P K DE & Associates

Internal Audit

Internal audits are performed by the employees of a company or organization. These audits are not distributed outside the company. Instead, they are prepared for the use of management and other internal stakeholders.
Internal audits are used to improve decision-making within a company by providing managers with actionable items to improve internal controls. They also ensure compliance with laws and regulations and maintain timely, fair, and accurate financial reporting.
Management teams can also utilize internal audits to identify flaws or inefficiencies within the company before allowing external auditors to review the financial statements.

Internal Audit

Internal audits are performed by the employees of a company or organization. These audits are not distributed outside the company. Instead, they are prepared for the use of management and other internal stakeholders.
Internal audits are used to improve decision-making within a company by providing managers with actionable items to improve internal controls. They also ensure compliance with laws and regulations and maintain timely, fair, and accurate financial reporting.
Management teams can also utilize internal audits to identify flaws or inefficiencies within the company before allowing external auditors to review the financial statements.

Internal Audit is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization. It is an independent, objectives assurance and consulting activity designed to add value and improve an organization’s operations. It helps organization to accomplish objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and government process.

As per AAS-6, Internal Control System refers to all the policies and procedures adopted by the management of the entity to assist in achieving management’s objectives ensuring the orderly conduct of the business, the accuracy and completeness of accounting records, the timely preparation of financial information, safeguarding of assets of enterprises and detection of fraud and errors in a timely manner. The internal audit function constitutes a separate component of internal control with the objective of determining whether other internal controls are well designed and properly evaluated.

The Scope and Objectives of internal audit vary widely and are dependent upon the size and structure of the entity and the management’s requirements. The internal audit normally operates in one or more of the following areas:

(a)Review of accounting system and related internal controls: Although the establishment of an adequate accounting system and related internal controls is the responsibility of the management. However it is must that they are reviewed from time to time to ensure that they are operating effectively and recommend any improvement thereto;

(b) Examination of Management of financial and operating information : It includes the review of the means used to identify, measure, classify and report such information and specific inquiry into individual items including tests of transaction;

(c) Examination of the economy, efficiency and effectiveness of operations including the financial controls of an organization: This will help the external auditor when it has an important bearing on the reliability of the financial records;

(d) Physical examination and verification: It includes the examination and verification of physical existence and condition of the tangible assets of the entity.

The objects of internal audit can be stated as follows:
(a) Verification of the accuracy and authenticity of the financial, accounting and statistical records.
(b) Ascertaining that accepted accounting policies and practices have been followed while preparing the financial accounts.
(c) The assets are purchased or disposed under proper authorization. Also ensuring that the access to assets is restricted to the authorized persons at the authorized times.
(d) Confirming that the liabilities are incurred for the legitimate activities of the organization.
(e) The internal checks system operating in the organization is sound and economical.
(f) Fraud and errors are prevented and detected.
(g) Reviewing overall operations of internal control system and if deviations or weakness are noted, the same are communicated to the appropriate authorities on timely basis. This will help in instituting corrective actions.

The operation of the internal audit function should comply with the following code:

Formal Charter: The internal audit function should have formal charter, including terms of reference, which has been approved by board;
Documentation of Reporting Structure: The reporting structure for internal audit should be clear and formally documented. The head of the internal audit function should have considerable seniority within the organization and the content of all internal audit report should be entirely at his discretion. The head of internal audit should report directly to the board audit committee and should also have access to the chairman of the board and the chairman of the board audit committee. Functionally the head of internal audit should report within the body to such person as the board decides and to the chief executive;
Detailed Testing: In carrying out its ongoing work, the internal audit function should include detailed testing on all specific areas covered by the charter in order to ensure that the company is complying fully with all requirements and report its finding to the board audit committee.
Competency: The internal audit function should be properly equipped with the necessary skills, including the ability to deal with non-financial aspects.
Liasioning with external auditors: The internal audit function should liaise frequently with the external auditors so that the potential for co-operation between the two is maximized. The work carried out by these two can frequently be complementary and effectiveness can be increased through regular consultation. (For example, the external auditors could offer guidance on particular areas which the internal audit function might be reviewing. Conversely the internal audit function could provide the external auditor with company specific expertise to assist in the evaluation of the system being examined as part of the statutory audit)
Audit committee and external auditors: The Board audit committee should make the external auditor aware of corporate governance issues outlined in this documents with which the state body is required to comply. The board audit committee should periodically consult with the external auditors regarding the operation of the internal audit function with particular reference to the staffing of the function, the audit work programmers being applied and the testing carried out in relation to the body’s complainence with the requirement set out in this documents.
Reviewing: The internal audit function body should review compliance with procurement and disposal procedures as required by the board audit committee from time to time, and report to the board audit committee.

As per AAS-7 on relying upon the work of an internal auditor, the external auditor should as a part of his audit evaluate the internal audit function to the extent he considers that it will be relevant in determining the nature, timing and extent of his audit procedures. The scope and objectives of an internal auditor are determined by the management while the external auditor has to carry out his functions under some statutory requirement Nevertheless, some of the means of achieving their respective objectives are often similar and thus, much of the work of internal auditor may be useful to the external auditor on determining the nature, timing and extend on the procedures. The external auditor should also evaluate the internal audit function to determine the extent of compliance of the substantive and compliance procedures. It is to be noted that the degree of independence an external auditor has it not with the internal auditor and hence, the report of external auditor is his sole responsibility and the fact that he has relied on the work of internal auditor does not in any way absolve him of his reporting responsibility.


Making Internal Audit Effective:
Once the external audit has decided to place reliance on the work of internal auditor, he should coordinate with him, i.e., he should ascertain the internal auditor’s tentative plan for the year ,discuss with him the areas of possible reliance, the extent of internal audit coverage, test methods, methods of sample selection of documentation and review.

Further, the external auditor should be granted access to the internal audit reports and be kept informed of any significant matter which comes to internal auditor’s attention. Similarly, the external auditor should ordinarily inform the internal auditor of any significant matters which may affect his work.

The External auditor should take into account the following factors in relying on the work of internal auditor:

(a) The adequacy of audit programmes in relation to the scope of audit report.
(b) The planning of the work ,supervision and review of the documentation of the assistants;
(c) The availability of sufficient appropriate audit evidence.
(d) The appropriateness of conclusion reached and the report thereon.
(e) Any expectations or unusual matters disclosed by the internal audit.

The important aspects that may be considered by the external auditor while evaluating the internal audit function are as follow:

(a) Organization Status: The external auditor should consider any constraints or restrictions placed by the management as regards the reporting by the internal auditor;

(b) Scope of Function: The nature and depth of audit coverage should be ascertained by the external auditor along with whether the management acts upon the recommendations of the internal auditor;

(c) Technical Competence: Here the professional competence of the internal auditor should be evaluated;

(d) Due Professional Experience: The external auditor should ascertain whether the internal audit work has been properly planned, supervised, review and documented.

2. To facilitate the accumulation of the information necessary for the proper review and evaluation of internal controls, the auditor can use one of the following to help him to know, assimilate and evaluate the same:

(a) Narrative Record: This is a complete and exhaustive description of the system as found in operation by the auditor. Actual testing and observation and necessary before such a record can be developed. It may be recommended in cases where no formal control system is in operation and would be more suited to small business. Further, it allows flexibility and can be adapted to any type of enterprise. The narrative record help in the comprehending the system operation, identify the weakness of the system and incorporating the necessary changes in the system.

(b) Check List: This is a series of introduction or question which a member of auditing staff must follow to answer. When he completes the instruction he must initial the space against each instruction or question. For example, the following check list pertains to the purchase function of a company.

Scroll to Top