ISA 610, “Using the Work of Internal Auditors,” is a standard issued by the International Auditing and Assurance Standards Board (IAASB) that provides guidance to external auditors on how to effectively and appropriately use the work of internal auditors in the conduct of their financial statement audits. In this essay, we will explore the key definitions, explanations, examples, and case studies related to ISA 610.
Definitions:
Internal Auditor:
An internal auditor is an individual or a team within an organization that is responsible for conducting audits of the organization’s internal controls, risk management processes, and financial reporting processes. The internal auditor’s role is to provide independent and objective assurance and consulting services to the organization, with the aim of improving its operations and achieving its objectives.
External Auditor:
An external auditor is an independent professional appointed by an organization’s shareholders or stakeholders to examine the organization’s financial statements and express an opinion on their fairness and reliability. External auditors are usually engaged by organizations to provide assurance on the accuracy, completeness, and reliability of their financial reporting processes.
Explanations:
ISA 610 provides guidance to external auditors on how they can effectively use the work of internal auditors in their financial statement audits. The standard emphasizes the importance of the external auditor’s responsibility to exercise professional skepticism and obtain sufficient and appropriate audit evidence to support their opinion on the financial statements.
According to ISA 610, external auditors should consider the following when using the work of internal auditors:
Understanding the nature and scope of the internal auditors’ work: External auditors should obtain an understanding of the internal auditors’ qualifications, independence, and objectivity, as well as the nature and scope of their work. This includes evaluating the internal auditors’ competence, the extent of their work, and the quality of their work.
Assessing the internal auditors’ work:
External auditors should assess the internal auditors’ work to determine its adequacy for their purposes. This includes evaluating the relevance, reliability, and sufficiency of the internal auditors’ work in the context of the external audit objectives.
Testing the work of internal auditors:
External auditors should perform procedures to test the work of internal auditors. This includes evaluating the internal auditors’ documentation, testing their findings, and performing additional procedures as necessary to obtain sufficient and appropriate audit evidence.
Examples:
Scenario 1:
ABC Corporation engages XYZ Audit Firm as its external auditor. As part of the financial statement audit, XYZ Audit Firm considers using the work of ABC Corporation’s internal auditors. The external auditors obtain an understanding of the internal auditors’ qualifications, independence, and objectivity, as well as the nature and scope of their work. They assess the internal auditors’ work by evaluating the relevance, reliability, and sufficiency of their work in the context of the external audit objectives. The external auditors then perform procedures to test the work of internal auditors, including evaluating their documentation, testing their findings, and performing additional procedures as necessary to obtain sufficient and appropriate audit evidence.
Scenario 2:
DEF Corporation engages LMN Audit Firm as its external auditor. As part of the financial statement audit, LMN Audit Firm decides not to use the work of DEF Corporation’s internal auditors due to concerns about their competence, the extent of their work, and the quality of their work. LMN Audit Firm performs all audit procedures directly, without relying on the work of internal auditors, and obtains sufficient and appropriate audit evidence to support their opinion on the financial statements.
Case Studies:
Case Study 1:
Company A, a large manufacturing company, has an internal audit department that conducts regular audits of its internal controls, risk management processes, and financial reporting processes. The internal audit department of Company A has a team of qualified and experienced auditors who perform comprehensive audits of various areas of the organization’s operations. The external auditor, Audit Firm B, is engaged by Company A to conduct the financial statement audit.
Audit Firm B, in accordance with ISA 610, decides to use the work of internal auditors as part of their audit procedures. They start by obtaining an understanding of the internal auditors’ qualifications, independence, and objectivity. They review the internal auditors’ work plans, methodologies, and documentation to assess their competence and the extent of their work. Audit Firm B also evaluates the quality of the internal auditors’ work by reviewing their findings, reports, and recommendations.
Based on their assessment, Audit Firm B determines that the internal auditors’ work is reliable and relevant to the external audit objectives. They decide to rely on the work of internal auditors for certain areas of the audit, such as testing of internal controls and substantive procedures. Audit Firm B communicates their decision to the internal auditors and establishes a clear understanding of the responsibilities of both the external and internal auditors.
Audit Firm B performs procedures to test the work of internal auditors, including reviewing their documentation, performing independent testing of internal controls, and corroborating their findings with their own procedures. They also perform additional procedures to address any limitations or gaps identified in the internal auditors’ work.
As a result of using the work of internal auditors, Audit Firm B is able to obtain valuable insights into the effectiveness of internal controls, identify potential risks, and obtain additional audit evidence to support their opinion on the financial statements. The coordination and collaboration between the external and internal auditors enhance the overall quality of the financial statement audit.
Case Study 2:
Company C, a financial institution, has an internal audit department that conducts audits of its operations, including financial reporting processes and risk management activities. The external auditor, Audit Firm D, is engaged by Company C to conduct the financial statement audit.
However, Audit Firm D faces challenges in using the work of internal auditors. They identify concerns about the internal auditors’ independence and objectivity, as some of them are responsible for the areas they are auditing. Audit Firm D also identifies limitations in the internal auditors’ work, including incomplete documentation and insufficient testing procedures.
As a result, Audit Firm D decides not to rely on the work of internal auditors and performs all audit procedures directly. They perform extensive procedures to obtain sufficient and appropriate audit evidence, including testing of internal controls, substantive procedures, and external confirmations.
Although Audit Firm D is able to complete the audit and express an opinion on the financial statements, the lack of coordination with internal auditors results in additional efforts and time spent on audit procedures. Audit Firm D communicates their concerns to the management of Company C and recommends improvements to the internal audit function to enhance their effectiveness and reliability.
Conclusion:
ISA 610 provides important guidance to external auditors on how to effectively and appropriately use the work of internal auditors in the conduct of financial statement audits. It emphasizes the need for understanding the nature and scope of the internal auditors’ work, assessing their work, and performing procedures to test their work. Examples and case studies illustrate the practical application of ISA 610 in real-world scenarios, highlighting the benefits of coordination and collaboration between external and internal auditors in enhancing the overall quality of financial statement audits.