Name :

Student Number

Date:

Subject

Internal Audit In Corporate Governance

Functions And Contributions

 Internal Audit In Corporate Governance

Functions And Contributions

1- Internal Audit

Internal audit is defined as the independent, objective assurance and

consulting activity designed to add value and improve an organization’s
operations . Internal auditing helps an organization in accomplishing its
objectives by bringing a systematic, disciplined approach to evaluate and
improve the effectiveness of risk management, control and governance
processes . The scope of internal auditing within an organization is broad
in nature and encompasses such issues as operational effectiveness,
financial reporting reliability. Traditionally, internal auditing, like other
forms of auditing, is a system of checks and balances. Internal auditing
can also be characterized as “procedure enforcement,” where the internal
auditors monitor how people comply with procedures within
organizations. For example, internal audit is a mechanism to double-
check the thousands of financial transactions that are posted to the
records periodically. These descriptions show that the internal audit
function was a detailed low-level check of numerous financial
transactions.

However, in recent years, this focus of internal auditing on transaction

verification has been changing and the focus is shifting more and more
towards helping managers with assessing and managing organizational
risks. This shift in focus appears to have begun during the 1950s and
1960s. Up to this point, the internal audit function was considered a
compliance-based group primarily known for identifying errors. Then, the
focus shifted to address the root cause of the errors. As the internal audit
function began to probe deeper, they found instances where policies and
procedures were not clearly documented or understood to prompt the
desired action . As a result, the auditors would make recommendations to
address the issue and/or improve the process .

By offering assistance to process owners-this act alone- may have

initiated the expansion of the internal audit function’s role. As time
progressed, the next phase that emerged was evaluating and reporting on
the internal control structure of the organization. Many organizations
were automating and using systems to process transactions. Systems and
automation generate complexity for the organization, thereby creating
new control risks and opportunities. During the last two decades, there
have been increasing demands on the internal auditing profession to
change – this time around, it is requiring them to take a more proactive
role in corporate governance. As corporations and the accounting
profession 10 ushered in a new millennium with a plethora of accounting
and corporate fraud scandals, it raised serious questions about the
inherent soundness of the current corporate governance model.
Organizations were violating rules and procedures designed to properly
account for transactions. Fraud was rampant. Moreover, there was no
accountability.

All of these events are symptomatic of the systemic issues in the

corporate governance arena. The pivotal point in this crisis was Enron. It
was the final spark that rendered the current corporate governance system
ineffective. Therefore, strengthening the corporate governance system
had to be critical priority. A significant effort in strengthening corporate
governance was the enactment of the SarbanesOxley Act .

2- Internal Audit In Corporate Governance

There exist a strong relationship between corporate governance and

management, the audit committee and corporate governance and internal
control. Also is undeniable that the audit committee depends ‘heavily’ on
the internal auditor for its reviews of the system of internal control as
prescribed by corporate governance recommendations and codes. It is
therefore not a surprise that several efforts are put in by IIA to guide its
members in order to become corporate governance experts, who are
capable of assisting both the board and management of an organization.
These is done by IIA through consistent discussion, recommendation and
commenting on various aspect of corporate governance in general and
regarding aspect of audit in particular. Professional Practices Framework
is one of the regulating device intended to be used by IIA, which includes
not only ‘code of Ethics’ but also a set of ‘Standards for the Professional
Practice of Internal Auditing’ consisting of compulsory criteria for
internal auditing as it should be. argued that, these standards are
somehow general since they can be applicable to all internal auditors
irrespective of the company.

One major function of internal audit is to evaluated and make

contribution toward the improvement of risk management, governance
system and internal control. This standard provides a very general
description of the responsibilities of an internal auditor. In practice, the
advisory role which pertains to this standard further explains all aspect
that are to be understood in the standard. The scope of internal auditing,
the responsibilities of management and the definition of how auditor’s
evaluation result into an appraisal of the overall managerial process in
determine by the standard. Implementation standard 2120 focus
specifically on the assurance aspect given by the internal auditor on the
effectiveness and adequacy of control including the organizational
governance, operation and information system. These also involve:
effectiveness and efficiency of operation; reliability and integrity of
financial and operational information; safeguarding of asset and
compliance with rules, regulations, laws and contracts. Practice advisory
again gives further information, and by doing so shows in every sense to
corporate governance.

The practice advisory expunge on the responsibility of the board: One

of the responsibilities of the board is the establishment and maintenance
of organizational governance processes as well as obtaining assurance
regarding the effectiveness of risk management and control processes.
Moreover on the responsibility of management; their roles is to oversee
the establishment, administration and assessment of that system of risk
management and control processes. Lastly on the side of auditors: they
provide different degree of assurance about the state of effectiveness of
risk management and control processes .Traditionally, the responsibility
of the internal auditor was to aid the company to maintain a system of
internal control of its financial statements. However in recent times, a
range of new opportunities, responsibilities and possibilities present
themselves in the light of corporate governance.

The major problem confronting the internal auditor is to find the

necessary means to provide the degree of reasonable assurance expected
by all the stakeholders. Putting in different words, an internal auditor
must endeavor to become a key tools to promote effective corporate
governance processes. Also audit committee sought to improve their
effectiveness through better and more consistent contact with internal
auditors who represent their most valuable source of information. The
internal auditors play a dual role which enables them to keep an eye on
the direction the company is going whilst another eye on every aspect of
internal control which includes laws, rules and regulations, expectations,
risk and opportunity. Basel (1999) argued that internal auditors play a
very essential role in achieving an effective corporate governance. How
effective the board and the senior management are enhanced through the
recognition of the essence of audit process, ensuring measure are
undertaken to enhance the independence of auditors, enabling the
independence of Chief Audit Executive (CAE) by reporting audit
outcome to the audit committee or board. Likewise the board must
acknowledge and recognize that the internal auditors are their critical
essential agents. the critical attention is being placed on audit committee
and board of director responsibilities for the better understanding,
management and evaluation of business risk have on corporate
governance.

3- Internal Audit Function In Corporate Governance

Many opportunities exist for the internal audit function to play an

instrumental role in corporate governance. Today, organizations are
pushing to put in place more effective governance structures and
processes. Given the type of climate that exists, it is not surprising that
the internal audit function is viewed as the ideal resource to assist with
improving and supporting key governance processes by monitoring the
controls and evaluating the operational effectiveness of management
strategies and initiatives. Therefore, each party is responsible for making
a contribution to corporate governance.

A significant part of organizational governance has to do with

effective monitoring and oversight of risk management. The IIA (2003)
states that, “the internal auditors, perceived as ‘risk management experts’,
can expect to play an immensely significant and high-profile role within
organizations for years to come.” The audit committee is an operating
committee of the board of directors charged with oversight of financial
reporting and disclosure. The responsibilities include the following:
overseeing the financial reporting and disclosure process, monitoring
choice of accounting policies and principles, overseeing hiring,
performance and independence of the external auditors, oversight of
regulatory compliance, ethics and whistleblower hotlines, monitoring the
internal control process, overseeing the performance of the internal audit
function and discussing the risk management policies and practices with
management Under SOX, the audit committee’s role has been
substantially strengthened by requiring the board to have a majority of
independent directors, including a minimum of one financial expert. This
rule in particular, cast dispersions about the effectiveness of gray
directors serving on the audit committee in the past. In fact, the SEC
stated that, “having at least one member with an accounting or finance
background will improve the effectiveness of the audit committee in
carrying out its financial oversight responsibilities.”).

The internal audit function can be useful by helping the audit

committee perform its responsibilities effectively. This assistance
includes reporting on critical internal control issues, informing the
committee on the capabilities of key managers, suggesting topics for the
audit committee’s meeting agenda and coordinating with the external
auditor and management to ensure the committee receives effective
information. There are other areas where the internal audit function can
take the lead. For example, the internal audit function will often operate
and administer the whistleblower hotlines and ensure the ombudsman
process is working effectively. Typically, the internal audit function will
lead the compliance audits and ensure that the organization is compliant
with laws and regulatory provisions. Auditing entity level controls such
as the code of conduct and code of ethics for all employees is another
example of how the internal audit function can demonstrate leadership. In
addition, the internal audit function works with the external auditor to
prepare for the general audit annually. Given the importance of the
internal audit function, it is imperative that there be a level of
coordination and positive interaction between management and internal
audit. David Richards, former President of Institute of Internal Auditors,
states that, “SOX elevated the importance of internal auditing. It is
important that the four parties to good corporate governance – the board
of directors, executive management, the internal auditors and the external
auditors-are working together to assess the risks. It is a never-ending,
ongoing task, not-a-once-in-a-lifetime event.” Based on the roles and
responsibilities of each of the four cornerstones, it is clear that there is
great deal of interdependency present. Therefore, successful corporate
governance is contingent upon a fluid relationship among the
cornerstones, thereby making the internal audit function an integral part
of the corporate governance framework .

In brief, it is fair to say that the new vision has dramatically

influenced the regulatory landscape, changed the operating methodology
of companies and heightened the role of the internal audit function in
monitoring and improving corporate governance going forward.