Internal Audits

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Up to a certain organizational size, you do not need a fully fledged internal audit function. The internal audit function can be assured by the CEO or entrepreneur. Starting a certain organizational ia3size or a certain organization type you might have it also as a legal mandatory obligation to have an internal audit function.

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Internal auditing is a catalyst for improving an organization’s governance, risk management, and management controls by providing insight and recommendations based on analyses and assessments of data and business processes. With a commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform internal auditing activity.

The scope of internal auditing within an organization is broad and may involve topics such as an organization’s governance, risk management, and management controls over: efficiency/effectiveness of operations (including safeguarding of assets), the reliability of financial and management reporting, and compliance with laws and regulations. Internal auditing may also involve conducting proactive fraud audits to identify potentially fraudulent acts; participating in fraud investigations under the direction of fraud investigation professionals, and conducting post investigation fraud audits to identify control breakdowns and establish financial loss.

Internal auditors are not responsible for the execution of company activities; they advise management and the Board of Directors (or similar oversight body) regarding how to better execute their responsibilities. As a result of their broad scope of involvement, internal auditors may have a variety of higher educational and professional backgrounds.

The Institute of Internal Auditors (IIA) is the recognized international standard setting body for the internal audit profession and awards the Certified Internal Auditor designation internationally through rigorous written examination. Other designations are available in certain countries.

Internal auditors work for government agencies (federal, state and local); for publicly traded companies; and for non-profit companies across all industries. Internal auditing departments are led by a Chief Audit Executive(“CAE”) who generally reports to the Audit Committee of the Board of Directors, with administrative reporting to the Chief Executive Officer (In the United States this reporting relationship is required by law for publicly traded companies).

The Internal Auditing profession evolved steadily with the progress of management science after World War II. It is conceptually similar in many ways to financial auditing by public accounting firms, quality assurance, and banking compliance activities. While some of the audit technique underlying internal auditing is derived from management consulting and public accounting professions, the theory of internal auditing was conceived primarily by Lawrence Sawyer (1911-2002), often referred to as “the father of modern internal auditing”; and the current philosophy, theory and practice of modern internal auditing as defined by the International Professional Practices Framework (IPPF) of the Institute of Internal Auditors owes much to Sawyer’s vision.

With the implementation in the United States of the Sarbanes-Oxley Act of 2002, the profession’s exposure and value were enhanced, as many internal auditors possessed the skills required to help companies meet the requirements of the law. However, the focus by internal audit departments of publicly traded companies on SOX related financial policy and procedures derailed progress made by the profession in the late 20th century toward Larry Sawyer’s vision for internal audit. Beginning in about 2010, the IIA once again began advocating for the broader role internal auditing should play in the corporate arena, in keeping with the IPPF’s philosophy.

ia1What is an internal audit?

According to the Chartered Institute of Internal Auditors, the role of internal audit is to provide independent assurance that an organization’s risk management, governance, and internal control processes are operating effectively.

What is its value to the organization?

Internal auditors deal with issues that are fundamentally important to the survival and prosperity of any organization. Unlike external auditors, they look beyond financial risks and statements to consider wider issues such as the organization’s reputation, growth, its impact on the environment and the way it treats its employees.

In sum, internal auditors help organizations to succeed. We do this through a combination of assurance and consulting. The assurance part of our work involves telling managers and governors how well the systems and processes designed to keep the organization on a track are working.

Often there is some confusion of what is an external audit how is it different from the internal audit. The main differences are presented in the table further below.

External auditInternal audit
Reports toshareholders or members who are outside the organizations’ governance structure.The board and senior management are within the organization’s governance structure.
ObjectivesAdd credibility and reliability to financial reports from the organization to its stakeholders by giving an opinion on the reportEvaluate and improve the effectiveness of governance, risk management, and control processes.  This provides members of the boards and senior management with assurance that helps them fulfill their duties to the organization and its stakeholders.
CoverageFinancial reports, financial reporting risks.All categories of risk, their management, including reporting on them.
Responsibility  for improvementNone, however, there is a duty to report problems.Improvement is fundamental to the purpose of internal auditing. But it is done by advising, coaching and facilitating in order to not undermine the responsibility of management.

I know that having an audit is a lot of work for anyone involved and tights up a lot of resources for a significant time. Sometimes also the purpose and questions of the auditors are not properly understood by the entire organization. The audit activity gives a strange and uncomfortable feeling that someone comes in and questions and checks again all the things you have done.  In spite of all the above for a business organization, it is very useful from time to time to really look into the internal audit, it makes sense to do everything possible to avoid future potential “unwanted surprises”.

The internal audit process preparation and the internal audit reports and findings are very useful to patch unwanted or maybe even unknown efficiency and profitability leakages.

TopCFO can support you in your internal audit process, results and findings interpretation and implementation.

You are one click away from starting a very useful activity, your internal audit, by contacting TopCFO.

You can follow us on Linkedin, Twitter, Facebook

Reference :

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: