Audit: Difference between revisions
Andystwong (talk | contribs) |
Andystwong (talk | contribs) |
||
Line 22: | Line 22: | ||
===Integrated audits=== |
===Integrated audits=== |
||
In the US, audits of publicly-traded companies are governed by rules laid down by the Public Company Accounting Oversight Board (PCAOB), which was established by Section 404 of the Sarbanes |
In the US, audits of publicly-traded companies are governed by rules laid down by the Public Company Accounting Oversight Board (PCAOB), which was established by Section 404 of the Sarbanes-Oxley Act of 2002. Such an audit is called an integrated audit, where auditors have the additional responsibility (other than to opine on the financial statements) of expressing an opinion on the effectiveness of company's internal control over financial reporting, in accordance with PCAOB Auditing Standard No. 5. |
||
There are also new types of integrated auditing becoming available. This uses unified compliance material - see the unified compliance section in [[Regulatory compliance]]. Due to the increasing number of regulations and need for operational transparency, organizations are adopting risk-based audits that can cover multiple regulations and standards from a single audit event.{{Citation needed|date=January 2010}} This is a very new but necessary approach in some sectors to ensure that all the necessary governance requirements can be met without duplicating effort from both audit and audit hosting resources.{{Citation needed|date=January 2010}} |
There are also new types of integrated auditing becoming available. This uses unified compliance material - see the unified compliance section in [[Regulatory compliance]]. Due to the increasing number of regulations and need for operational transparency, organizations are adopting risk-based audits that can cover multiple regulations and standards from a single audit event.{{Citation needed|date=January 2010}} This is a very new but necessary approach in some sectors to ensure that all the necessary governance requirements can be met without duplicating effort from both audit and audit hosting resources.{{Citation needed|date=January 2010}} |
Revision as of 01:35, 20 July 2010
The examples and perspective in this article may not represent a worldwide view of the subject. (January 2010) |
Part of a series on |
Accounting |
---|
The general definition of an audit is an evaluation of a person, organization, system, process, enterprise, project or product. The term most commonly refers to audits in accounting, but similar concepts also exist in project management, quality management, and for energy conservation.
Audits in accounting
Audits are performed to ascertain the validity and reliability of information; also to provide an assessment of a system's internal control. The goal of an audit is to express an opinion on the person / organization / system (etc) in question, under evaluation based on work done on a test basis. Due to practical constraints, an audit seeks to provide only reasonable assurance that the statements are free from material error. Hence, statistical sampling is often adopted in audits. In the case of financial audits, a set of financial statements are said to be true and fair when they are free of material misstatements - a concept influenced by both quantitative and qualitative factors.
Audit is a vital part of accounting. Traditionally, audits were mainly associated with gaining information about financial systems and the financial records of a company or a business (see financial audit). However, recent auditing has begun to include other information about the system, such as information about security risks, information systems performance (beyond financial systems), and environmental performance. As a result, there are now professions conducting security audits, IS audits, and environmental audits.
In financial accounting, an audit is an independent assessment of the fairness by which a company's financial statements are presented by its management. It is performed by competent, independent and objective person(s) known as auditors or accountants, who then issue an auditor's report based on the results of the audit.
In Cost Accounting, it is a process for verifying the cost of manufacture or production of any article, on the basis of accounts as regards utilisation of material or labour or other items of costs, maintained by the company. In simple words the term cost audit means a systematic and accurate verification of the cost accounts and records and checking of adherence to the objectives of the cost accounting.
As per ICWA London’ “cost audit is the verification of the correctness of cost accounts and of the adherence to the cost accounting plan.”
Such systems must adhere to generally accepted standards set by governing bodies regulating businesses; these standards simply provide assurance for third parties or external users that such statements present a company's financial condition and results of operations "fairly."
The Definition for Auditing and Assurance Standard (AAS) 1 by ICAI "Auditing is the independent examination of financial information of any entity, whether profit oriented or not, and irrespective of its size or legal form, when such an examination is conducted with a view to expressing an opinion thereon."
Integrated audits
In the US, audits of publicly-traded companies are governed by rules laid down by the Public Company Accounting Oversight Board (PCAOB), which was established by Section 404 of the Sarbanes-Oxley Act of 2002. Such an audit is called an integrated audit, where auditors have the additional responsibility (other than to opine on the financial statements) of expressing an opinion on the effectiveness of company's internal control over financial reporting, in accordance with PCAOB Auditing Standard No. 5.
There are also new types of integrated auditing becoming available. This uses unified compliance material - see the unified compliance section in Regulatory compliance. Due to the increasing number of regulations and need for operational transparency, organizations are adopting risk-based audits that can cover multiple regulations and standards from a single audit event.[citation needed] This is a very new but necessary approach in some sectors to ensure that all the necessary governance requirements can be met without duplicating effort from both audit and audit hosting resources.[citation needed]
Audits vs. Assessments
The difference between audits and assessments can be considerable or can be nothing at all.
As a general rule, audits should always be an independent evaluation that will include some degree of quantitative and qualitative analysis whereas an assessment infers a less independent and more consultative approach.
Types of auditors
Auditors of financial statements can be classified into two categories:
- External auditor / Statutory auditor is an independent Public accounting firm engaged by the client subject to the audit, to express an opinion on whether the company's financial statements are free of material misstatements, whether due to fraud or error. For publicly-traded companies, external auditors may also be required to express an opinion over the effectiveness of internal controls over financial reporting. External auditors may also be engaged to perform other agreed-upon procedures, related or unrelated to financial statements. Most importantly, external auditors, though engaged and paid by the company being audited, are regarded as independent auditors.
The most used external audit standards are the US GAAS of the American Institute of Certified Public Accountants; and the ISA International Standards on Auditing developed by the International Auditing and Assurance Standards Board of the International Federation of Accountants
- Internal auditors of internal control are employed by the organization they audit. Internal auditors perform various audit procedures, primarily related to procedures over the effectiveness of the company's internal controls over financial reporting. Due to the requirement of Section 404 of the Sarbanes Oxley Act of 2002 for management to also assess the effectiveness of their internal controls over financial reporting (as also required of the external auditor), internal auditors are utilized to make this assessment. Though internal auditors are not considered independent of the company they perform audit procedures for, internal auditors of publicly-traded companies are required to report directly to the board of directors, or a sub-committee of the board of directors, and not to management, so to reduce the risk that internal auditors will be pressured to produce favorable assessments.
- The most used Internal Audit standards are those of the Institute of Internal Auditors.
- Consultant auditors are external personnel contracted by the firm to perform an audit following the firm's auditing standards. This differs from the external auditor, who follows their own auditing standards. The level of independence is therefore somewhere between the internal auditor and the external auditor. The consultant auditor may work independently, or as part of the audit team that includes internal auditors. Consultant auditors are used when the firm lacks sufficient expertise to audit certain areas, or simply for staff augmentation when staff are not available.
- Quality auditors may be consultants or employed by the organization.
Quality audits
Quality audits are performed to verify the effectiveness of a quality management system. This is part of certifications such as ISO 9001. Quality audits are essential to verify the existence of objective evidence of processes, to assess how successfully processes have been implemented, for judging the effectiveness of achieving any defined target levels, providing evidence concerning reduction and elimination of problem areas and are a hands-on management tool for achieving continual improvement in an organization.
To benefit the organization, quality auditing should not only report non-conformances and corrective actions but also highlight areas of good practice. In this way, other departments may share information and amend their working practices as a result, also enhancing continual improvement.
In Project Management
Projects can undergo 2 types of audits[1]:
- Regular Health Check Audits: The aim of a regular health check audit is to understand the current state of a project in order to increase project success.
- Regulatory Audits: The aim of a regulatory audit is to verify that a project is compliant with regulations and standards.
Energy audits
An energy audit is an inspection, survey and analysis of energy flows for energy conservation in a building, process or system to reduce the amount of energy input into the system without negatively affecting the output(s).
References
- ^ Cutting, Thomas (January 12, 2008). "How to Survive an Audit". PM Hut. Retrieved December 13, 2009.
See also
- Accounting
- Comptroller, Comptroller General, and Comptroller General of the United States
- Continuous auditing
- COSO framework, Risk management
- Field work
- Financial audit, External auditor, Certified Public Accountant (CPA), and Audit risk
- Green Globe
- Information technology audit, Information technology audit process, History of information technology auditing, and Auditing information security
- Internal audit
- Lead Auditor, under the Chief Audit Executive, or Director of Audit
- Quality audit