The purpose of an audit is to confirm the validity of financial statements and help determine the value of an organisation. The auditor’s role is to express an objective opinion on whether the organisation’s management has fairly presented the information in financial statements. Investors, partners, and customers will make decisions based on the auditor’s review, so it’s critical that the review be based on accurate, complete, and comprehensive information.
One of the ways to ensure the quality of the audit is to diligently oversee the external auditors. It is the organisation’s responsibility to provide reliable information as a basic prerequisite. At the same time, it is essential that the auditor presents a fair and balanced view of the organisation so that all stakeholders, including investors, the public, and the organisation itself, can have confidence in the organisation’s value.
Some organisations prefer to rotate the external audit firm to get more value from the audit process. This is an accepted approach but firm rotation alone will not achieve the desired objectives, particularly if rotation takes place among a small number of firms.
Organisations will get more value from their audit if the board is more involved. The internal audit committee must take ownership of the process to ensure that the outcome is a conscientious, independent, accurate audit.
Audits cover a much broader range of issues than simple financials. The audit should consider a holistic view of the company’s health, including specific feedback on areas such as going concern, impairment assessments, inventory valuation, and intangible assets.
To ensure the audit covers all key areas and delivers value, audit committees should ask their auditors 10 questions:
“Organisations will get more value from their audit if the board is more involved.”
1. What are the business and industry risks faced by the company?
Context makes the audit more useful for stakeholders. Understanding the business and industry risks is important for forward- looking decisions.
2. How are the risk management processes being assessed?
Assessing the organisation’s risk management processes could affect financial reporting. It is important to be clear regarding how these processes will be assessed and what frameworks will be used to evaluate them.
3. Are any significant changes in the scope of the audit being planned compared to last year, including identification of high-risk areas from the previous year?
A change in audit scope year-on-year makes it difficult for stakeholders to compare audit reports from previous years. At the same time, it is essential to alter the scope to suit the changing market conditions, or economic and operational risks.
4. What different business practices, customs, and governance matters have been identified?
Organisations operating in other jurisdictions, such as foreign markets, must consider how the practices, customs, and governance matters of different areas need to be addressed. Including these considerations in the audit is essential.
5. Are there any areas that represent significant tax exposures, and are there any jurisdictions where the tax rate is so abnormally low that it could cause reputational risk?
While most organisations aim to reduce their tax burden wherever legally possible, there can be an issue with public perception if companies are seen to be paying less than their fair share. Auditors should identify tax areas of concern so that companies can take appropriate steps to either minimise the burden or explain abnormally low tax rates.
6. Are there any areas of operation that are particularly susceptible to fraud, and how has the firm modified its audit approach to address this?
Corporate fraud is on the rise, and new technologies and business processes are creating more opportunities for fraudsters to profit. By identifying areas susceptible to fraud in the audit process, companies can take steps to protect themselves and investors from losses resulting from fraud.
7. How is the audit firm addressing IT risks in its audit approach, and how does it rate the organisation’s IT controls?
Similarly, the risk of being targeted by cyber criminals continues to grow, along with IT risks that are not malicious, such as user error. Minimising these risks is part of good corporate governance, and the audit process must take this into account.
8. Are there any areas where the audit firm is maximising collaboration with internal auditors to fully utilise their knowledge of risk and operating environments within the organisation?
While the audit firm provides an independent evaluation, they can achieve a fuller and more accurate view of the organisation if they leverage the existing knowledge of the internal team. Internal and external teams should set goals and expectations around collaboration to achieve the best possible result.
9. How do the organisation’s accounting policies compare to others in the market?
Benchmarking is an important part of understanding the organisation’s place among competitors. If the audited organisation has aggressive accounting policies compared with competitors, this could be a danger signal for investors. It could indicate that the company is overstating its value in a flat or depressed market, for example. If the organisation has conservative accounting policies, it could mean there is hidden value in the company.
10. Are there any areas where company processes were ineffective or inefficient, and how should they be remedied?
Successful businesses are always looking for ways to improve. The audit process should facilitate improvement by identifying areas for improvement.
If the audit committee decides to meet with auditors without management present, they could ask the following questions:
1. Did management provide full and transparent cooperation for information requests?
This helps clarify the validity and trustworthiness of the audit, since an audit based on incomplete or inaccurate information is less useful.
2. What is your view of the competency, integrity, and resourcing of the finance team?
An inadequate finance team can spell disaster for an organisation. If the audit firm identifies issues in the team, companies can address them sooner and potentially avoid negative outcomes.
By working closely with the external audit firm, companies can derive significant value from audits. The audit committee must take ownership of the process and communicate clearly with the firm in order to get a clear, accurate audit report that reflects the business’s true value.