ROLES AND RESPONSIBILITIES OF AUDITORS (Internal, External and Information System)

Internal Auditor

An internal auditor (who should be a professionally qualified accountant) IS employed within an organization.

Internal auditors often have professional qualifications in other disciplines (for example, computing) and are

employed by a wide range of organizations from public companies to government departments.

Internal auditing has developed because of the increasing internal controls needed to cover operations at

different locations. It is impossible for large organizations to effectively monitor all aspects of their internal

control systems. Hence the need for some independent group to be able to act as an arm of management, that

is internal audit.

Setting up, maintaining and improving internal control systems are the main functions of the internal auditor.

The development of internal auditing has led to the formation of internal auditing departments with a

director/manager for internal audit.

Internal Audit Objectives

The main objective of internal auditing is to confirm the efficiency and effectiveness of operations and their

contribution to the achievement of organizational goals. Internal audit also acts as a control mechanism for

management to:

ensure adequate internal control

review the reliability of records

prevent and detect fraud

carry out any statutory duties (if applicable)

monitor the reporting procedures

provide advice on how to improve organization performance.

Infernal auditors can carry out a variety of functions including:

Systems reviews that are part of an ongoing internal auditor program (for example, the accounts receivable system)

Special investigations instigated by management (for example, items of inventory found to be missing after a stock check). Internal audit would carry out an investigation and report the findings, with recommendations to management.

Consultancy (for example, when a new EDP system is being introduced they ensure that the necessary controls are in place)

Efficiency/cost effectiveness audits of different areas within an organization.

As you can see, the extent internal audit operations is limitless is usually only restricted by:

The lack of expertise of internal audit staff (this can be overcome by the use of outside experts)

Senior management's attitude (that is, management may not wish an area or item to be reviewed). For example, executive salaries and conditions of employment may be a sensitive issue.

The size of the internal audit department (for example, it may not be possible to cover all the operations areas of an organization). This difficulty can be overcome by selective audit coverage on the basis of risk.

External Auditor

External auditors are either individual practitioners or members of public accounting firms who render

professional auditing services to clients. They are also known as independent auditors and their clients include

profit-making businesses, non-profit organizations, government agencies and individuals.

External Auditing Objectives

The objective of an audit is to enable the auditor to express an opinion whether the financial report is prepared

in accordance with accounting standards. The audit should be conducted in accordance with these auditing

standards.

Two major aspects are emphasized:

independent examination

expressing an opinion.

Auditing is a process of obtaining and evaluating evidence in relation to financial statements and an

accounting system. The audit report will be prepared for by users of financial statements.

Owners of the business (this includes shareholders).

Potential investors.

Suppliers of credit.

During the audit the auditor will collect evidence to show that the financial statements are free of material

error. It should be noted that due to the test nature of audit and inherent difficulties in internal controls,

the-auditors does not guarantee to detect every error or irregularity. The auditor also evaluates whether the

audit evidence raises questions about the client's ability to continue as a going concern in the future.

Through the audit process, the auditor gives credibility to management's financial reports. This allows

owners, bankers, and investors to use the figures with enhanced confidence.

The external auditor examines whether:

transactions and amounts that should have been recorded are actually reported in the

financial statements

the assets and liabilities reported in the financial statements existed at the balance sheet and

the transactions reported in the financial statements occurred during the period covered by the

statements

reported assets are owned by the business, and liabilities owned by the business at the balance sheet date are reported

the financial statement amounts (assets, liabilities, revenues and expenses are valued in

conformity with accounting standards

the financial statement amounts are properly classified, described and by users disclosed in line with accounting standards.

The auditor will then give a report on the fairness of the financial reports. If an unqualified report is given, the auditor believes that the statements are presented fairly in accordance with accounting standards. A qualified report shows that the auditor is concerned about some aspects of the statements (such as the valuation/disclosure of an item, or the selection of accounting policies).

The external auditor may be called upon TO perform a range of audit functions these cover:

a financial statement audit, which is an examination of a firm's financial going statements and

accounting records

a compliance audit. which is an examination of an accounting system or part of a firm's operations

to assess compliance with set conditions, policies or legislation

an operational/performance audit, which is an examination of a firm's operations to

assess its adequacy, efficiency and effectiveness.

Comparing External and Internal Audits :

Aspect External audit Internal audit

Work is performed In a professional/client As staff member in a firm

relationship

Aim Report to shareholders Assist management

Timing of audit Near end of financial year Throughout year

Objection of audit To review fair presentation and To maintain internal control

give opinion system

Independence of audit Independence from client Independent within the

organization but still an

employee

Fraud detection Only concerned if put on guard Directly concerned with

in the audit prevention and detection

Inventory balance should be Extensive use

accurate

Type of work General controls review, data Extensive, complete review

analysis, change control test systems

management / user access profiles

Roles of IS Auditor

The IS auditor gathers evidence, evaluates the strengths and weaknesses of controls based upon the evidence gathered and prepares an audit report that presents those issues in an objective manner to

management.

In smaller information-processing environments, adequate segregation of duties between operations

and programming may not be achievable. In these situations, it is important that compensating controls, such as strong computer security and end-user reconciliation of control reports, are identified by the IS

Auditor.

The IS Auditor would typically follow sequential program steps to gain an understanding of the entity

under audit, to evaluate the control structure and to test the controls.

It is also important for an IS Auditor to obtain this information and to assess the relationship among

various job functions, responsibilities and authorities for adequate segregation of duties. Segregation

of duties is an important means by which fraudulent and or malicious acts can be discouraged and

prevented. The IS Auditor should spend time in an auditee's area to observe and to determine that the job description and structures are adequate

The IS auditor uses automated working papers to perform the IS audit.