It is a misconception that the job of an auditor can be summed up to individuals that examine financial records with the goal of forming an opinion about the fairness of information presented within a company’s financial statements. An audit, in a broader sense, is a methodology used to create an opinion or conclusion about processes, transactions or other information when compared to a standard or criteria. There are a variety of different services or reasons a company may need to engage an auditor. If embraced, business owners can use auditors as a tool to enhance processes and procedures, create a tone from the top that deters fraudulent activity and holds both management and employees accountable to execute their roles and responsibilities.
What Else Can Auditors Do?
Below are examples of different audit functions, the auditor’s responsibilities and scope of work:
Auditor is responsible for performing procedures that test the efficiency and effectiveness of company internal controls put in place to achieve business objectives. The scope of an internal audit includes all financial and operational controls that are used to create maximum productivity at a company. Example findings include:
- Provide recommendations to improve weak internal controls
- Investigate instances of possible fraud (even those considered immaterial)
- Perform reconciliations of financial and operating information
- Monitor compliance with industry standards, laws and guidelines
- Evaluate whether processes and procedures are functioning properly
Auditor is responsible for using a mixture of audit and investigative techniques to determine whether the suspicion of fraud is warranted, and if so, the effects of the fraud. Scope of forensic audits can be as wide as necessary and can take a significant amount of resources.
Information System Audit
Auditor is responsible for evaluating the internal controls pertinent to a company’s IT infrastructure. Scope of information system audits can be determined based on a specific objective but generally include the following steps:
- Suitability of the design and operational effectiveness of internal controls
- Effectiveness of maintaining information security and privacy
- Completeness and Accuracy of information processing and data integrity
- Evaluate whether the system development life cycle meets necessary standards
Auditor is responsible for providing different services to clients such as guidance on accounting-related matters, technical disciplines, or industry knowledge. Scope of work depends on services rendered but is generally defined by an agreement between the client and auditor.
Auditor reports on subject matters other than financial statements such as the design and operating effectiveness of a service organization’s internal controls over a certain objective such as security. This is also known as System and Organization Controls (SOC) Reports)
Why Is The Auditor Important?
Many times, people cringe at the sight of auditors but it is important to understand what auditors do and their function in creating a better business. Auditors provide the opportunity for business owners to incorporate independence into the review process of their internal control program. Additionally, the process helps to define gaps, weak controls and possible risks. Moreover, recognizing the different functions auditors can provide, and using their services as an asset, can ultimately provide companies with an edge over their competitors.
Jaclyn Finney started her career as an auditor in 2009. She started with Linford & Co., LLP. in 2016 and is currently a manager with the firm. She is a CISA with a special focus on SOC, HITRUST, FedRAMP and royalty examinations. Jaclyn works with her clients to provide a process that meets the needs of each customer and generates a tailored report that is useful to the client and the users of the report.