Types of Audit
Audit is the process of examination of the company’s accounts, such as financial reports and other financial information. There are many types of audit which could be performed on the company’s accounts by either internal parties such as internal auditors or by external parties such as external auditors and tax officers.
The thirteen types of audit are included in the list below:
- Internal audit
- External audit
- Tax audit
- Forensic audit
- Financial audit
- Operational audit
- Compliance audit
- Statutory audit
- Value for money audit
- Agree upon procedures
- Integrated audit
- Information system audit
- Environmental audit
Internal audit is the process of independent evaluation of the company’s risk management and control in order to improve business operations and add value to the company. In addition, it helps to ensure the company complies with internal policies, applicable laws and regulations.
This type of audit is usually performed by internal auditors who are the employees of the company. However, the company may engage the external firms to perform the internal audit if they do not have sufficient resources.
Among all types of audit, internal audit has strong purposes to improve business operation, minimize risks and ultimately help the company to achieve its objective. For example, auditors may perform the internal audit on sale operation at the branch to evaluate whether the internal controls related sale can prevent or detect errors or fraud related to sales.
External audit is the process of independent evaluation of the company’s financial statements by a qualified independent third party, the external auditor. For example, external auditors such as PwC’s staff may review the transactions and balances of the ABC company’s accounting records to determine whether they are complete and accurate.
The main objective of this type of audit is for external auditors to express their opinion on whether the company’s financial statements present fairly, in all material respects, in accordance with the applicable accounting standards and regulations.
In this case, auditors are usually appointed by shareholders at the annual general meeting of the company. Likewise, external auditors are usually chosen based on their skills, experiences, qualifications, and reputations.
Tax audit is an examination of the company’s tax return to evaluate whether it is prepared in accordance with the tax laws. It is performed by the tax officers from the government tax department.
In this type of audit, auditors who are the tax officers are not appointed by the company. Usually, they only inform the company beforehand and then they will come to review the company’s accounts and records to see if the company follows the tax laws when filing the tax return.
Tax audit is usually considered the strict process and the company is required to comply with all applicable tax laws. For example, if auditors who are tax officers found any matters that do not comply with the tax laws, the company will usually receive penalties based on the severity of the non-compliance.
Forensic audit is the investigation of financial information by forensic accountants who specialize in both the investigation and accounting field.
It’s usually performed by examining the company’s accounts or person’s financial accounts to track and collect evidence that can be used in the court. Forensic audit usually covers areas of fraud, thief, and other financial claims.
For example, when the company suspects that its employees commit any type of fraud, they may engage auditors to perform the forensic audit. Hence, auditors may perform the forensic audit by planning an investigation, identifying the type of fraud, who’s behind and how it is concealed, quantifying the amount of loss, gather evidence to be used in court, suggesting measures to prevent such fraud, etc.
Financial audit is the audit of the company’s financial statements which is usually performed by independent external auditors. In this type of audit, auditors evaluate whether the company’s financial statements contain any material misstatement.
In other words, auditors examine whether financial statements are free from material misstatement and prepared in accordance with applicable accounting standards.
For example, audit works that are done by the external audit firms such as PwC, usually are the financial audit. This is due to the main objective of their audit works is usually to express an opinion on the client’s financial statements whether they are free from material misstatement.
Operational audit is the process of examination of business operations and controls in order to improve its efficiency and effectiveness as well as minimize the risks that could obstruct the company from reaching its goal. The main objective of an operational audit is usually to add value to the company.
This type of audit is usually performed by internal auditors to examine the internal controls of the company. Operational audit is usually performed to improve internal controls in preventing or minimizing the risk of error or fraud that could happen in the operations.
For example, auditors found that there is no safe to keep cash overnight while performing the operational audit at the branch. Hence, auditors recommend to the management to have safe for putting cash overnight. This is to prevent the risk of losing the cash as well as prevent the risk that could happen to the safety of the person holding the cash overnight.
Compliance audit is the process of reviewing the business’ practices and procedures to make sure that they comply with laws and regulations as well as internal policies that the company has in place.
Compliance audit is usually performed by internal auditors in which they usually perform as the part of internal audit. In this type of audit, auditors usually review and examine various laws and regulations as well as internal policies and compare them with the actual practices to make sure the company’s staff follow laws, regulations, and various policies that the company has in place.
For example, internal auditors may review the internal policy of keeping cash and comparing it to the actual practice at the branch. If the actual practice is different from the policy, e.g. the internal policy states that overnight cash must be kept in the safe, but the branch manager keeps cash with her instead, this means that the branch manager does not comply with the internal policy.
Statutory audit is the process of examination of the company’s accounts by independent external auditors in order to comply with laws and regulations. In this type of audit, the company is required to have their financial statements audited by external auditors.
The requirement is usually placed by the regulations that the company is in. For example, the listed companies are under the stock exchange committee regulations while banks are under the regulations of the national bank, e.g. Federal Reserve Bank in the US.
In this case, a listed company is usually required by laws and regulations to have their financial statements audited (e.g. quarterly) by external auditors and submit to the stock exchange committee.
Value for money audit
Value for money audit is the assessment of the organization in managing its resources with due regard to economy, efficiency, and effectiveness.
Economy refers to acquiring resources with appropriate quality at a low cost. On the other hand, efficiency means maximizing output with a given input, while effectiveness refers to whether the organization has achieved its objective.
This type of audit is usually performed on the nonprofit organization (NGO). This is due the nonprofit organization’s revenues are mainly from donors; and donors usually want their money to be used in an efficient and effective manner as well as achieving economic state when acquiring resources for operating the organization.
Agree Upon Procedure (AUP)
Agree upon procedure is the procedure that auditors perform the tests on certain financial information or business process which are agreed upon by the client and third party.
In the AUP engagement, auditors only report factual findings and do not give an opinion; clients need to draw their own conclusions. Likewise, auditors do not perform examination or review; instead they report their work in the form of procedures.
Integrated audit is the type of audit that looks at more than one aspect such as financial information, operation, information technology, compliance, and environmental aspect, etc.
For example, publicly traded companies governed by rules laid down by PCAOB are required to have integrated audits in which auditors not only express an opinion on financial statements but also on the effectiveness of companies’ internal controls over financial reporting.
Information system audit
Information system audit is the process of examination of the client’s internal controls relevant to the IT system. This type of audit is usually performed by the auditors who are specialized both in audit and information technology.
Auditors usually perform the information system audit as part of their internal control assessment. IT systems that are usually required the audit are those that calculate or produce the financial data.
Environmental audit is the evaluation of the company’s operations and processes in compliance with environmental regulations.
This type of audit is usually performed by internal staff who specialize in environmental audit or external audit staff which is from environmental consulting firms.