“Internal audit is a dynamic profession involved in helping organizations achieves their objectives. It is concerned with evaluating and improving the effectiveness of risk management, control and governance processes in an organization.
Internal Audit Procedures
Internal audits may take place on a daily, weekly, monthly or annual basis. Some departments may be audited more frequently than others. For example, a manufacturing process may be audited on a daily basis for quality control, while the human resources department might only be audited once a year. Audits may be scheduled, to give managers time to prepare the required documents and information, or they may be a surprise, if unethical or illegal activity is suspected.
Assessment techniques ensure an internal auditor completely understands internal control procedures, and whether employees are complying with internal control directives. To avoid disrupting the daily workflow, auditors begin with indirect assessment techniques, such as reviewing flowcharts, manuals, departmental control policies or other existing documentation, or they may trace specific audit trails from start to finish. They may also conduct interviews with staff, if document reviews or audit trails do not fully answer their questions.
Auditing procedures include transaction matching, physical inventory count, audit trail calculations and account reconciliation as is required by law. Analysis techniques may test random data or target specific data, if an auditor believes an internal control process needs to be improved.
Internal audit reporting always includes a formal report and may include a preliminary or memo-style interim report. An interim report typically includes sensitive or significant results the auditor thinks the board of directors needs to know right away. The final report includes a summary of the procedures and techniques used for completing the audit, a description of audit findings and suggestions for improvements to internal controls and control procedures.