Primary navigation:

QFINANCE Quick Links
QFINANCE Topics
QFINANCE Reference
Add the QFINANCE search widget to your website

Home > Auditing Best Practice > Aligning the Internal Audit Function with Strategic Objectives

Auditing Best Practice

Aligning the Internal Audit Function with Strategic Objectives

by Ilias G. Basioudis

Executive Summary

Introduction

Given today’s complex and rapidly changing management climate, companies must implement continuous improvements to achieve efficiency, and assure investors and other concerned parties of solid corporate governance.

The recent scandals at Enron, Worldcom, Parmalat, and others have raised the profile of corporate governance across the globe. Trust in the process of financial accounting, corporate governance, and auditing has been undermined by these high-profile corporate scandals. In response, regulators and the accounting profession worldwide have put forward a series of initiatives to repair the damage and restore faith in corporate governance. Furthermore, companies must continuously implement improvements to achieve effective and efficient management in order to assure the investors, other stakeholders, and concerned parties in general of its good and sound corporate governance. Globally, more companies, governments, states, and regulators are adopting corporate governance best practice, and placing more emphasis on improving corporate governance in companies, which in turn improves the confidence of investors and stakeholders in companies.

Worldwide legislative initiatives, of which the Sarbanes–Oxley Act (US) and Directive No. 8 (EU) are the most famous, make senior management responsible for establishing, evaluating, and assessing over time the effectiveness of risk management processes, systems of internal control, and corporate governance processes. In tandem, companies play a critical role in the national economy, or economies, in which they have activities. A country’s competitiveness, wealth, efficiency, and high level of economic growth may depend on the competitive nature of its companies. There is no doubt that a transparent and reasonable corporate governance structure has a positive impact on a company.

The audit committee is a subcommittee of the board of directors, and is widely recognized as an integral part of a company’s corporate governance, and, together with the internal audit function, they contribute towards the company implementing continuous improvements. In fact, one line of thought claims that the audit committee, especially in large organizations, could not possibly be effective without an efficient, effective, and independent-minded internal audit function.

As a result, the internal audit function has the potential to be one of the most influential and value-adding services available to a company’s senior management and board of directors. Furthermore, with the growing focus on corporate governance issues, organizations are increasingly exploring the potential benefits to be gained from establishing an effective and efficient internal audit function. Company boards must identify the opportunities, risks, and exposures that can determine success or failure. The establishment of an internal audit function can become an integral part of overall strategy, and assist in achieving corporate objectives.

The Purpose and Role of Internal Auditing

According to The Institute of Internal Auditors’ (IIA) definition of internal auditing, the internal audit function should provide independent, thorough, timely, and objective results of quantitative and qualitative testing to senior management, and, in essence, help evaluate organizational risk management. Internal auditing assists public and private organizations to meet overall corporate objectives by establishing a systematic and disciplined approach to assessing, evaluating, and improving the quality and effectiveness of risk management processes, systems of internal control, and corporate governance processes. This systematic approach and analysis is implemented across all parts of an organization, and the internal auditor reports directly and independently to the most senior level of management. The role of the internal auditor, therefore, is to provide an overall assurance to management that all key risks within an organization are managed effectively, so that the organization can achieve its strategic objectives.

An internal audit function should be independent and unbiased, and hold a neutral position within an organization. The audit function looks beyond the narrow focus of financial statements and financial risks (although these risks are included in the remit of the internal auditor’s job), and it may, for example, involve auditing reputational, operational, environmental, or strategic risks. Reputational risks could involve labor practices in host countries; operational risks include poor health and safety procedures; environmental risks might involve pollution generated by a factory; while a strategic risk might involve the board stretching company resources by producing too many products.

An internal audit function should have the ability itself to define the scope of internal audits (after consultation with the internal audit’s primary stakeholders), the authority to obtain information and resources, and have an appropriate reporting structure to senior management. The internal audit team members do not test their own work, or the work of persons that they report to. Any actual or potential conflicts of interest that hinder an honest, independent, and unbiased assessment must be disclosed.

Back to Table of contents

Further reading

Books:

  • Pickett, K. H. Spencer. The Essential Handbook of Internal Auditing. Chichester, UK: Wiley, 2005.
  • Pickett, K. H. Spencer. Audit Planning: A Risk-Based Approach. Hoboken, NJ: Wiley, 2006.

Standard:

Websites:

Back to top

Share this page

  • Facebook
  • Twitter
  • LinkedIn
  • Bookmark and Share