An audit is a formal, structured review of information about an organization, person, or process that results in an auditor's opinion. This article discusses financial accounting audits, internal cost control audits, and project management audits.
In all cases, the auditor's opinion report may address questions such as these:
- Does the information presented represent the organization, person, or process fairly?
- Is the information believed to be true and reliable?
- Is the information free of misstatements, misleading information, and factual error?
- Does the information presented conform to accepted standards or requirements for reporting?
- Is there sufficient control and measurement capability in place to ensure positive answers to the above questions?
Audits may be performed by
- Internal auditors employed by organization audited and reporting to company management and boards of directors. In some cases, internal auditors are required to report directly to the Board rather than to management, in order to avoid any risk or appearance of management influence.
- External auditors, employed by professional consulting/auditing firms, or by government regulatory bodies, and reporting to the government, or industry regulatory bodies, or to the general public.
Explaining Audit in Context
Sections below further explains and illustrates the audit concept in context with related business concepts from the fields of accounting, financial reporting, quality control, and project management.
- What is an audit?
- What are financial accounting audits?
- What are cost control and internal auditors?
- What are project management audits?
- What other kinds of audits are used in business?
The most familiar audit to most people in business is the financial accounting audit, by which publicly traded companies employ external auditors to review published financial statements and issue an auditor's opinion, as to whether or not the reports represent the organization's financial position fairly, are free from misleading statements or error, and conform to Generally Accepted Accounting Principles (GAAP).
A positive opinion in this regard is a virtual requirement for acceptance of the financial statements by the investing public, by lending institutions, or regulatory bodies, e.g., the Securities and Exchange Commission in the United States. In financial accounting, the best possible result of an audit is the issuance of an Unqualified opinion, an affirmation that the auditor believes the statements meet the above objectives (see the encyclopedia entry Auditor's opinion for the different kinds of opinions possible).
Audits of publicly traded companies in the United States are subject to rules established by the Public Company Accounting Oversight Board (PCAOB), a creation of the Sarbanes Oxley Act of 2002 (SOX). Under PCAOB rules, auditors are required to address all of the questions listed above, including the question of whether or not there are sufficient internal control and measurement capabilities to meet PCAOB standards (Auditing Standard No.5).
Audits in the United Kingdom address accounting standards issued and maintained by the Accounting Standards Board, a part of the Financial Reporting Council, an independent regulator funded by publicly listed companies. In Canada, Canadian GAAP and standards are the responsibility of the Canadian Accounting Standards Board. There are similarly named accounting standards boards for Australia and New Zealand, with similar roles.
Whereas audits by external auditors provide the assurance of independence and objectivity to those outside the audited organization, internal auditors can assure the company's own management that internal controls are working and sufficient to manage the organization efficiently, comply with taxation and other regulatory requirements, and meet external reporting requirements. As mentioned, internal auditors may in some cases be required to report directly to boards of directors or the corporate officers, in order to minimize the risk of management influence in reporting their opinions.
In a hotel system, for instance, internal auditors will ensure that controls are in place and working to prevent bad debt or unpaid hotel bills: Internal auditors will ensure that hotel check in staff collect payment or credit authorization from arriving guests, as required, and do not over extend credit to guests. In addition to financial accounting, businesses may focus internal auditors on such areas as
- Billings and receivables.
- Expenditures and expense management (including especially areas such as employee travel expenses, employee reimbursement for out of pocket expenses).
- Cash management.
- Human resources (including hiring, promotions, and pay raises).
- Information Technology spending and utilization.
- Asset management / utilization of assets (e.g., the use of company facilities, company computers, and company vehicles).
The term audit is also used in project management. A project audit (sometimes called a project health check ) may be administered through a Project Management Office (PMO), and be prescribed for any or all stages of the project management process. The audits are intended to determine first if the project is defined, specified, and planned properly, then whether it is managed effectively, and finally, whether the project is likely to deliver expected results (and justify its cost).
More specifically, project management audits may be designed to ensure that
- Projects are designed with clear objectives, responsibilities, and ownership specified.
- Project objectives are in line with organizational objectives and priorities.
- Project costs and benefits are clearly determined and monitored (there is a good business case for the project).
- Time delays and cost overruns are minimized.
- There are adequate resources to complete projects according to plan.
- Project progress and timing are estimated realistically and managed to meet expectations.
- Projects are managed to successful completion.
- Project staffing is appropriate for project and organizational needs.
Audits may be undertaken by governments and regulatory bodies for a wide range of other purposes, usually to evaluate an organization's performance towards meeting objectives, or compliance with laws and regulations.
- As mentioned, governments may engage in tax audits, specifically to evaluate compliance with tax reporting and payment requirements.
- Environmental audits are especially important for companies whose operations or products may have environmental impacts (electrical utilities or automobile producers, for instance).
- Manufacturing companies own performance with product quality control audits.
- Service delivery companies evaluate the quality and efficiency of their own service performance through service delivery audits.