9.1 Scope and objectives of internal audit

The scope and objectives of internal audit can vary based on the organization’s needs and goals. However, in general, the scope of internal audit encompasses a comprehensive review and evaluation of the organization’s operations, risk management processes, control systems, and governance practices. The objectives of internal audit typically include:

1. Risk Assessment: Internal audit assesses the organization’s risk profile by identifying and evaluating potential risks and their impact on the achievement of organizational objectives. This includes evaluating both internal and external risks, such as operational, financial, compliance, and strategic risks.
2. Internal Control Evaluation: Internal audit examines the design, implementation, and effectiveness of internal control systems. This involves assessing the adequacy of control activities, segregation of duties, authorization procedures, and monitoring mechanisms to mitigate risks and safeguard assets.
3. Compliance Review: Internal audit ensures compliance with laws, regulations, policies, and contractual obligations. It examines whether the organization is adhering to applicable legal and regulatory requirements and internal policies, thereby mitigating legal and reputational risks.
4. Operational Efficiency and Effectiveness: Internal audit evaluates the efficiency and effectiveness of the organization’s operations, processes, and systems. This includes reviewing operational practices, assessing resource allocation, and identifying areas for improvement to enhance efficiency, cost-effectiveness, and value creation.
5. Financial Review: Internal audit examines financial systems, processes, and controls to ensure the accuracy, reliability, and integrity of financial reporting. This includes reviewing financial transactions, verifying the completeness of financial records, and assessing compliance with accounting standards and policies.
6. Governance Assessment: Internal audit assesses the organization’s governance structure and practices. This includes reviewing board oversight, management accountability, and ethical standards. Internal audit evaluates the effectiveness of governance mechanisms in promoting transparency, accountability, and ethical behavior.
7. Advisory and Consulting Services: Internal audit may provide advisory and consulting services to management and other stakeholders. This includes providing guidance on risk management, control enhancements, process improvements, and best practices. Internal audit supports management in achieving organizational objectives and addressing emerging risks and challenges.