Definition:

The audit basically means an examination of financial reports or other reports by the independent person or organization where the opinion is expressing based on the fact of their review.

There are many types of audits and different level of assurance provided by auditors.

For example, the financial audit is the audit of the entity’s financial statements by the independent audit firm and an internal audit is performing by an internal audit team that employed by the entity itself.

Auditor helps the users of financial statements especially shareholders or owners of the entity to get a better comfort on the financial statements that they are using.

In others, the auditor is the watchdog that works on behalf of owners or shareholders to verify the financial statements prepared by directors (who run the company’s).

In general, to ensure that the opinions provided are unbiased and reliable, an audit needs to maintain their main code of ethics and follow the mandatory guideline from the professional body that control them in those jurisdictions.

For example, the external auditors who audit the financial statements based on ISA need to follow IFAC code of ethics.

Internal auditors who follow IIA, they are required to follow the IIA code of ethic. The auditor may use different audit approach and audit strategy based on their professional judgment.

Purpose of an Audit:

  • The auditor is the watchdog who its main objective is to protects its entity or owner’s interest. This is why auditors exist. But, now the requirement of auditors scale up from just to project the owner’s attention to significant stakeholders. If we talk about external auditors like KPMG, EY, and PWC, the primary purpose of an audit to financial statements is to let these firms provide an assurance or express their opinion on whether the financial statements that prepare by the management of entity are true and fair or not. Some entities are required by law or regulations to have their financial statements audited. Some entities are requested by banks or creditors, while some entities are voluntary to have the audit of their financial statements.
  • For compliant auditors, the purpose of an audit is to let auditors assess whether policies, laws, and regulations are fully and correctly implement by entities or not. For example, the national bank or central bank required all financial institutions to operate in the country to set up compliant auditors and regularly report to them whether those banks fully and correctly implement the law and regulation they put or not.
  • Internal auditors might have a different purpose. The main purpose of internal auditors is to review the internal control of entity both operation and internal control over financial reporting, the value of money audit, and compliant. Check here for detail of the Internal Audit. As you can see above, the purposes are different based on the type of audit and level of assurance they are providing.

Who is an auditor?

He/she is someone who leaves home at early morning and back at midnight. Just kidding. An auditor is an independent person or entity who conducts audit work. External auditors are normally hired by audit firms like PWC, KPMG, EY, or GT.

And internal auditors are normally hired by private or public entities. Internal auditors can be employed to work in the internal audit department or division as the result of the requirement of the entity or local regulator.

Internal audit offices normally hired through the HR department, but the head of the internal audit or Chief of Internal Audit is sometimes hired by shareholders.

Auditors need to be independent of the operation and any kind of interest that might be impaired to the quality of their works.

How to become an auditor?

To become auditor, you need to have good knowledge in some areas as follow:

  • Have a piece of good knowledge of accounting. It can be obtained by having a degree in accounting or obtaining professional qualifications like CA, CIA, ACCA, and CPA. Most accounting firms prefer ACCA, CA, and CPA. For internal auditors, the CIA is also preferable. These professional qualifications not only offer good opportunities in the auditing field but also provide you some more credit compare to other staff who hold just only a BA in accounting. Yet, obtain these qualifications is quite challenging.
  • Have good English skill. Well, English is the most useful language in working place as well as communication with your clients. Having good English could be good credit for you to pass the interview.
  • Know how to use MS office. The most MS office use by the auditor are MS Outlook, MS Word, and MS excel. Having a goods skill in this MS could help you to pass the interview.

How do auditors perform an audit?

Well, it is a bit broad. Here are the three importance tasks (cycle) do by any kind of auditors:

1) Planning:

Auditor requires to have proper audit planning to ensure the audit risks are minimized. In the planning stage, the auditor needs to determine what are the audit objective, audit scope, and audit approach they are using to perform their audit activities.

To give you some specific example, here are the things to be done in the planning of audit financial statements perform by external audits and things to be done by internal audit.

For audit financial statements, planning stage including:

  • Prepared audit engagement letter (sometimes done in the pre-audit)
  • Assess some requirement by law; for example, do KYC (Know Your Client) in money laundering
  • Understand the client’s nature of business and major internal control (Most of the firm adopt COSO framework)
  • Resource assignment by making sure that there are sufficient resources to perform audit work. Resources here include the number of staff, experiences, and expertise in the client’s business and financial reporting.
  • Risk assessment needs to be performed at the planning stage to understand, based on the financial figure, the high-risk areas to be the focus on and how auditor plan to detect those risks. There are many forms to perform risk assessment, but financial statements analysis and variance analysis are what we normally have done in risk assessment.

For internal audit, planning stages including:

  • Perform risks assessment to identify the audible areas and prioritize those areas based on risks identified
  • Obtain an understanding of the client’s nature of business and assess what are the possible risks.
  • Perform a detailed understanding of the processes and procedures of each cycle.
  • Assess whether current resources are sufficient enough to perform an audit with high quality.
  • Ensuring that the audit team fully understands the audit objective, scope, and purpose of internal audit activities of the company or project being audit.

Okay, above are the sample of audit planning for both internal and external. Now let move to the execution of the audit.

2) Execution:

Audit execution sometimes means audit field works. This the time that audits does detail testing, based on their planning to obtain audit evidence over the reports they are auditing.

For audit on financial statements, the auditor will need to inquire and obtain supporting documents over the transaction they are selecting.

At this time, audit programs are prepared, and audit working papers are designed for testing.

The audit execution simply means the way how auditors obtain audit evidence. In general, to obtain audit evidence, auditors normally use these techniques:

  • Inquiry: inquire client on the subject mater auditor want to know
  • Observation: Observe client perform the existing process as they inform auditors
  • Recalculation: Redo what the client did. For example, depreciation.
  • Inspection: Inspect accounting documents or sometimes called vouching. For example, vouching for invoices
  • Confirmation: Confirm financial balance or transactions that record or report in the financial statements. For example, confirm account receivables.
  • Analytical procedures: Analyst transactions or event in the financial statements
  • Re performance: re-perform some transactions to confirm the output.

3) Audit Report:

Auditors will issue audit reports after they complete their audit works. However, the reports are different based on the level of assurance, nature of audit and type of audit.

For example, for positive assurance like an audit on financial statements, the auditor will issue the audit report and express their option on those reports.

The opinion would be unqualified, qualified, disclaimer, and adverse opinion. For negative assurance ( limited assurance), the auditor will not express their opinion in that way.

For internal auditors, their report is different from the external auditor. The internal audit report is a combination or a list of finding found during their audit long with implication, and recommendation.

Internal audit finding normally discuss with management and settlement for those findings are required by internal auditors.

By Sinra