What’s an Internal Audit?
Internal Audit is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization. It is an independent, objectives assurance and consulting activity designed to add value and improve an organization’s operations. It helps organization to accomplish objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and government process.
​
​
​
1. Scope and Objectives of Internal Audit
As per AAS-6, Internal Control System refers to all the policies and procedures adopted by the management of the entity to assist in achieving management’s objectives ensuring the orderly conduct of the business, the accuracy and completeness of accounting records, the timely preparation of financial information, safeguarding of assets of enterprises and detection of fraud and errors in a timely manner. The internal audit function constitutes a separate component of internal control with the objective of determining whether other internal controls are well designed and properly evaluated.
​
The Scope and Objectives of internal audit vary widely and are dependent upon the size and structure of the entity and the management’s requirements. The internal audit normally operates in one or more of the following areas:
​
(a)Review of accounting system and related internal controls: Although the establishment of an adequate accounting system and related internal controls is the responsibility of the management. However it is must that they are reviewed from time to time to ensure that they are operating effectively and recommend any improvement thereto;
(b) Examination of Management of financial and operating information : It includes the review of the means used to identify, measure, classify and report such information and specific inquiry into individual items including tests of transaction;
(c) Examination of the economy, efficiency and effectiveness of operations including the financial controls of an organization: This will help the external auditor when it has an important bearing on the reliability of the financial records;
(d) Physical examination and verification: It includes the examination and verification of physical existence and condition of the tangible assets of the entity.
The objects of internal audit can be stated as follows:
(a) Verification of the accuracy and authenticity of the financial, accounting and statistical records.
(b) Ascertaining that accepted accounting policies and practices have been followed while preparing the financial accounts.
(c) The assets are purchased or disposed under proper authorization. Also ensuring that the access to assets is restricted to the authorized persons at the authorized times.
(d) Confirming that the liabilities are incurred for the legitimate activities of the organization.
(e) The internal checks system operating in the organization is sound and economical.
(f) Fraud and errors are prevented and detected.
(g) Reviewing overall operations of internal control system and if deviations or weakness are noted, the same are communicated to the appropriate authorities on timely basis. This will help in instituting corrective actions.
​
​
​
What are the Types of Internal Audits?
While a significant portion of internal audit covers internal controls over financial reporting within the organization as they pertain to generally accepted accounting procedures (GAAP) impacting their financial statements. Many organizations also recognize the need for other types of assessments or audits outside of accounting or finance. Some of these key areas include compliance (i.e., regulatory), environmental, information technology, operational and performance audits.
​
Compliance Audits evaluate compliance with applicable laws, regulations, policies and procedures. Some of these regulations may have a significant impact on the company’s financial well-being. Failure to comply with some laws, may result in millions of dollars in fines or preclude a company from doing business in certain jurisdictions.
Environmental Audits assess the impact of a company’s operations on the environment. They may also assess the company’s compliance with environmental laws and regulations.
Information Technology Audits may evaluate information systems and the underlying infrastructure to ensure the accuracy of their processing, the security and confidential customer information or intellectual property. They will typically include the assessment of general IT controls related logical access, change management, system operations, and backup and recovery.
Operational Audits assess the organization’s control mechanisms for their overall efficiency and reliability.
Performance Audits evaluate whether the organization is meeting the metrics set by management in order to achieve the goals and objectives set forth by the Board of Directors.