What is Auditing, Its Types, Purposes, and Some Current Issues

What is Auditing?

Auditing is the process of assessment and ascertaining of financial, operational, and strategic goals and processes in organizations to determine whether they are in compliance with the stated principles in addition to them being in conformity with organizational and more importantly, regulatory requirements.

Indeed, among the objectives of auditing as mentioned above, conformance with regulatory norms and rules and regulations is indeed one of the drivers behind auditing and historically and traditionally, has been the main reason why organizations get their financial statements, operational process, and strategic imperatives audited.

Types of Audits

Among the various types of audits, financial audits are the most popular followed by operational and strategic audits and in addition to the emerging practice of IT (Information Technology) audits. Moreover, auditing as a process has now become so routine and compulsory worldwide that organizations spend quite some time getting their books of accounts and processes audited by both internal and external auditors.

1. Internal Audits

   Internal audits refer to the audits done by employees and stakeholders within the organizations with a view to evaluate and assess whether the organization is following the internal processes, norms, rules, and regulations in addition to determining whether it is in compliance with the regulatory norms.

   Indeed, internal audits are sometimes the first checkpoints for organizations to determine whether their books of accounts, operational processes, and IT infrastructure and security protocols are in order with both the internal objectives, strategic imperatives, and external regulatory requirements.

   Having said that, it must be noted that the reason why internal audits are not accorded more importance over external audits is that since they are being performed by employees and individuals within the organizations, the apparent lack of objectivity and thoroughness apart from a tendency to “cover things up” means that often, external audits are considered more trustworthy.

   

2. External Audits

   External audits are done by independent and third party agencies and companies that are especially tasked with assessing and evaluating an organizations’ compliance with the regulatory norms.

   Further, some organizations also hire external auditors to “hold a mirror to themselves” in the sense that any deficiencies and irregularities can be found that are otherwise not “visible” to the senior leadership and management during the course of conducting the everyday operational business.

   Moreover, external audits are also mandatory due to regulatory and compliance reasons as well as due to the shareholder requirements which mandate that external audits need to be done annually, quarterly, and half yearly to be presented in the Annual General Meetings, and meetings of the Board of Directors.

   In addition, external audits might also be required in case of contingencies wherein the regulators who suspect that “something is amiss” in the companies might mandate those companies to be audited by independent and third party auditors to ascertain the “true picture” of the finances and operational details of those companies.

3. Financial Audits

   As mentioned earlier, financial audits are the most common form of audits for various reasons including the fact that businesses exist to make money and return profits and generate wealth for their shareholders. This means that investors and other stakeholders must know whether the businesses are being run properly so that their capital is safe and generating the stated returns.

   Moreover, financial audits are also the most common forms of audits since any discrepancies in the books of accounts reflects the mismanagement of the companies in addition to finance affecting almost all operational and strategic areas of the companies’ and their businesses.

   In addition, financial audits are also the first point of evaluation as to whether the companies are stating the truth and whether they are hiding or covering up some aspect that can be uncovered and revealed in a forensic audit.

4. Strategic, Operational, and IT Audits

   Having said that, there are other types of audits such as operational, strategic, and IT audits that have become popular in recent years mainly due to the increasing complexity of organizational processes as well as the IT infrastructure and the fast paced external marketplace which needs an evaluation of whether the organizations are aligning their internal processes and strategies with that of the external strategic drivers and imperatives.

   In addition, IT audits are being sought to assess and evaluate the readiness of the organizations’ IT infrastructure and systems and IT processes to meet the stated goals and objectives in addition to being able to withstand IT risks and security breaches.

   Indeed, with the increase in the nature, type, and variety of IT risks as well as the increasing complexity of the IT infrastructure, IT audits have now become as commonplace as financial and operational audits because both internal and external stakeholders need to know whether the organization’s IT infrastructure is up to the mark and whether it is capable of meeting the stated goals and objectives.

Some Issues with Auditing and Auditors

In recent years, there have been concerns about audits being used to cover up and hide internal deficiencies and weaknesses thereby defeating the very purpose for which such audits are needed.

Indeed, even external auditors have been found to be colluding with the organizations in this regard and hence, regulators worldwide have turned their gaze and tightened the controls and the requirements for such audits. This has been revealed in the way the United States passed several landmark laws such as Sarbanes Oxley in the wake of the Enron scandal wherein the auditors, Arthur Anderson, was found to be “in cahoots” with the management of Enron in cooking the books and covering up the malpractices.