BY JOHN M. SEERAM
May is designated International Internal Auditing month by the Institute of Internal Auditing – Global (IIAG), of which the Guyana Chapter is affiliated to that body. In its observance, this writer has chosen to present an article on the current auditing process.
Despite their obvious similarities, internal auditing and external auditing have major differences that make them distinctly valuable to the auditing profession.
Internal auditors and external auditors each have an important role in the governance of an organisation. They both have mutual interests with regard to the effectiveness of internal controls, both adhere to ethical codes and professional standards which are set by their respective professional bodies. Further, they both operate independently of the activities they audit, and they are expected to possess extensive knowledge about the organisation/business, the industry and the strategic risks faced by the organisation which they serve.
However, with all their similarities, internal auditing and external auditing are indeed two distinct functions that have differences.
Diverging Approaches to Auditing
The IIAG defines internal auditing as “an independent, objective assurance and consulting activity, designed to add value and to improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes”. Internal auditors are concerned with all aspects of the organisation both financial and non financial, and to do continuous reviews and evaluations of risk management, control and governance processes. Internal auditors in public sector organisations are required to place an added emphasis on providing assurance on performance and compliance with policies and procedures.
In contrast, external auditing provides an independent opinion of an organisation’s financial statements and its fair presentation. This type of auditing encompasses whether the statements comply with the International Standards, and whether they fairly present the financial position of the organisation, whether the results of its operations for a given period of time are reported accurately, and whether they include a misstatement(s) that is/are likely to influences the economic decisions of the financial statement users. In effect, external auditing approach is mainly historical in nature.
Internal Auditing is much broader and more encompassing than external auditing. Its value resides in the function’s ability to look at the underlying operations that drive the financial numbers before those numbers actually ‘hit the books/accounts’. As an example, when considering ‘sales’ as a line item in a set of financial statements, the external audit will focus primarily on the existence, completeness, accuracy, classification, timing, and recording and summarization of the sales numbers.
The internal audit will go beyond those assertions and look at sales operations in a much broader context by asking questions regarding the target market, sales plan, organisation structure of the sales department, qualifications of the sales personnel, effectiveness of the sales personnel, effectiveness of the sales operations, measurement of sales performance, and compliance with sales performance, and compliance with sales policies. These questions should probe the very core of the sales operations and can greatly impact the sales numbers recorded in the financial statements. For example, assume a sale of 3 million, the external auditor has merely to render an opinion regarding the validity of the number. The internal auditor, however, is in a position to ask whether, this number really should have been $5 million, if the right market had been targeted, and if operations had been effective in the first place.
Internal auditors represent an integral part of the organisation of which the Chief Internal Auditor (CIA) reports administratively to the Chief Executive Officer and technically to the Audit Sub-Committee of the Board. This reporting function helps strength the CIA’s independence and objectively. The relationship is consistent with IIAG’s Standards. Conversely, external auditors are not part of the organisation, but are engaged by it. They are appointed by the shareholders of a company, and appointment usually comes through discussion with the directors.
Evolution of Auditing
Business growth, globalization and corporate scandals, among others have changed the thrust of the internal audit profession in recent years. In yesteryears internal auditing had focused on compliance with accounting and operational procedures, verification of calculation accuracy, fraud detection, and protection of assets. Gradually, new dimensions are being added that ranged from an evaluation of financial management and compliance risks, to an assessment of controls and governance.
Yet, despite the differences in activities, internal and external auditors are benefiting from their complementary skills and areas of expertise. They should meet periodically to discuss common interests, strive to understand each other’s scope of work and methods, discuss audit coverage and scheduling in order to minimize redundancies, jointly assess areas of risk management, controls and governance, and to provide access to each other’s reports, programs and working papers. In coordinating their audit work, the goal is to increase the economy, efficiency and effectiveness of the overall audit process.
Despite the key similarities and differences that exists between internal auditing and external auditing, nonetheless, both audit types, and the respective services they provide, are indeed essential to maintaining and efficient and effective governance structure. That being said, with a greater understanding of each other’s unique perspective, both audit groups can maximize their aggregate contributions and help ensure organizational success.