https://ir.unisa.ac.za/handle/10500/13890 Mon, 15 Jun 2026 22:43:59 GMT 2026-06-15T22:43:59Z https://ir.unisa.ac.za/handle/10500/32626 Designing a cybersecurity- specific typology for small to medium enterprises from an African Regional block perspective Sithole, Marilyn Evolving cybersecurity threats and associated financial losses in small and medium enterprises (SMEs) across Africa's six regional geographic blocks (RGBs), namely, East Africa, West Africa, North Africa, Southern Africa, Central Africa and the Diaspora, are examined in this study. SMEs (both local and in the diaspora) contribute significantly to employment, innovation and local economic development through remittances, as well as to the overall gross domestic product (GDP) of Africa and its RGBs. Despite their importance, SMEs often face structural vulnerabilities in their accounting and financial systems, exposing them to cyber threats and resulting financial losses. Many SMEs lack the technical knowledge, internal controls and financial intelligence required to safeguard their digital financial databases. The increasing digitisation of SME financial operations – through mobile and online banking platforms, cloud-based computing, accounting software and integrated digital payment systems – has further amplified exposure to cyber risks. In this study, SME cybersecurity risk is explicitly situated within the accounting discipline, linking theoretical frameworks to empirical observations of overt financial losses. Criminology theories are explored to understand the nature and typology of cyber perpetrators and their continued reorganisation. Cybersecurity frameworks such as the National Institute of Standards and Technology (NIST) and ISO 27001, alongside cyber risk management theory (including game theory), are applied to the typology as a proactive measure against emerging threats from cyber syndicates operating in business ecosystems. Through established cybersecurity frameworks, the study demonstrates how financial intelligence can be applied to identify, prevent and mitigate threats to financial assets while ensuring regulatory compliance. A qualitative case study design was adopted, guided by a pragmatist lens. The methodological approach comprised secondary data collection, deductive reasoning, and both literal and theoretical replication. Secondary data enabled broad comparative analysis across geopolitical, economic and technological contexts, strengthening analytical generalisability. Methodological rigour was ensured through systematic thematic synthesis guided by Gioia's inductive coding logic and Eisenhardt's theory-building approach, despite the absence of direct organisational-level validation. Data analysis was carried out by means of interactive tools (World Data, ENACT Organised Crime Index) and modelling software for data visualisation (PlantUML, Excel, HTMLMinifier, CSSNano). The findings indicate that SMEs experience substantial financial losses as a result of both single-vector and multi-vector cyberattacks, affecting fiat currency, digital assets and accounting records. Through a cross-sectional analysis of the periods pre-, during and post-COVID-19, the most common cyberattacks affecting SME financial sustainability were identified. Malware, ransomware, distributed denial-of-service (DDoS) attacks, supply chain disruptions, business email compromise and data breaches emerged as prevalent cyber threats across SMEs. Digitisation, transnational cybercrime and increased surface and deep web activity have intensified financial leakages in SMEs. Cyber risks and attacks were mapped further, revealing patterns of fraudulent activity, cyber intrusion and operational disruption, as well as evolving cyber mafia structures that threaten the cash flow and overall financial stability of SMEs and, by extension, regional GDP. Game theory is identified as a suitable approach to cyber risk management. It is particularly valuable for sustainability given the evolving nature of cyber threats and the continual adaptation of cyber syndicates and their techniques. This study makes several novel contributions to accounting sciences and financial intelligence. First, it proposes a cybersecurity-related SME typology grounded in thematic analysis rather than purely technical classifications, thereby bridging criminology, governance and financial risk disciplines. Second, it introduces a structured nomenclature and a twelve-category cybersecurity typology that reconceptualises cyber risk as a strategic governance and financial decision-making issue. Third, it operationalises this typology through a self-designed Cyber Typology Identification Checklist (CTIC), a diagnostic tool enabling SMEs to profile risk exposure, and a REALM framework that informs cybersecurity investment decisions and justifies expenditure using game-theoretic cost–benefit reasoning. This study relies exclusively on secondary data as a deliberate and theoretically justified methodological choice. The cross-regional scope of the six African RGBs and the sensitivity of cybersecurity disclosures among SMEs limited the feasibility of primary data collection due to access constraints and underreporting risks. Recommended measures, based on the self-designed Three Pillar Cybersecurity Recommendation Model provided in the study, include internal controls encompassing people-related, governance and technical measures (network domains, cloud solutions, hardware, software), integrated within a cybersecurity framework. These measures are reminiscent of information technology audit approaches that integrate preventive, detective and corrective controls to ensure the integrity, reliability and resilience of systems. The study also provides both free and enterprise (paid) solutions that SMEs can adopt individually or through partnerships, alongside recommendations for harmonised legislation across the RGBs to enhance resilience and reduce financial losses. These solutions are intended to equip SMEs with the tools and insights needed to recognise, quantify and mitigate financial risk, thereby strengthening financial governance and accountability. Financial auditors, investors and SME owners can leverage the CTIC and the proposed typology to mitigate cyber and financial risks, to implement proactive measures for protecting capital, to preserve accounting integrity and to promote sustainable growth across the region.; Kulolu cwaningo, izinsongo zokuphepha kwe-inthanethi ezishintshashintshayo kanye nokulahlekelwa kwezimali okuhambisanayo emabhizinisini amancane naphakathi nendawo noma i-Small to Medium Enterprises (ama-SME) kuzo zonke izindawo eziyisithupha zesifunda sase-Afrika ezaziwa ngokuthi yi-regional geographic blocks (ama-RGB), okungukuthi, iMpumalanga Africa, iNtshonalanga Afrika, iNyakatho Afrika, iNingizimu Afrika, i-Afrika Ephakathi kanye ne-Diaspora, kuyahlolwa. Ama-SME (asendaweni kanye nakwa-diaspora) anegalelo elikhulu emisebenzini, emisha kanye nentuthuko yezomnotho wendawo ngokusebenzisa imali ethunyelwayo, kanye nomkhiqizo wezwe jikelele noma i- gross domestic product (i-GDP) yase-Afrika kanye nama-RGB ayo. Naphezu kokubaluleka kwawo, ama-SME avame ukubhekana nobuthakathaka besakhiwo ezinhlelweni zawo zokubala kanye nezezimali, okubabeka engozini becyber kanye nokulahlekelwa kwezezimali okubangelwa yiwo. Ama-SME amaningi antula ulwazi lobuchwepheshe, ukulawula kwangaphakathi kanye nobuhlakani bezezimali obudingekayo ukuvikela izizindalwazi zawo zezimali zedijithali. Ukwanda kokwenziwa kwedijithali kwemisebenzi yezezimali ye-SME - ngokusebenzisa amapulatifomu ebhange eselula nakwe-inthanethi, ukubalwa kwekhompyutha okusekelwe efwini, isofthiwe yokubala kanye nezinhlelo zokukhokha zedijithali ezihlanganisiwe - kuye kwandisa kakhulu ukuchayeka ezingozini ze-cyber. Kulesi sifundo, ingozi yokuphepha kwe-inthanethi ye-SME ibekwe ngokusobala ngaphakathi komkhakha wokubala, ixhumanisa izinhlaka zethiyori nokubonwa okubonakalayo kokulahlekelwa kwezezimali okusobala. Imibono yobugebengu iyahlolwa ukuze kuqondwe uhlobo kanye nohlobo lwabenzi bokuphepha kwe-inthanethi kanye nokuhlela kabusha kwabo okuqhubekayo. Izinhlaka zokuphepha kwe -inthanethi ezifana ne-National Institute of Standards and Technology (NIST) kanye ne-ISO 27001, kanye nethiyori yokuphathwa kwengozi yokuphepha kwe-inthanethi (kufaka phakathi ithiyori yomdlalo), zisetshenziswa kuhlobo njengesinyathelo sokuvikela izinsongo ezivela kumaqembu okuphepha kwe-inthanethi asebenza ezindaweni zebhizinisi. Ngokusebenzisa izinhlaka zokuphepha kwe-inthanethi ezisunguliwe, lolu cwaningo lubonisa indlela ubuhlakani bezezimali obungasetshenziswa ngayo ukuhlonza, ukuvimbela nokunciphisa izinsongo ezimpahleni zezimali ngenkathi kuqinisekiswa ukuhambisana nomthetho. Kwamukelwa umklamo wesifundo sesigameko esifanele, oqondiswa ilensi yokusebenza. Indlela yokwenza yayihlanganisa ukuqoqwa kwedatha yesibili, ukucabanga okusekelwe ekucabangeni, kanye nokuphindaphinda okungokoqobo nokwemfundiso. Idatha yesibili ivumele ukuhlaziywa okubanzi kokuqhathanisa kuzo zonke izimo zezwe, ezomnotho kanye nezobuchwepheshe, okuqinisa ukuguquguquka kokuhlaziya. Ukuqina kwendlela kwaqinisekiswa ngokuhlanganiswa kwezihloko okuhlelekile okuqondiswa yilojikhi yekhodi yokufundisa kaGioia kanye nendlela yokwakha ithiyori ka-Eisenhardt, naphezu kokungabikho kokuqinisekiswa okuqondile kwezinga lenhlangano. Ukuhlaziywa kwedatha kwenziwa ngamathuluzi asebenzisanayo (Idatha Yomhlaba, Inkomba Yobugebengu Obuhleliwe ye-ENACT) kanye nesofthiwe yokwenza amamodeli yokubuka idatha (PlantUML, Excel, HTMLMinifier, CSSNano). Okutholakele kubonisa ukuthi ama-SME abhekana nokulahlekelwa okukhulu kwezezimali ngenxa yokuhlaselwa kkokuphepha kwe-inthanethi ngevektha eyodwa kanye ne-amavektha amaningi, okuthinta imali yefiyethi, izimpahla zedijithali kanye namarekhodi ukubalwa kwezimali. Ngokuhlaziywa kwesigaba esibanzi sezikhathi zangaphambi, ngesikhathi nangemuva kweKhuvethi, ukuhlaselwa kwokuphepha kwe-inthanethi okuvame kakhulu okuthinta ukusimama kwezezimali ze-SME kwatholakala. I-Malware, i-ransomware, ukuhlaselwa kwe-distributed denial-of-service (DDoS), ukuphazamiseka kwe-supply chain, ukuvumelana nge-imeyili yebhizinisi kanye nokwephulwa kwedatha kwavela njengezinsongo zokuphepha kwe-inthanethi ezivame kakhulu kuwo wonke ama-SME. Ukwenziwa kwedijithali, ubugebengu besayibha bamazwe ngamazwe kanye nomsebenzi ongaphezulu kanye nomsebenzi wewebhu ojulile kuye kwaqinisa ukuvuza kwezezimali kuma-SME. Izingozi zesayibha kanye nokuhlaselwa kwadwetshwa kabanzi, kwaveza amaphethini emisebenzi yokukhwabanisa, ukungena kwe-sayibha kanye nokuphazamiseka kokusebenza, kanye nezakhiwo zesayibha mafiya ezishintshayo ezisongela ukuhamba kwemali kanye nokuzinza kwezezimali kwama-SME kanye, ngokwandisa, i-GDP yesifunda. Ithiyori yomdlalo ibhekwa njengendlela efanelekile yokuphathwa kwengozi yesayibha. Iwusizo kakhulu ekuzinzeni ngenxa yokuguquka kwezinsongo zesayibha kanye nokuzivumelanisa okuqhubekayo kwenhlangano yesayibha kanye namasu awo. Lolu cwaningo lwenza iminikelo eminingana emisha kwezesayensi yezimali kanye nobuhlakani bezezimali. Okokuqala, luphakamisa uhlobo lwe-SME oluhlobene nokuphepha kwesayibha olusekelwe ekuhlaziyweni kwezihloko kunokuba kube ukuhlukaniswa kobuchwepheshe kuphela, ngaleyo ndlela luhlanganisa ubugebengu, ukuphatha kanye nemikhakha yobungozi bezezimali. Okwesibili, lwethula igama elihlelekile kanye nohlobo lokuphepha kwe-inthanethi bezigaba eziyishumi nambili oluqonda kabusha ubungozi besayibha njengenkinga yokuphatha isu kanye nokwenza izinqumo zezezimali. Okwesithathu, lusebenzisa lolu hlobo ngokusebenzisa Uhlu Lokuhlola Lokuhlonza Uhlobo Lwe-Cyber oluziklamele lona noma i-Cyber Typology Identification Checklist (i-CTIC), ithuluzi lokuxilonga elivumela ama-SME ukuthi abonise ukuvezwa kobungozi bokuphepha kwe-inthanethi, kanye nohlaka lwe-REALM oluqondisa izinqumo zokutshalwa kwezimali kokuphepha kwe-inthanethi futhi luthethelele ukusetshenziswa kwemali kusetshenziswa ukucabanga kwezindleko-inzuzo okusekelwe kumdlalo. Lolu cwaningo luthembele kuphela kudatha yesibili njengokukhetha okuhlosiwe futhi okunesizathu ngokwemfundiso. Ububanzi bezifunda eziyisithupha zase-Afrika kanye nokuzwela kokudalulwa kokuphepha kwe-inthanethi phakathi kwama-SME kunciphise ukuqoqwa kwedatha eyinhloko ngenxa yemikhawulo yokufinyelela kanye nezingozi ezingabikwa kahle. Izinyathelo ezinconyiwe, ezisekelwe kuModeli Yezincomo Zokuphepha KweSayibha Ezinezinsika Ezintathu eziklanyelwe zona ezinikezwe ocwaningweni, zifaka phakathi izilawuli zangaphakathi ezihlanganisa izinyathelo ezihlobene nabantu, zokuphatha kanye nezobuchwepheshe (izizinda zenethiwekhi, izixazululo zamafu, ihadiwe, isofthiwe), ezihlanganiswe ngaphakathi kohlaka lokuphepha kwesayibha. Lezi zinyathelo zikhumbuza izindlela zokuhlola ubuchwepheshe bolwazi ezihlanganisa izilawuli zokuvimbela, zokuhlola kanye nezokulungisa ukuqinisekisa ubuqotho, ukuthembeka kanye nokuqina kwezinhlelo. Lolu cwaningo luphinde lunikeze izixazululo zamahhala nezebhizinisi (ezikhokhelwayo) ama-SME angazamukela ngawodwana noma ngokubambisana, kanye nezincomo zomthetho ovumelanisiwe kuwo wonke ama-RGB ukuze kuthuthukiswe ukuqina nokunciphisa ukulahlekelwa kwezezimali. Lezi zixazululo zenzelwe ukuhlomisa ama-SME ngamathuluzi nokuqonda okudingekayo ukuze kuqashelwe, kulinganiswe futhi kuncishiswe ibungozi bezezimali, ngaleyo ndlela kuqiniswe ukuphathwa kwezezimali kanye nokuziphendulela. Abahloli bezimali, abatshalizimali kanye nabanikazi bama-SME bangasebenzisa i-CTIC kanye nohlobo oluhlongozwayo ukuze kuncishiswe izingozi zesayibha nezezezimali, ukuze kuqaliswe izinyathelo ezisebenzayo zokuvikela imali, ukulondoloza ubuqotho bokubalwa kwezimali kanye nokukhuthaza ukukhula okusimeme kulo lonke isifunda.; Ontwikkelende kuberveiligheidsbedreigings en gepaardgaande finansiële verliese in klein en mediumgrootte ondernemings (KMO’s) regoor Afrika se ses streeksgeografiese blokke (SGB’s), naamlik Oos-Afrika, Wes-Afrika, Noord-Afrika, Suider-Afrika, Sentraal-Afrika en die Diaspora, word in hierdie studie ondersoek. KMO’s (beide plaaslik en in die diaspora) dra aansienlik by tot indiensneming, innovering en plaaslike ekonomiese ontwikkeling deur oormakings, asook tot die algehele bruto binnelandse produk (BBP) van Afrika en sy SGB’s. Ondanks hul belangrikheid, kom KMO’s dikwels te staan voor strukturele kwesbaarhede in hul rekeningkundige en finansiële stelsels, wat hulle aan kuberbedreigings en gevolglike finansiële verliese blootstel. Baie KMO’s beskik nie oor die tegniese kennis, interne beheermaatreëls en finansiële intelligensie wat nodig is om hul digitale finansiële databasisse te beskerm nie. Die toenemende digitalisering van KMO’s se finansiële bedrywighede – deur mobiele en aanlynbankplatforms, wolkgebaseerde rekenaars, rekeningkundige sagteware en geïntegreerde digitale betaalstelsels – het blootstelling aan kuberrisiko’s vererger. In hierdie studie word KMO-kuberveiligheidsrisiko duidelik binne die rekeningkundige dissipline geposisioneer, en verbind teoretiese raamwerke met empiriese waarnemings van openlike finansiële verliese. Kriminologieteorieë word ondersoek om die aard en tipologie van kuberoortreders en hul volgehoue herorganisasie te verstaan. Kuberveiligheidsraamwerke soos die National Institute of Standards and Technology (NIST) en ISO 27001, tesame met kuberrisikobestuursteorie (insluitend spelteorie), word op die tipologie toegepas as ’n proaktiewe maatreël teen ontluikende bedreigings van kubersindikate wat in sake-ekosisteme funksioneer. Deur gevestigde kuberveiligheidsraamwerke toon die studie hoe finansiële intelligensie aangewend kan word om bedreigings vir finansiële bates te identifiseer, voorkom en verlig, terwyl regulatoriese nakoming steeds verseker word. ’n Kwalitatiewe gevallestudie-ontwerp is gevolg, deur ’n pragmatiese lens as riglyn te gebruik. Die metodologiese benadering het sekondêre data-insameling, deduktiewe redenering en letterlike sowel as teoretiese replisering ingesluit. Sekondêre data het breë vergelykende ontleding oor geopolitieke, ekonomiese en tegnologiese kontekste moontlik gemaak, en analitiese veralgemeenbaarheid versterk. Metodologiese strengheid is verseker deur sistematiese tematiese sintese, met Gioia se induktiewe koderinglogika en Eisenhardt se teorie-boubenadering as riglyne, ondanks die afwesigheid van direkte organisatoriese validering. Data-ontleding is uitgevoer met behulp van interaktiewe hulpmiddels (World Data, ENACT Organised Crime Index) en modelleringsagteware vir datavisualisering (PlantUML, Excel, HTMLMinifier, CSSNano). Die bevindings dui daarop dat KMO’s beduidende finansiële verliese ervaar as gevolg van beide enkelvektor- en multivektorkuberaanvalle, wat fiatgeldeenheid, digitale bates en rekeningkundige rekords raak. Deur ’n deursnee-ontleding van die tydperke voor, tydens en ná COVID-19 is die mees algemene kuberaanvalle wat KMO’s se finansiële volhoubaarheid beïnvloed, geïdentifiseer. Indringerware, gyselware, verspreide weiering-van-diens (DDoS)-aanvalle, voorsieningskettingontwrigtings, kompromittering van besighede se e-posstelsels, en dataskendings het na vore gekom as algemene kuberbedreigings in KMO’s. Digitalisering, transnasionale kubermisdaad en toenemende oppervlak- en diep-webaktiwiteit het finansiële lekkasies in KMO’s vererger. Kuberrisiko’s en -aanvalle is verder uitgestippel, wat patrone van bedrieglike aktiwiteit, kuberindringing en operasionele ontwrigting asook ontwikkelende kubermafia-strukture aan die lig gebring het, wat KMO’s se kontantvloei en algehele finansiële stabiliteit en gevolglik ook streeks-BBP bedreig. Spelteorie word geïdentifiseer as ’n geskikte benadering tot kuberrisikobestuur. Dit is veral waardevol vir volhoubaarheid gegewe die ontwikkelende aard van kuberbedreigings en die voortdurende aanpassing van kubersindikate en hul tegnieke. Hierdie studie lewer verskeie nuwe bydraes tot rekeningkundige wetenskappe en finansiële intelligensie. Eerstens stel dit ’n kuberveiligheidsverwante KMO-tipologie voor wat op tematiese ontleding gegrond is eerder as op suiwer tegniese klassifikasies, en oorbrug sodoende kriminologie-, bestuurs- en finansiële risikodissiplines. Tweedens stel dit ’n gestruktureerde nomenklatuur en ’n twaalfkategorie-kuberveiligheidstipologie bekend, wat kuberrisiko herkonseptualiseer as ’n strategiese bestuurs- en finansiële besluitnemingskwessie. Derdens operasionaliseer dit hierdie tipologie deur ’n selfontwerpte Cyber Typology Identification Checklist (CTIC), ’n diagnostiese hulpmiddel wat KMO’s in staat stel om risikoblootstellingprofiele op te stel, en ’n REALM-raamwerk wat kuberveiligheidsbeleggingsbesluite onderlê en besteding regverdig met behulp van spelteoretiese koste-voordeelredenering. Hierdie studie steun uitsluitlik op sekondêre data as ’n doelbewuste en teoreties geregverdigde metodologiese keuse. Die oorstreekomvang van die ses Afrika-SGB’s en die sensitiwiteit van kuberveiligheidsopenbaarmaking tussen KMO’s het die uitvoerbaarheid van primêredata-insameling beperk as gevolg van toegangsbeperkings en onderrapportering. Aanbevole maatreëls, gebaseer op die selfontwerpte Driepilaar-Kuberveiligheidsaanbevelingsmodel wat in die studie verskaf word, sluit interne beheermaatreëls in wat mensverwante, bestuurs- en tegniese aspekte (netwerkdomeine, wolkoplossings, hardeware, sagteware) omvat, wat in ’n kuberveiligheidsraamwerk geïntegreer is. Hierdie maatreëls herinner aan inligtingstegnologie-ouditbenaderings wat voorkomende, opsporende en regstellende beheermaatreëls integreer om die integriteit, betroubaarheid en veerkragtigheid van stelsels te verseker Die studie verskaf ook beide gratis en ondernemingsoplossings (betaalde oplossings) wat KMO’s individueel of deur vennootskappe kan aanvaar, asook aanbevelings vir geharmoniseerde wetgewing oor die SGB’s heen om veerkragtigheid te verbeter en finansiële verliese te verminder. Hierdie oplossings is daarop gerigom KMO’s toe te rus met die nodige hulpmiddels en insigte om finansiële risiko te herken, kwantifiseer en verlig, en sodoende finansiële bestuur en aanspreeklikheid te versterk. Finansiële ouditeure, beleggers en KMO-eienaars kan die CTIC en die voorgestelde tipologie benut om kuber- en finansiële risiko’s te verminder, proaktiewe maatreëls te implementeer om kapitaal te beskerm, rekeningkundige integriteit te beskerm en volhoubare groei regoor die streek te bevorder. Text in English with Abstracts and keywords in Zulu and Afrikaans Wed, 12 Nov 2025 00:00:00 GMT https://ir.unisa.ac.za/handle/10500/32626 2025-11-12T00:00:00Z https://ir.unisa.ac.za/handle/10500/32621 Developing a Compliance Index to Improve the Performance of Major State-Owned Enterprises: An Analysis of South Africa Galane, Oupa Madala; Makoni, Patricia Lindelwa; Chikutuma, Chisinga Ngonidzashe Performance evaluation frameworks are essential for monitoring and enhancing the performance of state-owned enterprises (SOEs). Nonetheless, the existing frameworks exhibit particular deficiencies in delivering a comprehensive assessment of SOE performance or facilitating significant improvement. This study developed a comprehensive compliance index (PCI) to measure SOE performance. The PCI was developed through a systematic and integrative review of the current performance frameworks and refined using the Delphi technique via an online questionnaire. This study contributes to public sector performance evaluation research by offering a more integrated tool that captures the full scope of SOEs’ performance, including financial, non-financial, and developmental dimensions, based on the South African context. It is recommended that policymakers, especially the National Treasury, promote the adoption and use of the PCI to assist SOEs in assessing, monitoring, and improving their performance. Tue, 02 Sep 2025 00:00:00 GMT https://ir.unisa.ac.za/handle/10500/32621 2025-09-02T00:00:00Z https://ir.unisa.ac.za/handle/10500/32620 Assessing the strategic impact of a performance compliance index on the performance of state-owned enterprises Galane, Oupa Madala; Makoni, Patricia Lindelwa; Chikutuma, Chisinga Ngonidzashe The persistent poor performance of state-owned enterprises (SOEs) remains a significant topic in public-sector discourse. This ongoing issue has sparked extensive debate among scholars, policymakers, and government officials (Erasmus, 2024). The existing literature indicates that the absence of a universally adopted performance framework fosters an environment conducive to several influencing factors, such as significant power distance, cronyism, and materialistic culture (Kaunda & Pelser, 2022). The objective of this study was to examine how components of the performance compliance index (PCI) impact the performance of SOEs in South Africa. Adopting a positivist approach and a quantitative research design, the analysis examined the annual reports of 18 SOEs over a 10-year period (2013–2022). A panel fixed effects (FE) model was applied, with Hausman tests used to select the most appropriate estimator and address model limitations. The results show that the Z-score has a negative and statistically significant effect on SOE performance. The corporate governance index (CGI) demonstrated a positive, significant relationship with performance, whereas developmental performance index (DPI) showed a significant adverse effect. Conversely, the Public Finance Management Act (PFMA) and human capital index (HCI) indicators had limited measurable effects during the study period. Data limitations and the absence of qualitative evidence constrained the scope of the study. Future research should include all SOEs and adopt mixed-method approaches to gain a deeper understanding of broader organizational dynamics. Wed, 13 May 2026 00:00:00 GMT https://ir.unisa.ac.za/handle/10500/32620 2026-05-13T00:00:00Z https://ir.unisa.ac.za/handle/10500/32561 Internal audit function's independence and objectivity in the Mpumalanga Provincial Department of Health, South Africa: challenges and benefits Sambo, Promise Phumla The study focused on the independence of the Internal Audit Function (IAF) and the objectivity of Internal Auditors (IAs) within the Mpumalanga Provincial Department of Health (MPDoH) in South Africa. The primary aim was to explore and assess the factors influencing the independence and objectivity of the IAF. The study was underpinned by the Agency Theory and the Policeman Theory, which highlight the role of internal auditors in mitigating agency conflicts as well as detecting and preventing irregularities to promote accountability and compliance. Guided by an interpretivist research paradigm, the study adopted a qualitative research approach to explore in depth the experiences and perspectives of the participants. A case study design was employed, and data were collected through semi-structured, face-to-face, and telephonic interviews with 14 internal auditors who were purposefully selected based on their expertise and experience in internal auditing. The data were analysed using thematic analysis with the assistance of ATLAS.ti software (Version 25). Findings revealed that the independence and objectivity of the IAF are critical for ensuring effective governance, accountability, compliance, and improved service delivery. However, the study identified several factors undermining these principles, including inadequate resources, restricted access to the AC, management interference during audits, dual reporting structures, and insufficient protection for internal auditors. To address these challenges, the study recommends strengthening the independence of the IAF and the objectivity of IAs through enhanced resource allocation (adequate budget and personnel), unrestricted access to the AC, and the establishment of clear protocols that limit management influence during audit activities. These measures are essential for improving internal audit effectiveness, promoting good governance, and enhancing service delivery within the MPDoH. The study contributes to the public sector governance discourse by reaffirming the critical role of independence and objectivity of internal audit functions in fostering transparency, accountability, and service excellence.; Ucwaningo lugxile ekuzimeleni Komsebenzi Wocwaningomabhuku Lwangaphakathi (i-IAF) kanye nenjongo yabahloli bamabhuku bangaphakathi (IAs) ngaphakathi koMnyango Wezempilo Wesifundazwe saseMpumalanga (MPDoH) eNingizimu Afrika. Inhloso eyinhloko kwakuwukuhlola nokuhlola izici ezithonya ukuzimela nenjongo ye-IAF. Lolu cwaningo lusekelwe yi-Agency Theory kanye ne-Policeman Theory, egqamisa indima yabacwaningi mabhuku bangaphakathi ekunciphiseni izingxabano ze-ejensi kanye nokuthola nokuvimbela okungahambi kahle ukuze kuthuthukiswe ukuziphendulela nokuhambisana. Ngokuqondiswa yi-paradigm yocwaningo lomhumushi, ucwaningo lwamukela indlela yocwaningo olusezingeni eliphezulu ukuze luhlole ngokujulile ulwazi nemibono yababambe iqhaza. Kwasetshenziswa i-case study design, futhi idatha yaqoqwa ngokusebenzisa izingxoxo ezihleliwe, ubuso nobuso, nangezingcingo nabacwaningi bamabhuku bangaphakathi abayi-14 abakhethwa ngamabomu ngokusekelwe ebuchwephesheni babo nolwazi lwabo ekucwaningeni kwamabhuku kwangaphakathi. Idatha yahlaziywa kusetshenziswa ukuhlaziywa kwetimu ngosizo lwesofthiwe ye-ATLAS.ti (Inguqulo 25). Okutholakele kuveze ukuthi ukuzimela kanye nenjongo ye-IAF kubalulekile ekuqinisekiseni ukuphatha okusebenzayo, ukuziphendulela, ukuthobela, kanye nokulethwa kwezinsiza okuthuthukisiwe. Kodwa-ke, ucwaningo luhlonze izinto ezimbalwa ezibukela phansi le migomo, okuhlanganisa izinsiza ezinganele, ukufinyelela okulinganiselwe ku-AC, ukuphazamiseka kwabaphathi ngesikhathi sokucwaninga, izinhlaka zokubika ezimbili, kanye nokuvikelwa okunganele kwabacwaningi bamabhuku bangaphakathi. Ukuze kubhekwane nalezi zinselele, ucwaningo luncoma ukuthi kuqiniswe ukuzimela kwe-IAF kanye nenjongo yama-IAs ngokwabiwa kwezinsiza okuthuthukisiwe (isabelomali esanele nabasebenzi), ukufinyelela okungakhawulelwe ku-AC, kanye nokusungulwa kwezivumelwano ezicacile ezibeka imingcele yokuphatha umthelela phakathi nemisebenzi yocwaningomabhuku. Lezi zinyathelo zibalulekile ekwenzeni ngcono ukusebenza kahle kocwaningomabhuku lwangaphakathi, ukukhuthaza ukubusa okuhle, kanye nokuthuthukisa ukulethwa kwezinsizakalo ngaphakathi kwe-MPDoH. Ucwaningo lufaka isandla enkulumweni yokubusa komkhakha womphakathi ngokuqinisekisa kabusha iqhaza elibalulekile lokuzimela kanye nenjongo yemisebenzi yocwaningomabhuku lwangaphakathi ekukhuthazeni ukubeka izinto obala, ukuziphendulela, kanye nokusebenza kahle kwenkonzo.; Lolucwaningo lugcile ekutimeleni kweMsebenti Wekucwaninga Tincwadzi Wangekhatsi (i-IAF) kanye nekungakhetsi kweBacwaningi mabhuku Bangekhatsi (ema-IA) ngaphakatsi kweLitiko Letemphilo Lesifundza saseMpumalanga (i-MPDoH) eNingizimu Afrika. Inhloso leyinhloko bekukuhlola nekuhlola tintfo letinemtselela ekutimeleni nasekubeni nenhloso ye-IAF. Lolucwaningo lwasekelwa yi-Agency Theory kanye ne-Policeman Theory, lekhombisa indzima yebacwaningi mabhuku bangekhatsi ekunciphiseni kungcubutana kwema-ejensi kanjalo nekutfola nekuvikela kungabi semtsetfweni kute kukhutsatwe kutiphendvulela kanye nekulandzela umtsetfo. Kucondziswa yindlela yelucwaningo lwekuhumusha, lolucwaningo lwemukele indlela yelucwaningo lwelizinga lekuhlola ngalokujulile lokuhlangenwe nako kanye nemibono yebahlanganyeli. Kwasetjentiswa umklamo wesifundvo sendzaba, futsi idatha yabutfwa ngekusebentisa tinkhulumomphendvulwano letihlelelwe kancane, buso nebuso, kanye nelucingo nebacwaningi mabhuku bangekhatsi labangu-14 labakhetfwa ngenhloso ngekuya ngebungcweti babo kanye nesipiliyoni sabo ekucwaningeni kwangekhatsi. Lemininingwane yahlaziywa kusetjentiswa kuhlatiya ngetihloko ngekusitwa yi-software ye-ATLAS.ti (Inguqulo 25). Lokutfoliwe kuvete kutsi kutimela kanye nekungakhetsi kwe-IAF kubaluleke kakhulu ekucinisekiseni kubusa lokuphumelelako, kutiphendvulela, kuhambisana, kanye nekuletsa tinsita lokwentiwe ncono. Kepha-ke, lolucwaningo lukhombe tintfo letinyenti letibukela phansi letimiso, letifaka ekhatsi kungabi netinsita letenele, kufinyelela lokuvinjelwe ku-AC, kuphatamiseka kwebaphatsi ngesikhatsi sekuhlolwa kwemabhuku, takhiwo tekubika letimbili, kanye nekuvikeleka lokunganele kwebacwaningi mabhuku bangekhatsi. Kulungisa letinsayeya, lolucwaningo luncoma kucinisa kutimela kwe-IAF kanye nekuba nenhloso yema-IA ngekwabiwa kwetinsita lokutfutfukisiwe (sabelomali lesenele kanye netisebenti), kufinyelela lokungenamkhawulo ku-AC, kanye nekusungulwa kwemigomo lecacile lenciphisa umtselela wekuphatsa ngesikhatsi semisebenti yekuhlola. Letinyatselo tibalulekile ekwenteni ncono kusebenta kahle kwekuhlolwa kwemabhuku kwangekhatsi, kutfutfukisa kubusa lokuhle, kanye nekutfutfukisa kwetfulwa kwetinsita ngaphakatsi kwe-MPDoH. Lolucwaningo lufaka sandla enkhulumeni yekuphatsa umkhakha wahulumende ngekutsi kucinisekiswe kabusha indzima lebalulekile yekutimela kanye nekungakhetsi kwemisebenti yekucwaninga ngekhatsi ekugcugcuteleni kusebenta ngalokusebaleni, kutiphendvulela, kanye nekusebenta kahle kwetinsita. Text in English with abstracts and keywords in Zulu and Swazi Sat, 01 Nov 2025 00:00:00 GMT https://ir.unisa.ac.za/handle/10500/32561 2025-11-01T00:00:00Z