The general definition of an audit is an evaluation of a person, organization, system, process, enterprise, project or product. The term most commonly refers to audits in accounting, but similar concepts also exist in project management, quality management, and energy conservation.
Audits in accounting
Audits are performed to ascertain the validity and reliability of information; also to provide an assessment of a system’s internal control. The goal of an audit is to express an opinion on the person / organization / system (etc.) in question, under evaluation based on work done on a test basis.
Due to practical constraints, an audit seeks to provide only reasonable assurance that the statements are free from material error. Hence, statistical sampling is often adopted in audits. In the case of financial audits, a set of financial statements are said to be true and fair when they are free of material misstatements – a concept influenced by both quantitative (numerical) and qualitative factors.
Auditing is a vital part of accounting. Traditionally, audits were mainly associated with gaining information about financial systems and the financial records of a company or a business (see financial audit). However, recent auditing has begun to include non-financial subject areas, such as safety, security, information systems performance, and environmental concerns. With nonprofit organizations and government agencies, there has been an increasing need for performance audits, examining their success in satisfying mission objectives. As a result, there are now audit professionals who specialize in security audits, information systems audits, and environmental audits.
In cost accounting, it is a process for verifying the cost of manufacturing or producing of any article, on the basis of accounts measuring the use of material, labour or other items of cost. In simple words the term, cost audit, means a systematic and accurate verification of the cost accounts and records, and checking for adherence to the cost accounting objectives. According to the Institute of Cost and Management Accountants of Pakistan, a cost audit is "an examination of cost accounting records and verification of facts to ascertain that the cost of the product has been arrived at, in accordance with principles of cost accounting."
An audit must adhere to generally accepted standards established by governing bodies. These standards assure third parties or external users that they can rely upon the auditor’s opinion on the fairness of financial statements, or other subjects on which the auditor expresses an opinion.
The Definition for Auditing and Assurance Standard (AAS) 1 by ICAI – "Auditing is the independent examination of financial information of any entity, whether profit oriented or not, and irrespective of its size or legal form, when such an examination is conducted with a view to expressing an opinion thereon."
Types of auditors
Auditors of financial statements can be classified into two categories:
- External auditor / Statutory auditor is an independent Public accounting firm engaged by the client subject to the audit, to express an opinion on whether the company’s financial statements are free of material misstatements, whether due to fraud or error. For publicly-traded companies, external auditors may also be required to express an opinion over the effectiveness of internal controls over financial reporting. External auditors may also be engaged to perform other agreed-upon procedures, related or unrelated to financial statements. Most importantly, external auditors, though engaged and paid by the company being audited, are regarded as independent auditors.
The most used external audit standards are the US GAAS of the American Institute of Certified Public Accountants; and the ISA International Standards on Auditing developed by the International Auditing and Assurance Standards Board of the International Federation of Accountants
- Internal auditors are employed by the organization they audit. They perform various audit procedures, primarily related to procedures over the effectiveness of the company’s internal controls over financial reporting. Due to the requirement of Section 404 of the Sarbanes Oxley Act of 2002 for management to also assess the effectiveness of their internal controls over financial reporting (as also required of the external auditor), internal auditors are utilized to make this assessment. Though internal auditors are not considered independent of the company they perform audit procedures for, internal auditors of publicly-traded companies are required to report directly to the board of directors, or a sub-committee of the board of directors, and not to management, so to reduce the risk that internal auditors will be pressured to produce favorable assessments.
The most used Internal Audit standards are those of the Institute of Internal Auditors
- Consultant auditors are external personnel contracted by the firm to perform an audit following the firm’s auditing standards. This differs from the external auditor, who follows their own auditing standards. The level of independence is therefore somewhere between the internal auditor and the external auditor. The consultant auditor may work independently, or as part of the audit team that includes internal auditors. Consultant auditors are used when the firm lacks sufficient expertise to audit certain areas, or simply for staff augmentation when staff are not available.
- Quality auditors may be consultants or employed by the organization.
Quality audits
Quality audits are performed to verify conformance to standards through review of objective evidence. A system of quality audits may verify the effectiveness of a quality management system. This is part of certifications such as ISO 9001. Quality audits are essential to verify the existence of objective evidence showing conformance to required processes, to assess how successfully processes have been implemented, for judging the effectiveness of achieving any defined target levels, providing evidence concerning reduction and elimination of problem areas and are a hands-on management tool for achieving continual improvement in an organization.
To benefit the organization, quality auditing should not only report non-conformances and corrective actions but also highlight areas of good practice and provide evidence of conformance. In this way, other departments may share information and amend their working practices as a result, also enhancing continual improvement.
In Project Management
Projects can undergo 2 types of audits
- Regular Health Check Audits: The aim of a regular health check audit is to understand the current state of a project in order to increase project success.
- Regulatory Audits: The aim of a regulatory audit is to verify that a project is compliant with regulations and standards. Best practices of NEMEA Compliance Center describe that, the regulatory audit must be accurate, objective, and independent while providing oversight and assurance to the organization.
Energy audits
An energy audit is an inspection, survey and analysis of energy flows for energy conservation in a building, process or system to reduce the amount of energy input into the system without negatively affecting the output(s).