An internal audit is one of the most effective financial management tools that allow you to assess risks, develop measures to minimize them and improve the efficiency of many business processes. Here are 5 most common questions boards should ask after the audit.
The internal audit in the corporate governance system
In recent years, and especially against a protracted crisis, risk management issues have attracted even more attention from the investment community and have gained particular importance for companies in the light of widespread criticism of the activities of executive management and boards of directors in this area.
Effective risk management and internal control system are necessary to provide shareholders and investors with confidence in the future and in achieving the goals set for the company. Today, companies can use existing concepts that have proven their effectiveness in practice when creating risk management and internal control system. The risk management and internal control system should permeate all areas of the company’s activities and be integrated into all business processes. The executive management is responsible for its effective functioning. The board of directors should determine the acceptable level of risks for the company (risk appetite), principles and approaches to the organization of the risk management and internal audit system, ensure regular assessment of its effectiveness, and report on the results of such an assessment to the annual report.
To provide the board of directors and shareholders with confidence in the effective functioning of the risk management and internal control system, its effectiveness should be evaluated by a party independent of the company’s executive management. To do this, the company should form a structural unit that performs internal audit functions, the head of which should report directly to the board of directors.
Basic concepts of internal audit
The purpose of an internal audit is to exercise effective control over various units (elements) of the internal control system. The main task in this process is to provide the needs of managers for background information on various issues. At the same time, the general functions of internal audit should be understood as follows:
- assessment of control systems’ adequacy – carrying out inspections of management levels, providing reasonable proposals for eliminating deficiencies and recommendations for improving management efficiency.
- performance evaluation – the implementation of expert assessments of various aspects of the functioning of the organization, as well as the provision of reasonable proposals for their improvement. The activity of internal auditors for the organization’s management has informational and consulting value.
Audit activities include a physical examination, a comprehensive analysis of certain activities, and business projects to identify opportunities for improvement.
The top 5 questions boards should ask after the audit
As an auditor, you should prepare guidelines in the run-up to the audit in the form of a list of questions or a checklist to ensure that your audit is carried out in a structured and efficient manner. However, this list of questions does not include the entire audit communication – it merely forms the basis with the appropriate keywords.
So, there are the top 5 questions to ask an auditor:
- Is the company’s risk management policy effective?
- At what stage of implementation of IT infrastructure is the company?
- What are the common business and industry risks for the company?
- What can you say about the social environment of the company?
- Is the data security system of the company reliable?