Internal Auditing is defined as an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization to accomplish its objectives by evolving a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. The internal audit activity evaluates the adequacy and effectiveness of controls that encompass the organization's governance, operations, and information systems (Arens, Loebbecke, Lemon, & Splettstoesser, 2006). Internal audit reviews include the reliability and integrity of financial and operational information, effectiveness and efficiency of operations, safeguarding of assets, and compliance with laws, regulations, and contracts. These reviews ascertain the extent to which operating and program goals and objectives have been established and whether they conform to the requirements of the organization. It also examines the extent to which results are consistent with established goals and objectives and whether operations and programs are implemented or performed as intended.
One of the primary responsibilities of internal auditing is the assessment of internal control system of a company. ...
It also examines the extent to which results are consistent with established goals and objectives and whether operations and programs are implemented or performed as intended.
One of the primary responsibilities of internal auditing is the assessment of internal control system of a company. The French Institute of Chartered Accountants defines internal control "as a set of security measures which contribute to the control of a company. Its aim is to ensure, on the other hand, the security and safeguard of assets and the quality of information, on the other hand, the application of instructions given by the Senior management, and to encourage improvements in performances. It is evidenced through the organisation, methods, and procedures for each of the company's activities, so as to ensure the continuity of that company." There are two identified types of controls, Preventive and Defective Controls. Preventive controls are intended to foil errors or irregularities from happening. It is a positive control that helps avert losses. On the other hand, detective controls are devised to identify or uncover inaccuracy and irregularities after they have occurred. Both of these controls play an important role to an effective control system. Preventive controls are essential because they are proactive and emphasize quality. However, detective controls play a critical role in providing evidence that the preventive controls are working and thwarts losses.
Internal Control Objectives
There are seven pre-defined internal control objectives, namely, authorization, completeness, accuracy, validity, physical safeguards & security, error handling, and segregation of duties.
1) Accountability, authorization and approval- the