Today’s complex and evolving business environment has made integrated auditing increasingly more invaluable than ever. This is premised on the fact that an integrated audit differs from the traditional(non-integrated) in terms of scope and complexity. The traditional audit focusses primarily on reviewing only financial statements or conducting internal controls as a separate activity. Integrated audit is performed by an external auditor who must be independent of the company being audited. Integrated audit combines a financial statement audit with audit of internal controls into one comprehensive audit engagement.
Thus, integrated audit not only evaluates a company’s financial statements or its internal controls but also considers their integration with financial, operational and technological systems. There is a growing requirement for assurance in areas such as IT governance and cloud computing. Integrated audit can deal with assurance in those areas unlike the traditional audit with a limited scope.
Integrated audit has two main objectives which constitute it. These are:
Financial Statements Audit: The main purpose of this audit is to evaluate the accuracy and fairness of a company’s financial statements. This includes an examination of the company’s statement of financial position (balance sheet), income statement, cash flow statement as well as the notes to the accounts. It is the duty of auditors to evaluate financial statements so presented to assure stakeholders if they reflect a true and fair view of the company’s financial position and are in line with relevant financial reporting standards.
Internal Control over Financial Reporting (ICFR) Audit: The driving force behind this particular audit is to examine the effectiveness and efficiency of the company’s internal control procedures for financial reporting. Internal controls audit is a requirement imposed by the Sarbanes-Oxley Act of 2002 meant to protect investors from fraudulent financial reporting by companies. It involves an extensive understanding of the company’s control systems to protect the integrity of business activities.
An internal Control over Financial Reporting (ICFR) audit includes testing controls and identifying any weaknesses which can lead to a material misstatement or an omission in a financial statement. It is the responsibility of auditors to evaluate several aspects of the business operations and uncovers weaknesses in the management system. A robust internal control system also helps to prevent or detect frauds when they incidentally occur and have them corrected through new measures or systems. To achieve the objectives of integrated audit, there is the need to adopt a step-by-step approach. The detailed steps of the process involve:
Planning and Scoping
This stage determines the scope and the specific objectives of the audit. The scope focuses on the business and its existing internal controls. It also involves a detailed plan of resources, schedule of activities and responsibilities which require sufficient technical and managerial skills. The planning step sets the foundation for conducting a successful integrated audit and must cover all high risk areas. At this stage, developing a risk-based audit procedure checklist and common testing technologies to frame engagements best suited to an integrated model will drive successful execution.
Risk Assessment
Risk assessment involves identifying and evaluating risks and their potential impact on the financial statements and internal controls. Risk assessment helps to develop effective strategies to identify and quantify risks and to mitigate their impact on business operations.
Materiality Assessment
Materiality refers to the significance of an error or omission in a financial statement which can influence stakeholders’ decision-making. By setting materiality thresholds of risk incidents, auditors can focus on areas that have a higher impact on financial reporting.
Testing Controls & Documentation
In an integrated audit, evaluating internal controls is crucial to obtain evidence about compliance with processes or procedures, policies and documentation. Test of internal controls will identify any weaknesses or gaps that may exist. By assessing internal controls, auditors can gain confidence in the reliability of financial reporting.
Substantive Testing
Substantive testing involves gathering evidence to support the accuracy and completeness of financial statements. This step includes verifying account balances, performing analytical procedures and conducting detailed testing of transactions. Substantive testing activities enable auditors to establish accuracy or otherwise of financial statements.
Communication and Reporting
A complete and integrated audit report must be reported to its stakeholders. The report should encompass key findings and the root causes, the auditor’s opinions as well as recommendations or corrective actions to improve processes and risk management. The key findings must also highlight those weaknesses or deficiencies in the organization’s operations and financial reporting process. An integrated audit report is incomplete without an attestation as an addendum to it.
By attestation, the auditor is attesting to the assertions made by management in its report on internal controls. A typical attestation provides assurance to stakeholders that the company’s financial statements and internal controls are reliable and accurate, and that the audit was conducted in accordance with professional standards. It must be noted that an attestation is an important component of an integrated audit and not same as an audit opinion. Attestation can help to enhance the credibility and reliability of the audit report
Monitoring & Evaluation
The final step in the integrated audit process calls for monitoring and evaluation to ensure that management takes appropriate actions to address deficiencies in the organization’s financial activities and internal controls and track the progress of those corrective measures. Through the step-by-step process, auditors can conduct a thorough and effective integrated audit. It must be noted that the integrated audit process is not a one-time event but a regular or routine exercise to ensure the accuracy, reliability of financial reporting and real-time assurance across the organization.
Benefits of an Integrated Audit to a Business
- By incorporating diverse audit tools and techniques, integrated auditing enhances audit quality. It, therefore, helps to streamline processes, eliminate duplication of duties and optimize resources. As a result, it improves financial reporting and overall efficiency in an organization.
- It allows for a holistic enterprise-wide risk assessment. This comprehensive approach allows auditors to identify potential risks and minimize their impacts which otherwise could have resulted in costly errors, fraud or breaches.
- Integrated audit also helps to strengthen internal controls and mitigate the risk of financial misstatements or operational failures.
- Compliance with regulations and industry standards is one of the crucial ways any company can sustain its operations. Thus, by subjecting your business to integrated audits, you are able to meet all relevant compliance requirements and avoid huge non-compliance costs or penalties.
- By combining financial, operational and compliance audits into one and all-inclusive review, your business can gain valuable insights, improve decision-making and drive overall growth or performance.
- Integrated audits ensure a consistent approach to auditing by aligning objectives across all systems and processes. It is thereby a demonstration of commitment to a thorough evaluation of the organization’s internal control system. In effect, it enhances the credibility of the internal audit activity.
An organization will embrace integrated audit if it has internalized corporate governance culture. This is based on the fact that there is a growing trend for board of directors to request for audit of legal issues relating to regulatory compliance, contracts or other stakeholders’ concerns. An integrated audit approach can be most effective in that direction.
Conclusion
An integrated audit is a powerful tool and offers a business a comprehensive view of its financial and operational activities. The benefits are enormous and must be embraced by businesses. Indeed, integrated audit guarantees business continuity and serves as a potent instrument in enhancing efficiency, transparency and risk control within an organization. It is worth reiterating that integrated audits streamline organizational processes and offers strategic insights for data-driven decisions and business growth and performance.
BERNARD BEMPONG
Bernard is a Chartered Accountant with over 14 years of professional and industry experience in Financial Services Sector and Management Consultancy. He is the Managing Partner of J.S Morlu (Ghana) an international consulting firm providing Accounting, Tax, Auditing, IT Solutions and Business Advisory Services to both private businesses and government.
Our Office is located at Lagos Avenue, East Legon, Accra.
Contact: +233 302 528 977
+233 244 566 092
Website: www.jsmorlu.com.gh
