Internal audit
09.08.2016
About a month ago, we hosted a workshop, organised within the RSM network, which focused on internal audit. This event was a very interesting opportunity for us to meet people from all around the world, who have been engaged in this field for a long time. We would like to share with you our view on internal audit and our experience with it.
Internal audit is used to map and improve internal processes and internal auditing methods are defined by international standards and related code of ethics. Although it may seem unnecessary, it is quite useful to have an independent audit performed from time to time checking whether the process set-up is efficient and individual activities are protected against misuse or unauthorised disclosure of information. The old adage “Two heads are better than one” certainly does apply here. The outcome of an internal audit, which usually takes days or weeks, depending on the scope, is usually a report, which identifies potential risks, suggests solutions to tackle them or defines possible improvements.
If we look at the progress of internal audit in more detail, it all begins with an agreement with the client on the scope and form of internal audit. The follow-up step is to appoint a team of experts working on-site where the process actually takes place. Internal audits are performed by interviewing the personnel in charge, testing samples and evaluating them. Everything is being recorded in a due a careful manner in case there is a need to refer back to a certain matter. The client is being continuously informed about audit results so as to be able to respond to reported findings accordingly. Everything is then reflected in the report, which describes the progress and results of the audit.
Internal audits aim to add value. A company should become stronger after conducting an internal audit.
The processes that are most frequently examined include, for example, invoicing, purchasing, inventory, preparation of financial statements, reporting or IT security. The IT area is particularly important as it permeates virtually all processes across the company.
The demand for provision of this service has increased mainly in Czech companies owned by “western” parent companies, however, we expect to see this trend gradually change in the coming years. The reason is that there has been a growing pressure on process efficiency and safety. The situation in Western Europe is quite different from that in North America, where companies are required to make sure their processes are internally audited. No such regulation has been in force in the Czech Republic yet.
So why do advisors write about it? Internal audits are managed by internal auditors employed by the company concerned (the client is actually in the position of an internal auditor’s superior). This is of course true, but there are situations when internal auditors, i.e. employees of the company concerned are being recruited from among consulting firms. This happens, for example, when the auditor lacks the necessary expertise in a certain area or the company needs to hire more internal auditors, due to a greater scope of auditing, whom the company does not wish to employ throughout the year.
Should you have any questions regarding this matter, please do not hesitate to contact us.