Internal Audit Definition - AccountingTools

What is Internal Audit?

Internal audit refers to the department located within a business that monitors the efficacy of its processes and controls. The internal audit function is especially necessary in larger organizations with high levels of process complexity, where it is easier for process failures and control breaches to occur. Internal audit is especially necessary in a publicly-held business, which must attest to the robustness of its systems of internal control. Internal audit is not simply a watchdog that monitors a business and flags problems. It can also act as an internal consulting department that adds value to company operations. It does so by highlighting opportunities for improvement and facilitating changes within the organization.

Who Does Internal Audit Work For?

Ideally, the internal audit department reports to the board of directors or a committee of the board. By doing so, it remains independent of the management team, and so is able to investigate issues related to the team, reporting its findings back to the board of directors. This level of independence means that the internal audit function cannot directly engage in company operations, since it would then be working for the management team it is supposed to be evaluating.

Related AccountingTools Course

Internal Auditing Guidebook

What are the Functions of Internal Audit?

The internal audit staff is responsible for the activities noted below:

• Fraud detection. The internal audit staff routinely examines systems and transactions to see if there are any indicators of fraud being perpetrated within the business. If so, the staff may collect evidence for prosecution purposes, as well as recommend control changes to eliminate the opportunity for additional fraud.

• Internal control assessments. The internal audit staff engages in ongoing reviews of controls, to see if they are adequate as constructed, and whether employees are using them in the intended manner.

• Legal and regulatory compliance. The internal audit staff examines whether the company is compliant with all applicable legal and regulatory issues. This work is typically done in conjunction with the company’s legal department.

• Process assessments. The internal audit staff reviews proposed changes to processes to see if the controls associated with them are still adequate. If not, the staff recommends changes, and will review them at a later date to see if the changes have been properly installed and followed.

• Risk assessments. The internal audit staff will conduct reviews of the risks to which a business is subjected, looking in particular at the probability of risks being incurred and the amount of loss associated with them. This information is used by management to determine whether strategic or tactical changes should be made to mitigate the indicated risk issues.

• Safeguarding of assets. The internal auditing staff will examine the controls associated with assets, to see if any assets are at risk of loss. This may result in recommendations to alter controls in order to better safeguard assets.