INTERNAL AUDITING 101

August 21, 2020 VMS Internal Audit 1

Basics of Internal Auditing

Welcome to Internal Audit 101 series. There are few questions that I come by on regular basis from most of the people who are not part of this field and also have discussed on one of the key aspect of the internal audit which has remained stagnant for quite some time now. I will be posting articles in the future that help understand the internal audits performed in different areas with a simplified approach. Happy Reading !

What is Internal Audit?

Internal audit is an independent assessment of how effective an organization’s risk management, processes and governance is.

Yes, So why Internal Audit?

The aim of internal audits is to identify weaknesses within the organization’s processes and control environment internally so that they can be fixed as quickly as possible to prevent harm to the organization or its stakeholders. Accordingly, the internal audit plan for an organization should be driven by risk basis or, in other words, be designed to examine those areas that present the greatest risk to the company.

Then, what is the difference between the Risk Management Department & the Internal Audit Department in a company?

This question is usually raised because in some companies the Chief Risk Officer (CRO) and the Head of IA are the same people. Risk is considered the second line of defence (Operations being the first line) & the Internal Audit is considered the third line of defence.

Risk looks at the future, what could potentially be the risks in the event of a process not functioning properly. Risk management function addresses the risk in such a fashion that it ensures the recurrence is prevented.

Internal Audit looks at the past, the reason why some people consider this as post mortem. Internal Audit looks at the events that have happened and assess if the internal controls placed have failed in providing the necessary assurance of proper functioning.

What is it that internal Auditors do?

The main question to ask in the process of an internal audit is the question “Why?”, Once the Why is asked, the What, Where & How will automatically follow. Following are the stages in IA process:

Am I an internal Auditor?

Every single one of us has been Auditor at some point in time. The moment we examined a product on the super market shelf to assess if the product is expired or contains any chemical that may be harmful to the body. The moment we picked up alternate shopping portal online to assess if the product is available for at a lower rate in a different website, and when we examined the product received against the specifications. We have been an internal auditor at least. It is all about how well you ask the question “Why?” and make the best use of your common sense.

What are the major Internal Audit procedures?

All the process/procedures as part of IA are important. I have discussed about reporting in the next section, which has not been included above.

Reporting

Internal auditors are well known for their writing skills considering the fact that it is mostly negative in nature. For years, the internal auditors have constantly used templates prepared by the organization and used the same set of wordings without much changes in order to report an issue.

Could there be a different way in which Internal Auditors communicate their output to the management?

This again is possible with the influence of “Why”. I believe that using the influence of “Why” changes the way we write and the content of our writing. Internal Auditors should start using story telling as means to effective reporting, since the management is no longer interested in hearing the same story over and again.

Internal Auditors mostly remain analytical in the work performed by them. Their creativity is tingled only at the time of thinking of different ways in which an audit could be performed in order to save time or to find the fraudulent activity as usually this is not done by the books neither are there any hard and fast rules to apply.

Creativity can be best used at the time of reporting with data visualisation and storytelling can be put to best use. I will be explaining how to use story telling as a means to improve on the reporting by internal auditor in detail in my next article. Until then Ciao!

Thanks for reading!

About VMS 36 Articles
An Internal Auditor by profession and passionately taking my baby steps into data science with hope to contribute something valuable to the society someday. This blog is a long time dream and thanks to the lock down due to the pandemic it sees it's fruition. My posts will predominantly be on Internal Audit & Data Analytics & related posts, but will also have useful posts & quizzes related to courses relevant to the main topics & also certain irrelevant topics on my travel, music, movies and few other things I try my hands on. Hoping my posts help you learn new things, inspire you to do new things if not somewhat enjoyable. Happy Reading ! Connect with me here > https://www.linkedin.com/in/meenakshi-sundaram-b18a4399/

1 Comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.