Академический Документы
Профессиональный Документы
Культура Документы
Audit committees
An audit committee is a committee is a committee consisting of non-executive directors which is
able to view a company’s affairs in a detached and independent way and liaise effectively
between the main board of directors and the external auditors.
Best practice for listed companies:
The company should have an audit committee of at least three non-executive directors (or, in
the case of smaller companies, two.
At least one member of the audit committee should have recent and relevant financial
experience.
It acts as a watchdog over each one and the entire/total controls designed and maintained by the
company.
The objectives of the internal audit functions will depend on the size and structure of the
company together with the responsibility assigned to the department by the management.
Disadvantages
1. The management may put overreliance on the department, relax their supervision which
the staff may take advantage to perpetrate frauds
2. The management may deny the departments due independence which may make it
inefficient
3. It is only ideal for large organizations since it is expensive to install and maintain by the
small companies.
4. The management may ignore the recommendations made by this department. This lowers
the morale and ability to perform their functions effectively
5. The external auditor may depend on this department and relax their audit tests which may
leave errors and frauds undetected.
Before deciding whether to rely on the work of the internal audit function with the intention of
reducing audit procedures/tests and time to be spent in the business, the external auditor should
determine how such reliance should be placed on the work of the department. For this purpose he
should consider the following factors:
1. Technical competence and experience – the external auditor, should review whether the
Internal Audit staff possesses the knowledge, skills and experience to perform the Internal
Audit work.
Other issues to consider include:-
a) Whether the internal Audit staff has any professional affiliation i.e. they are members of
ICPAK or institute of Internal Auditors.
b) Whether the head of Internal Audit has sufficient experience obtained as a result of working
for different organizations.
If the above matters are appropriate, the external auditor will place more reliance.
2. Scope of work- The external auditors should review whether the internal audit has
unlimited access in reviewing the entire operating activities of the company in case of any
restrictions placed by the management, it means that some of the departments may not be
audited and there’s a high chance of errors and frauds to occur. However, if there are no
restrictions and management acts on recommendations of Internal Auditor, then more
reliance will be placed.
3. Professional Due Care- External Auditor should evaluate whether the work of internal
auditor is properly planned, supervised, directed, recorded and reviewed. The existence of
audit plan, audit manuals and work papers provide evidence that the work is carried out in a
professional manner and more reliance will be placed.
4. Reporting standards- useful Internal Audit will provide high standard reports which are
acted upon by the management.
5. Resources Available- An internal Audit Department that is strained of resources will not be
very useful to the external auditor.
6. Independence- the Internal Auditor may be an employee of the organization but he may be
able to organize his own activities and report his findings to the management. An internal
auditor on whom the external auditor places reliance must be independent and be able to
communicate freely with the external auditor.
7. Consider the past experience with the internal auditor in terms of the degree of cooperation
received from them in the previous audit.
8. Consider efficiency of the ICS- the more efficient the system, the higher the reliability that
can be placed on the work done by internal auditor and vice versa.
- The assessment of Internal Auditor should be thorough and should be fully documented and
included in the work papers.
- If the conclusion is that, the I.A department is weak or unreliable, then this fact should be
communicated in the external auditors report to the management.
Special Ways of Reliance/ Extent to which external Auditor can rely on the Internal
Auditor.
1. The internal auditor may explain to the EA areas of weaknesses in the ICS so that the
external auditor may carry out more audit tests on those areas.
2. The E.A may use the I.A work papers in order to gather evidence of the company’s operation
programs or tests.
3. The I.A may explain to the E.A the technical operations and controls used by the clients
which may be beyond the E.A understanding.
4. The I.A may observe the following procedures on behalf of the E.A
a) Stock taking procedures
b) Wages payment procedures
c) Cash count procedures
d) Branch visits.
e) Follow up of the auditor’s correspondence with 3rd Parties.
5. The I.A may verify mobile assets on behalf of the E.A if the external auditor has not been
able to do so during his visits. In such cases the I.A needs to give the certificate of existence
of those assets to the E.A confirming that they have been verified as existing.
6. The I.A may prepare schedules of accounts to be used by the E.A for their review e.g. fixed
assets movement schedule, aged debtors analysis, tax payable, movement schedule etc.
7. The I.A will safeguard the company’s assets and ensure that the company maintains proper
books of accounts and this facilitates the work done by the external auditor.
8. The presence of the I.A may reduce chances of errors and frauds thereby reducing the
amount of work the external auditor has to do.
1. Both are concerned with the strength of the company’s ICS. Both will evaluate the
effectiveness of ICS and make appropriate recommendations.
2. Both have an interest in the proper books of accounts being maintained by the company a
required by the company’s act.
3. Both carry out independence review of the company’s operations to ensure they are run
as per the company’s act.
4. They are concerned of appropriate safeguard over the company’s assets.
5. Both submit a report concerning review of company’s operation which is to assist
management take appropriate action.
6. Use similar techniques in the conduct of audit e.g. tests to be carried out audit
programmers etc.
7. They adhere to the professional ethics in the conduct of audit
8. They may undertake continuous audits especially in big enterprises with large
transactions to enhance the operations efficiency.
Benefit to the internal auditor where there is close coordination between with the external
auditor
1. Internal audit will benefit from management letter as it will be used to boost the strength
of ICS and enforce internal audit recommendation to the BOD
2. Internal audit will use of contents of the management letter with authority to facilitate
change in the company and increase the companies efficiency.
3. He will use the experience of external auditor which he has gained from the wide
exposure to the various companies such experience will enable him to improve the
companies operational efficiency and the controls.
4. The co-operation will boost the confidence of management in the internal audit work and
this will help to conduct efficient internal audits.
5. Auditor will obtain advice on the ways to improve the ICS audit test to be carried out and
the work programs to be designed.
1. Internal auditor can pinpoint the weaknesses in the ICS so that the external auditor can
concentrate the audit test on such areas.
2. He can use the internal working papers to gather evidence concerning the company’s
operations.
3. He can assist the auditors in explaining the technical operation or controls used by the
client that may be beyond the external auditor understanding.
4. He can undertake the verification of assists e.g. mobile assets which the auditor may not
have the chance to physically inspect e.g. goods which are in the arms of agents, motor
vehicles etc.
5. He will prepare schedule relating to the items in the accounts e.g. fixed assets schedule,
creditors schedule, debtors schedule etc.
6. He will assist the external auditor in giving the feedback as regards the efficiency of the
management in their routine controls this will act as the basis of writing the management
letter.
7. He will assist the ex-auditor in ensuring that the company keeps proper books of
accounts/.
8. He can undertake the following task on behalf of external auditor e.g. counting of cash at
the branches stock taking etc.
Factors that have contributed to the fast growth of internal audit function
1. Size of modern business. There has been an increase in the size of modern books which
has reduced the efficiency of the management to have full control over the business hence
the need for the internal audit to boost such control.
2. Dynamic businesses – due to the changes in technology, a number of companies have
become so dynamic such that these controls have to be updated from time to time or on
continuous basis. This calls for the constant feedback to ensure that the controls are
adequate and operating effectively.
3. Compensation – in a perfect competition, companies can only survive if they are
operating effectively and these calls for adequate control and cost effectiveness and
operations which are only possible with the assistance of internal audit.
4. Evolution of IT – the increased use of computers has reduced the ability of accounting
department to keep close scrutiny of the accounting transactions. This has created gaps in
the auditing standards which are filled by the internal audit department.
5. Regulatory requirements – the company’s act provides that the management puts in place
adequate systems of control to regulate the operation. The internal auditor should report
the adequacy of control to the management so that necessary improvements can be
carried out.
6. The coming up of mergers, acquisitions and takeovers – this has necessitated the expert
controls in the subsequently formed companies hence the need for internal audit.
To ensure independence, the scope of work of the internal audit department should be decided by
the chief internal auditor, perhaps with the assistance of an audit committee.
Audit work
The chief internal auditor may audit their own work. This limits independence as the auditor is
effectively auditing his own work, and may not therefore identify any mistakes.
To ensure independence, the chief internal auditor should not establish control systems in the
company. However, where controls have already been established, another member of the
internal audit should carry out the audit of that system to provide some limited independence.
Lengths of service of internal audit staff
All internal audit staff may have been employed for a long period of time. This may limit their
effectiveness as they will be very familiar with the systems being reviewed and therefore may
not be sufficiently objective to identify errors in those systems.
To ensure independence, the existing staff should be rotated into different areas of internal audit
work and the chief internal auditor independently review the work carried out.
Appointment of chief internal auditor
The chief internal auditor is appointed by an executive director/CEO. Given that the CEO is
responsible for the running of the company, it is possible that there will be bias in the
appointment of the chief internal auditor; the CEO may appoint someone who he knows will
criticize his work or the company.
To ensure independence, the chief internal auditor should be appointment by an audit committee
or at least the appointment agreed by the whole board.
Variation of standards
Standards for audit are not uniform across the profession. Compares this with external auditors
who, on a global basis, have ISAs against which their performance can be measured.
TEST OF CONTROLS
Tests of control are distinguished from substantive tests
which are designed to detect material misstatements in the
financial statements.
Deviations in the operation of controls (caused by change of staff etc) may increase control risk
and tests of control may need to be modified to confirm effective operation during and after any
change