The external audit is referring to the audit firms that offer certain auditing services. This type of audit required to maintain the professional code of ethics and strictly follow International Standards on Auditing and/or local standards as required by local law. The firms are working independently from auditing clients that they are auditing and if the conflict of interest has occurred, proper procedures are needed to take action to minimize the conflicts.
Internal Auditing is an independent and objective consulting service that is designed to add value to the business and improve the entity’s operation.
It provides a systematic and disciplined approach to evaluating and assessing the entity’s risk management, internal control, and corporate governance.
Scope of internal audit is generally determined by the audit committee, the board of directors or directors that have equivalence authorization. And if there is no audit committee and board of directors, internal audit normally reports to the owner of the entity. Internal audit activities are normally covered internal control reviewing, operational reviewing, fraud investigation, compliant reviewing, and other special tasks assigned from the audit committee or BOD.
The forensic audit is normally performed by a forensic accountant who has the skill in both accounting and investigation. Forensic Accounting is the type of engagement that undertaking a financial investigation in response to a particular subject matter, where the findings of the investigation normally are used as evidence in court or conflict resolution among the shareholders. The investigation is covering numbers of areas include fraud investigation, crime investigation, insurance claims as well as a dispute among shareholders. A forensic audit is also needed to have a proper plan, procedure, and report like other audit engagement.
Statutory audit is referring to an audit of financial statements for the specific type of entities required by law or local authority. For example, all banking sectors required their financial statements to be audited by qualified audit firms authorized by their central bank. The statutory audit might be the difference from financial statements auditing as the financial audit is referring to the audit of all types of entity’s financial statements including both meet or not meet the government’s requirement. However, statutory audit refers to only auditing of the entity’s financial statements that required by local law. The statutory audit is normally performed by external audit firms and the audit report will be issued by the auditor and submit to the government body by the entity. The common criteria set by law that required entities to have their financial statements by qualified audit firms are the amount of annual turnover, the value of assets, and the number of staff the entity employed.
Financial audit refers to the audit of the entity’s financial statements by an independence auditor where audit opinion will be provided on those financial statements after auditing works are done. We prepare the financial statements based on IFRS. The audit standards that use by the auditor to conduct financial audit need to adopt international standards and requirement of local law. Some country requires an audit firm to follow its audit standards while some other countries have adopted the international standards and transform it to be local.
A tax audit could be performed as the result of an in-compliant found by a government agency or the schedule set by the government tax department (VAT). An entity needs not to invite or engage with the tax authority to come to perform a tax audit. They will come by themselves. Entity just needs to file its tax obligation properly and timely based on the tax law of the country. To minimize the penalty as the result of the tax audit, the entity is recommended to follow all the requirements set by tax law and for those areas that they are not sure, the entity should engagement with tax consulting firm for advising.
A compliance audit is a type of audit that checks against internal policies and procedures of the entity as well as law and regulation where the entity operating in. Law and regulation here is referring to the government’s law where the business is operating. For example, in the banking sector, there are many kinds of regulation required bankers to follow and comply with. Most of the central banks required commercial banks to set up the complaint review (assessment) or compliance audit to make sure that they are complying with those laws and regulations set. The entity may also assign its internal audit function to review whether the entity’s internal policies and procedures are complying and effectively follow. A compliance audit is part of the system that use by the entity’s management to enforce the effectiveness of the implementation of the government’s law and regulation, and the entity’s internal policies and procedures.
Integrate audit is happen when there are two different areas of audit requirements. For example, there is a financial audit along with a social audit or there are some areas need to be confirmed with the financial audit. For example, the NGO requires their financial statements to be audited along with technical areas that those NGO spending the money for. For example, NGO are working on public health and most of the money spend are related to public health. Besides the expenses reports that present the expenses that NGO paid for and need to be audited by the financial auditor, there is the number of technical reports like health reports which need to be verified by technical auditors that have experienced in assessing health report. This is called an integrated audit. The integrated audit also happens when the entity operates in many different countries and the financial statements are an audit by different audit firms.
A special audit is a type of audit assignment that normally done by the internal auditor. This has happened when there is the problem/case occurred in the organization like fraud, business case or other special cases. For example, there is fraud occurred in the payroll department and this concern raised to the audit committee or board of director or sometimes there is the request from the CEO to have a special audit on these areas. Once the auditor completes the audit, then the report is prepared by the audit team and then submit to audit committee or board of directors. It is sometimes also reported to the CEO of the entity.
Operational audit is the type of audit service that the review is mainly focused on the key processes, procedures, system, as well as internal control which the main objective is to improve productivity, as well as efficiency and effectiveness of the operation. Operation audit has also targeted the leak of key control and processes that cause waste of resources and then recommend for improvement. Operational audit is the part of the internal audit and their main aim is to add value to the business their professional services. Systematic and highly discipline is also the part that helps to make sure the operational audit adds value to the organization