ROLES AND RESPONSIBILITIES OF AUDITORS

(Internal, External and Information System)

Internal Auditor
An internal auditor (who should be a professionally qualified accountant) IS employed within an organization.
Internal auditors often have professional qualifications in other disciplines (for example, computing) and are
employed by a wide range of organizations from public companies to government departments.
Internal auditing has developed because of the increasing internal controls needed to cover operations at
different locations. It is impossible for large organizations to effectively monitor all aspects of their internal
control systems. Hence the need for some independent group to be able to act as an arm of management, that
is internal audit.
Setting up, maintaining and improving internal control systems are the main functions of the internal auditor.
The development of internal auditing has led to the formation of internal auditing departments with a
director/manager for internal audit.
Internal Audit Objectives
The main objective of internal auditing is to confirm the efficiency and effectiveness of operations and their
contribution to the achievement of organizational goals. Internal audit also acts as a control mechanism for
management to:
ensure adequate internal control
review the reliability of records
prevent and detect fraud
carry out any statutory duties (if applicable)
monitor the reporting procedures
provide advice on how to improve organization performance.
Infernal auditors can carry out a variety of functions including:
Systems reviews that are part of an ongoing internal auditor program (for example, the accounts
receivable system)
Special investigations instigated by management (for example, items of inventory found to be missing
after a stock check). Internal audit would carry out an investigation and report the findings, with
recommendations to management.
Consultancy (for example, when a new EDP system is being introduced they ensure that the necessary
controls are in place)
Efficiency/cost effectiveness audits of different areas within an organization.
As you can see, the extent internal audit operations is limitless is usually only restricted by:
The lack of expertise of internal audit staff (this can be overcome by the use of outside experts)
Senior management's attitude (that is, management may not wish an area or item to be reviewed). For
example, executive salaries and conditions of employment may be a sensitive issue.
The size of the internal audit department (for example, it may not be possible to cover all the operations
areas of an organization). This difficulty can be overcome by selective audit coverage on the basis of
risk.

External Auditor
External auditors are either individual practitioners or members of public accounting firms who render
professional auditing services to clients. They are also known as independent auditors and their clients include
profit-making businesses, non-profit organizations, government agencies and individuals.
External Auditing Objectives
The objective of an audit is to enable the auditor to express an opinion whether the financial report is prepared
in accordance with accounting standards. The audit should be conducted in accordance with these auditing
standards.
Two major aspects are emphasized:
independent examination
expressing an opinion.
Auditing is a process of obtaining and evaluating evidence in relation to financial statements and an
accounting system. The audit report will be prepared for by users of financial statements.
Owners of the business (this includes shareholders).
Potential investors.
Suppliers of credit.
During the audit the auditor will collect evidence to show that the financial statements are free of material
error. It should be noted that due to the test nature of audit and inherent difficulties in internal controls,
the-auditors does not guarantee to detect every error or irregularity. The auditor also evaluates whether the
audit evidence raises questions about the client's ability to continue as a going concern in the future.
Through the audit process, the auditor gives credibility to management's financial reports. This allows
owners, bankers, and investors to use the figures with enhanced confidence.
The external auditor examines whether:
transactions and amounts that should have been recorded are actually reported in the
financial statements
the assets and liabilities reported in the financial statements existed at the balance sheet and
the transactions reported in the financial statements occurred during the period covered by the
statements
reported assets are owned by the business, and liabilities owned by the business at the
balance sheet date are reported
the financial statement amounts (assets, liabilities, revenues and expenses are valued in
conformity with accounting standards
the financial statement amounts are properly classified, described and by users disclosed in
line with accounting standards.
The auditor will then give a report on the fairness of the financial reports. If an unqualified report is given, the
auditor believes that the statements are presented fairly in accordance with accounting standards. A qualified
report shows that the auditor is concerned about some aspects of the statements (such as the
valuation/disclosure of an item, or the selection of accounting policies).
The external auditor may be called upon TO perform a range of audit functions these cover:

a financial statement audit, which is an examination of a firm's financial going statements and
accounting records
a compliance audit. which is an examination of an accounting system or part of a firm's operations
to assess compliance with set conditions, policies or legislation
an operational/performance audit, which is an examination of a firm's operations to
assess its adequacy, efficiency and effectiveness.

Comparing External and Internal Audits :

Aspect
Work is performed
Aim
Timing of audit
Objection of audit
Independence of audit

Fraud detection

Type of work

External audit
In a professional/client
relationship
Report to shareholders
Near end of financial year
To review fair presentation and
give opinion
Independence from client

Only concerned if put on guard

in the audit
Inventory balance should be
accurate
General controls review, data
analysis, change control
management / user access
profiles

Internal audit
As staff member in a firm
Assist management
Throughout year
To maintain internal control
system
Independent within the
organization but still an
employee
Directly concerned with
prevention and detection
Extensive use
Extensive, complete review
test systems

Roles of IS Auditor
The IS auditor gathers evidence, evaluates the strengths and weaknesses of controls based upon the
evidence gathered and prepares an audit report that presents those issues in an objective manner to
management.
In smaller information-processing environments, adequate segregation of duties between operations
and programming may not be achievable. In these situations, it is important that compensating controls,
such as strong computer security and end-user reconciliation of control reports, are identified by the IS
Auditor.
The IS Auditor would typically follow sequential program steps to gain an understanding of the entity
under audit, to evaluate the control structure and to test the controls.
It is also important for an IS Auditor to obtain this information and to assess the relationship among
various job functions, responsibilities and authorities for adequate segregation of duties. Segregation
of duties is an important means by which fraudulent and or malicious acts can be discouraged and
prevented. The IS Auditor should spend time in an auditee's area to observe and to determine that the
job description and structures are adequate
The IS auditor uses automated working papers to perform the IS audit.