Internal audits provide independent and objective recommendations aimed at improving an organisation’s operations and activities.
Internal audits help to implement a systematic approach to risk assessment and increase the effectiveness of corporate governance processes.
They are necessary to ensure that the business can be managed and controled.
Why do the company’s owners need internal audits?
Internal audits are effective tools for monitoring the work of the company’s hired management. Independent inspections of reliability and the effectiveness of management and control systems give owners additional guarantees about the efficiency of the company’s operations and activities, as well as the integrity of its assets.
Why are internal audits useful for company management?
- They facilitate an objective assessment of the situation in management decision-making,
- provide recommendations to improve the efficiency of business processes and
- optimise risk management at the company.
Objectives of Internal Audits
In terms of internal control – assessing the adequacy and effectiveness of control procedures aimed at reducing risks in the key areas of the organisation’s operations.
These include assessments of:
- the reliability and integrity of information about the company’s financial and economic activity;
- the effectiveness and commercial efficiency of its operations;
- the integrity of it assets;
- its compliance with laws, regulations, and contracts.
In terms of corporate management – evaluation of procedures and recommendations for improving corporate governance processes.
These include recommendations on:
- establishing and promoting ethical standards and values within the organisation;
- ensuring effective management and the accountability of employees for the organisation’s performance;
- providing information on the risks and control of the organisation’s relevant departments;
- coordinating activities and exchanging information between the organisation’s board of directors, external and internal auditors and management.
- In the area of risk management - risk assessment of the organisation’s activities and information systems.
- the likelihood of fraud risk arising;
- how the organisation manages fraud risk.
Organising the Internal Audit Service
The internal audit function can be implemented in two ways:
by creating an in-house Internal Audit Service (IAS)
by outsourcing (co-sourcing) — bringing in an outside consultant / specialised company
in the following cases:
- when there is no economic sense in creating an in-house internal audit service (for example, when a company is in a phase of active growth),
- when the need arises to conduct an audit of a specific area (such as information technology or capital construction),
- when there are insufficient domestic resources during periods when staff auditors have many other commitments etc.
Assessing the effectiveness of the internal audit function
To analyse the effectiveness of the internal audit function, qualitative and quantitative indicators are used, including the actual performance compared to the plan audits, the expenditures of the internal audit department and the economic effect from implementing recommendations etc.
In addition to the process of periodic assessments of the effectiveness of internal audits, a program should be in place to improve the quality of internal audits, including the quality control of internal audits, their compliance with existing procedures and regulations, periodic certification of IAS experts, and their training and development.
The creation of an effective internal audit function requires the solution of wide range of issues and involves significant costs and time. FBK’s experts have extensive experience in providing internal audit services to companies in various industries. Our high level of expertise enables us to offer you services in the key areas of establishing and improving the internal audit function.
Organising the internal audit service:
- organising the Audit Committee of the company’s board of directors, including developing regulations, separation of powers and the responsibilities of the Audit Committee and the Audit Commission;
- establishing the Internal Audit Service, including defining the functional and administrative subordination of the IAS and developing the optimal organisational structure and regulatory documents;
- creating a methodological framework for the activity of the internal audit department that meets the company’s needs and specifies and enhances the quality and effectiveness of control functions, including the development of a methodological framework for the work of internal audit (set of methods, rules and plans for conducting audits).
Improving the internal audit function:
- analysis and assessment of the existing internal audit service, development of recommendations to improve the effectiveness of the internal audit function;
- identification of strategically important areas for the company’s audits, development of annual audit plans;
- assessment of the effectiveness of the systems for corporate governance, risk management and internal control.
- complete outsourcing of the internal audit function – transfer of all powers and responsibilities for implementing this function to FBK;
- partial outsourcing of the audit function – conducting audits (with the participation of company experts, as well as by our experts only), including internal IT audits;
- co-sourcing the audit function - providing highly qualified professionals to conduct specialised types of audits.
Please contact FBK’s Partner on Consulting Valeria Polyakova to inquire about organising the Internal Audit Service, improving the Internal Audit function and outsourcing the Internal Audit.
Training and systematically increasing staff qualifications in internal audit and control
FBK has its own specialised organisation which provides short-term business education. FBK’s Economics and Law School has extensive experience in organising training and further qualifications, including in internal control and audit in the following areas:
- Organising Internal Audit at the Company;
- Fraud and the Role of Internal Audit in Combating Fraud;
- Methods of Internal Audit: Auditing the Revenue Cycle, Auditing the Expenditure Cycle, Auditing the Inventory Cycle, Auditing Capital Construction;
- Risk management. Risk-based Methodology of Internal Audit;
- Improving the Effectiveness of the Internal Control System;
- Assessing the Effectiveness of Internal Audit;
- Preparation for the CIA exams, parts 1-4.
More details about the programs at FBK’s Economics and Law School, registration for participants in the programs (in Russian)