Audits Essay

Cheap Custom Writing Service

This Audits Essay example is published for educational and informational purposes only. If you need a custom essay or research paper on this topic, please use our writing services. offers reliable custom essay writing services that can help you to receive high grades and impress your professors with the quality of each essay or research paper you hand in.

An audit  is a review  by an  independent, outside entity of the records and operations of an organization or individual. An audit  is conducted according  to standard procedures to ensure that  it is independent and impartial, and not affected by biases or ulterior  motives on the part  of the entity performing  the   audit.   Auditing   has   two   main goals.  The  first  goal  is  to  make  sure  that   the methods  the organization or individual  follows to conduct   its  business   are  appropriate  given  the sphere   of   activity.   For   example,   a   pharmacy should  be able to demonstrate to an auditor that it is operated according  to the proper  procedures of a pharmacy, or an individual  whose tax returns are being audited  by the Internal  Revenue Service (IRS) should  be able to show  that  the applicable tax  regulations have  been  followed.  The  second goal  is to  verify that  the  entity’s  record  keeping accurately  reflects the manner  in which business is being conducted. For example, it is possible that  a business   is   operated  in   accordance  with   all pertinent requirements, but  its records  could  still be  rife  with  errors;  a  properly   conducted audit would  reveal such  problems.  These two  auditing goals  are  typically  referred  to  as validity (procedural correctness)  and  reliability  (accuracy in record  keeping).

In its most common  usage, an audit  is a review of the  financial  records  of an institution or individual   by  an   outside   party.   An  entity   almost always has an interest in making its own financial health  appear  as robust  as possible  because  this benefits  its  reputation, allows  it  to  have  easier access to credit, and  builds  consumer  confidence. However, the temptation to emphasize the positive aspects of one’s own  financial  position  can result in a kind  of tunnel  vision, in which  risks are not fully appreciated. For this reason,  it is customary to have an outside  auditor, such as an accounting firm, review financial statements to make sure that they accurately  and  fairly represent  the real position  of  the  business  or  individual. The  auditor typically  uses the  information from  the  audit  to compile a report, sometimes called an opinion, describing   the   financial   position   of  the   entity being  audited.  The  largest  auditing  firms  include the  so-called  Big 4  of  PricewaterhouseCoopers, Ernst  &  Young,  Deloitte  &  Touche,  and  KPMG. Prior to the Enron  scandal  of the early 2000s,  the firm  Arthur  Andersen  made  this  list  the  Big 5. Enron used a variety of misleading accounting practices  to hide its billions  of dollars  debt  from failed initiatives  and  pressured  its auditor, Arthur Andersen,  to  go  along  with  the  cover-up.  When the  scheme  eventually   came  to  light  in  2001, Enron’s  became  the  largest  bankruptcy filing  in U.S. history, and Arthur Andersen’s reputation suffered so severely that  it ultimately  ceased operations.

The  goal  of an  audit  is not  to  catch  each  and every error  that  is present  in the records  and processes of the audit’s  subject.  Even if this were the goal, errors  would  inevitably  be missed because of the vast complexity  of some organizations, the extensive  records  they  must  keep,  and  the  large amount of information in need of review. Instead, auditing  uses as its standard of quality  the goal of only detecting material  error (as opposed  to inconsequential   errors  that  do  not  substantially affect the overall accuracy of the audit subject’s representations of itself). The  audit  seeks to  provide  a  reasonable   amount of  assurance   that  the audit subject’s records and processes do not contain material  errors,  with  the  reasonableness standard being  an  estimation of  what  an  ordinary person would consider to be an acceptable degree of thoroughness.

In the United States, there are a set of standards to be followed  during the auditing  process for any company  that  is publicly  traded. These standards were created  by legislation  in 2002  known  as the Sarbanes-Oxley Act,  named  after  the  legislators who sponsored its passage. This act created a body called the Public Company Accounting  Oversight Board.  This  board  requires  what  is known  as an integrated  audit;   an  integrated  audit   is  one  in which auditors do not limit themselves to reviewing the company’s  financial  statements. The auditors also must submit an opinion  that speaks to the internal controls in place at the company being audited.  Specifically, the auditors must indicate whether  the  subject  of  the  audit  has  controls  in place  that  will  allow  the  company  to  have  adequate  control  over its financial  reporting.

Types  Of Auditors

There  are  several  types  of auditors. The  first  are called external  auditors (sometimes  referred  to as statutory auditors). External  auditors work  for  a company other than the company being audited. External  auditors are required  to review a company’s financial  statements, and  after  doing  so, they issue an opinion  indicating  whether  any material misstatements were  found  in the  statements. The second type of auditor is called a cost auditor, or a statutory cost  auditor. Cost  auditors review  the company’s cost sheet and cost statements for signs of   material   misstatements  and   then   issue  an opinion  to present  their  findings. In both  types of audits,  if material  misstatements are  found,  they may be the result  of simple error  or of deliberate fraud.

While these two types of auditors describe most of those  in the field of external  auditing,  there  is another category of auditors: internal  auditors. These  auditors work  for  the  company   they  are charged with auditing,  hence they are “internal” to the company.  Internal  auditors are not objective in the same sense as external  auditors (who  have no potential conflict of interest with the subject of the audit  because they work  for an independent company), but internal  auditors do have their own set of professional  standards, which  require  them  to be from outside the part  of the company  that  they are assigned to audit and to operate  independently and without regard for the preferences of the functional  areas  whose  financial  statements they  are asked to review. The standards that generally apply to internal  auditors are produced by the Institute of Internal  Auditors.  In most  cases, especially  in publicly traded  companies, internal  auditors report to   the   Board   of  Directors   or   a  subcommittee thereof  rather  than  to the company’s  management or executives.

Another  type of auditor whose services may be retained  is the consultant auditor. The consultant auditor combines the characteristics of both  external  auditors and  internal  auditors. Similar  to  an external   auditor, a  consultant auditor is  not  an employee of the company  being audited.  However, a  consultant auditor is one  who  is hired  by  the company  being audited,  so for the duration of the consultancy,  there   can  be  the  appearance  of  a conflict  of interest  similar  to  that  found  with  an internal  auditor. Like  internal  auditors, however, consultant  auditors  have  professional   standards that   require   them   to   perform   their   analyses and issue their reports  without regard to the preferences of the company  they are auditing.

It is important to note that the different types of auditors may  use  different  auditing  standards in their  evaluations. External  auditors use their  own standards as they audit  a company,  while internal auditors and consultant auditors will use the standards  designated  by the  company  being  audited. The most  common  reason  for a company  to contract  a  consultant auditor is that  it  is not  large enough  to employ its own internal  audit  staff.

Types  Of Audits

The  auditor’s  work  is not  uniform  or  monolithic but has variations and different  areas of emphasis depending on the nature of the company being reviewed  and  the  type  of operations it performs. One  example  is the operations audit.  While traditional notions of auditing focus on identifying accounting errors  or  fraud,  operations audits  are designed to look for ways to increase the efficiency of company  operations. Instead  of finding  problems, operations audits  look for elements that  can be improved.  The emphasis  of an operations audit is  on  efficiency,  effectiveness,  and   economy.   In other  words,  the  operations audit  seeks to  determine  whether   the  company   is  doing   the  right things to further  its mission and, if so, if it is doing them in the right way or if there might be a more cost-effective  way of performing the  functions.  A type of audit  related  to the operations audit  is the performance audit, which compares  the mission of the organization being audited  with  the organization’s actual  performance to determine  the degree to which there is alignment  between the goals and reality.

Most  of  the  audits  that  have  been  discussed pertain  to identifying irregularities related to financial  performance,  but   there   are  other   types  of audits that assess compliance with nonfinancial standards. These  are  often  referred  to  as quality audits,  since they have the objective of comparing the organization’s performance against a set of standards particular to  its field of endeavor.  For example,  if a company’s  business  were the manufacture  of automobile tires, a quality  audit  would examine  how  closely the  tires  being  produced at the  company  conform  to  the  accepted  standards for tire quality. Many companies have departments devoted   to  quality   assurance,   which  perform   a function  similar to a quality audit and are in many respects equivalent to an internal  quality auditor at the company. For companies that have such departments,  a quality  audit  may be conducted periodically as a means  of ensuring  that  the  company’s quality  assurance  staff  is performing its duties  in an effective manner.

A very different type of audit is one that may be found primarily in companies specializing in online services, computer security, and similar areas. This type of audit  is known  as a security audit,  and its purpose  is to make sure that  the security measures in place at the company to protect  the digital assets of the firm are adequate to prevent  intrusion and theft  by cyber  criminals.  It is not  uncommon for company  secrets to be in high demand  by competitors,  whether   the  target  is a  new  design  for  an automobile or the secret recipe for a popular type of food. Even customer  data  have become a target in recent  years,  with  hackers  attempting to  steal sensitive personal  information from companies’ customer  databases in order to use it to perpetrate identity theft. With these risks at play in the marketplace, companies  must  put  in place strong security measures to make it impossible for unauthorized users to access sensitive parts  of the company  network. Once  such security is in place, the company  must have a method  for making sure that  it is functioning properly.  This is why companies hire computer security experts to perform security audits.

The  security  audit  has  much  in common  with the  traditional audit.  It must  first  verify that  the necessary  security  measures  have  been  identified and acquired. Once this has been done, the security audit  must also make sure that  each security measure, from strong  password requirements to high-level encryption  of databases, has  been  correctly installed  and  configured.  To  do  otherwise  would be equivalent  to purchasing a state-of-the-art burglar alarm  for one’s home  and  then  forgetting  to turn it on at night. Some security audits even go so far as to employ  what  is known  as a penetration tester—a  specialized  type of auditor whose  job is to (with the permission of the company)  attempt to overcome the security measures protecting the company’s data in the same way that an actual computer criminal  would.  The theory  behind  this intense form of security audit is that simply verifying  that  appropriate software   has  been  selected and installed is not enough—the most effective test of computer security is to try to break  through it.

Related  in spirit to the security audit  is another category  of auditing  practices:  risk-based  audits. Unlike   most   other   types   of  audits,   risk-based audits tend to be conducted internally  with a company’s own personnel and resources. Risk-based audits  are  part  of a company’s  risk  management strategies, which in turn help protect  the company from  unreasonable exposure  to liability  as it pursues its profit-seeking initiatives.  For  example,  a company  considering  the  development of  a  new drug  to  treat  asthma  might  face the  risk  of lawsuits if the drug  is inadequately tested  and  winds up causing negative health effects in those who use it. To mitigate  this risk, the company  would  turn to its risk management department for guidance, and  its staff would  then  analyze  the  initiative  by enumerating the potential risks, assessing the probability of  each  risk  actually  occurring,   and predicting  what  the impact  would  be if each risk occurred. The risk management department would be able to provide this if it had, as part of its ongoing practice,  the  conducting of risk-based  audits, to  make  sure  that  the  department is adequately resourced   and  organized   to  be  able  to  meet  its required  functions.  In the  majority  of companies with risk management departments, risk-based auditing   is  an  internal   function   that   does  not require  the  assistance  of  consultant auditors or external  auditors.

Tax Audits

For  most  people  in  the  United  States,  the  word audit immediately conjures up the specter of one of the most dreaded  experiences an adult  may face: a financial audit by the IRS, an agency of the federal government.  Individuals   and   businesses   in  the United States are required  to pay a variety of taxes on the income they receive to fund the operations of the U.S. government and  provide  services such as   military   defense   and   emergency   response. Because  not  every  person  or  company   operates under  the  same  circumstances or  with  the  same resources,  the government allows deductions from the standard tax rate for a variety of situations and activities;  many  deductions are intended  to incentivize  specific  types  of  behavior, such  as  having children  or purchasing a home.  Because it would be  difficult  for  most  people  to  set  aside  enough money each year to be sure that they would be able to pay their taxes, a withholding system is used for personal  income; fixed amounts of money are withheld by employers from each paycheck an employee  receives,  and  when  taxes  are  due,  the total  amount that  has been withheld  for a person is compared with the amount that  person  actually owes,  given  the  activities  over  the  course  of  the year.  If too  much  money  has  been  withheld,  the person  will be owed  a refund—a  welcome  event.

If too little money has been withheld,  however, the person  will owe taxes in the amount of the difference between the amount withheld and the amount owed for the year.

Because people  are  responsible  for  calculating their own tax burdens and submitting this information  to the government, there is a built-in incentive  for  taxpayers to  understate their  income  or overstate  their expenses, or even to include in their calculations  fraudulent  expenses   that   did   not occur.  The  IRS  thus  closely  scrutinizes   the  tax returns  it receives to determine  if there is evidence suggesting that  the tax burden  has been misrepresented, whether  through error or malfeasance. Sophisticated computer systems use complex algorithms to gauge the likelihood  that each tax return merits  closer  review.  Those  returns  that  indicate the need for such a review are flagged for an audit. The  IRS usually  selects  returns  for  audit  only  if there  is a  high  likelihood   that  additional tax  is owed. During an audit,  the IRS representative will require  documentation for each of the deductions that have been claimed, meaning that the taxpayer must  provide  receipts  and  similar  paperwork as verification.  Even when such documentation is provided  to the agent’s satisfaction, the agent will also verify that  the calculations of the tax burden have  been  made  in the  appropriate fashion;  this hearkens back to the traditional emphasis of auditing for  both  validity  and  reliability.  When  facing an audit by the IRS, most people retain the services of  a  certified  public  accountant or  an  attorney, because of the complexity  of the tax code and the potential for serious consequences  if the audit uncovers  intentional wrongdoing. Penalties  from the  IRS can  include  fines, payment  with  interest, and even criminal prosecution.


  1. Braiotta, Louis. The Audit Committee Handbook. New York: John Wiley & Sons, 2004.
  2. Champlain, Jack J. Auditing Information Systems. Hoboken, NJ: John Wiley & Sons, 2003.
  3. Duska, Ronald  , Brenda S. Duska,  and Julie Ragatz. Accounting Ethics. Chichester,  UK: Wiley-Blackwell, 2011.
  4. Fridson, Martin S. and Fernando Alvarez. Financial Statement Analysis: A Practitioner’s Guide. Hoboken, NJ: John Wiley & Sons, 2011.
  5. Moeller, Robert  Sarbanes-Oxley and the New  Internal Auditing Rules. Hoboken, NJ: John Wiley & Sons, 2004.
  6. O’Regan, David. International Auditing: Practical Resource    Hoboken, NJ: John Wiley & Sons, 2003.
  7. Pickett, K. H. S. Auditing the Risk Management Process. Hoboken, NJ: John Wiley & Sons, 2005.

See also:


Always on-time


100% Confidentiality
Special offer! Get discount 10% for the first order. Promo code: cd1a428655