INTERNAL AUDITORS...ENTERPRISE RISK MANAGEMENT
Risk management and risk mitigation is now the prime
objectives of the internal control departments of an organization. In my
research I have found that internal auditors particularly in the Indian context
have been kept far away from being a part of internal auditors.
Examples of objectives include achieving
profitability, ensuring efficiency of operations, manufacturing high-quality
products or providing high-quality service, adhering to governmental and
regulatory requirements, providing users with reliable financial information,
and conducting operations and employee relations in a socially responsible manner.
But in Indian context I find internal auditors are less being asked to get into
the day to day activities and more often being taken into the system as an
outsider who will conduct and prepare for the statutory audit.
A organization face many risks of not achieving
reliable financial reporting and this the place where internal auditor comes
into an active play. The role of the internal auditor can be viewed from the
below mentioned examples where, a salesperson may overstate sales to improve
the likelihood of receiving a bonus. Employees in the receiving area may be too
busy to accurately record inventory when it is received. Hence enterprise risk
arises from number of segments within an organization. Management needs to
identify the risks to their organization of not achieving reliable financial
reporting.
Once these risks to reliable financial reporting are
identified, management implements controls to provide reasonable assurance that
material misstatements do not occur in the financial statements. Management
gets internal auditor into other day to day activities and dislocates them from
their prime responsibilities. In much organization I have found that internal
auditors are kept for the sake of management regulations but they are given the
work of back office end. Management needs to identify the risks to their
organization of not achieving reliable financial reporting. Once these risks to
reliable financial reporting are identified, management implements controls to
provide reasonable assurance that material misstatements do not occur in the
financial statements.
Management forgets that for every decision making
there is a significant demand for quality information. This information should
be accurate and precise so that decision making process gets close to the
process development. Effective internal control improves the quality of
information, thereby allowing for more informed decisions by internal and
external users of the financial information. The seed of the problem is that
internal auditors are given less importance and value within an organization
which leads to a significant threat for the organization itself in the long
term.
We read in many
books about various roles of internal auditors but the prime part which is
never practiced that they are the pillars of the decision making process. The internal
auditor understand a company’s internal controls
in order to anticipate the types of material misstatements that may occur and
then develop appropriate audit procedures to determine whether those
misstatements exist in the financial statements. Hence internal auditors are
the pillars for enterprise risk management.
0 comments:
Post a Comment