An audit is a systematic and independent examination of books, accounts, statutory records, documents and vouchers of an organization to ascertain how far the financial statements as well as non-financial disclosures present a true and fair view of the concern. It also attempts to ensure that the books of accounts are properly maintained by the concern as required by law. Auditing has become such a ubiquitous phenomenon in the corporate and the public sector that academics started identifying an "Audit Society". The auditor perceives and recognises the propositions before them for examination, obtains evidence, evaluates the same and formulates an opinion on the basis of his judgement which is communicated through their audit report.
Any subject matter may be audited. Auditing is a safeguard measure since ancient times (Loeb & Shamoo,1989). Audits provide third party assurance to various stakeholders that the subject matter is free from material misstatement. The term is most frequently applied to audits of the financial information relating to a legal person. Other areas which are commonly audited include: secretarial & compliance audit, internal controls, quality management, project management, water management, and energy conservation.
As a result of an audit, stakeholders may effectively evaluate and improve the effectiveness of risk management, control, and the governance process over the subject matter.
The word audit is derived from a Latin word "audire" which means "to hear". During the medieval times when manual book-keeping was prevalent, auditors in Britain used to hear the accounts read out for them and checked that the organisation's personnel were not negligent or fraudulent. Moyer identified that the most important duty of the auditor was to detect fraud. Chatfield documented that early United States auditing was viewed mainly as verification of bookkeeping detail.
An information technology audit, or information systems audit, is an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
Due to strong incentives (including taxation, misselling and other forms of fraud) to misstate financial information, auditing has become a legal requirement for many entities who have the power to exploit financial information for personal gain. Traditionally, audits were mainly associated with gaining information about financial systems and the financial records of a company or a business.
Financial audits are performed to ascertain the validity and reliability of information, as well as to provide an assessment of a system's internal control. As a result of this, a third party can express an opinion of the person / organisation / system (etc.) in question. The opinion given on financial statements will depend on the audit evidence obtained.
Due to constraints, an audit seeks to provide only reasonable assurance that the statements are free from material error. Hence, statistical sampling is often adopted in audits. In the case of financial audits, a set of financial statements are said to be true and fair when they are free of material misstatements – a concept influenced by both quantitative (numerical) and qualitative factors. But recently, the argument that auditing should go beyond just true and fair is gaining momentum. And the US Public Company Accounting Oversight Board has come out with a concept release on the same.
Cost accounting is a process for verifying the cost of manufacturing or producing of any article, on the basis of accounts measuring the use of material, labor or other items of cost. In simple words, the term, cost audit means a systematic and accurate verification of the cost accounts and records, and checking for adherence to the cost accounting objectives. According to the Institute of Cost and Management Accountants, cost audit is "an examination of cost accounting records and verification of facts to ascertain that the cost of the product has been arrived at, in accordance with principles of cost accounting."
In most nations, an audit must adhere to generally accepted standards established by governing bodies. These standards assure third parties or external users that they can rely upon the auditor's opinion on the fairness of financial statements or other subjects on which the auditor expresses an opinion. The audit must therefore be precise and accurate, containing no additional misstatements or errors.
In the US, audits of publicly traded companies are governed by rules laid down by the Public Company Accounting Oversight Board (PCAOB), which was established by Section 404 of the Sarbanes–Oxley Act of 2002. Such an audit is called an integrated audit, where auditors, in addition to an opinion on the financial statements, must also express an opinion on the effectiveness of a company's internal control over financial reporting, in accordance with PCAOB Auditing Standard No. 5.
There are also new types of integrated auditing becoming available that use unified compliance material (see the unified compliance section in Regulatory compliance). Due to the increasing number of regulations and need for operational transparency, organizations are adopting risk-based audits that can cover multiple regulations and standards from a single audit event. This is a very new but necessary approach in some sectors to ensure that all the necessary governance requirements can be met without duplicating effort from both audit and audit hosting resources.
The purpose of an assessment is to measure something or calculate a value for it. Although the process of producing an assessment may involve an audit by an independent professional, its purpose is to provide a measurement rather than to express an opinion about the fairness of statements or quality of performance.
Auditors of financial statements & non-financial information (including compliance audit) can be classified into three categories:
The most commonly used external audit standards are the US GAAS of the American Institute of Certified Public Accountants and the International Standards on Auditing (ISA) developed by the International Auditing and Assurance Standard.
Performance audit refers to an independent examination of a program, function, operation or the management systems and procedures of a governmental or non-profit entity to assess whether the entity is achieving economy, efficiency and effectiveness in the employment of available resources. Safety, security, information systems performance, and environmental concerns are increasingly the subject of audits. There are now audit professionals who specialize in security audits and information systems audits. With nonprofit organisations and government agencies, there has been an increasing need for performance audits, examining their success in satisfying mission objectives.
Quality audits are performed to verify conformance to standards through review of objective evidence. A system of quality audits may verify the effectiveness of a quality management system. This is part of certifications such as ISO 9001. Quality audits are essential to verify the existence of objective evidence showing conformance to required processes, to assess how successfully processes have been implemented, and to judge the effectiveness of achieving any defined target levels. Quality audits are also necessary to provide evidence concerning reduction and elimination of problem areas, and they are a hands-on management tool for achieving continual improvement in an organization.
To benefit the organisation, quality auditing should not only report non-conformance and corrective actions but also highlight areas of good practice and provide evidence of conformance. In this way, other departments may share information and amend their working practices as a result, also enhancing continual improvement.
A project audit provides an opportunity to uncover issues, concerns and challenges encountered during the project lifecycle. Conducted midway through the project, an audit affords the project manager, project sponsor and project team an interim view of what has gone well, as well as what needs to be improved to successfully complete the project. If done at the close of a project, the audit can be used to develop success criteria for future projects by providing a forensic review. This review identifies which elements of the project were successfully managed and which ones presented challenges. As a result, the review will help the organisation identify what it needs to do to avoid repeating the same mistakes on future projects
Projects can undergo 2 types of Project audits:
Other forms of Project audits:
Formal: Applies when the project is in trouble, sponsor agrees that the audit is needed, sensitivities are high, and need to be able prove conclusions via sustainable evidence.
Informal: Apply when a new project manager is provided, there is no indication the projects in trouble and there is a need to report whether the project is as opposed to where its supposed to Informal audits can apply the same criteria as formal audit but there is no need for such a in depth report or formal report.
An energy audit is an inspection, survey and analysis of energy flows for energy conservation in a building, process or system to reduce the amount of energy input into the system without negatively affecting the output(s).
An operations audit is an examination of the operations of the client's business. In this audit the auditor thoroughly examines the efficiency, effectiveness and economy of the operations with which the management of the entity (client) is achieving its objective. The operational audit goes beyond the internal controls issues since management does not achieve its objectives merely by compliance of satisfactory system of internal controls. Operational audits cover any matters which may be commercially unsound. The objective of operational audit is to examine Three E's, namely: Effectiveness – doing the right things with least wastage of resources. Efficiency – performing work in least possible time. Economy – balance between benefits and costs to run the operations
Also refer to forensic accountancy, forensic accountant or forensic accounting. It refers to an investigative audit in which accountants with specialised on both accounting and investigation seek to uncover frauds, missing money and negligences
The Big Four (Deloitte, Ernst & Young (EY), KPMG and PricewaterhouseCoopers (PwC)) are the four biggest professional services networks in the world, offering audit, assurance services, taxation, management consulting, advisory, actuarial, corporate finance and legal services. They handle the vast majority of audits for public companies as well as many private companies.
Until the late 20th century, the market was dominated by eight networks but this gradually reduced due to mergers and the 2002 collapse of one firm, leaving four networks dominating the market in the early 21st century.
In the UK in 2011, it was reported that the Big Four audit 99% of the companies in the FTSE 100, and 96% of the companies in the FTSE 250 Index, an index of the leading mid-cap listing companies. Such industry concentration has caused concern and calls for the Competition and Markets Authority (CMA) to consider breaking up the Big Four. In October 2018, the CMA announced it had launched a detailed study of the Big Four's dominance of the audit sector.Commission on Audit of the Philippines
The Commission on Audit, abbreviated as COA (Filipino: Komisyon ng Pagsusuri), is an independent constitutional commission established by the Constitution of the Philippines. It has the primary function to examine, audit and settle all accounts and expenditures of the funds and properties of the Philippine government.Financial audit
A financial audit is conducted to provide an opinion whether "financial statements" (the information being verified) are stated in accordance with specified criteria. Normally, the criteria are international accounting standards, although auditors may conduct audits of financial statements prepared using the cash basis or some other basis of accounting appropriate for the organisation. In providing an opinion whether financial statements are fairly stated in accordance with accounting standards, the auditor gathers evidence to determine whether the statements contain material errors or other misstatements.Internal audit
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. Internal auditing is a catalyst for improving an organization's governance, risk management and management controls by providing insight and recommendations based on analyses and assessments of data and business processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform the internal auditing activity.
The scope of internal auditing within an organization is broad and may involve topics such as an organization's governance, risk management and management controls over: efficiency/effectiveness of operations (including safeguarding of assets), the reliability of financial and management reporting, and compliance with laws and regulations. Internal auditing may also involve conducting proactive fraud audits to identify potentially fraudulent acts; participating in fraud investigations under the direction of fraud investigation professionals, and conducting post investigation fraud audits to identify control breakdowns and establish financial loss.
Internal auditors are not responsible for the execution of company activities; they advise management and the Board of Directors (or similar oversight body) regarding how to better execute their responsibilities. As a result of their broad scope of involvement, internal auditors may have a variety of higher educational and professional backgrounds.
The Institute of Internal Auditors (IIA) is the recognized international standard setting body for the internal audit profession and awards the Certified Internal Auditor designation internationally through rigorous written examination. Other designations are available in certain countries. In the United States the professional standards of the Institute of Internal Auditors have been codified in several states' statutes pertaining to the practice of internal auditing in government (New York State, Texas, and Florida being three examples). There are also a number of other international standard setting bodies.
Internal auditors work for government agencies (federal, state and local); for publicly traded companies; and for non-profit companies across all industries. Internal auditing departments are led by a Chief Audit Executive ("CAE") who generally reports to the Audit Committee of the Board of Directors, with administrative reporting to the Chief Executive Officer (In the United States this reporting relationship is required by law for publicly traded companies).KPMG
KPMG is a professional service company and one of the Big Four auditors, along with Deloitte, Ernst & Young (EY), and PricewaterhouseCoopers (PwC).
Seated in Amstelveen, the Netherlands, KPMG employs 207,050 people and has three lines of services: financial audit, tax, and advisory. Its tax and advisory services are further divided into various service groups.
The name "KPMG" stands for "Klynveld Peat Marwick Goerdeler." It was chosen when KMG (Klynveld Main Goerdeler) merged with Peat Marwick in 1987.