, the main reasons for risk assessment help to avoid financial

frauds, controlling and monitoring all daily financial or cash transactions,

controlling of buying and selling of shares and daily GOAL Uganda

reconciliations which helps to avoid financial losses in the organization.

(KII/006/22th/07/2023).

With respect to whether internal auditors professionally coordinate with and engage staff at

GOAL Uganda, 52% strongly disagreed, 09% disagreed, 20% were not sure, 07% agreed, 09%

strongly agreed. The mean of 2.24 indicated the respondents who were unsatisfied with the

statement. The standard deviation of 1.24 indicated those with deviating respondents from the

statement.

As to whether internal auditors are adequately remunerated to perform their job at GOAL

Uganda, 67% strongly disagreed, 15% disagreed, 06% not sure, 13% agreed and 07% strongly

agreed. The mean of 1.79 meant that respondents were satisfied with the statement. The standard

deviation was 1.20 explaining deviating responses.

Table 4.8: Correlation Matrix for Financial audit and financial risk management

Financial audit Financial risk

management
Financial audit Pearson Correlation 1 .588**
Sig. (2-tailed) .000

48
 N 54 54

Financial risk Pearson Correlation .588** 1

management
Sig. (2-tailed) .000
N 54 54
**. Correlation is significant at the 0.01 level (2-tailed). Source: Primary Data (2023)

Pearson correlation results as presented in table 4.8 depicts a strong positive relationship between

financial audit and financial risk management at GOAL Uganda (r = .588). The study results

further indicated a significant statistical relationship between the study variables given that p-

value (p=.000<0.05). Therefore, the alternative hypothesis has stated in chapter one is held.

H1: There is a significant relationship between financial audit and financial risk

management at GOAL Uganda.

4.4.3 Compliance audit and financial risk management

The (06) items on compliance audit were structured based on the objectives of the study. Items

were measured on a five-point Likert scale where code 1 = strongly Disagree, 2 = Disagree, 3 =

Not sure, 4 = Agree and 5 = strongly Agree. The items are statistically tabulated and presented in

table 4.9 below with the frequencies and percentages according to the responses collected.

49
Table 4.9: Descriptive statistics on compliance audit and financial risk management

Items SD D N A SA Mean Std. D

There are policies and regulations that 04% 09% 00% 13% 74% 4.26 5.64
guide financial management at GOAL (02) (05) (00) (07) (40)
Uganda.
Poor understanding of policies and 22% 11% 07% 37% 22% 3.44 1.43
procedures by the staff affect financial (12) (6) (04) (20) (12)
risk management at GOAL Uganda.
Frequent change of regulations by 15% 13% 06% 56% 11% 3.89 1.24
management affects financial risk (08) (07) (03) (30) (06)
management at GOAL Uganda.
Management engages program teams 17% 09% 13% 35% 26% 3.89 0.47
during the formulation of funding (09) (005) (07) (19) (14)
policies and regulations which affect
financial risk management at GOAL
Uganda.
Internal auditors review and monitor 15% 43% 07% 13% 22% 3.17 1.32
compliance supporting documents during (08) (23) (04) (07) (12)
the entire project lifetime.
Reporting timelines are adhered to by 09% 48% 00% 15% 28% 3.44 1.21
GOAL Uganda. (05) (26) (00) (08) (15)
Source: Primary Data, (2023)

With respect to whether there are policies and regulations that guide financial management at

GOAL Uganda, 04% strongly disagreed, 09% disagreed, 00% not sure, 13% of the respondents

agreed with the statement and 74% strongly agreed. The mean = 4.26 indicated the respondents

who were satisfied with the statement standard deviation of 1.43 indicated those respondents

who deviated from the response. The findings ensure the reliability and integrity of financial

information; help to ensure the organization in compliance with local and international financial

laws promoting efficient and effective financial operations and accomplishment financial goals

and objectives.

Responses to the question as to whether poor understanding of policies and procedures by the

staff affect financial risk management at GOAL Uganda, 22% strongly disagreed, 11%

disagreed, 07% were not sure, 37% of the respondents agreed with the statement and 22%

50
strongly agreed respectively. The mean of 3.44 indicated the respondents who were fairly

satisfied with the statement. The standard deviation was 1.43 showing those who deviated from

the responses from the statement.

As to whether frequent change of regulations by management affects financial risk management

at GOAL Uganda, 15% strongly disagreed with the statement, 13% disagreed, 06% were not

sure, 56% agreed, 11% strongly agreed. The mean of 3.89 indicated that the majority of the

respondents agreed with the statement and the standard deviation of 1.24 indicated those who

had deviating responses from the statement. The findings are supported by the key informants

who revealed that:

Management of GOAL Uganda and other relevant personnel identify key

risks in operations through workshops and interviews, brainstorming, use

of questionnaires, and process mapping which involve identifying and

mapping the core operations, processes/value chains (KII/004/21rd

/07/2023).

Responses to the question as to whether management engage program teams during the

formulation of funding policies and regulations which affect financial risk management at GOAL

Uganda, 17% strongly disagreed, 09% disagreed, 13% not sure, 35% agreed and 26% strongly

agreed. The mean = 3.89 indicated that the majority of the respondents who were satisfied with

the statement and the standard of 0.47 indicated those with deviating responses from the

statement.

With respect to whether internal auditors review and monitor compliance supporting documents

during the entire project lifetime, 15% strongly disagreed, 43% disagreed with the statement,

07% were not sure, 13% agreed and 22% strongly agreed with the statement. The mean of 3.17

51
indicated that the respondents who were unsatisfied with the statement and the standard

deviation of 1.32 indicated those with deviating from the statement.

As to whether reporting timelines are adhered to by GOAL Uganda, 09% strongly disagreed,

48% disagreed, 00% were not sure, 15% agreed and 28% strongly agreed. The mean of 3.44

indicated the respondents who were unsatisfied with the statement.

Table 4.10: Correlation matrix for compliance audit and financial risk management

Compliance audit Financial risk

management
Compliance audit Pearson Correlation 1 .477**
Sig. (2-tailed) .000
N 54 54

Financial risk Pearson Correlation .477** 1

management Sig. (2-tailed) .00
N 54 54
**. Correlation is significant at the 0.01 level (2-tailed)

Pearson correlation results as presented in table 4.10 depicts a strong positive relationship

between compliance audit and financial risk management at GOAL Uganda (r = .477). The study

results further indicated a significant statistical relationship between the study variables given

that p-value (p=.000<0.05). Therefore, the alternative hypothesis stated in chapter one is held.

H2: There is a significant relationship between compliance audit and financial risk management

at GOAL Uganda.

4.4.4 Operational audit and financial risk management

The items on operational audit were structured basing on the objective of the study. Items were

measured on a five-point Likert scale where code 1 = Strongly Disagree, 2 = Disagree, 3 = Not

52
sure, 4 = Agree and 5 = Strongly Agree. (06) Items statistically tabulated and presented in the

table below consist of frequencies and percentages according to the responses collected.

Table 4.11: Descriptive statistic on operational audit and financial risk management

Items SD D N A SA Mean Std. D

Equipment and facilities are 48% 33% 00% 11% 07% 1.48 1.76
properly controlled for information (26) (18) (00) (06) (04)
processing at GOAL Uganda.
Risk assessment and management 13% 06% 09% 31% 41% 3.58 1.42
is an integral part of routine (07) (03) (05) (17) (22)
management reporting in GOAL
Uganda.
Communication process within 11% 07% 06% 44% 31% 3.70 2.03
GOAL Uganda adequately supports (06) (04) (03) (24) (17)
effective management of risks.
Information processing and sharing 07% 06% 00% 39% 46% 3.52 1.23
controls at GOAL Uganda support (04) (03) (00) (21) (25)
financial risk management.
Physical control of facilities and 39% 31% 19% 08% 11% 2.14 1.45
equipment are efficient. (21) (17) (10) (00) (06)
Physical controls have improved 07% 15% 00% 55 % 22% 3.69 1.24
organizational performance at (04) (08) (00) (30) (12)
GOAL Uganda.
Source: Primary Data, (2023)

With respect to whether equipment and facilities are properly controlled for information

processing at GOAL Uganda, 48% strongly disagreed, 33% disagreed, 00% not sure, 11%

agreed and 07% strongly agreed. The mean of 1.48 indicated that majority of the respondents

who were unsatisfied with the statement. The standard deviation of 1.76 indicated the

respondents with deviating responses from the statement.

Responses to the statement as whether risk assessment and management is an integral part of

routine management reporting in GOAL Uganda, 13% of the respondents strongly disagreed,

06% disagreed, 09% were not sure, 31% agreed with the statement and 41% strongly agreed. The

mean of 3.58 indicated that the majority of the respondents who were satisfied with the statement

53
and the standard deviation of 1.42 indicated those with deviating response from the statement.

The findings above concur with the key informants who indicated that:

An operational risk management committee is established to heighten the

awareness and prioritize resources in relation to other risk related functions

which include compliance and human resources (KII/004/21rd /07/2023).

Responses to the statement as to whether communication process within GOAL Uganda

adequately supports effective management of risks, 31% strongly agreed with the statement, 44%

agreed, 06% were not sure, 07% disagreed and 11% strongly disagreed. The mean of 3.53

indicated that the majority of the respondents who were satisfied with the statement. The

standard deviation of 2.03 indicated those with deviating responses from the statement. This

implies that information processing and sharing for communicating responsibilities and

expectations is paramount to a good internal audit control system on the financial risk

management, whereby the employees understand the concept and importance of internal audit

controls system including the division of responsibility. Communication helps to evaluate how

well guidelines and policies of the organization are working and being implemented.

As to whether information processing and sharing controls at GOAL Uganda support financial

risk management., 07% strongly disagreed 06% disagreed with the statement, 00% not sure, 39%

agreed, 46% strongly agreed with the stamen. The mean = 3.52 indicated the respondents who

were satisfied with the statement. The standard deviation of 1.23 shows deviating responses

from the statement. The study revealed that risk assessment of the GOAL Uganda’s risk always

provides to management with red flags whenever the risk levels are beyond those permitted as

specified in the operational risk management guidelines and corrective measures are normally

54
undertaken to ensure that the risks are brought back in line with the guideline. And this depends

on the strength of the GOAL Uganda communication and reporting systems.

With respect to whether physical control of facilities and equipment are efficient, 39% strongly

agreed with the statement, 31% agreed, 18% not sure, 8% disagreed 11% strongly disagreed. The

mean of 3.70 the respondents who were satisfied with the statement and the standard deviation of

1.45 indicated those who with deviating responses from the statement. This implies that internal

audit control system such as availability physical controls, system of approvals and

authorizations, control environments, information processing and sharing, assessment of risks,

monitoring financial activities and system of verification on reconciliation, all aspects mentioned

influences the financial risk management at GOAL Uganda.

Responses to the statement as to whether physical controls have improved organizational

performance at GOAL Uganda, 7% strongly disagreed, 15% of the respondents disagreed with

the statement, 00% of the respondents were not sure, 55% agreed whereas 22% of the

respondents agreed with the statement. The mean of 3.69 indicated the respondents who were

satisfied with the statement and standard deviation of 1.24 indicated those with deviating

responses from the statement. This implies that physical controls, supervisory activities,

environmental monitoring, system of verification on financial reconciliation with GOAL Uganda

statements, assessment of risks by mitigating and controlling risks and segregation of duties

within the organization influence the financial risk management of the financial institution which

creates high financial development through financial efficiency. The findings are supported by

the key informants who revealed that:

GOAL Uganda used a combination of financial and non-financial measures, risk

indicators, escalation triggers and economic capital to determine current risk

55
 levels and progress towards goals, reporting information for management to

increase awareness and prioritize resources and this acts as a deter for

operational risks (KII/008/20th /07/2023).

Table 4.12: Correlation matrix for operational audit and financial risk management

Operational audit Financial risk

management

Operational Pearson Correlation 1 .622*

audit Sig. (2-tailed) .007
N 54 54
Financial risk Pearson Correlation .622* 1
management Sig. (2-tailed) .000
N 54 54
*. Correlation is significant at the 0.05 level (2-tailed). Source: Primary Data (2023)

Pearson correlation results as presented in table 4.10 depicts a strong positive relationship

between operational audit and financial risk management at GOAL Uganda (r = .622). The study

results further indicated a significant statistical relationship between the study variables given

that p-value (p=.000<0.05). Therefore, the alternative hypothesis has stated in chapter one is held

H3: There is a significant relationship between operational audit and financial

risk management at GOAL Uganda.

CHAPTER FIVE

SUMMMARY, DISCUSION, CONCLUSIONS AND RECOMMENDATIONS

5.1 Introduction

The study investigated the relationship between internal audit and financial risk management at

56
GOAL Uganda. The study was specifically premised on the following research objectives; to

examine the relationship between financial audit and financial risk management at GOAL

Uganda, to establish the relationship between compliance audit and financial risk management at

GOAL Uganda and to determine the relationship between operational audit and financial risk

management at GOAL Uganda. This chapter presents a summary, discussion of findings,

conclusions and recommendations made by the study in line with the research objectives.

5.2 Summary of key findings

5.2.1 Financial audit and financial risk management

Pearson correlation results as presented in table 4.8 depicts a strong positive relationship between

financial audit and financial risk management at GOAL Uganda (r = .588). The study results

further indicated a significant statistical relationship between the study variables given that p-

value (p=.000<0.05). Therefore, the alternative hypothesis stated in chapter one is held. The

effectiveness of the internal control systems of the organizations was rated moderate by half of

the respondents. All of the respondents concurred that internal audit affected financial risk

management.

5.2.2 Compliance audit and financial risk management

Pearson correlation results as presented in table 4.10 depicts a strong positive relationship

between compliance audit and financial risk management at GOAL Uganda (r = .477). The study

results further indicated a significant statistical relationship between the study variables given

that p-value (p=.000<0.05). Therefore, the alternative hypothesis stated in chapter one is held.

Data was collected from finance officers in the organizations, analyzed and key findings were

that compliance with rules and regulations influences financial risk management of donor funded

organizations. Results showed compliance with rules and regulations would lead to an increase

57
in financial risk management of organizations.

5.2.3 Operational audit and financial risk management

Pearson correlation results as presented in table 4.10 depicts a strong positive relationship

between operational audit and financial risk management at GOAL Uganda (r = .622). The study

results further indicated a significant statistical relationship between the study variables given

that p-value (p=.000<0.05). Therefore, the alternative hypothesis stated in chapter one is held. In

general, operational audit had a significant effect on financial risk management of organizations.

5.3 Discussion of the study

This section discusses the findings of the study according to the research objectives as indicated

below;

5.3.1 Financial audit and financial risk management

Pearson correlation results as presented in table 4.8 depicts a strong positive relationship between

financial audit and financial risk management at GOAL Uganda (r = .588). The study findings

concur with El Gharboui and Chraibi (2021) who revealed that changes in financial review,

proficient skill, inner control, and freedom of inside review added to a more noteworthy variety

in business associations' financial risk management. This demonstrates that changes in

commercial organizations' financial risk management be attributed to shifts in professional

competency, internal control, financial audit, and internal audit independence. Financial audit,

independence, professional competency, and internal control were also found to be strongly

correlated with commercial organizations' financial risk management.

The study findings contradict Anwer (2021) who showed that the Internal Audit Unit lacks

independence when it comes to audit functions like reporting and work program. This study

identified a number of other issues that review units faced, including a lack of financial and

58
material support, executive support for reviewing proposals, fundamental skill deficiencies, and

inadequate financial review knowledge and experience. However, from the literature review

much have put forward as criticism by the researcher where the researcher found that much have

been said about internal audit functions and risk management, but nothing talked about how

internal audit functions can be effective so that to enhance risk management in effective way in

public sector. The researcher delineates internal audit functions leads to better detection of risks

in public sector if well planned, implemented, managed so that to make organization more

effective and efficient, that is to say often, internal audit functions well implemented is very

crucial for the success of public sector to management of its resources, however the issue of

implantation is not effective in public sector as some employees take internal audit functions as

an issue of internal audit department only without taking in mind that it is the complementarily

of all department that made an organization that make internal audit more effective hence better

achievements.

Further still, the study findings are inconsistent with Egiyi and Okafor (2022) who looked at the

independence of internal audits and financial risk management in small and medium-sized

businesses. The financial audit lacked the freedom to effectively comment on the organizations'

financial statements, as the researcher could clearly see that some Mombasa County construction

companies did. A couple of records in specific affiliations were not gotten to by the evaluators to

engage them play out their work thoroughly. ElHaddad and Alfadhli (2020) revealed that in

some businesses, auditors were treated like members of management, making it difficult for

them to form an independent opinion regarding the financial statements. In some cases, the

management of the businesses did not know that the auditors had the right credentials. The

59
inspectors played their pieces of ensuring that the organization of the associations delivered their

commitments through giving them the normal advice.

5.3.2 The extent to which Compliance audit and financial risk management

Pearson correlation results as presented in table 4.10 depicts a strong positive relationship

between compliance audit and financial risk management at GOAL Uganda (r = .477). the study

coincides with Bouteina (2021), who asserts that the consistent survey strategy requires

improvement across key periods of the interaction including arranging, hands on work,

revealing, quality confirmation and documentation. Access to specialized investigative services

that provide capacity and directly relevant expertise for the conduct of compliance

investigations would also be advantageous to the function. The current method focuses on

checking every piece of information provided by donor-funded organizations in their annual

disclosure returns for accuracy in detail.

The study findings contradict Enekwe, Nwoha, and Udeh (2020) who indicated that testing a

smaller sample of transactions in this manner and allocating the additional time to the risk of

understatement could improve efficiency and ensure that the presented information does not

conceal items that should be disclosed in the annual return. There is insufficient evidence or

appropriate documentation to support whether these procedures are being carried out

appropriately and inconsistent testing of completeness is being done. Another criticism put

forward by the researcher is that internal audit functions in public sector does not have full

independence where internal auditor can give unbiased opinion concerning the fraudulent cases

found or identified, with this lack of full independence leads to the internal audit functions in

public sector being not effective in revealed all cases regarding poor management of public

resources hence better risk management.

60
The findings are consistent with Okolocha (2020) who revealed that in compliance, the audit

team looks for violations of the law and company policies or procedures by sampling portions of

the human resource information system. The team can determine whether the company's policies

and legal regulations are being followed through their facts-finding efforts. Past activities are

inspected to decide whether these conform to regulation and company strategy. The primary goal

of the compliance audit approach is to provide principles and direction to businesses that are

developing, implementing, or enhancing a conformity program. The consistency review covers

lawful prerequisite, industry and hierarchical norms and codes, the standards of good

administration, implicit set of rules and moral principles. The establishment of a compliance

audit is the primary focus, as it will strengthen additional principles of commitment to

implementation, control and measurement for continuous improvement, and effective control

obligation to address the critical points of compliance risk.

5.3.3 Operational audit and financial risk management

Pearson correlation results as presented in table 4.10 depicts a strong positive relationship

between operational audit and financial risk management at GOAL Uganda (r = .622). The

findings are in agreement with Bajra and Čadež (2018) who revealed that performance auditing

is described as engagements that provide assurance or conclusions based on an evaluation of

sufficient, appropriate evidence against stated criteria, like specific requirements, measures or

defined business practices. It was further posited that control systems play a more vital role in

private organizations due to their dynamic and complex environments, which generates more

risks for the firm. Thanh (2022) opined that operational audit ought to be both important and

effective in private than in public organizations. Importantly, it is averred that five standards for

internal auditing include interdependence, professional proficiency, the scope of work, and

61
performance of the audit and management of the internal audit department. It is asserted that

auditors must comply with minimum continuing education requirements and professional

standards published by their relevant professional organizations and the Institute of internal

audit.

The study findings are in agreement with Carcello et al (2018) who revealed that risk assessment

of material misstatement at the financial statement level and also at the planning stage, clarifies

the direction on performing a combined assessment of inherent and control risk, thus leaving the

ability for the auditors to assess other risk factors in an audit. In their examination of the effects

of the role of the board of directors in assisting in the formulation of corporate strategies on the

auditors’ planning judgments, they established that auditors respond to the role of the board

when making judgments with respect to control risk assessments.

The findings are consistent with Girangwa et al (2020) who revealed that financial risk the board

intends to limit the risks associated with a specific project to a level that is satisfactory to the

organization. Financial risk management is the right thing to do because it helps a company find

events and problems that could stop it from achieving its goals. There is no one-size-fits-all

configuration for risk monitoring. This is due to the variety of risks and the possibility that they

originate from multiple sources. Regardless, to quickly recognize and proactively manage

various risks, affiliations should cultivate coordinated, advancing cycles.

5.4 Conclusion

5.4.1 Financial audit and financial risk management

The study made conclusion that the internal audit quality practices influence the financial risk

62
management at GOAL Uganda. The study agreed with internal audit control system such as

availability physical controls, system of approvals and authorizations, control environments,

information processing and sharing, assessment of risks, monitoring financial activities and

system of verification on reconciliation, all aspects mentioned influences the financial risk

management at GOAL Uganda.

5.4.2 Compliance audit and financial risk management

The study sought to establish the influence of compliance audits on financial risk management of

organizations. Compliance to rules and regulations had a significant effect on the financial risk

management of donor funded organizations. The effect of knowledge levels of the donor rules

and regulations on compliance was rated low and had no significant effect on compliance.

However, other significant factors affecting compliance to donor regulations were cited as poor

leadership in funded organizations, frequent regulations change by management, poor

understanding of rules by funded organizations and stringent rules.

5.4.3 Operational audit and financial risk management

The study concluded that the internal control infrastructure enhances effective financial controls

that ensure funds are expended as budgeted and all loopholes are sealed. Importantly, the internal

audit functions are strengthened to have day-to-day controls of financial transactions.

Capacity development influenced financial risk management of donor funded organizations.

Allocation for capacity development was low in the funded organizations, a factor inhibiting

skills development in financial management and affecting financial risk management. Capacity

building programmes thus lowly contributed to ensure effectiveness and efficiency in financial

management, and skills development of staff.

5.5 Recommendation
5.5.1 Financial audit and financial risk management

63
Internal audit department of GOAL Uganda should keep internal audit control system, whereby

those internal audit control system through physical control and information processing creates

strong supervision, experience, technology improvement and skills to the internal auditors.

There is a need for the internal auditors to update their qualities through internal auditor’s skills

and internal auditor’s competence. By applying internal auditor skills and competence to the

most critical points, building personal and professional credibility, and recognizing and

responding to the needs, internal auditors can become a very essential auditor within the

organization by speeding good governance, discipline, commitment and enhancing efficiency of

internal audit within the organization.

5.5.2 Compliance audit and financial risk management

Upon analysis and conclusion, the study recommends that there is need for management to

formulate dialogue forums with funded organizations where rules and regulations to be set or

already set can be evaluated in order to enhance compliance levels.

The funded organizations should strengthen their policies and financial manuals to ensure that

they envisage donor regulations, and this information should be effectively disseminated to the

project officials and/or staff. The donor funded organizations should also ensure that appropriate

mechanisms are established and used to follow up management actions in response to audit

recommendations.

5.5.3 Operational audit and financial risk management

The management of the funded organizations in collaboration with donor staff should evaluate

the internal control infrastructure to enhance effective financial controls that ensure funds are

expended as budgeted and all loopholes are sealed. Importantly, the internal audit function

should be strengthened to have day to day controls of financial transactions.

64
To enhance internal audit, the chief accounting officers should adopt the Quality Assurance and

Improvement Plan (QAIP) that is now globally accepted as an audit standard. It will conform to

the definition of internal auditing, codes of ethics and the standards.

5.6 Areas for further study

The study investigated the relationship between internal audit and financial risk management at

GOAL Uganda. The study was specifically premised on the following research objectives; to

examine the relationship between financial audit and financial risk management at GOAL

Uganda, to establish the relationship between compliance audit and financial risk management at

GOAL Uganda and to determine the relationship between operational audit and financial risk

management at GOAL Uganda. Therefore, the following areas have been recommended for

further review and study:

Internal financial controls and financial risk management of GOAL Uganda

Credit risk management and profitability of commercial Banks in Uganda

Liquidity risk management and financial risk management in non-profit making organizations in

Uganda.

“The influence of Internal Audit Practices on Financial Management of the Public Sector: a case

of District Local Governments.”

REFERENCES

Abba, H. I., & Sadah A. A. (2020). Audit quality and firm value of listed deposit money in

Nigeria. International Journal of Economics and Financial Issues, 1(4), 269-282.

65
Agumas, A. M. (2015). Internal audit function and its challenges in public sector governance:

Empirical evidence from Amhara National Regional State, Ethiopia. AshEse Journal of

Economics. Vol 1(1). pp 001-012. March. http://www.ashese.co.uk/economics/blog.

Ahmeti, S. (2022). Effect of Internal Audit Quality on the Financial risk management of

Insurance Companies: Evidence from Kosovo. International Journal of Applied

Economics, Finance and Accounting, 63-68.

Amirrudin, M., Nasution, K., & Supahar, S. (2021). Effect of variability on Cronbach alpha

reliability in research practice. Journal Matematika, Statistika dan Komputasi, 17(2),

223-230.

Amirrudin, M., Nasution, K., & Supahar, S. (2021). Effect of variability on Cronbach alpha

reliability in research practice. Journal Matematika, Statistika dan Komputasi, 17(2), 223-

230.

Anghelache, C., Popescu, A. M., Anghel, M. G. (2018). Portfolio of Loans, Guarantees and

Provisions, International Journal of Academic Research in Accounting, Finance and

Management Sciences 8 (2): 126-131.

Anwer, H. (2021). The Role of Internal Audit on Financial risk management under IIA

Standards: A Survey Study of Selected Iraqi Goal Uganda s. QALAAI ZANIST

SCIENTIFIC JOURNAL, [online] 6(2). doi:10.25212/lfu.qzj.6.2.38.

Applegate, D. & Wills, T. (1999). Struggling to incorporate the COSO recommendations into

your audit process? [Online] Available: http://www.coso.org/audit_shop.htm.

Babatope, T.I. and Adewunmi, A.V. (2019). Evaluation of Internal Audit Operations and the

Efficiency of Educational Performance in Nigerian Universities (A Case Study of Ekiti

66
 State University, Nigeria). Business and Management Studies, [online] 5(4), p.49.

doi:10.11114/bms.v5i4.4535.

Bajra, U., & Čadež, S. (2018). Audit committees and financial reporting quality: the 8th EU

Company Law Directive perspective. Economic Systems, 42(1), 151-163.

Bhandari, P. (2022). Levels of Measurement | Nominal, Ordinal, Interval and Ratio. Scribbr.

Retrieved March 28, 2023, from https://www.scribbr.com/statistics/levels-of-

measurement/

Bhandari, P. (2022). Levels of Measurement | Nominal, Ordinal, Interval and Ratio. Scribbr.

Retrieved March 28, 2023, from https://www.scribbr.com/statistics/levels-of-

measurement/

Bhandari, P. (2022). What Is Face Validity? | Guide, Definition & Examples. Scribbr. Retrieved

March 27, 2023, from https://www.scribbr.com/methodology/face-validity/

Bhandari, P. (2022). What Is Face Validity? | Guide, Definition & Examples. Scribbr. Retrieved

March 27, 2023, from https://www.scribbr.com/methodology/face-validity/

Bhandari, P. (2023). Data Collection | Definition, Methods & Examples. Scribbr. Retrieved June

27, 2023, from https://www.scribbr.com/methodology/data-collection/

Blunden, Tony; Thirlwell, John (2021) Advanced Financial risk management: Tools and

Techniques for Integrated Credit Risk and Interest Rate Financial risk management. John

Wiley. ISBN 978-0-470-82126-8.

Borgstede M and Scholz M (2021) Quantitative and Qualitative Approaches to Generalization

and Replication–A Representationalist View. Front. Psychol. 12:605191. doi:

10.3389/fpsyg.2021.605191

67
Borgstede M and Scholz M (2021) Quantitative and Qualitative Approaches to Generalization

and Replication–A Representationalist View. Front. Psychol. 12:605191. doi:

10.3389/fpsyg.2021.605191

Bouteina, E. G. (2021). International Audit Quality and Financial risk management: A systematic

Literature Review Pointing to New Research Opportunities. International Journal of

Management Sciences.

Breger, D., Edmonds, M. and Ortegren, M. (2019). Internal audit standard compliance,

potentially competing duties, and external auditors’ reliance decision. Journal of

Corporate Accounting & Finance, [online] 31(1), pp.112–124. doi:10.1002/jcaf.22434

Bromiley, P., McShane, M., Nair, A., & Rustambekov, E. (2015). Enterprise financial risk

management: Review, critique, and research directions. Long range planning, 48(4),

265–276 15.

Budianto, A. (2020). Legal Research Methodology Reposition in Research on Social Science.

International Journal of Criminology and Sociology, 9, 1339-1346.

Carcello, J. V., Eulerich, M., Masli, A., & Wood, D. A. (2018). The value to management of

using the internal audit functions as a management training ground. Accounting Horizons,

32(2), 121-140.

Catherine, N. (2020) Credit Financial risk management and Financial risk management: A Case

of Goal Uganda of Africa (U) Limited. Open Journal of Business and Management, 8,

30-38. doi: 10.4236/ojbm.2020.81002.

Caulfield, J. (2022). How to Do Thematic Analysis | Step-by-Step Guide & Examples. Scribbr.

Retrieved March 28, 2023, from https://www.scribbr.com/methodology/thematic-

analysis/

68
Chetwynd, E. (2022). Critical analysis of reliability and validity in literature reviews. Journal of

Human Lactation, 38(3), 392-396

Committee of Sponsoring Organizations of the Treadway Commission (COSO). (1994). Internal

control integrated framework. [Online]

Conti, Cesare & Mauri, Arnaldo (2020). "Corporate Financial risk management: Governance and

Disclosure post IFRS 7", Icfai Journal of Financial risk management, ISSN 0972-916X,

Vol. V, n. 2, pp. 20–27.

Crockford, G.N. (1982). The Bibliography and History of Financial risk management: Some

Preliminary Observations, The Geneva Papers on Risk and Insurance 7, 169-179.

Dionne G. (2013). Structured Finance, Financial risk management, and the Recent Financial

Crisis, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1488767.

Dionne, G. (2010). The Foundations of Risk Regulation for GOAL Uganda: A Review of the

Literature, in The Evolving Financial System and Public Policy, Proceedings of a

conference held by the Goal Uganda of Canada, 177-215.

Egiyi, M. A. & Okafor, V. I. (2022). The Impact of Internal Audit Efficiency on Financial risk

management. European Review in Accounting and Finance, 6(1), 13-22.

El Gharboui B. And Chraibi A. (2021) “Internal Audit Quality and Financial risk management: A

systematic Literature Review Pointing to New Research Opportunities” Revue

International des Sciences de Gestion, Vol 4, Issue 2,

Endri, E., Susanti, D., Hutabarat, L., Simanjuntak, T. P., & Handayani, S. (2020). Financial risk

management evaluation: Empirical evidence of pharmaceutical companies in Indonesia.

Systematic Reviews in Pharmacy, 11(6). https://doi.org/10.31838/srp.2020.6.117.

69
Enekwe, C., Nwoha, C., and Udeh, S. N. (2020) “Effect of Audit Quality on Financial risk

management of Listed Manufacturing Firms in Nigeria (2006-2016)”, Advance Journal

of Management, Accounting and Finance, vol. 5, Issue 1, pp. 1-12.

Favour-Orluogwo, Chimzi & Apiafi, Helen Bosede (2023), Audit Report Characteristics and

Financial risk management of Listed International Standard Commercial in PortHarcourt.

International Journal of Accounting and Financial Management, 1(1), 20-36.

Fitri A, Chomsatu Y, & Dewi R, R (2020). The Effect of Financial risk management and Audit

Opinion on Audit Report Lag in Companies 2014-2017, Journal of Accounting Research

and Computerized Accounting, I (2), 191-211

George, T. (2022). Types of Interviews in Research | Guide & Examples. Scribbr. Retrieved

April 23, 2023, from https://www.scribbr.com/methodology/interviews-research/

Girangwa, K. G., Rono, L., & Mose, J. (2020). The Influence of Enterprise Financial risk

management Practices on Organizational Performance: Evidence from Kenyan State

Corporations. Journal of Accounting Business and Finance Research, 8(1), 11–20 24.

Horvey, S. S., Alale, G. A., & Karikari, A. B. (2019). Enterprise financial risk management

practices among listed firms on the Ghana equity market. The International Journal of

Humanities and social studies, 7(8), 1–15 28.

Hull, John (2023). Financial risk management: A Practitioner's Guide to Managing Market and

Credit Risk (2 ed.). John Wiley. ISBN 978-1118175453.

International Organization for Economic Cooperation and Development, (OCED). (2019).

Internal Oversight and Financial risk management for Public Integrity in the MENA

Region.

IvyPanda. (2020). Variables and Measurements in Research. 

70
Jackson Sishumba, Loti Saidi, Milupi Nyambe (2022). A Study into the Effects of Internal Audit

on the Financial risk management of Commercial Goal Uganda s in Zambia (A case of

Standard Chartered). International Journal of Current Science Research and Review,

5(11), 4156-417

Jiang, L., Messier, W. F., & Wood, D. A. (2019). The association between internal audit

consulting services and firm performance. Auditing: A Journal of Practice & Theory, in-

press. Retrieved from: https://aaajournals.org/doi/10.2308/ajpt-52565.

Kerazan, F. H. (2016). The relationship between of the internal audit functions in financial risk

management. Journal of Management Research, 8(3), 178–202 35.

Kivistö, J., & Zalyevska, I. (2015). Agency theory as a framework for higher education

governance. In J. Huisman, H. de Boer, D. D. Dill, & M. Souto-Otero (Eds.), The

palgrave international handbook of higher education policy and governance (pp. 132–

151). London: Palgrave Macmillan. https://doi.org/10.1007/978-1-137-45617-5_8

Larasati, D. A., Ratri, M. C., Nasih, M., & Harymawan, I. (2019). Independent audit committee,

financial risk management committee, and audit fees. Cogent Business & Management,

6(1), 9–21 38.

Lia, Y., Hills, T. & Hertwig, R., (2020). A brief history of risk. International Journal of

Cognitive Science, Issue 203

Luo, A. (2022). Content Analysis | Guide, Methods & Examples. Scribbr. Retrieved March 28,

2023, from https://www.scribbr.com/methodology/content-analysis/

Marsh et al. (2020). Statistical, practical, clinical: How many types of significance should be

considered in counseling research? Journal of Counseling & Development, 80(4):64-71.

71
McCombes, S. (2023). What Is a Research Design | Types, Guide & Examples. Scribbr.

Retrieved June 27, 2023, from https://www.scribbr.com/methodology/research-design/

Middleton, F. (2023). Reliability vs. Validity in Research | Difference, Types and

Examples. Scribbr. Retrieved March 28, 2023, from

https://www.scribbr.com/methodology/reliability-vs-validity/

Mooney, D., Coxon, C., Richards, K. G., Gill, L., Mellander, P. E., & Danaher, M. (2019).

Development and optimisation of a multiresidue method for the determination of 40

anthelmintic compounds in environmental water samples by solid phase extraction (SPE)

with LC-MS/MS detection. Molecules, 24(10), 1978.

Murphy, B. (2020). The impact of reward systems on financial risk management (Doctoral

dissertation, Dublin Business School). Retrieved November 23, 2018, from

https://esource.dbs.ie/handle/10788/2487

Mutepfa, M. M., & Tapera, R. (2019). Traditional survey and questionnaire platforms. Handbook

of Research Methods in Health Social Sciences, 541-558.

Nikolopoulou, K. (2022, December 01). What Is Purposive Sampling? | Definition &

Examples. Scribbr. Retrieved July 8, 2023, from

https://www.scribbr.com/methodology/purposive-sampling/

Okolocha, C. (2020). Effect of Internal Audit Function on Financial risk management of

Commercial Goal Uganda s in Nigeria. International Journal of Advanced Academic

Research (Social and Management Science).

Onyeanu, E. O., Ugwoke, R. O., Ugwoke, O. V., and Ajayi, T. A. (2022). Financial risk

tolerance and financial risk attitudes of commercial Goal Uganda customers and the role

72
 of REBT-based business coaching: implications for accounting research. J. Ration.

Emot. Cogn. Behav. Ther. [Epub ahead of print]. doi: 10.1007/s10942-022-00447-1

Peursem. (2020). Internal Auditor’s Role and Authority: New Zealand Evidence. Managerial

Auditing, 378-393.

Rahman, H.U. and Ali, A. (2022). Revisiting the role of audit and compensation ‘committees’

characteristics in the financial risk management of the non-financial sector through the

lens of the difference generalized method of moments. Cogent Business & Management,

[online] 9(1). doi:10.1080/23311975.2022.2085365.

Stanley Myint (2022) The AMA Handbook of Financial risk management. American

Management Association. ISBN 978-0814417447

Stratton, S. J. (2021). Population research: convenience sampling strategies. Prehospital and

disaster Medicine, 36(4), 373-374.

Thabit H. Thabit, Solaimanzadah, Alan and Al-abood, Muath T. (2017). “The Effectiveness of

COSO Framework to Evaluate Internal Control System: The Case of Kurdistan

Companies.” Cihan International Journal of Social Science, vol. 1, No. 1, pp. 44-54.

Thanh, D. (2022). Factors Affecting Internal Audit Effectiveness: Empirical Evidence from

Vietnam. International Journal of Financial Studies

The Institute of Internal Auditors (2021). What is Internal Audit? Retrieved March 19, 2022,

from The Institute of Internal Auditors website: https://www.theiia.org/en/about-us/about-

internal-audit/

Thomas, L. (2023). An introduction to simple random sampling. Scribbr.

https://www.scribbr.com/methodology/simple-random-sampling/#:~:text=Simple

%20random%20sampling%20is%20a,possible%20of%20this%20random%20subset

73
Uddin, M. S., Alam, M. F.-E.-, Kader, S. A., Imran, M. A., & Beg, T. H. (2022). Financial risk

management evaluation through ratio analysis: a study on rural power company ltd.

International Journal of Business and Management Future, 8(1), 9-18. https://doi.org/

Vergotine, H., & Thomas, A. (2016). Enterprise financial risk management at South African

state-owned companies. Journal of Contemporary Management, 13(1), 674–701 59.

Yusoff, M. S. B. (2019). ABC of Content Validation and Content Validity Index

Calculation. Education in Medicine Journal, 11(2), 49–54.

https://doi.org/10.21315/eimj2019.11.2.6

Zhilkina, Anna N. et al. (2022): Socially oriented approach to financial risk management as the

basis of support for the SDGS in entrepreneurship, Risks, ISSN 2227-9091, MDPI, Basel,

Vol. 10, Iss. 2, pp. 1-18, https://doi.org/10.3390/risks10020042

74
 APPENDICES
APPENDIX ONE: QUESTIONNAIRE FOR THE ADMINISTRATIVE AND SUPPORT

STAFF

Dear Respondent,

I am DENIS TABU 19/MBA/KLA/WKD/0033, a student at Uganda Management Institute

pursuing a Master’s Degree in Business Administration (MBA). As one of the requirements for

being awarded with this qualification, I am conducting a study on “Contribution of internal audit

functions on financial risk management at Goal Uganda”. You have been identified as one of the

resourceful people to participate in this study. You are requested to answer the questions as

honestly as possible to enable reliable conclusions and recommendations. All your responses

were used strictly for research purposes and treated with anonymity and utmost confidentiality.

SECTION A: DEMOGRAPHIC CHARACTERISTICS

Please tick the option that best describes you.

Indicate your Sex.

Male Female

1 2

In which age bracket do you fall?

19-29 years 30-39 years 40-49 years 50 and above years

Highest Education Level

Diploma Degree Masters Others

2 3 4

75
Years of Service

1-3years 4-6 years 7-9 years 10 years and above

1 2 3 4

SECTION B: INTERNAL AUDIT FUNCTIONS

You are required to answer the following statements using the keys presented to you.

Key: 5) Strongly Agree [SA], 4) Agree [A], 3) Not Sure [NS], 2) Disagree [D] and 1) Strongly
Disagree [SD].

S/N STATEMENTS SA A NS D SD

B FINANCIAL AUDIT

B1 Internal auditors easily access all records at GOAL Uganda.

B1 Internal auditors perform internal audits dependably at GOAL

Uganda.
B1 Internal auditors perform their services accurately at GOAL Uganda.

B1 Auditors receive the required support from stakeholders to perform

their duties at GOAL Uganda.
B1 Internal auditors are adequately remunerated to perform their job at
GOAL Uganda.
B1 Internal auditors professionally coordinate with and engage staff at
GOAL Uganda.

2 COMPLIANCE AUDIT

B2 There are policies and regulations (donor, government or internal)

that guide financial management at GOAL Uganda.
B2 Poor understanding of policies and procedures by the staff affect
financial risk management at GOAL Uganda
B2 Frequent change of regulations by management affects financial risk
management at GOAL Uganda.
B2 Management engages program teams during the formulation of
funding policies and regulations which affect financial risk
management at GOAL Uganda.
B2 Internal auditors review and monitor compliance supporting
documents during the entire project lifetime.
B2 Reporting timelines are adhered to by GOAL Uganda.

76
3 OPERATIONAL AUDIT

B3 Equipment and facilities are properly controlled for information

processing at GOAL Uganda.
B3 Risk assessment and management is an integral part of routine
management reporting in GOAL Uganda.
B3 Communication process within GOAL Uganda adequately supports
effective management of risks.
B3 Information processing and sharing controls at GOAL Uganda
support financial risk management.
B3 Physical control of facilities and equipment are efficient/effective.

B3 Physical controls have improved organizational performance at

GOAL Uganda.

4 FINANCIAL RISK MANAGEMENT

B4 GOAL Uganda ensures inherent risk management.

B4 GOAL Uganda ensures control risk management.

B4 GOAL Uganda ensures detection risk management.

B4 Internal auditors ensure inherent risk is managed from top.

B4 Internal auditors ensure to control financial risks before occurrence.

B4 Auditors ensure financial risks are detected to design corrective

measures.
B4 GOAL Uganda reviews audit reports to manage financial risks.

B4 GOAL Uganda ensures that audited financial risks are brought to

book.

Thanks for your time & cooperation!

77
APPENDIX TWO: INTERVIEW GUIDE FOR THE HEADS OF DEPARTMENTS AND

THE GOVERNING BOARD

Dear Sir/ Madam,

I am DENIS TABU 19/MBA/KLA/WKD/0033, a student at Uganda Management Institute

pursuing a Master’s Degree in Business Administration (MBA). As one of the requirements for

being awarded with this qualification, I am conducting a study on “Contribution of internal audit

on financial risk management at GOAL Uganda”. You have been identified as one of the

resourceful people to participate in this study. You are requested to answer the questions as

honestly as possible to enable reliable conclusions and recommendations. All your responses

were used strictly for research purposes and treated with anonymity and utmost confidentiality.

1. What is the effect of financial audit on financial risk management at GOAL Uganda?

2. What is the effect of compliance audit on financial risk management at GOAL Uganda?

3. What is the effect of operational audit on financial risk management at GOAL Uganda?

4. How does GOAL Uganda manage its operational risk?

5. How does GOAL Uganda analyze its compliance risk?

6. How has GOAL Uganda monitored financial risk?

Thanks for your time & cooperation!

78
 APPENDIX THREE: PLAGIARISM REPORT

TurnitinSimilarity Report ID:

PAPER NAME AUTHOR

Tabu report.docx Denis Tabu

WORD COUNT CHARACTER COUNT

19,965 Words 63736 Characters

PAGE COUNT FILE SIZE

90 Pages 85.8KB

SUBMISSION DATE REPORT DATE

July 31, 2023, 12:45 AM PDT July 31, 2023, 12:46 AM PDT

13% Overall Similarity

The combined total of all matches, including overlapping sources, for each database.

• 7% Internet database • 3% Publications database

• Crossref database • Crossref Posted Content database

• 11% Submitted Works database

79