audit & assurance
Auditing is a means of evaluating the effectiveness of a company’s internal controls. Maintaining an effective system of internal controls is vital for achieving a company’s business objectives, obtaining reliable financial reporting on its operations, preventing fraud and misappropriation of its assets, and minimizing its cost of capital. Both internal and independent auditors contribute to a company’s audit system in different but important ways.
Management systems such as ISO 9001, ISO 14001 and OHSAS 18001, require that internal audits are scheduled at planned intervals; they do not established a specific frequency nor do they establish that all processes need to have a yearly internal audit.
Organizations need to establish a frequency that is right for them. They decide if the audits will be performed monthly, quarterly, twice a year or once a year. However, there are some criteria that should be considered before defining a frequency that adjusts to an organization’s context and needs. Such as the following;
Complexity of the processes.
- Crucial or high risk processes should be audited on a more frequent basis, perhaps quarterly or twice a year.
- Low risk processes can be audited just once a year or every other year.
Maturity of the processes.
- Well established processes that run efficiently can be audited once a year or every other year.
- New developed processes should be audited quarterly until they are stable.
- Processes that have a history of frequent deficiencies or non-conformities, can be audited quarterly or twice a year.
- Processes with troubles achieving targets and objectives can also be audited quarterly or twice a year.
There are other factors that can influence the frequency of auditing, such as:
- An organization’s budget for the execution of internal audits.
- Regulatory or customers’ requirements.
The role of information technology (IT) control and audit has become a critical mechanism for ensuring the integrity of information systems (IS) and the reporting of organization finances to avoid and hopefully prevent future financial fiasco’s such as Enron and WorldCom. Global economies are more interdependent than ever and geopolitical risks impact everyone. Electronic infrastructure and commerce are integrated in business processes around the globe. The need to control and audit IT has never been greater.
How is relative depending upon the type of audit being performed for your organization. Who? Is the easy answer, let Jagasia Consulting Group walk you through your audit & bring confidence back into your organizations systems and processes.