International Journal of Global Business, 8 (1), 15-26, June 2015 15

Compliance and Corporate Governance: Theoretical analysis of the effectiveness of

compliance based on locus of functional responsibility

Joseph A Gerard PhD CPA, Curt M Weber JD

College of Business and Economics
University of Wisconsin - Whitewater, USA
gerardj@uww.edu, weberc@uww.edu

Abstract
In this manuscript, we perform a theoretical analysis of compliance reporting structures. The
study seeks to further our understanding of corporate governance by examining advantages and
disadvantages of positioning the compliance function at various locations within an
organizational structure. We consider factors that contribute or detract from the effectiveness of
the placement of the compliance function within an organizational framework. We utilize data
from eight compliance surveys that provide insights on the current state of compliance, trends for
compliance, and measures of effectiveness. Our purpose is to establish a strong theoretical basis
on which to build future empirical studies to assess the impact of existing reporting structures on
the current levels of ethical breaches, fines, and violations. We suggest implications for practice
as well as research.
Keywords: Compliance, Regulation, Corporate Governance, Internal Audit, Organizational
Culture
Introduction
Our study is a theoretical analysis of compliance reporting structures. We examine advantages
and disadvantages of positioning the compliance function at various locations within an
organizational structure. As part of a larger research stream seeking to enhance our
understanding of corporate governance, we ask the overarching question, where is the most
effective location for the compliance function in an organization?
We found significant amounts of data captured by a number of compliance surveys that speak to
the current state of compliance efforts. These surveys indicate the most frequently used reporting
structures and a percentage measure of firms that employ them. We obtained and evaluated
results from several annual surveys regarding the state of compliance to determine the current
trends, effectiveness of compliance programs, issues faced, metrics used, and the general
reporting structures used across a large sampling of organizations. We compared multiple years
of these surveys to confirm trends and current issues. Our analysis forms a theoretical base upon
which we can construct a compliance framework of effectiveness and efficiency.

International Journal of Global Business, 8 (1), 15-26, June 2015 16

The eight surveys we utilized for this study include the PWC State of compliance survey for 2013
(Bernstein, Kipp et al. 2013), PWC State of compliance survey for 2014 (Bernstein and Falcione
2014), Deloitte Compliance Trends Survey 2013 (Sandford, Rollauer et al. 2013), Deloitte
Compliance Trends Survey 2014 (Sandford, Rollauer et al. 2014), Building Value in Your SOX
Compliance Program (Protiviti 2013), Keeping Pace with SOX Compliance (Protiviti 2014),
National Business Ethics Survey (Ethics Resource Center 2013) and the Compliance and Ethics
Program Environmental Report (SCCE and NYSE Governance Services 2014).
We assembled key statistics from each survey source that we then used to augment our
understanding of the compliance function. We summarize these critical aspects for each source.
The Deloitte Compliance Trends Report of 2014 consists of 209 responses and identifies four
critical core responsibilities for compliance functions (Sandford, Rollauer et al. 2014). Eighty
percent of survey respondents recognize these critical aspects. The core responsibilities are:

Compliance with domestic regulation

Compliance training
Code of conduct (development and maintenance)
Complaints and whistleblower hotlines

The survey also suggests that while the majority of executives attempt to measure the
effectiveness of their compliance efforts, most of them do not believe that the resulting metrics
give a clear and accurate sense of results.
The prior year, the Deloitte Compliance Trends Report of 2013 consisted of 189 responses and
suggested that compliance function size is typically small with 52% of respondents having five
or fewer full time employees (Sandford, Rollauer et al. 2013). The survey goes on to say that due
to small size, the compliance function must actively promote its value added to the organization
in which it resides. The survey shows that reporting structures favor reporting to the Chief
Executive Officer (CEO) or the Board of Directors 51% of the time. Additionally 13% report to
the general counsel and 13% report to audit. Considering that core responsibilities include
conducting training and managing hotlines, it is interesting to note that 32% of respondents
outsource training, and 62% outsource their hotline functions. Program effectiveness is not
measured by 31% of respondents (Sandford, Rollauer et al. 2013).
Both of the Deloitte surveys put forth that executives seek forward looking measures to
determine program effectiveness (violations avoided), most of the actual measures employed are
backward facing measures (internal audit findings, hotline calls, training completion rates).
PricewaterhouseCoopers LLP conducted compliance surveys in both 2013 and 2014 as well. The
PWC State of compliance survey for 2013 (Bernstein, Kipp et al. 2013) received 800 responses
and showed an upward trend for compliance reporting to the CEO. The survey found that the
primary measure of effectiveness is a compliance audit, which is risk specific but not timely
since it is backward facing. The second key measure is hotline calls and surveys.
The following year in the PWC State of compliance survey for 2014 (Bernstein and Falcione
2014) which received 1056 responses, the results indicated that there is a growing perception that

International Journal of Global Business, 8 (1), 15-26, June 2015 17

the regulatory environment is becoming more complex. Compliance functions continue to face
limited resources both financial and personnel. The survey also identified industries that are
unregulated, and smaller companies in general, have fewer compliance officers. This report
proposes that compliance functions become more strategic and better align with Corporate Social
Responsibility (CSR) (Weber and Gerard 2014). Lastly, the survey calls for measuring impact
rather than activity. For example, measuring what compliance training accomplishes (or
prevents) rather than counting how many training sessions are conducted.
Findings from Protiviti's Sarbanes-Oxley Compliance Surveys for the last two years (Protiviti
2013; Protiviti 2014) suggest that SOX compliance is tending to focus on high-risk areas and
oversight responsibilities is moving to internal audit functions. Many organizations report
significant improvements in their internal control structures and the cost of SOX compliance
remains at a manageable level. Overall SOX compliance has had a profound effect on
organizations (Alexander, Bauguess et al. 2013; Andrade, Bernile et al. 2014), however, costs
are rising (Protiviti 2014).
The National Business Ethics Survey (Ethics Resource Center 2013) collected data from
approximately 1600 respondents. One of their most significant findings is that one out of three
people who observe misconduct choose not to report it. This may relate to another key finding
that 21% of whistleblowers experience some form of retaliation. This represents over six million
workers in private sector companies. In conclusion the Ethics Resource Center pronounced that
"trust and transparency make a difference" (2013 p.9).
The Compliance and Ethics Program Environment Report (SCCE and NYSE Governance
Services 2014) gathered information from 249 respondents and, in addition to demographics,
was used primarily to identify reporting structures most used in organizations.
Discussion / Findings
Establishing a compliance function at a specific organizational location creates a particular
perspective for the subsequent decisions, activities, and performance of that unit. We examine a
number of locations/perspectives to assess their respective advantages and disadvantages. Some
critical aspects of placement include visibility, power, centrality, transparency, and legitimacy
(Vafa 2005; Vanessa 2006; Zheng, Yang et al. 2010; Vergne 2011; Wijen 2014). Many ethical
issues face organizations that relate to and impact the compliance function (Linstead, Marchal
et al. 2014; Gerard and Weber 2014 ). A strong effective compliance function supports strong
corporate governance. Researchers find evidence of a positive relationship between the extent of
compliance measures combined with strong corporate governance practices and operating
performance measured by the return on assets (Bauwhede 2009).
We considered the following reporting structures/relationships in order to evaluate the
advantages and disadvantages of each. We look at the compliance function reporting to the:

Chief Executive Officer or Office of the President

Chief Operating Officer or Other Executive Level
Legal Department - General Counsel or Chief Legal Officer
Human Resources

International Journal of Global Business, 8 (1), 15-26, June 2015 18

Internal Audit
Board of Directors
A Board of Directors Sub-Committee

Chief Executive Officer / Office of the President

Approximately 38% of compliance functions report to CEOs, and 13% of CEOs have day-to-day
responsibility for compliance (SCCE and NYSE Governance Services 2014). Advantages of this
reporting structure are that it places a high profile individual at the center of the compliance
structure and raises visibility and stature in the organization. It provides a line of communication
regarding compliance issues from wherever the compliance officer is located directly to the top
of the organization. This placement suggests that the CEO is engaged in the risk assessment and
compliance activities and will therefore take a more active role than she/he might otherwise.
Also due to the high status profile of this position, such placement creates a legitimacy regarding
the compliance function. Legitimacy is viewed "as a social judgment of acceptance,
appropriateness, and/or desirability" (Zimmerman and Zeitz 2002 p 416).
Legitimacy relates to regulatory systems and provides evidence to external stakeholders that an
organization is meeting expectations and upholding its duty (Suchman 1995; Deephouse 1996;
Zimmerman and Zeitz 2002; Suddaby and Greenwood 2005). Ultimately stakeholder
perspectives become forms of social judgment (Bitektine 2011). Organizational stories that are
told regarding compliance and how they are planned and delivered can also create legitimacy
(Suddaby and Greenwood 2005). The CEO is in a highly visible position with many
opportunities to be able to deliver such messages across the organization as well as outside of it.
Disadvantages of this reporting structure are that the CEOs may filter or suppress information
regarding breaches of ethics or violations of which they become aware (Argyris 1982; Argyris
1989; Argyris and Schn 1996; Tetlock 2000; Beck and Plowman 2009). The CEO may not
value the compliance function or view it as a nuisance, which consumes valuable time and
resources but provides little to the organization. Viewing the function as an annoyance or worse,
as a 'necessary evil', can invoke avoidance behaviors in the executive thus paying little more than
lip-service to the prevention, detection, and correction of violations. Data reported at this level
tends to be more aggregated and filtered (Feltham and Hofmann 2012) than that available at
lower levels within the organization.
Chief Operating Officer or Other Executive Level
Advantages of this reporting structure are that, similar to the CEO, it places a high profile
individual at the center of the compliance structure and raises visibility. However, it may suggest
a more limited view of compliance, one that is somewhat removed from external corporate
strategy, and closer to the operations of the organization. Such a perspective has a more tactical
or technical bent. This should be an executive with the strongest business process orientation,
closest to the day-to-day activities of the organization with access to much needed data. Because
processed data is aggregated, summarized, and filtered (Feltham and Hofmann 2012) by the time
it reaches these levels, executives will need to have direct access to the sources of data in order
to clarify or elaborate on current information (Bushman, Chen et al. 2004; Beck and Plowman
2009).

International Journal of Global Business, 8 (1), 15-26, June 2015 19

Disadvantages of this reporting structure are that the organization's position on compliance and
ethics may appear to focus internally with reduced concern for external issues. While this should
not be the case, such an appearance could limit the structure's effectiveness. Positioning a
reporting structure below the CEO level may also reduce the status of the function making it
seem to have less significance to the organization. People might think that if compliance is
important enough, the organization would have selected the highest executive as the target for
the function rather than delegating it to a lower level (Simons 1991; Simons 1994).
Note: The Chief Compliance Officer in 48% of companies is not on the executive management
committee according to the Deloitte Compliance Trends Report (Sandford, Rollauer et al. 2014).
Legal Department - General Counsel or Chief Legal Officer
Approximately 21% of General Counsels have day-to-day responsibility for compliance, and
18% of compliance functions report to the General Counsel (SCCE and NYSE Governance
Services 2014). Advantages of this reporting structure are that it places the person with the
greatest legal acumen at the core of the process. Compliance with domestic regulation is one of
the core responsibilities and aligns well with this placement. When the organization's risk
tolerance is low and the primary concern is limiting losses from litigation and fines, assigning
compliance reporting to the General Counsel seems preferred.
Because other areas of the organization that could house the compliance function would likely
engage the legal department for opinions, especially when considering litigation, placement of
the compliance function in the legal department might actually streamline the information flow.
Risk assessment requiring an ability to interpret and evaluate regulations is a natural fit for a
legal department. The legal area also has existing ties to external counsel and regulatory
resources with which they must frequently interact simplifying organizational networking.
Disadvantages of this reporting structure include the fact that the legal department is a support
function in organizations other than law firms. Employees, except for executives and some key
managers most likely have limited exposure to the legal group. They may appear intimidating to
employees seeking to inform management of possible violations and thus actually discourage
whistle blowing. Additionally, issues arise with respect to attorney-client privilege: whom does
the General Counsel represent? Other ethical situations may also stress attorneys in the
organization (Rostain 2008).
The great advantage of the legal orientation is also a key disadvantage of this reporting structure.
The depth of legal understanding may limit the focus to avoiding violations, fines, and breaches
of ethics that could cost the firm financially, damage reputation, or bring greater scrutiny from
regulators. Trained to see risk through a litigation lens, attorneys might produce suboptimal
results with a forced compliance point of view rather than one of incentivizing desired behaviors
or moving closer to Corporate Social Responsibility (Weber and Gerard 2014).
Some researchers have found distinctions between the effectiveness of legal and ethical
compliance mechanisms, stating that legal mechanisms have proven inadequate (Arjoon 2005).
Additional changes in the interpretation of corporate governance away from a legal and financial

International Journal of Global Business, 8 (1), 15-26, June 2015 20

perspective toward one that includes networks, culture, and the use of power in organizations
(Davis 2005) can impact how organizations view compliance.
Human Resources
The number of compliance functions that report to Human Resources is extremely limited and
was reported at 1% (SCCE and NYSE Governance Services 2014). Advantages of this reporting
structure are that it places the human element at center of ethical and compliance issues. Because
of the human orientation of an HR function, behavior moves to the forefront. Additionally, HR
departments typically house organizational training mechanisms. Since one of the four core
responsibilities is compliance training, this placement aligns reporting responsibility directly
with this key component. A second core responsibility is the establishment and monitoring of
hotlines. Employees tend to think of HR as the natural target for reporting violations by
employees and other behavioral or ethical breaches making it a visible and logical center for
compliance. Data that will ultimately lead to dismissal of an employee, which flows through HR,
are more easily captured and collected in the precise location that requires such information to
build a case file.
A third core responsibility is communicating and maintaining a code of conduct (Long and
Driscoll 2008). Generally, HR orients new employees to the organization. Delivering a code of
conduct, including getting signature acceptance is easily managed during this process.
Disadvantages of this reporting structure are that HR is a staff (support) function in organizations
and therefore it is a lower profile. Structurally HR holds a less powerful stature in most
organizations and this placement suggests that responsibility has been delegated and is not
considered strategically important to executive management (Simons 1991; Simons 1994).
Additionally, the traditional HR function fails to take an operational perspective and may not
have the full appreciation of a compliance issue. As a staff function, detailed data may be more
difficult to obtain.
Internal Audit
Approximately 2% of compliance functions report to Internal Audit (SCCE and NYSE
Governance Services 2014). Advantages of this reporting structure are that it the internal audit
function is central to the organization. It possesses a data collection capacity including access to
data that many do not possess. The function is independent and typically has a reporting
relationship to the board of directors that is at least dotted-line if not direct. Ideally, it is a direct
reporting relationship. The audit orientation provides objectivity and independence inherently.
The audit perspective is a broad based business view that moves easily from strategic to
operational levels within the organization. Networks of key contacts already exist. Dealing with
sensitive information is accepted part of auditing. Auditor training gives them skills to obtain
facts, analyze situations, and objectively report their findings to the appropriate levels of
management. A strong audit function commands a level of respected that provides a degree of
legitimacy to the compliance function.

International Journal of Global Business, 8 (1), 15-26, June 2015 21

Disadvantages of this reporting structure are that having responsibility for an operational activity
limits independence and objectivity, violating audit guidelines (Interligi 2010; Soh and
Martinov-Bennie 2011; Weber and Gerard 2014).
Board of Directors
Approximately 19% of compliance functions report to the Board of Directors (SCCE and NYSE
Governance Services 2014). Advantages of this reporting structure are that it places the highest
possible status group at the center of compliance. Employees will immediately sense the
importance of the compliance efforts. The Board of Directors (BOD) has the ultimate
responsibility to monitor management and support their efforts to control and govern the
organization (Bushman and Smith 2001; Bushman, Chen et al. 2004; Goh 2009; Holm and
Schler 2010). Additionally, because external directors maintain ties with the external
environment, additional resources and points of view can be brought to bear on any given
situation. Because the BOD is responsible to assess management effectiveness, they provide a
critical aspect of the governance process and offer needed transparency for compliance efforts.
Hsiang-Tsai and Li-Jen stated that "continuing education of directors is the key factor that
enhances transparency" (2010 p19).
The BOD has the power to sanction management and force reporting, compliance, and direct
attention to whatever level, office, outside agency, or individual they see fit. The BOD can
dismiss the CEO for cause if the situation calls for such a powerful response. Because of the
broad viewpoint possessed by the BOD, all parts of an organization can fall under its scrutiny.
Disadvantages of this reporting structure are that information may be filtered by management
and the BOD will need additional resources at their disposal to be able to gather information
when required. They may be removed from day-to-day activity of the operational levels at which
compliance takes place to develop a necessary understanding of key situations. If the BOD does
not take its responsibility for compliance as a critical part of the governance process, the
compliance function may take a lower priority than it should.
Sub-Committee of the Board of Directors
According to the PWC State of compliance survey for 2013, about 17% of compliance functions
report to the Audit Committee of the Board of Directors (Bernstein, Kipp et al. 2013). Reporting
directly to the Board of Directors may be unwieldy, particularly if the Board is of significant
size. A solution may be to have a committee of the Board of Directors oversee the compliance
function (Goh 2009). Advantages to this approach are an identified, or identifiable, group, with a
clear mission to establish an ethical tone at the top of the organization (Tetlock 2000). The
committee has external membership which brings expertise from outside the organization
(Cohen, Hoitash et al. 2014) and should strengthen the governance process. Other advantages
and disadvantages will mirror those considered with respect to the Board of Directors as a whole
performing this function. Audit committee members who possess industry expertise can improve
the committee effectiveness even though regulators show a preference for financial
expertise.(Cohen, Hoitash et al. 2014).

International Journal of Global Business, 8 (1), 15-26, June 2015 22

Conclusion
Compliance can reside in any number of functional locations within an organization. Each
organizational reporting structure has advantages and disadvantages associated with it. Based on
survey results the structures we examine in this manuscript are the most prevalent in
organizations today yet give no indication of effectiveness by location.
We offer this theoretical analysis as a framework for further research to examine compliance
functions empirically and verify strengths, weaknesses, and effectiveness of these structures. We
propose that studies might gather evidence to support one compliance placement over another
based on the number of violations, hotline calls, and sanctions that occur given a specific
configuration.
We acknowledge that a number of additional considerations such as industry, firm size,
organizational structure, organizational culture, management's tone at the top, and management's
tolerance for risk may all play roles in making the appropriate location selection for a
compliance function within a firm.
There are also implications for management. Questions regarding how to address changes to the
compliance function arise. For example, should management directly address changes, should
they defer to the Board of Directors, or should there be a shareholders vote? If an organization
transitions from one compliance structure to another, how will they transfer authority? Should
management anticipate resistance and how should they address it? If the organization is part of a
regulated industry the significance of a compliance function can be quite different.
With additional research to aid in the understanding of compliance effectiveness, management
should be better able to assess design possibilities and, given their particular set of
circumstances, arrive at a configuration that is a better fit.

References
Alexander, C. R., S. W. Bauguess, et al. (2013). "Economic effects of SOX Section 404
compliance: A corporate insider perspective." Journal of Accounting & Economics 56(23): 267-290.
Andrade, S. C., G. Bernile, et al. (2014). "SOX, corporate transparency, and the cost of debt."
Journal of Banking & Finance 38: 145-165.
Argyris, C. (1982). "The Executive Mind and Double-Loop Learning." Organizational Dynamics
11(2): 5-22.
Argyris, C. (1989). "Strategy Implementation: An Experience in Learning." Organizational
Dynamics 18(2): 5.
Argyris, C. and D. A. Schn (1996). Organizational Learning II: Theory, Method, and Practice.
Reading, MA, Addison-Wesley Publishing Company.

International Journal of Global Business, 8 (1), 15-26, June 2015 23

Arjoon, S. (2005). "Corporate Governance: An Ethical Perspective." Journal of Business Ethics
61(4): 343-352.
Bauwhede, H. V. (2009). "On the relation between corporate governance compliance and
operating performance." Accounting and Business Research 39(5): 497-513.
Beck, T. E. and D. A. Plowman (2009). "Experiencing Rare and Unusual Events Richly: The
Role of Middle Managers in Animating and Guiding Organizational Interpretation."
Organization Science 20(5): 909-924.
Bernstein, S. and A. Falcione. (2014). "In focus: 2014 PwC State of Compliance Survey."
Retrieved September 15, 2014, from http://www.pwc.com/us/stateofcompliance
Bernstein, S., B. Kipp, et al. (2013). "Deeper insight for greater strategic value: State of
Compliance 2013 Survey." Retrieved September 15, 2014, from
http://www.corporateaccountability2014.com/Paris/CourseMaterial/Panel_2/Panel%202.
9.pdf.
Bitektine, A. (2011). "Toward a theory of social judgments of organizations: The case of
legitimacy, reputation, and status." Academy of Management Review 36(1): 151-179.
Bushman, R., Q. Chen, et al. (2004). "Financial accounting information, organizational
complexity and corporate governance systems." Journal of Accounting and Economics
37(2): 167-201.
Bushman, R. M. and A. J. Smith (2001). "Financial accounting information and corporate
governance." Journal of Accounting and Economics 32(13): 237-333.
Cohen, J. R., U. Hoitash, et al. (2014). "The Effect of Audit Committee Industry Expertise on
Monitoring the Financial Reporting Process." Accounting Review 89(1): 243-273.
Davis, G. F. (2005). "New directions in corporate governance." Annual Review of Sociology
31(1): 143-162.
Deephouse, D. L. (1996). "Does isomorphism legitimate?" Academy of Management Journal
39(4): 1024-1039.
Ethics Resource Center. (2013). "National Business Ethics Survey." Retrieved September 15,
2014, 2014, from http://www.ethics.org/nbes.
Feltham, G. and C. Hofmann (2012). "Information suppression in multi-agent contracting."
Review of Accounting Studies 17(2): 254-278.

International Journal of Global Business, 8 (1), 15-26, June 2015 24

Gerard, J. A. and C. M. Weber (2014 ). "How Agency Theory Informs a $30 Million Fraud."
Journal of Finance, Accounting and Management 5(1): 16-47.
Goh, B. W. (2009). "Audit Committees, Boards of Directors, and Remediation of Material
Weaknesses in Internal Control." Contemporary Accounting Research 26(2): 549-579.
Holm, C. and F. Schler (2010). "Reduction of Asymmetric Information Through Corporate
Governance Mechanisms The Importance of Ownership Dispersion and Exposure
toward the International Capital Market." Corporate Governance: An International
Review 18(1): 32-47.
Hsiang-Tsai, C. and H. Li-Jen (2010). "Board Supervision Capability and Information
Transparency." Corporate Governance: An International Review 18(1): 18-31.
Interligi, L. (2010). "Compliance culture: A conceptual framework." Journal of Management and
Organization 16(2): 235-249.
Linstead, S., G. Marchal, et al. (2014). "Theorizing and Researching the Dark Side of
Organization." Organization Studies 35(2): 165-188.
Long, B. and C. Driscoll (2008). "Codes of Ethics and the Pursuit of Organizational Legitimacy:
Theoretical and Empirical Contributions." Journal of Business Ethics 77(2): 173-189.
Protiviti. (2013). "Building Value in Your SOX Compliance Program: Highlights from Protiviti's
2013 Sarbanes-Oxley Compliance Survey ", from http://www.protiviti.com/enUS/Documents/Surveys/2013-SOX-Compliance-Survey-Protiviti.pdf.
Protiviti. (2014). "Keeping Pace with SOX Compliance: COSO, Costs, and the PCAOB Highlights from Protiviti's 2014 Sarbanes-Oxley Compliance Survey." from
http://www.protiviti.com/en-US/Documents/Surveys/2014-SOX-Compliance-SurveyProtiviti.pdf.
Rostain, T. (2008). "General Counsel in the Age of Compliance: Preliminary Findings and New
Research Questions." Georgetown Journal of Legal Ethics 21: 465.
Sandford, N., T. Rollauer, et al. (2013). "Compliance Trends Survey 2013." Retrieved
September 15, 2014, 2013, from
http://deloitte.wsj.com/riskandcompliance/files/2013/09/us_aers_grr_final_deloitte_comp
liance_week_pdf_080813.pdf.

International Journal of Global Business, 8 (1), 15-26, June 2015 25

Sandford, N., T. Rollauer, et al. (2014). "Compliance Trends Survey 2014." Retrieved
November 29, 2014, 2014, from
http://www2.deloitte.com/us/en/pages/risk/articles/compliance-trends-survey-2014.html
SCCE and NYSE Governance Services. (2014). "Compliance and Ethics Program
Environmental Report." Retrieved December 21, 2014, from
https://www.academia.edu/Download.
Simons, R. (1991). "Strategic orientation and top management attention to control systems:
Introduction." Strategic Management Journal 12(1).
Simons, R. (1994). "How new top managers use control systems as levers of strategic renewal."
Strategic Management Journal 15(3).
Soh, D., S. B. and N. Martinov-Bennie (2011). "The internal audit function." Managerial
Auditing Journal 26(7): 605-622.
Suchman, M. C. (1995). "Managing legitimacy: Strategic and institutional approaches."
Academy of Management Review 20(3): 571-610.
Suddaby, R. and R. Greenwood (2005). "Rhetorical Strategies of Legitimacy." Administrative
Science Quarterly 50(1): 35-67.
Tetlock, P. E. (2000). "Cognitive Biases and Organizational Correctives: Do Both Disease and
Cure Depend on the Politics of the Beholder?" Administrative Science Quarterly 45(2):
293-326.
Vafa, K. (2005). "Collusion and Organization Design." Economica 72(285): 17-37.
Vanessa, M. (2006). "Strategic posture, financial performance and environmental disclosure."
Accounting, Auditing & Accountability Journal 19(4): 540-563.
Vergne, J.-P. (2011). "Toward a New Measure of Organizational Legitimacy: Method,
Validation, and Illustration." Organizational Research Methods 14(3): 484-502.
Weber, C. M. and J. A. Gerard (2014). "Reconfiguring Compliance for Corporate Social
Responsibility." Journal of Economic Development, Management, IT, Finance &
Marketing 6(2): 28-36.
Wijen, F. (2014). "Means versus ends in opaque institutional fields: Trading off compliance and
achievement in sustainability standard adoption." Academy of Management Review
39(3): 302-323.

International Journal of Global Business, 8 (1), 15-26, June 2015 26

Zheng, W., B. Yang, et al. (2010). "Linking organizational culture, structure, strategy, and
organizational effectiveness: Mediating role of knowledge management." Journal of
Business Research 63(7): 763-771.
Zimmerman, M. A. and G. J. Zeitz (2002). "Beyond survival: Achieving new venture growth by
building legitimacy." Academy of Management Review 27(3): 414-431.

Copyright of International Journal of Global Business is the property of Global Strategic

Management, Inc. and its content may not be copied or emailed to multiple sites or posted to a
listserv without the copyright holder's express written permission. However, users may print,
download, or email articles for individual use.