Internal audits are subjected to company’s internal controls which includes corporate governance and accounting processes. It operates and manages legal compliance along with efficient financial reporting and collection of data. It also helps in maintaining operational efficiency by identification of problems and reforming lapses before they get discovered and identified in conduction of external audit. It is a way which provides an opportunity for firms to undo their wrongs and work effectively. It essentially focuses on possible areas for reformation and how that can be strengthened. Also, adding value to firm’s governing mechanism.
There is need for every entity to form a strategically directed internal audit department for the forging of informed decisions by management. TheInternal auditors assist in management with of this task by providing a focus on risk management and the implementation of more draconian internal controls to manage prospective vulnerabilities. Internal auditing teams helps management to direct efforts towards more risk oriented areas, thereby resulting to enhancement of overall efficiency process along with addition of value within entity’s existing set of resources.
Internal control is a process. It’s a means to a finishing point in itself. Internal control is affected by people as a team, not by internal auditor. It’s not merely policy manuals & forms, but people at every level of organization. Internal control can be expected to provide only reasonable assurance, not absolute assurance, to an entity’s management and governing bodies. It uses systematic methodology for analyzing business processes, procedures & activities. The cost of Internal Audit should not be expected benefits to be derived.
The Internal Auditing profession evolved mercurially with the progress of management science after World War II. It is conceptually similar in many ways to financial auditing by public accounting firms, quality assurance and banking compliance activities.
Internal auditing can involve conduction of proactive fraud audits for identification of potentially fraudulent acts. Therefore, participating in fraud investigations under the directions of fraud investigation professionals, and conducting post investigation fraud audits for identification of control breakdowns and establishment of financial loss. Factually, internal auditors are not responsible for the execution of company activities; they only advise management and the Board of Directors regarding how in a better way they can execute their responsibilities.
The Institute of Internal Auditors is the recognized international standard setting body for the internal audit profession and awards the Certified Internal Auditor designation internationally through rigorous written examination.
There are two clauses, entities should be mindful while approaching internal audit:
- Listing Agreement- Clause 49: Keeping the importance of the internal audit function in mind, the Securities and Exchange Board of India (SEBI) introduced specific mandatory and recommendatory corporate governance provisions in Clause 49 of the Listing Agreement applicable to listed entities.
- Companies Act 2013 (Previously Section 292A of the Companies Act, 1956)-Section 177:This sectionrequire the internal auditor to attend and participate in the meetings of every listed company, Unlisted public companies with paid up capital not less than INR 10 crore, all private limited companies with paid up share capital not less than INR 20 crore or more, all companies with paid up share capital of below the threshold limit mentioned in (2) and (3) above, but with public borrowings from financial institutions, banks or public deposits of rupees INR 50 crore or more.
Internal auditing professional standards require the function to evaluate the effectiveness of the organization's Risk management activities. Risk management is the process by which an organization analyzes, responds, identifies, gathers information about, and monitors strategic risks that could potentially impact the organization's ability to achieve its objectives.
The philosophy and approach of internal auditing is derived from the work of Mr. Lawrence Sawyer. His philosophy and guidance on the role of internal audit was a predecessor of the current definition of internal auditing. It emphasized assisting management and the Board in achieving the organization’s objectives through well-reasonedevaluations, audits and analyses of operational areas.