According to Wikipedia, Internal auditing is a profession and activity involved in helping organizations achieve their stated objectives. It does this by using a systematic methodology for analyzing business processes, procedures and activities with the goal of highlighting organizational problems and recommending solutions. Professionals called internal auditors are employed by organizations to perform the internal auditing activity. Internal auditors are employed by companies to do both financial and operational auditing. Their role in auditing has increased dramatically in the past two decades, primarily because of the increased size and complexity of many corporations. Because internal auditors spend all of their time with one company, their knowledge about the company’s operations and internal controls is much greater than the external auditors’ knowledge. That kind of knowledge can be critical to effective corporate governance. In fact, the Bursa Malaysia now requires its registrants to have an internal audit function.
The Institute of Internal Auditors professional practices framework provides the following definition of internal auditing: This definition reflects the changing role of internal auditors. Internal auditors are expected to provide value to the organization through improve operational effectiveness, in addition to traditional responsibilities such as reviewing the reliability and integrity of information, ensuring compliance with policies and regulations, and safeguards assets.
The objectives of internal auditors are considerably broader than the objectives of external auditors. This provides flexibility for internal auditors to meet company needs. Different companies vary in the extend of internal auditing and the areas on which the internal auditors focus. For example, at one company, internal auditors may focus exclusively on documenting and testing controls. At another company, internal auditors may serve primarily as consultants and focus on recommendations that improve the organizational performance. Also, internal audit reports are not standardizing due to the reporting needs vary for each company and the reports are not relied on by external users.
Professional guidance for internal auditors is provided by the Institute of Internal Auditors Malaysia (IIAM). The IIAM is part of the worldwide body called The Institute of Internal Auditors, Inc, Florida USA which has more than 100,000 members with representatives from 1200 companies. The IIAM has establi shed itself as a leader in training and development of internal auditors in Malaysia through conferences, seminars and workshops on various subjects, methods and techniques in internal auditing. The IIAM has adopted the approved professional practices framework in 1999 which includes a code of ethics and IIA International Standards for the Professional Practice of Internal auditing (the “Red Book”).
There are both differences and similarities between the responsibilities and conduct of audits by internal and external auditors. The primary difference is whom each party is responsible to. The external auditor is responsible to financial statement users who rely on the auditor to add credibility to the statements. The internal auditor is responsible to management. On the other hand, there are many similarities between the two groups. Both must be competent as auditors and remain objective in performing their work and reporting their results. For instance, they both follow a similar methodology in performing their audits, including planning and performing tests of controls and substantives tests. Similarly, they both use th audit risk model and materiality in deciding the extent of their tests and evaluating results. External auditors rely on internal auditors through the use of the audit risk model. Auditors significantly reduce control risk and thereby reduce substantive testing if internal auditors are effective....
Please join StudyMode to read the full document