Internal audit is a dynamic profession involved in helping organizations achieve their objectives. It is concerned with evaluating and improving the effectiveness of risk management, control and governance processes in an organization. To do this, internal auditors work with management to systematically review systems and operations. These reviews (audits) are aimed at identifying how well risks are managed including whether the right processes are in place, and whether agreed procedures are being adhered to. Audits can also identify areas where efficiencies or innovations might be made. Internal audits are organized under an ongoing program of review and advisory activity that is based on the strategic needs of an organization. In the course of their role, internal auditors work across all areas of an organization. In addition to core areas of financial control and IT, they review the tangible aspects of operations, such as an organization’s supply chain or IT systems; as well as more intangible aspects such as organizational culture and ethics. In fact, any system that has an impact on the effective operation of an organization may be included in internal audit’s scope. Accelerating change has characterized the business landscape for many years and can be expected to continue.
New competitors, technologies, and financial instruments; changing cost structures and regulations; increasingly integrated global economies; and other developments are creating new risks and opportunities for organizations to consider. As these developments evolve, the importance of internal audit’s influence as an independent advisor to management will increasingly be more noticeable. Corporate governance has been under a strong and critical public spotlight in recent years. The community’s expectations of boards and senior management, and of those charged with providing an independent review of a company’s operations and financial accounts, have been raised. To meet those expectations, governments and regulatory authorities around the globe have mounted a concerted campaign to improve standards of corporate behavior and transparency through the international harmonization of accounting standards, strengthening the principles of corporate governance, lifting the bar on the “fitness and propriety” of directors and managers and introducing improved market disclosure standards.
In this demanding environment, boards and senior management need quality advice from sources that can be trusted and that can offer an objective viewpoint. Consequently, there is a need to ensure that internal audit is organized, resourced and empowered so that it can provide competent, impartial and fearless advice. An effective audit committee gives the board, investors, owners and stakeholders additional confidence in the organization’s risk management, internal controls and compliance systems, audit functions and financial reports. In contrast to external auditors, however, our sense is that internal audit is still evolving as a profession and has further to go in promoting its own professional standards and profile in Malaysia. The internal audit function needs to have strong standing within the institution. It must be recognized as a core part of governance and not as some form of necessary burden or add-on.