Internal audit is a function that, although operating independently from other departments and reporting directly to the entity's audit committee or president, resides within an organization (i.e., they are company employees or outsourced). Responsible for carrying out audits (financial and non-financial) within a wide range of areas within a company, as indicated by the annual audit plan. The internal audit look is focused on the key risks facing the company and what is being done to manage these risks effectively, to help the organization achieve its objectives. For example, they may look at risks to the company's reputation, such as the use of cheap labor in foreign countries, or strategic risks, such as the production of many products compared to available resources, assessment of internal controls, etc.
In the current economic scenario, developing a strategic vision is one of the main challenges for internal auditing. Its professionals need to verify and evaluate operations to effectively minimize the likelihood of fraud or errors. Therefore, the main objective of internal audit services is to add value and improve an entity's operations through a systematic and disciplined approach, which evaluates and improves the efficiency of risk management, control and governance processes.
Internal audit professionals need to understand not only the company's internal processes, but also the business area in which it operates. They must be highly qualified and have extensive experience in different business areas, develop strategic vision and easily identify the risks to which the company is vulnerable.
These professionals have high strategic vision and offer services that help transform the company's internal audit function, by expanding coverage, improving quality and greater efficiency, using experienced professionals and advanced methodologies and tools to carry out internal auditing.
Internal audit planning also helps in establishing a plan that enables an appropriate balance between audit activities compliance, risk management and development of opportunities. When reviewing the structure, internal audit helps the company in developing its mission and policies, creating a risk-based audit plan, analyzing its people model options and selecting appropriate methodologies and technologies.
Internal auditing also offers process auditing with a focus on risks and controls, that is, specific actions that help the company achieve its strategic objectives through a disciplined and systematic approach to improving risk management, processes and governance controls.
Other various services are offered by internal audit professionals, such as auditing focused on financial integrity, which involves balance sheets, costs and internal alignment of the company and certification of controls to comply with Sarbanes-Oxley laws, and also technical and operational auditing, which performs audits on information technology, contracts with third parties and joint ventures, assessment of royalties, rights and obligations.
External auditing is recommended for different sizes of companies, as it is a fundamental procedure for corporate governance. External audit comprises a systematic and independent examination of an organization's books, accounts, legal records, documents and vouchers to determine how the financial statements as well as non-financial disclosures present a true and fair view.
The independent auditor perceives and recognizes the propositions. It carries out examinations, obtains evidence, evaluates it and formulates an opinion on the basis of its judgment, which is communicated through its audit report. So how do we understand the cooperation between internal audit and external audit?
What can be analyzed by the external audit?
The objective of external audit is to provide assurance to third parties and various interested parties that the matter is free from material misstatement. The term is most often used for external auditing of financial information. Other areas that are commonly audited include: accounting audit, internal audit, internal controls, quality management, project management, water management, and energy conservation, etc. As a result of an audit, stakeholders can effectively assess and improve the effectiveness of risk management, control and the corporate governance process.
The origin of the term “audit”:
The word audit is derived from the Latin word “audire”, what does it mean to listen. During medieval times, when manual accounting was prevalent, auditors in Britain used to hear the accounts read to them and check that those involved in the organization were not negligent or that there had been fraud. Nowadays, external auditing offers a multitude of contributions on technical-accounting topics, taxes, internal controls, corporate governance, business advisory, internal auditing, risks, compliance and many related topics.
An external audit is an independent examination of the financial statements prepared by the organization. It is generally carried out for statutory purposes (because the law requires it), but hiring an external auditing company can support corporate governance with diagnoses, accounting, tax, internal controls and numerous related topics.
An audit results in an audit opinion on whether the financial statements give a “true and fair” view of the organization's financial and economic position and operations for the period. One external audit it may be conducted as part of the annual account review or as a special review for specific periods and areas. It is carried out by a registered company of accountants with recognized professional qualifications, such as CRC, CVM, IBRACON, CPA, ACA or ACCA.
The external audit is of the organization, which means that the auditor must not have been involved in maintaining accounting records and not be personally connected in any way with the organization being audited. The auditor and the auditing company must comply with standards and document the procedures that guarantee this independence, which is the subject of inspections by regulatory entities such as CRCs and CVM.
The purpose of the external audit:
The objective of the external audit is to verify that the annual accounts provide a true and fair view of the organization's finances; and that the use of funds is in accordance with the formal objectives and objects of the entities. It is not the primary role of the audit to detect fraud, although this may obviously come to light during the checks that take place.
The objective of external auditing in process improvement:
The auditor only has a limited time to plan, execute and complete his work. Thus, the auditor focuses on testing the validity of a sample of operations and results, rather than vigorously checking everything. The audit should be a positive experience and not one to be feared; It is an opportunity to receive feedback on systems strengths and weaknesses. Use your auditor to discuss ways to improve your accounting systems and procedures and always encourage the submission of a letter of recommendation, which summarizes findings, highlights weaknesses and makes recommendations for improvements.
A external audit is an independent body that resides outside the organization that is the audit. They are focused on financial, accounting and economic information or risk associated with finance and are appointed by the company's shareholders/owners. The main responsibility of the external audit is to carry out the legal review of the annual (quarterly or semi-annual) financial information, providing an opinion on whether they are a true and appropriate reflection of the company's financial position. As part of this, external auditors must often examine and evaluate the internal controls implemented to manage risks that may affect financial, accounting and economic information, to determine whether they are functioning as expected.
Understand how cooperation between internal audit and external audit can help with corporate governance, working as a team to obtain better results
Although internal audit, external audit and audit committee have different roles, their functions often intersect. External auditors may use the work of internal auditors to the extent permitted by auditing standards and regulators. The audit committee, in turn, hires the external auditor and often oversees the internal audit work.
The intersection between audits
Cooperation between internal audit and external audit is sometimes an undefined point in practice. Over the past few years, there have been occasions when external auditors have relied on the work of internal auditors without a sufficient basis for doing so.
As a result, external auditors may be unwilling or unable to rely on the work of internal auditors. Audit committees may be reluctant to have internal audit work very much as an extension of external auditors, doing tests on internal controls when internal audit has many other functions.
Aspects between cooperation between audits
Efforts to intersect functions between internal audit, external audit and audit committees can be crucial for raising the level of corporate governance, so this process can take into account the following aspects:
- Frequent communication between external and internal auditors can eliminate duplication of work and improve audit quality. Formal and informal channels of communication between the audit committee, external auditors and internal auditors are necessary.
- Internal auditors receive training on the audit evidence that external auditors may want.
- Audit committees can act as intermediaries in managing expectations for external and internal auditors, and can facilitate communication between them.
- Internal audit's role in external auditing should not be considered less relevant than the other internal audit services provided to the organization.
- In circumstances where external auditors frequently engage with internal audit, they are well positioned to share their observations of internal audit performance with the audit committee.
PERFORMANCE OF AUDIT COMMITTEES IN THE CAPITAL MARKETS
Auditing is extremely important for the capital market, as it helps to ensure that the financial information disclosed by companies is accurate and reliable. This is essential so that investors can make informed investment decisions with lower risk.
An audit is an independent process of reviewing a company's financial statements, carried out by an external and independent auditor, who verifies whether the accounting and financial information provided is accurate, reliable and in accordance with applicable accounting standards and principles.
Investors benefit from the information provided by the audit in several ways, such as increasing the reliability of the financial information provided by the company, allowing investors to make more informed investment decisions. Another benefit is the identification of risks and opportunities, as the audit helps identify financial and business risks as well as growth opportunities, allowing investors to better evaluate the risks and opportunities associated with an investment.
The audit also helps to ensure that the company is in compliance with applicable rules and regulations, thereby minimizing the risk of fines and other sanctions, which can negatively affect the value of the company's shares. Additionally, it provides investors with greater transparency into the company's accounting and financial practices, allowing them to better understand how the company operates and how it uses its resources.
In this context, audit committees are bodies created by publicly traded companies to assist in supervising the company's audit, internal control and financial disclosure activities. These committees are made up of independent members of the company's board of directors, with skills and knowledge in finance, accounting and corporate governance.
The role of audit committees is extremely important for the capital market, as they act as an additional line of defense to ensure the integrity and transparency of financial information disclosed by companies.
Some of the key responsibilities of audit committees include:
- Supervision of audit activity: the audit committee is responsible for supervising the activities of the external auditor, including the selection and appointment of the auditor, as well as the evaluation of the auditor's performance;
- Monitoring internal control: the audit committee is responsible for monitoring the effectiveness of the company's internal control, including the identification and assessment of financial and business risks;
- Review of financial statements: the audit committee is responsible for reviewing the company's financial statements before disclosure to ensure that they are accurate, reliable and in compliance with applicable accounting standards;
- Supervision of financial disclosure: the audit committee is responsible for supervising the company's financial disclosure, ensuring that financial information is disclosed in a transparent and consistent manner;
- Assessment of corporate governance: the audit committee is responsible for assessing the company's corporate governance, including policies and practices related to risk management, business ethics and regulatory compliance;
Audit committees play a crucial role in the capital markets, helping to oversee the auditing, internal control and financial disclosure activities of publicly traded companies. By ensuring the integrity and transparency of financial information, audit committees help maintain investor confidence in the capital markets and promote a culture of responsible and ethical corporate governance.
Cooperation between internal and external audit is crucial to ensuring a comprehensive and effective assessment of an organization's internal controls, processes and financial reporting. Both internal and external audit play distinct but complementary roles in assessing corporate governance and mitigating risks.
Find out more about our audit services:
Please contact TATICCA Allinial Global Brazil, which operates with integrated audit, internal audit, accounting, taxes, corporate finance, financial advisory, risk advisory, technology, business consultancy and training services, for more information, at www.taticca.com.br or email taticca @taticca.com.br and find out more. Our company has certified methodologies for carrying out activities.