(1) Internal audit is an appraisal or monitoring activity established by management and directors for the review of the accounting and internal control systems as a service to the entity.
(2) Internal audit functions by examining, evaluating and reporting to management and directors on the adequacy and effectiveness of components of the accounting and internal control systems.
(3) Internal audit is a management control. It reviews the effectiveness of other controls within a company.
(4) The work of audit is varied – from reviewing financial controls through checking compliance with legislation.
(5) The internal audit department is normally under the control of a chief internal auditor who reports to the audit committee.
(1) In some situation, it is a statutory requirement to have internal audit.
(2) In some situation, it is required to have internal audit by codes of corporate governance.
(3) Internal audit provides an independence check on the control systems in a company.
(4) Internal audit is a management control.
(1) Internal audit is an independent objective assurance activity.
(2) To ensure that the activity is carried out objectivity, the internal auditor must have their independence protected.
(3) Independence is assured in part by having an appropriate structure with which internal auditors work.
(4) Independence is assured in part by the internal auditor following acceptable ethical and work standards.
(5) Internal auditors should be independent of executive management and should not have any involvement in the activities or systems that they audit.
(6) The head of internal audit should report directly to a senior director or the audit committee and should have direct access to the chairman of the board of directors, and to the audit committee, and should be accountable to the audit committee.
(7) The audit committee should approve the appointment and termination of appointment of the head of internal audit.
Threats to auditor independence
(1) Self-interest threat: Occurs when the audit firm or a member of the audit team could benefit from a financial interest in, or other self-interest conflict with an audit client.
(2) Self-review threat: Occurs when the audit firm, or an individual audit team member, is put in a position of reviewing subject matter for which the firm or individual was previously responsible, and which is significant in the context of the audit engagement.
(3) Advocacy threat: Occurs when the audit firm, or a member of the audit team, promotes, or may be perceived to promote, an audit client’s position or opinion.
(4) Familiarity threat: Occurs when, by virtue of a close relationship with an audit client, its directors, officers or employees, an audit firm or a member of the audit team becomes too sympathetic to the client’s interests.
(5) Intimidation threat: Occurs when a member of the audit team may be deterred from acting objectively and exercising professional skepticism by threats, actual or perceived, from the directors, officers or employees of an audit client.
(1) Financial interest in a client. Auditor owns shares in a client company.
(2) Loans and guarantees. Auditor loans money to or receives loans from a client company.
(3) Close business relationships. Auditor partner is director of a client company.
(4) Family and personal relationships. Director’s spouse is director of a client company.
(5) Employment with assurance clients. Member of assurance team accepts senior position at a client company.
(6) Size of fees. Audit firm has a significant amount of fees derived from one client.
(7) Gifts and hospitality. Auditor is provided with a free holiday by the client.
(Ethical threats to internal auditor)
(1) Pressure from an overbearing supervisor, manager or director, adversely affecting the accountant’s integrity.
(2) An auditor might mislead his employer as to the amount of experience or expertise he has in order to retain his position within the internal audit department.