Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
Internal auditors evaluate the adequacy and effectiveness of how risks are identified and managed in the above areas. They also assess other aspects such as ethics and values within the organization, performance management, communication of risk and control information within the organization in order to facilitate a good governance process.
The internal auditors are expected to provide recommendations for improvement in those areas where opportunities or deficiencies are identified. While management is responsible for internal controls, the internal audit activity provides assurance to management and the audit committee that internal controls are effective and working as intended. The internal audit activity is led by the chief audit executive (CAE). The CAE delineates the scope of activities, authority, and independence for internal auditing in a written charter that is approved by the audit committee.
An effective internal audit activity is a valuable resource for management and the board or its equivalent, and the audit committee due to its understanding of the organization and its culture, operations, and risk profile. The objectivity, skills, and knowledge of competent internal auditors can significantly add value to an organization’s internal control, risk management, and governance processes. Similarly, an effective internal audit activity can provide assurance to other stakeholders such as regulators, employees, providers of finance, and shareholders.
Periodic or specific purpose audit conducted by external (independent) qualified accountant(s). Its objective is to determine, among other things, whether (1) the accounting records are accurate and complete, (2) prepared in accordance with the provisions of the law, and (3) the statements prepared from the accounts present fairly the organization’s financial position, and the results of its financial operations.
First, you will be notified in writing when your department is selected for an audit. The letter will state the objectives to be accomplished in the audit. Subsequently, the Internal Audit staff will contact you to schedule a meeting to discuss the scope of the audit and the logistics of conducting the audit. At this initial meeting, you should take the opportunity to discuss any concerns or questions you may have about the audit and to determine how you can facilitate the review process. A typical audit has several stages, including preliminary research, data collection and analysis, field work, report writing and distribution and follow-up.
There should be no surprises at the end of the audit – Internal Audit staff will keep you informed throughout the audit and let you know of any potential findings or recommendations. If you have any information that can clarify a potential audit issue, please let the auditor know this during the audit – do not wait until the final exit meeting.
An audit may affect a department’s routine to some extent. We always attempt to minimize any interruptions to your normal work schedule to the extent possible.