Audit
Part of a series on |
Accounting |
---|
An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon."[1] Auditing also attempts to ensure that the books of accounts are properly maintained by the concern as required by law. Auditors consider the propositions before them, obtain evidence, roll forward prior year working papers, and evaluate the propositions in their auditing report.[2]
Audits provide third-party assurance to various stakeholders that the subject matter is free from material misstatement.[3] The term is most frequently applied to audits of the financial information relating to a legal person. Other commonly audited areas include: secretarial and compliance, internal controls, quality management, project management, water management, and energy conservation. As a result of an audit, stakeholders may evaluate and improve the effectiveness of risk management, control, and governance over the subject matter.
In recent years auditing has expanded to encompass many areas of public and corporate life. Professor Michael Power refers to this extension of auditing practices as the "Audit Society".[4]
Etymology
The word "audit" derives from the Latin word audire which means "to hear".[5]
History
Auditing has been a safeguard measure since ancient times.[6] During medieval times, when manual bookkeeping was prevalent, auditors in Britain used to hear the accounts read out for them and checked that the organization's personnel were not negligent or fraudulent.[7] In 1951, Moyer identified that the most important duty of the auditor was to detect fraud.[8] Chatfield documented that early United States auditing was viewed mainly as verification of bookkeeping detail.[9]
The Central Auditing Commission of the Communist Party of the Soviet Union (Russian: Центральная ревизионная комиссия КПСС) operated from 1921 to 1990.
Information technology audit
An information technology audit, or information systems audit, is an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
Accounting
Due to strong incentives (including
Financial audits are performed to ascertain the validity and reliability of information, as well as to provide an assessment of a system's internal control. As a result, a third party can express an opinion of the person / organization / system (etc.) in question. The opinion given on financial statements will depend on the audit evidence obtained.
A statutory audit is a legally required review of the accuracy of a company's or government's financial statements and records. The purpose of a statutory audit is to determine whether an organization provides a fair and accurate representation of its financial position by examining information such as bank balances, bookkeeping records, and financial transactions.
Due to constraints, an audit seeks to provide only reasonable assurance that the statements are free from
In most nations, an audit must adhere to generally accepted standards established by governing bodies. These standards assure third parties or external users that they can rely upon the auditor's opinion on the fairness of financial statements or other subjects on which the auditor expresses an opinion. The audit must therefore be precise and accurate, containing no additional misstatements or errors.[citation needed]
Integrated audits
In the US, audits of
There are also new types of integrated auditing becoming available that use unified compliance material (see the unified compliance section in
Assessments
The purpose of an assessment is to measure something or calculate a value for it. An auditor's objective is to determine whether financial statements are presented fairly, in all material respects, and are free of material misstatement. Although the process of producing an assessment may involve an audit by an independent professional, its purpose is to provide a measurement rather than to express an opinion about the fairness of statements or quality of performance.[15]
Auditors
Auditors of financial statements & non-financial information (including compliance audit) can be classified into various categories:
- financial reporting. External auditors may also be engaged to perform other agreed-upon procedures, related or unrelated to financial statements. Most importantly, external auditors, though engaged and paid by the company being audited, should be regarded as independent and remain third party.[citation needed]
- internal controlsover cost reporting. These are Specialized Persons called Cost Accountants in India & CMA globally either Cost & Management Accountants or Certified Management Accountants.
- Government Auditors review the finances and practices of federal agencies. These auditors report their finds to congress, which uses them to create and manage policies and budgets. Government auditors work for the U.S. Government Accountability Office, and most state governments have similar departments to audit state and municipal agencies.
- Secretarial internal controls over compliances system management of the company. These are Specialized Persons called Company Secretaries in India who are the members of Institute of Company Secretaries of India and holding Certificate of Practice. (http://www.icsi.edu/)
- Certified Internal Auditors - CIAs) are governed by the international professional standards and code of conduct of the Institute of Internal Auditors.[17] While internal auditors are not independent of the companies that employ them, independence and objectivity are a cornerstone of the IIA professional standards; and are discussed at length in the standards and the supporting practice guides and practice advisories. Professional internal auditors are mandated by the IIA standards to be independent of the business activities they audit. This independence and objectivity are achieved through the organizational placement and reporting lines of the internal audit department. Internal auditors of publicly traded companies in the United States are required to report functionally to the board of directors directly, or a sub-committee of the board of directors (typically the audit committee), and not to management except for administrative purposes. As described often in the professional literature for the practice of internal auditing (such as Internal Auditor, the journal of the IIA) -,[18] or other similar and generally recognized frameworks for management control when evaluating an entity's governance and control practices; and apply COSO's "Enterprise Risk Management-Integrated Framework" or other similar and generally recognized frameworks for entity-wide risk management when evaluating an organization's entity-wide risk management practices. Professional internal auditors also use control self-assessment(CSA) as an effective process for performing their work.
- Consultant auditors are external personnel contracted by the firm to perform an audit following the firm's auditing standards. This differs from the external auditor, who follows their own auditing standards. The level of independence is therefore somewhere between the internal auditor and the external auditor. The consultant auditor may work independently, or as part of the audit team that includes internal auditors. Consultant auditors are used when the firm lacks sufficient expertise to audit certain areas, or simply for staff augmentation when staff are not available.
The most commonly used external audit standards are the US
Performance audits
Performance audit refers to an independent examination of a program, function, operation or the management systems and procedures of a governmental or non-profit entity to assess whether the entity is achieving economy, efficiency and effectiveness in the employment of available resources.
Safety, security, information systems performance, and environmental concerns are increasingly the subject of audits.
Quality audits
Quality audits are performed to verify conformance to standards through review of objective evidence. A system of quality audits may verify the effectiveness of a quality management system. This is part of certifications such as
To benefit the organization, quality auditing should not only report non-conformance and corrective actions but also highlight areas of good practice and provide evidence of conformance. In this way, other departments may share information and amend their working practices as a result, also enhancing continual improvement.
Project audit
A project audit provides an opportunity to uncover issues, concerns and challenges encountered during the project lifecycle.[20] Conducted midway through the project, an audit affords the project manager, project sponsor and project team an interim view of what has gone well, as well as what needs to be improved to successfully complete the project. If done at the close of a project, the audit can be used to develop success criteria for future projects by providing a forensic review. This review identifies which elements of the project were successfully managed and which ones presented challenges. As a result, the review will help the organization identify what it needs to do to avoid repeating the same mistakes on future projects
Projects can undergo 2 types of Project audits:[19]
- Regular Health Check Audits: The aim of a regular health check audit is to understand the current state of a project in order to increase project success.
- Regulatory Audits: The aim of a regulatory audit is to verify that a project is compliant with regulations and standards. Best practices of NEMEA Compliance Centre describe that, the regulatory audit must be accurate, objective, and independent while providing oversight and assurance to the organization.
Other forms of Project audits:
Formal: Applies when the project is in trouble, sponsor agrees that the audit is needed, sensitivities are high, and need to be able prove conclusions via sustainable evidence.
Informal: Apply when a new project manager is provided, there is no indication the projects in trouble and there is a need to report whether the project is as opposed to where its supposed to Informal audits can apply the same criteria as formal audit but there is no need for such a in depth report or formal report.[21]
Energy audits
An energy audit is an inspection, survey and analysis of energy flows for energy conservation in a building, process or system to reduce the amount of energy input into the system without negatively affecting the output(s).
Operations audit
An operations audit is an examination of the operations of the client's business. In this audit, the auditor thoroughly examines the efficiency, effectiveness and economy of the operations with which the management of the entity (client) is achieving its objective. The operational audit goes beyond the internal controls issues since management does not achieve its objectives merely by compliance of satisfactory system of internal controls. Operational audits cover any matters which may be commercially unsound. The objective of operational audit is to examine Three E's, namely:[citation needed] Effectiveness – doing the right things with least wastage of resources. Efficiency – performing work in least possible time. Economy – balance between benefits and costs to run the operations[citation needed]
A control self-assessment is a commonly used tool for completing an operations audit.[22]
Forensic audits
Also refer to
See also
- Academic audit
- Accounting
- Audit plan
- Big Four accounting firms
- Clinical audit
- Comptroller, Comptroller General, and Comptroller General of the United States
- Continuous auditing
- Cost auditing
- COSO framework, Risk management
- EarthCheck
- Financial audit, External auditor, Certified Public Accountant (CPA), and Audit risk
- Information technology audit, History of information technology auditing, and Information security audit
- Internal audit
- International Organization of Supreme Audit Institutions (INTOSAI)
- Lead auditor, under the chief audit executive or Director of audit
- Mainframe audit
- Management auditing
- Operational auditing
- Peer review
- Quality audit
- Risk-based internal audit
- Technical audit
- SOFT audit
References
- ISBN 0070585849.
- ^ "Audit assurance".
- ^ PricewaterhouseCoopers. "What is an audit?". PwC. Retrieved 2022-03-03.
- ^ Power, Michael (1999), The Audit Society: Rituals of Verification. Oxford: Oxford University Press.
- ^ Assurance, Auditing and. "Chapter 1". ICAI - The Institute of Chartered Accountants of India. Vol. 1. Institute of Chartered Accountants of India. p. 1.
- PMID 26859053.
- ISBN 9781134177912.
- JSTOR 239850.
- S2CID 154953655.
- . Retrieved 1 April 2023.
- S2CID 236598426. Retrieved 1 April 2023.
- ^ McKenna, Francine. "Auditors and Audit Reports: Is The Firm's "John Hancock" Enough?". Forbes. Retrieved 22 July 2011.
- ^ "CONCEPT RELEASE ON POSSIBLE REVISIONS TO PCAOB STANDARDS RELATED TO REPORTS ON AUDITED FINANCIAL STATEMENTS" (PDF). Retrieved 22 July 2011.
- ^ "Auditing Standard No. 5". pcaobus.org. Retrieved 2016-06-28.
- ISBN 978-1-312-16130-6.
- ^ "Pages - Definition of Internal Auditing". Na.theiia.org. 2000-01-01. Retrieved 2013-09-02.
- ^ "Pages - International Professional Practices Framework (IPPF)". Na.theiia.org. 2000-01-01. Retrieved 2013-09-02.
- ^ "Professional internal auditors, in carrying out their responsibilities, apply COSO's Integrated Framework-Internal Control". Theiia.org.
- ^ a b Different Types of Audits (June 2013) Auditronix Guidance Note Archived July 18, 2013, at the Wayback Machine
- ^ Stanleigh, Micheal (2009). "UNDERTAKING A SUCCESSFUL PROJECT AUDIT" (PDF). PROJECT SMART. Retrieved 18 May 2016.
- ^ Clarke, Kevin; Walsh, Kathleen; Flanagan, Jack. "How prevalent are post-completion audits in Australia". Accounting, Accountability & Performance. 18 (2): 51–78.
- ^ Gilbert W. Joseph and Terry J. Engle (December 2005). "The Use of Control Self-Assessment by Independent Auditors". The CPA Journal. Retrieved 10 March 2012.
Further reading
- Amat, O. (2008). "Earnings management and audit adjustments: An empirical study of IBEX 35 constituents". SSRN 1374232.