This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Compliance audits, operational, as well as financial audits are the elements of modern auditing in nowadays. There are different types of auditors in Malaysia which perform these audits and we called them government auditors, internal auditors and independent auditors. Before an auditor is performing the audits, they need to be interviewed or considerate by Ministry of Finance. Auditors which have good personal value and capable to perform the responsible of a company auditor will be declared as an approved auditor in Malaysia. Generally, there are some common audits performed by auditors.
First and foremost, Operational Audits is one of the types of audits. This kind of audit usually focuses on the future, organized and autonomous evaluation of an organization's activities. The operational policies and achievements of organizational objectives will be the primary sources of evidence while financial data is a secondary source of evidence. Objective of an area, department or functional operation are not the only concern of evaluation, but any expansion or enhancement to improve the effectiveness or efficiency will be important too. How well an organization allocates its resources at a certain level of activity reflects the efficiency of the organization. Degree of how successful an organization is moving towards to its stated goals or objectives show the effectiveness of organization. As such, the process considers the effectiveness and capability of internal controls designed to manage risks and ensure organization's objectives are reached. In short, it can conclude that the operational audits as a systematic review of effectiveness & efficiency of operating procedures & resource utilization in an organization. For example, assessing the effectiveness or efficiency of computer operations & use of computer resources in an organization or the example is evaluation of organization's efficiency such as internal controls, production procedures, purchasing and marketing as well as distribution methods used.
Besides, the other type of audits is Financial Audits or known as Audit of Financial Statements. It is mostly related on verification of the financial statements of a legal entity together with a view to express an audit opinion. The main purpose of the audit opinion is to provide great assurance that the financial statements are proposed fairly, in all material aspects. Compare with operational audits, financial audits focus on the historical, autonomous evaluation carried out with the aim of ensuring the trustworthiness of the financial data. The process of investigating the systems, structure and financial record are crucial in determining whether budgeting, management control, expenditure, income, property and stores have been managed in agreement with law, regulations and instructions. The controls of financial system will be highly concerned by performing the internal audits to assure the adequacy and effectiveness of financial controls. An excerpt of audit's finding will be provided by this way. For example, when the financial statements are presenting the data in a reasonable way, it will be shown and it will determine whether the internal control and financial reporting follow the current laws and regulation.
Besides, Compliance Audits are used to ensure that the organization has performed the audit works with the accordance of specific rule or regulations that set by the related authorities. In other words, it is focusing whether the organization is doing thing with rules, regulations, policies, laws, covenants and government regulations. In addition, the basis of measuring compliance or the lack of compliance by the audited entity will be proposed. There are three elements that are An auditor must competent of performing the audit well, proper documentation of the work completed by the entity and how to present the results of the compliance audit are the three main elements that must be present to be success in compliance audit's performance besides established rules. In conclusion, compliance audits can be defined as an audit to ensure the organization in compliance with relevant specifications. For example, an organization's business is due for workplace safety certification. So, outside consultant will be hired by the manager to perform a compliance audit. The ways to improve the plant will be listed out through an after-audit report, and in the same time the governmental requirements will be fulfilled.
Moreover, Information Systems Audits or known as Information Technology (IT) Audit. It is an examination of the controls within an entity's Information technology infrastructure. Evidence evaluation is obtained to make sure that the organization's information systems safeguard assets, maintains data integrity, and are operating effectively and efficiently to achieve the organization's objectives. It commonly focus on determining risks that are relevant to information assets, and in assessing controls to reduce or eliminate these risks. The only purpose of IS audit is to review and evaluate an organization's information system's availability, confidentiality, and integrity. Below are the three kinds of information system audit:
General Controls Review: A review of the controls which govern the development, operation, maintenance, and security of application systems in a particular environment. This type of audit usually focused on specific aspects of the work of department or individual such as reviewing a data centre, an operating system, a security software tool, or processes and procedures (such as the procedure for controlling production program changes), etc.
Application Controls Review: A review of controls for a specific application system involving examination of the controls over the input, processing, and output of system data. Data communications issues, program and data security, system change control, and data quality issues are also considered.
System Development Review: A review of the development of a new application system. It concern about evaluation of the development process as well as the product. Besides, they will contemplate on general controls over a new application.