Internal Audit and Corporate Governance - Essay Example

INTERNAL AUDIT AND CORPORATE GOVERNANCE and Section # of The purpose of this report is to look into the broader field of auditing by concentrating on internal audit and its part in corporate governance. Corporate governance is the means through which an organisation is manage and controlled. On the other hand, internal auditing is the activities concerned with recommending and directing organizations, with reference to how to improve and achieve the organizational goals. It's an ongoing evaluation of the financial wellbeing of a company's operations by its own employees. Employees who carry out this function are called internal auditors. (Coyle, 2005) Internal Audit In an internal audit, the internal auditors determine, assess and supervise an organization's risk management, reporting methodologies, and control practices; at the same time give proposals for advancement. Although internal auditors are characteristically accountants, this activity can also be carried out by other qualified experts who are knowledgeable with the company's functions as well the necessary regulatory requirements. (Friedberg, 2004) The span of internal auditing in an organization is expansive and it may engage internal control issues such as the effectiveness and efficiency of business processes, the consistency of financial reporting, preventing and inspecting fraud, protecting resources and other important assets, and observance with the laws and organizational strategies. (Friedberg, 2004) Internal auditing repeatedly requires measuring observance with the businesses' policies and procedures. Nevertheless, internal auditors are not accountable for the implementation of business activities; they give advice to the senior management on the subject of how to better accomplish their responsibilities. Management is responsible for internal control. (Friedberg, 2004) Management sets up the course of action and designs processes to facilitate the organization in achieving particular objectives in each particular field. Internal auditors perform audits to evaluate whether the policies and processes designed are operating effectively and provide recommendations for improvement. (Friedberg, 2004) To execute their responsibility efficiently, internal auditors have need of self-rule from management, to facilitate open and clear assessment of organizational activities and personnel. Although, internal auditors are part of company management and are paid by the company, but the most important client of internal audit activity is the body charged with supervision of management's actions. (Friedberg, 2004) Internal auditors may also help businesses' commence and retain Enterprise Risk Management processes. The Internal auditors also play an imperative task in facilitating businesses' to carry out a top-down risk assessment. In these concluding two fields, internal auditors usually are part of the project team in an advisory position. Based on a risk evaluation of the business, the internal auditors, and the senior management determines where to concentrate the internal auditing uphill struggle. (Rezaee, 2002) Internal auditing activity is normally carried out as solitary or as more distinct projects. A characteristic internal audit plan comprises of the subsequent measures. First and fore mostly, it begins with establishing and sharing the degree and purpose for the audit to appropriate management. This is followed by developing an understanding of the business division in evaluation. This encompasses objectives and significant operation types, it involves analysis of credentials and dialogues; flowcharts and accounts may be created if necessary. (Rezaee, 2002) Then the identified control measures are used to make certain that each crucial business transaction is correctly controlled and scrutinized. After that, the internal auditors work out and execute a risk-based sampling and examining approach to find out whether the a good number of important controls are working as planned. If any problems are identified then they are reported and then action plans are negotiated with the management to deal with the problems. (Rezaee, 2002) Lastly, the organisation should follow-up on reported findings at appropriate intervals. The Internal audit departments preserve a follow-up record for this reason. Each project on average takes 2-3 months to complete, depending on the intricacy of the business under assessment, the management's availability to help out, and the internal audit resources applied. (Rezaee, 2002) Many of the above procedures are iterative and may not all take place in the order denoted. By examining and recommending business improvements in important areas, auditors assist the organizations to perform well. Other than reviewing business developments, professionals called Information Technology Auditors review information technology controls. (Rezaee, 2002) Corporate Governance Corporate governance is the set of procedures, customs, guiding principles, laws and institutions affecting the manner in which an organisation is directed, managed or controlled. Corporate governance also takes account of the associations among the many players drawn in and the goals for which the business is governed. The most important players are the shareholders, the management and the board of directors. Further stakeholders comprise of the employees, the suppliers, the consumers, the government, the financers and other lenders, the regulators, the environment and the society in general. (Dunlop, 1998) Major elements of good corporate governance doctrine include truthfulness, confidence and integrity, sincerity, performance orientation, accountability and responsibility, shared values, and obligation to the organization. (Dunlop, 1998) What is of immense importance is that how the board of directors and the management build up a model of governance that aligns not only the standards of the corporate environment and the competitors, but also proves its effectiveness. In particular, the senior executives must conduct themselves sincerely and fairly, especially with reference to real or apparent conflicts of interest, and disclosures in financial reports. (Dunlop, 1998) The generally accepted philosophy of corporate governance includes: rights and impartial dealings of the shareholders. Organizations should value the rights of shareholders and help shareholders to employ those rights. They can help shareholders exercise their rights by effectively communicating information that is understandable and accessible and encouraging shareholders to participate in general meetings. Then they should look in the interests of other stakeholders. Organizations should be aware of that they have legal and other obligations to all lawful stakeholders. (Manz, 2003) Next is the role and responsibilities of the board. The board needs a range of skills and understanding to be competent to deal with various business issues and have the knack to review and defy management performance. It needs to be of sufficient size and have an appropriate level of commitment to fulfil its responsibilities and duties. There are issues on the subject of the right mix of executive and non-executive directors. The key roles of chairperson and CEO should not be held by the same individual. (Manz, 2003) Organizations should develop a code of conduct for their directors and executives that promotes fair and responsible decision making. It is important to appreciate, though, that complete dependence on integrity and ethics is bound to eventual failure. Because of this, many organizations establish compliance and ethics programs to diminish the threat that the firm steps outside of ethical and legal limits. (Manz, 2003) Finally there should be disclosure and transparency in the organization's practises. Organizations should shed light on and make publicly known the roles and responsibilities of board and management to make available shareholders with a level of accountability. They must also put into practice measures to independently authenticate and uphold the integrity of the company's financial reporting. Disclosure of material matters pertaining to the organization should be well-timed and objective to ensure that all investors have access to clear, accurate information. (Manz, 2003) Internal corporate governance controls keeps an eye on all activities and then takes corrective action to achieve organisational goals. Specifically the control by the board of directors. The board of directors, with its lawful authority to hire fire and recompense senior management, safeguards invested capital. Regular board meetings allow potential problems to be identified, discussed and avoided. Despite the fact that non-executive directors are thought to be more autonomous, they may not always result in more effectual corporate governance and may not enhance performance. (Manz, 2003) Diverse board structures are most favourable for different firms. Furthermore, the ability of the board to monitor the firm's executives is a task of its access to information. Executive directors enjoy greater knowledge of the decision-making procedure and therefore assess top management on the basis of the quality of its decisions that direct to financial performance outcomes. (Manz, 2003) It could be argued, therefore, that executive directors look ahead of the financial criteria. Then comes, the performance-based payment, it's designed to relate some percentage of salary to individual performance. It may be in the form of cash or non-cash payments such as shares and share options, superannuation or other settlements. (Manz, 2003) Such motivational plans, however, are reactive in the sense that they give no means for preventing errors or opportunistic behaviour, and can bring forth myopic behaviour. External corporate governance controls encompass the controls external stakeholders employ over the organisation. They are the debt covenants, government regulations, media pressure, hostile takeovers, competition, managerial labour market and telephone tapping. (Manz, 2003) Relationship between Internal Audit and Corporate Governance Internal auditing activity as it relates to corporate governance is generally informal, accomplished principally through contribution in meetings and discussions with members of the Board of Directors. Corporate governance is an amalgamation of processes and organizational structures implemented by the Board of Directors to inform, manage, direct and monitor the organization's assets, strategies and course of action towards the accomplishment of the organizations objectives. Internal auditing is often considered one of the "four pillars" of corporate governance, the other three pillars being the Board of Directors, the management, and the external auditor. (Manz, 2003) A prime focus area of internal auditing as it relates to corporate governance is serving the Audit Committee of the Board of Directors perform its responsibilities efficiently. This may consist of reporting vital internal control problems, suggesting issues or topics for the Audit Committee's meeting agendas, informing the Committee confidentially on the capabilities of major managers and coordinating carefully with the external auditor and management to make certain that the Committee receives valuable information. (Montondon, 1995) The pioneering developments in financial sector have led to an amplified demand for an effective risk management as well as sophisticated corporate governance. Each business organization is subject to some kind of risks depending upon quite a lot of factors such as the products and the services it sell, the market in which it operates, the resources through which it is financed, and the manner it utilizes its funds. Hence, it is essential to coordinate every facet of a business organization in an effectual way. (Montondon, 1995) Here comes the significance of corporate internal control structure. In other words, a good corporate internal control has now developed into an integral part of risk management framework. The major purpose of corporate internal control is to encourage economical as well as proficient operations that go with the objectives of an organization. Other key purposes are to defend firm's resources against misconduct or fraud, to develop reliable financial as well as managerial facts in order to present them timely. And above all, to guarantee whether the company's activities are in harmony with laws and regulations. (Montondon, 1995) In short, the activities that are enclosed in the execution of a good corporate internal control are control activities in connection with reconciliations and authorizations, segregation of duties, protection of assets, and reviewing of employee performance. A multitude of benefits can be derived through the operation of an effective corporate internal control system. Given that a good internal control system ensures that the resources are utilized merely for their intended purposes, a greater benefit is that it helps to surmount the risk associated with the exploitation of organization's funds and other assets. (Montondon, 1995) Another primary advantage is that prevents errors and abnormalities by detecting them in a timely manner, by this means promoting unswerving and accurate accounting records. Also, a considerable gain is that it can promptly resolve issues arising as a consequence of reporting errors. Above all, it safeguards the interests of employees by clearly specifying them their responsibilities and duties and protecting them from being accused of irregularities or misappropriations. (Montondon, 1995) The type of corporate internal control system implemented in a business organization depends upon the altering needs of an organization. However, the most common types that are put into practice in many of the business organizations consist of preventive internal control systems, detective internal control systems, and corrective internal control systems. (Abdolmohammadi, 2007) Preventive control system is planned in such a way to identify and eliminate errors and irregularities before they have taken place. In detective corporate internal control, it corrects mistakes and irregularities that have been detected. When comes to preventive control system, it is intended to shun errors or irregularities from taking place in the first place. (Abdolmohammadi, 2007) Data Collected The data have been collected from some Belgian companies' annual reports and then analysed. The differences between the shareholders and management have been criticized with the help of agency theory which categorizes the determinants of the size the internal audit function (IAF) in Belgian companies. From the Belgian Institute of Internal Auditors (IIABEL) database some 260 companies were found to have an internal audit function. (Abdolmohammadi, 2007) In the first phase of data collection, questionnaires were sent to the heads of the internal audit department of the 260 target regarding their department size and variables of the agencies. With the help of e-mails and phone calls support, 85% response rate was achieved out of which 12 companies' data were rejected since they did not provide complete data. In the second phase, the leftover 73 usable samples were used to collect financial data from Belfirst database, the Amadeus database and company annual reports. (Abdolmohammadi, 2007) From the study it was evident that the three agency variables are correlated with the size of the internal audit function (IAF) in Belgian companies. For wide ownership structures, bigger internal audit functions are required to cater to the owner's interests. It is seconded tat the external audits although play a vital role however its role is limited in only monitoring a reduction in agent problems while this role corporate governance is growing. (Abdolmohammadi, 2007) It is also found that those companies who try to have more reporting levels/functions in their organizations have larger internal audit functions. This may be because the executives might need the large internal audit functions to monitor the limited information of their companies. Keeping these findings in mind, the correlation between company size and the size of the IAF is also found to be very strong. (Abdolmohammadi, 2007) Conclusion No matter it is of any type, an effective internal control system consists of certain important steps, such as, control environment, assessment of risk, control activities, information as well as communication, and monitoring. The foundation for all others steps involved in internal control systems, control environment provides a framework for the organization by including in it elements such as integrity and ethical values. Assessment of risk involves the analysis and establishment of plans in order to prevent the risks associated with the attainment of company's objectives. Control activities include policies and procedures formulated by management in order to ensure the effectiveness of carrying out of activities with regard to the achievement of organizational goals. The information and communication step covers understanding of policies and procedures, assessment of employee performance, and corroboration of information. Perhaps the most focal of all steps of internal control systems is monitoring, which is the practice of assessing the on the whole performance of an organization. Above all, the full benefits of internal control system may possibly be achieved only if it is implemented in an effectual manner. Recommendations From the results that points towards a closely related companies, number of reporting levels and the size of the internal audit functions it is recommended that a monitoring role for internal audit is not only high in demand, rather it should be a part of every organization. It will help in reducing agent problems as well as to help support the growth of the role of internal audit in corporate governance. Hence, it is obvious that it could be formulated only by a professional. Maybe for this reason, currently many learning centres across the world carry out particular courses for corporate internal control, for instance, diploma in corporate internal control, covering sessions such as concepts of internal control, risk evaluation and management, defect management, and corporate governance and equivalent standards. The ground-breaking developments in financial sector have led to greater than before demand for an effective risk management as well as sophisticated corporate governance. Works Cited 1. Abdolmohammadi, M. J. (2007). AGENCY THEORY AS A PREDICTOR OF THE SIZE OF INTERNAL AUDIT FUNCTION IN BELGIAN COMPANIES. Massachusetts. 2. Coyle, B. (2005). Risk Awareness and Corporate Governance. Lessons Professional Publishing. 3. Dunlop, A. (1998). Corporate Governance. Chartered Institute of Management Accountants. 4. Friedberg, A. (2004). Ethical Aspects of Internal Auditing . Journal of Business Ethics . 5. Manz, W. H. (2003). Corporate Fraud Responsibility: A Legislative History of the Sarbanes-Oxle. 6. Montondon, L. (1995). Accountability in Municipalities: The Use of Internal Auditors and Audit Committees . The American Review of Public Administration . 7. Rezaee, Z. (2002). Financial Statement Fraud: Prevention and Detection. John Wiley and Sons. 8. Spangler, W. D. (1990). Leadership and Corporate Audit Committee Effectiveness . Group & Organization Management . Read More