Audit is an appraisal activity undertaken by an independent practitioner (e.g. an external auditor) to provide assurance to a principal (e.g. shareholders) over a subject matter (e.g. financial statements) which is the primary responsibility of another person (e.g. directors) against a given criteria or framework (e.g. IFRS and GAAP).
Financial Audit involves the examination of the truth and fairness of the financial statements of an entity by an external auditor who is independent of the organization in accordance with a reporting framework such as the IFRS. Company law in most jurisdictions requires external audit on annual basis for companies above a certain size. The need for an external audit primarily stems from the separation of ownership and control in large companies in which shareholders nominate directors to run the affairs of the company on their behalf. As the directors report on the financial performance and position of the company, shareholders need assurance over the accuracy of the financial statements before placing any reliance on them. External audit provides reasonable assurance to the owners of the company that the financial statements, as reported by the directors, are free from material misstatements. External auditors are required to comply with professional auditing standards such as the International Standards on Auditing and ethical guidelines such as those issued by IFAC in order to maintain a level of quality and trust of all stakeholders in the auditing exercise.
In many countries, companies are required to conduct specific audit engagements other than the statutory audit to comply with the requirements of particular laws and regulations. Examples of such audits include: Verification of reserves available for distribution to shareholders before the declaration of interim dividend Audit of the statement of assets and liabilities submitted by a company at the time of liquidation Performance of cost audit of manufacturing companies to verify the cost of production in order for a regulator to determine the maximum price to be allowed after allowing a reasonable profit margin to companies operating in a sensitive sector. (e.g. pharmaceuticals industry)
Information System Audit
Information system audit involves the assessment of the controls relevant to the IT infrastructure within an organization. Information system audits may be performed as part of the internal control assessment during internal or external audit. Information system audit generally comprises of the evaluation of the following aspects of information system: Design and internal controls of the system Information security and privacy Operational effectiveness and efficiency Information processing and data integrity System development standards.
Internal audit, also referred as operational audit, is a voluntary appraisal activity undertaken by an organization to provide assurance over the effectiveness of internal controls, risk management and governance to facilitate the achievement of organizational objectives. Internal audit is performed by employees of the organization who report to the audit committee of the board of directors as opposed to external audit which is carried out by professionals independent of the organization and who report to the shareholders via audit report.
Unlike external audit, whose scope is primarily restricted to matters that concern the financial statements, the scope of work of an internal audit is very broad and can encompass any matters which can affect the achievement of organizational objectives. Internal audit is typically centered around certain key activities which include:
- Monitoring the effectiveness of internal controls and proposing improvements
- Investigating instances of fraud and theft
- Monitoring compliance with laws and regulations
- Reviewing and verifying where necessary the financial and operating information
- Evaluating risk management policies and procedures of the company
- Examining the effectiveness, efficiency and economy of operations and processes
Tax audits are conducted to assess the accuracy of the tax returns filed by a company and are therefore used to determine the amount of any over or under assessment of tax liability towards the tax authorities.