An audit policy outlines the standards and guidelines for internal and external audits, ensuring compliance with government regulations and industry standards. It may also include instructions for corrective audits and materiality standards. Compliance audits ensure companies follow specific standards to maintain certification or licensing. Internal audit policies review specific accounting functions to limit fraud, while external audit policies assure external investors of a company’s financial health.
An audit policy describes the standards and guidelines a firm uses when conducting internal audits or going through an external audit by a public auditing firm. This policy helps ensure that every company accountant knows and understands your role in the audit process. An audit policy may also be instituted to meet the guidelines of a government agency. Public companies in the United States (US), for example, must meet the auditing requirements of the Sarbanes-Oxley Act of 2002, which is a law that the US government has put in place to protect investors and help prevent fraud or financial scandals. US companies are also required to use a public accounting firm approved for public audits by the Public Company Accounting Oversight Board (PCAOB). Similar groups exist in other countries, such as the Auditing Practices Board (APB) and the Financial Reporting Council (FRC) in the UK.
Companies that develop a compliance policy may do so based on specific requirements established by a trade association or government agency. Compliance audits ensure that companies follow specific standards in order to maintain certification or licensing for their business operations. The Occupational Safety and Health Association (OSHA) in the United States or similar organizations, for example, commonly use compliance audits to ensure their members maintain quality operational processes. Companies may also need to use an audit policy to maintain general liability insurance policies or bond guarantees.
An internal function audit policy typically outlines which specific accounting functions are reviewed by internal auditors and which employees will audit. Internal audit is generally an informal process used for business management purposes. Company and accounting executives can use internal audits to ensure that specific controls are in place that limit an employee’s ability to commit fraud, embezzlement, or abuse of the company’s financial accounting process.
External audit policies may vary from an internal audit policy. External audits are usually formal accounting processes intended to assure external investors or interested parties of the overall financial health of the company. External audit policies typically include information about the public accounting firm conducting the audit, what processes will be audited, the internal controls that the auditors will review, and the frequency of external audits. The audit policy can also provide guidelines for a corrective audit, which is a formal type of audit used to review previously failed external audits.
Audit policies may also include definitions or instructions to auditors regarding the materiality of accounting errors or errors found in the company’s accounting information. These definitions and instructions usually follow accounting industry standards set by various public accounting firms. Unless external government requirements exist, companies typically can develop an audit policy to establish internal materiality standards and specific instructions to correct such errors.
Protect your devices with Threat Protection by NordVPN
