Internal Audit


Internal audit is the process of independent evaluation of the company’s risk management and control in order to improve business operations and add value to the company. In addition, it helps to ensure the company complies with applicable laws and regulations and ultimately achieves its objective.

This type of audit is usually performed by internal auditors who are the employees of the company. However, some companies might engage outside firms to perform the internal audit when they do not have sufficient resources.

Objectives of Internal Audit

Main objectives of internal audit include:

  • To ensure that the company’s resources have been used in an efficient and effective manner
  • To help management improve the control and process in the business operation
  • To minimize the risk of error and fraud that prevent the company from achieving its objective
  • To ensure the accuracy and completeness of the accounting records
  • To ensure the company’s preparation of financial reports follows the applicable accounting standards
  • To ensure the reliability of internal control over financial reporting
  • To ensure that the company complies with all relevant laws and regulations placed upon by regulatory body and government
  • To ensure the company’s policies and procedures are followed by the staff at various levels

3 Main Types of Internal Audit

The three main types of internal audit include operational audit, financial audit, and compliance audit.

3 Main Types of Internal Audit

Operational audit

Operational audit is the process of evaluating the company’s business operations by trying to find areas of improvement that management can implement to improve overall quality of the business process.

The work of auditors in this type of internal audit involves reviewing the day-to-day business operation and control to see whether there’re any flaw or weakness that could lead to the risk of error or fraud.

If any flaw or weakness exists in the business operation or control, the correction should be made either to improve the overall process of business or to minimize the risk. The ultimate aim of the operational audit is to add value to the company.

Financial audit

Financial audit is the process of evaluating the company’s financial transactions and balances by verifying and inspecting various supporting files and documents.

The work of auditors in financial audit usually involves review incomes, expenses, assets and liabilities in accounting records to see whether they are completed and accurate and to see whether they properly follow the applicable accounting standards.

In this type of internal audit, auditors also evaluate the company’s internal control over financial reporting to see whether the control is reliable and working properly in producing financial reports.

Compliance audit

Compliance audit is the process of reviewing all laws and regulations that are placed upon the company and verifying the company’s practices to see if they might breach any or could lead to any breach if the practices are still carried on.

Auditors also evaluate the staff’s practices at various levels to see whether they follow policies and procedures that the company issued. Hence, the internal audit focuses on both internal and external compliance.

Independence and Objectivity of Internal Audit

Although internal auditors are the employees of the company which is managed and controlled by CEO and senior management, independence and objectivity are still important criteria that all internal auditors should have. Internal auditors should have full freedom in deciding the areas to audit, issues to raises, and opinion to give in order to fulfill their roles and responsibilities as internal auditors.

If the independence of internal audit department is found or seem to be compromised due to influence of directors and other senior management, the matter should be reported to audit committee so they can make arrangement to solve the problem.

Likewise, the objectivity should be maintained at all times by internal auditors especially while they are gathering audit evidence, such as inspecting the supporting documents and relevant files. They should not let personal or business relationships to influence their objectivity.

Hence, if internal auditors feel that their objectivity could be compromised for any reason, they should notify their manager so that action can be taken, such as increasing the review of work they perform or remove them from the audit team.