17 Pages
4352Words
Introduction of Assurance And Risk Assignment
Get free written samples from expert assignment writers and academic writing services in UK.
Internal audits examine an organization's corporate controls. Internal audits examine an organization's corporate procedures, such as corporate governance as well as financial procedures. Such audits verify that rules and standards are followed, and that accounting information and extracting information are precise and reliable. Internal audits generally give administration the tools it needs to improve administrative effectiveness by detecting concerns as well as fixing gaps even before an independent audit finds them. Internal audits might happen every day, every week, every month, or every year. It is indeed possible that certain sectors get audited more regularly than others. A mass production, for instance, might well be inspected regularly for quality assurance, however the personnel management division would only be examined once every year. Audits can be organized to provide management time to acquire as well as analyze the necessary papers and evidence, or they might be unexpected, particularly whenever ethically questionable or unlawful action has been detected.
Internal audits enable a level of uncertainty monitoring as well as prevent against fraudulent activity, inefficiency, or exploitation, in contrast to assuring a corporation's conformance with rules and standards. Internal audits give administration with recommendations for improving present procedures that have not been working as they ought to, such as technology infrastructure as well as inventory planning. Organizations will have to safeguard their proprietary digital data from external attackers, consequently cyberattacks have become more and more crucial. Considering this fact, the need for internal auditors is getting more relevant nowadays.
Generally, the IA role concentrates on providing assurance on entrepreneurial vulnerabilities including constraints. However, as hazards have grown in number and complexity, IA has been depended upon to provide a larger number of solutions, frequently on tight deadlines. IA does have commitments in certain circumstances, such as at banking firms, for administration, security management, as well as a safety and compliance atmosphere which has been in the attention in recent decades.
The latest turmoil had also recognized the fact to a few major corporations. Such companies noticed the destructive wave building up in advance of the epidemic as well as began to prepare. Especially innovative companies, meanwhile, will have to re-calibrate for such a post-COVID-19 world of quicker economic cycles as well as levels of innovative thinking. Every transformation will have to be weighed against legislative requirements for such corporations, notably banking services companies.
This is always a struggle to strike a balance between quickness and rigour as well as thoroughness. Production runs for auditing and monitoring are frequently excessively prolonged, therefore they possess the flexibility necessary in a competitive setting. New technology, more efficiency, as well as improved reporting systems can help audit services adapt. Faster audit cycles and more timely reporting are possible with these types of technologies. At the same time, IA teams should make sure that control monitoring of second-line functions is included in the scope of scheduled reviews. Second-line monitoring should not be tested in the same way as second-line functionality. Rather, it should make sure that the activity is efficient and adds value to the control process, and that it is focused on the most important risks and vulnerabilities.
The current essay aims to evaluate the depth of internal audit considering the relevant factors in the current business environment. It also analyses the data by focusing on the relevant theory and collecting existing information from previous studies.
Discussion
Nature, purpose and scope of internal control audit processes within business organizations as tools to reduce business risks
Internal controls seem to be the methods that a company employs to mitigate hazards and prevent corruption. The control ecosystem, financial accounting, as well as processes known as control operations make up the internal control framework. The Committee of Sponsoring Organizations (COSO), an individual, private organization whose five sponsorship entities resolve current specialized financial reporting concerns or initiatives on a regular basis, assembled a few years ago to handle the problem of internal control weaknesses in companies' procedures and financial reporting processes. They followed up with the publication of COSO's Internal Control-Integrated Framework (Kral, 2018).
As per the above figure, the internal controls triangle is made up of the five elements they discovered were required in an efficient internal control structure. In terms of purpose, several firms confront different sorts of risk, however when internal control mechanisms are missing, deception, asset misappropriation, as well as personnel or workforce misconduct are all possibilities (Handoyo and Bayunitri, 2021). Internal control safeguards a company's earnings and, as a consequence, keeps it from infringing any laws, while always correctly recording the company 's commercial operations in its assets and liabilities. The operating income, which is used by shareholders to evaluate an organizational value and includes all organizational and employee actions, is generated using precise financial information. Internal controls comprise not just reviewing how matters are reported in the organization's economic accounts, but also linking financial records with the firm's business expansion.
The scope of internal control audits in preventing business risks are immense nowadays. Internal controls help to reduce the corporation's damage due to personnel or management misappropriation or mishandling of cash. Internal controls help to prevent risk by preventing corruption and economic damage caused by stealing or even other unauthorized activities (Chen et al., 2020). Monitoring monthly bank balances as well as performing internal audits to secure inventories or even resources are examples of this. Certain internal controls might need some supplier or worker permission before operations could proceed.
Accounting and internal control risks and systems
An adequate internal control system could help to reduce the hazards that could undermine the attainment of the goals. Deficiency of a good internal control framework, improperly structured operational processes, Information security threat, authenticity as well as ethical danger, potential failures, as well as compliance issues are all frequent internal control hazards in business (Chalmers, Hay and Khlif, 2018). There are several basic hazards that any firm must address while creating internal control procedures.
Responsibilities are segregated to a certain extent: There must be no one individual in charge of operation approvals, recordkeeping, as well as ownership of the damaged resources of operations. Due to insufficient workforce, small businesses might well have difficulty establishing adequate division of jobs, but larger corporations could also have problems whether the segmentation is not correctly constructed.
Compensation controls, such as oversight, supervision, and monitoring by management or those responsible with administration, are needed in small companies to assist guarantee the purposes are reached.
Values: A firm ought to have faith in its workers to be excellent staff as well as accomplish their jobs more effectively of their abilities, however this faith must not be at the detriment of internal control systems (Akhmetshin et al., 2018).
Manipulation of Restrictions by Management: Since management is largely willing to take responsibility for the conception, execution, as well as administration of internal controls, there seems to be a risk that management may ignore them (Chen et al., 2020). It is indeed a vulnerability that is difficult to eliminate even when an executive does have the potential as well as a motivation to overcome safeguards as well as conduct deception, including such performance objectives or individual economic difficulties. It necessitates those in responsible of leadership, such as common stockholders, the Board of Directors, or even the Audit Committee, to play an effective role in assessing the threat of deception going to take place at the company as well as evolving extra actions to mitigate the threat of management supersede whether these fraud consequences are recognised. Furthermore, striking the right strategic direction of the company might aid the organization's as well as its workers' authenticity.
Excessive dependence on analytical and preventive measures: While investigative controls might discover whether anything is improper, it might be too late or the destruction has been accomplished (Fernandhytia and Muslichah, 2020). A strong internal control structure includes both investigative and preventive measures. Preventive measures might incorporate elements like regular guidelines and policies instruction, installing login information to restrict accessibility to the platform or certain components within the platform, obtaining multiple identities on reimbursements, or reviewing as well as approving service requests before they are executed.
An auditor would have been unable to detect risks related with the client's internal controls when they do not have a thorough grasp of procedures. As a consequence, they would have been unable to create and execute effective solutions (Ji, Lu and Qu, 2018). Failure to obtain a knowledge of safeguards provides the auditor without the need for an appropriate foundation for assessing the possibilities of significant misrepresentation, since audit processes must be related to the evaluated risks. Only those control actions which are determined and essential to the audit have been anticipated to be understood by auditors.
Control risks and mitigation processes
Audits play a critical role in fostering assurance as well as establishing credibility in monetary data. The principal-agent rivalry represented in agency theory, in which principals lack reasons to believe their personnel due to information imbalances as well as conflicting goals, seems to be crucial to comprehending the audit's evolution through time, along with its effectiveness and objective (Thabit, 2019). Other elements are at action in the current marketplace, when corporations' audited accounting reporting becomes publicly accessible in the public sector, as well as diverse agendas are at stake. A general agency model implies that principals must have explanations to confide their agencies as a consequence of global imbalances as well as self-interest, or rather that they will begin to address such concerns by having in place frameworks that integrate market participants' captivates with principals as well as decrease the context for market imperfections as well as profit maximization (Vitolla, Raimo and Rubino, 2020).
According to Raimo et al., agency theory combines with decision and information theory to explain the audit. In reality, associated with financial data legislation, the need that it accurately as well as appropriately portrays the firm's condition shows, on the one hand, the importance of the financial information provided as a characteristic of the investor's decision-making method (Raimo et al., 2021).
Jachi and Yona (2019) highlighted that the ongoing disunity between property and authority, which encouraged the development of agency theory The emphasis on the confrontation between the leadership as well as the agent has been one of the theory's key essential principles. As a result, in financial theory, it is believed that the shareholders' goal is long-term wealth maximization, and also that the agents, in response, have a proclivity to maximize their own interests, resulting in selfish behavior. While the stockholders' objective is long-term, the agents' goal is short-term, which they attain by achieving huge profits. The essential question in this reasoning is to determine how owners of capital govern the firm’s financial performance (Jachi and Yona, 2019).
Irrespective of scale, structure, function, or sector, all businesses confront risks at various levels. Every firm's capacity to exist, perform effectively in its field, preserve capital adequacy as well as a strong brand persona, and ensure the continued standard of its products, operations, and personnel is affected by risks (Chowdhury and Shil, 2019). As there is no realistic method to decrease hazard to zero, the administration must decide how much danger must be wisely tolerated and attempt to keep risk within tolerable levels by implementing risk-based measures. Risk-based procedures might, in the end, assess hazards and inefficiencies in business processes across economic transactions. A good risk-based controls programme may also aid in the prevention and detection of fraud; such controls should represent the end-to-end operational processes and therefore can assist organizations in identifying process inefficiencies.
Internal control procedures
Internal controls seem to be standards and procedures developed as well as executed to ensure the integrity of financial reporting. Integrity and reliability are paramount in the accounting industry. Because accounting records might contain mistakes, administrators might undertake fully knowledgeable spending decisions without perfect accounting reports. Internal accounting control procedures are classified into seven categories, each with the purpose of reducing deceit and catching mistakes until they generate problems.
An internal control scheme appears to be a set of practices used by a firm to ensure that most of its operations, especially monetary operations, adhere to norms and standards (Henk, 2020). A thorough as well as comprehensive internal control mechanism helps facilitate a company to run smoothly while ensuring total economic and administrative transparency. Following are the seven categories of internal control process.
- Sharing responsibilities for accountancy, deposits, invoicing, and auditing is referred to as separation of duties. The more responsibilities are split, the less likely it is for a single individual to perpetrate fraud.
- Standardizing financial transaction papers, such as invoicing, internal materials requests, stock reimbursements, as well as travel cost reports, can aid consistency in records management over time. When looking for the root of a system inconsistency, using standard document formats might make it easy to go back through old records. In such a review, information might be ignored or misconstrued due to a lack of consistency (Chalmers, Hay and Khlif, 2018).
- Accounting verifications are conducted on a regular period to verify that the amounts in the company billing system correspond to the values in the systems of other parties, such as financial institutions, manufacturers, including lending consumers.
- Applying a dimension of transparency to accounting records by allowing individual executives to approve specific sorts of deals can illustrate that deals have been scrutinized, investigated, as well as approved by responsible authorities.
- A double-entry accounting method improves reliability by ensuring that the books are continuously maintained. Even yet, due to human error, a double-entry mechanism might become imbalanced at any time. Calculating the adjusted trial balance on a daily or weekly basis may provide periodic information into the state of the system (Gatea and Khalaf, 2021).
- Passwords, lockouts, and digital login logs would be used to prevent unauthorized entry out of a financial statement while also offering a mechanism to audit the system's activity to track down the source of mistakes or inconsistencies.
Internal audit procedures
Internal audit procedures are the most necessary content to discuss in the perspective of the current business environment. Internal auditing helps companies verify that their business procedures and product quality are consistent, allowing them to spot flaws and identify any possible for development. Depending on the conformance criteria, the procedure generally checks for the conformance of processes and products. Internal audits, unlike external audits, may not be as thorough as external audits, but they are important in fostering a culture of continual improvement inside the firm. The advent of audit management software, on the other hand, has simplified the procedure (Chang et al., 2019). Many firms still regard internal auditing as a pointless exercise, failing to recognise the value it provides to the company's foundations. As a result, an organization's internal audit strategy should be completely driven by threat, or, in other terms, it should have been structured to analyze the areas that pose the biggest danger to the firm. A portion of an organizational future objective must also be included in the internal audit process. Although internal audit covers a substantial percentage of revenue recognition within the business as it relates to generally accepted accounting standards affecting their accounting information, it also involves internal controls over financial reporting (Mexmonov, 2020). Outside of accounting and finance, organizations realize the necessity for various sorts of evaluations or audits.
Planning, Fieldwork, Reporting, and Follow-up must be the four main elements of an internal audit (KAHYAO?LU, Sarikaya and TOPAL, 2020).
Planning: The internal audit team might very well describe the goals and plans of the audit, critically evaluate audit guidelines (legislation, regulatory requirements, industry best practices, organizational policies, and so on), analyze the findings of various audits, established a timeframe as well as spending plan for the audit, generate an audit plan to be implemented.
Fieldwork: Fieldwork seems to be the genuine auditing process. The audit team will carry out the audit plan at this phase. It also generally implies interrogating qualified people to ensure that they comprehend the procedure and control mechanisms, evaluating necessary documentation as well as artifacts for an instance control execution, testing the controls for a sample over a period of time, documenting the work done, and recognising specific exemptions and guidelines.
Reporting: Internal audit might normally create the independent audit even when the knowledge was disclosed. To avoid misunderstandings and promote the core demographic to understand as well as grasp the report, this would have been prepared in a clear as well as succinct manner. Insights should always be accompanied by specific recommendations that result in urgent process adjustments (Turetken, Jethefer and Ozkan, 2020).
Follow-up: The final stage is critical, although it is almost always overlooked as well as underrated. It is necessary to observe instructions in order to ensure that the recommendations provided in reaction to the findings are implemented (Puad, Abdullah and Shafii, 2020). Even though a corporation fails to fulfill through on proposals, this is unlikely that enhancements would be adopted.
Awareness for internal audit horizons
Internal audit functions are changing because of disruptive influences such as the COVID-19 pandemic, as well as social, climate, as well as geopolitical issues. Throughout organizations, there is an ever-increasing reliance on technology. It currently underlies practically every aspect of a company's operations (Koutoupis, Pazarskis and Drogalas, 2018). Furthermore, technology is becoming more complicated, and its influence on business is expanding at a faster rate. Along with these rapid technical advancements, the actual issue has become increasingly important in business and society. Strategic plans usually have a one- to three-year duration. Extending that horizon might make it more difficult for the internal audit team to spot longer-term changes in personnel, technology, as well as processes. Irrespective of apparent limits, such as the price and efficiency of expertise, internal audit must conduct activities to establish its strategic needs (Alzeban, 2019). The approach must develop necessary actions to satisfy the requirements after they have been determined. These acts can be minimal in scale, such as subscribing to a proof of concept, as long as they are intended to pave the way for larger projects.
Issues relating to internal controls and audit
IA functions are under pressure to provide proper assurance coverage while also delivering insight and benefit in an expanding "real-time" approach (Roussy and Perron, 2018). Audit committee members and boards of directors are becoming extremely concerned in a holistic perspective of risk coverage provided by assurance services, as well as cooperation between these activities.
According to Oladejo et al., (2018), Financial crime as well as compliance with any international sanctions are major concerns for the commercial services industry. After breaking sanctions, a number of institutions have already incurred substantial fines, mostly due to a breakdown in their screening procedures. Businesses need to build a machine learning model that investigates ways to reduce the amount of wrongful convictions produced by the corporation's screening system leveraging information from the preceding two years to help address that concern. The fact that the Sanctions Alert Classifier is controlled machine learning, accessible, yet auditable is significant to the auditor since every incorrect positive could be justified.
Internal auditors must also consider the human aspect of technology, namely how employees interact with the system. As argued by Turayev and Ochilov (2018), as the number of cyber-attacks grows, so does the number of new cybersecurity rules and regulations. Internal assurance must include this into their existing processes. Many legislation provide auditing powers, which allow governments to inspect the activities of businesses. Some countries, such as China, have data localization laws, requiring that data about Chinese personnel be kept within the nation.
Conclusion
Based on the above discussion, it can be concluded that businesses must retain audience awareness and ensure messaging is both trustworthy and comprehensible, even as complex data approaches become more prominent in audit work. It can be recommended that incorporating qualitative material that supports quantitative results in the audit's conceptual and operational context gives audit findings more legitimacy and increases the probability that recommendations will be followed. Internal auditors must possess certain technical skills and demonstrate a commitment to continuous quality improvement in order to stay current with evolving business practices and provide a value-added solution in their audit procedures. Moreover, they ought to be specialists in the field of internal control, as well as they must employ their skills and knowledge to assess their businesses' internal control systems and provide recommendations for changes that would considerably aid effective governance.
References
Akhmetshin, E.M., Vasilev, V.L., Mironov, D.S., Zatsarinnaya, ?.I., Romanova, M.V. and Yumashev, A.V., 2018. Internal control system in enterprise management: Analysis and interaction matrices.
Alzeban, A., 2019. Influence of internal audit reporting line and implementing internal audit recommendations on financial reporting quality. Meditari Accountancy Research.
Chalmers, K., Hay, D. and Khlif, H., 2018. Internal control in accounting research: A review. Journal of Accounting Literature.
Chalmers, K., Hay, D. and Khlif, H., 2018. Internal control in accounting research: A review. Journal of Accounting Literature.
Chang, Y.T., Chen, H., Cheng, R.K. and Chi, W., 2019. The impact of internal audit attributes on the effectiveness of internal control over operations and compliance. Journal of Contemporary Accounting & Economics, 15(1), pp.1-19.
Chen, H., Yang, D., Zhang, J.H. and Zhou, H., 2020. Internal controls, risk management, and cash holdings. Journal of Corporate Finance, 64, p.101695.
Chowdhury, A. and Shil, N.C., 2019. Influence of new public management philosophy on risk management, fraud and corruption control and internal audit: Evidence from an Australian public sector organization. Accounting and Management Information Systems, 18(4), pp.486-508.
Fernandhytia, F. and Muslichah, M., 2020. The effect of internal control, individual morality and ethical value on accounting fraud tendency. Media Ekonomi Dan Manajemen, 35(1), pp.112-127.
Gatea, A.K. and Khalaf, S.N., 2021. The role of internal control procedures in enhancing the quality of financial statement and its impact on investment decisions. AL-Anbar University journal of Economic and Administration Sciences, 13(1).
Handoyo, B.R.M. and Bayunitri, B.I., 2021. The influence of internal audit and internal control toward fraud prevention. International Journal of Financial, Accounting, and Management, 3(1), pp.45-64.
Henk, O., 2020. Internal control through the lens of institutional work: a systematic literature review. Journal of Management Control, 31(3), pp.239-273.
Jachi, M. and Yona, L., 2019. The impact of independence of internal audit function on transparency and accountability case of Zimbabwe local authorities. Research Journal of Finance and Accounting, 10(5), pp.64-77.
Ji, X.D., Lu, W. and Qu, W., 2018. Internal control risk and audit fees: Evidence from China. Journal of Contemporary Accounting & Economics, 14(3), pp.266-287.
KAHYAO?LU, S.B., Sarikaya, R. and TOPAL, B., 2020. Continuous auditing as a strategic tool in public sector internal audit: The Turkish case. Selçuk Üniversitesi Sosyal Bilimler Meslek Yüksekokulu Dergisi, 23(1), pp.208-225.
Koutoupis, A., Pazarskis, M. and Drogalas, G., 2018. Auditing Corporate Governance Statements in Greece–the role of internal auditors. Corporate Governance: The international journal of business in society.
Kral, R., 2018. Integrating a Compliance and Ethics Program With a Control Framework Leveraging Coso’S Internal Control–Integrated Framework. EDPACS, 57(6), pp.11-17.
Liu, J.Y., 2018. An internal control system that includes corporate social responsibility for social sustainability in the new era. Sustainability, 10(10), p.3382.
Mexmonov, S., 2020. The Role of the Internal Audit Based International Internal Audit Standards in Uzbekistan. ????? ??????? ????????????, 33(1).
Oladejo, M., Yinus, S.O., Shittu, S. and Rutaro, A., 2021. Internal audit practice and financial reporting quality: Perspective from Nigerian quoted foods and beverages firms. KIU Interdisciplinary Journal of Humanities and Social Sciences, 2(1), pp.410-428.
Puad, N.A.M., Abdullah, N.I. and Shafii, Z., 2020. Follow Up in Shariah Auditing: Multiple Approaches by Takaful Operators. International Journal of Islamic Economics and Finance Research, 3(1), pp.14-29.
Raimo, N., Vitolla, F., Marrone, A. and Rubino, M., 2021. Do audit committee attributes influence integrated reporting quality? An agency theory viewpoint. Business Strategy and the Environment, 30(1), pp.522-534.
Roussy, M. and Perron, A., 2018. New perspectives in internal audit research: A structured literature review. Accounting perspectives, 17(3), pp.345-385.
Thabit, T., 2019, April. Determining the effectiveness of internal controls in enterprise risk management based on COSO recommendations. In International Conference on Accounting, Business Economics and Politics.
Turayev, A. and Ochilov, O., 2018. Internal Audit Is a Form of the State Financial Control: National and International Features. International Finance and Accounting, 2018(4), p.5.
Turetken, O., Jethefer, S. and Ozkan, B., 2020. Internal audit effectiveness: operationalization and influencing factors. Managerial Auditing Journal.
Vitolla, F., Raimo, N. and Rubino, M., 2020. Board characteristics and integrated reporting quality: an agency theory perspective. Corporate Social Responsibility and Environmental Management, 27(2), pp.1152-1163.
