Wednesday, January 27, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights

Reducing External Audit Fees by Leveraging IA

by Justin Gwin
December 20, 2016
in Uncategorized
Improving audit through coordination

In our post-Sarbanes-Oxley world, a rigorous external audit is essential for maintaining public confidence in our economic system. However, the audit is often viewed as costly, both in terms of dollars and other corporate financial resources committed to its annual performance.

According to a recent Financial Executives International survey of more than 7,000 SEC registrants, external audit fees average over $1.5 million per company annually, with a median fee of around $415,000. Audit fees have been increasing more than 3 percent annually, and this trend doesn’t appear to be ending anytime soon.

Audit committees and executive management teams are increasingly focused on how best to rein in these costs while at the same time benefiting from a risk-based, intensive review of the financial results of the company by their external auditor. Among the greatest opportunities to reduce costs and concurrently improve audit quality is through the coordinated use of internal audit (IA).

For organizations with an established IA function, the audit committee (AC) should require that the external auditor plan and conduct the audit in close coordination with, and maximum reliance on, the work of IA. PCAOB Auditing Standard No.5 allows the external auditor, in certain circumstances, to rely upon the IA’s work and receive direct assistance from them. Under the watchful eye of the AC, coordinated external/internal audit activities may be able to achieve reduced external audit fees.

Internal audit can be most effectively leveraged when:

  1. The audit committee continuously monitors the activities of both the external audit and IA.
  2. The company has an enterprise-wide risk management (ERM) framework in place.
  3. Communication and planning between external auditors and internal auditors starts early in the audit process.
  4. The internal auditor is properly trained, independent and produces high-quality and responsive work.

1. The audit committee takes the lead

Overseeing the external audit relationship is a fundamental responsibility of the audit committee. However, many companies go about this duty with little or no consideration of their IA function, resulting in a wasted opportunity to potentially reduce external audit fees. The AC should discuss the external auditor’s position on leveraging IA’s work. The AC is instrumental in considering the amount of support internal audit will provide to the external auditors.

Audit committees also can act as useful intermediaries in managing expectations for each group as well as facilitating communication between them. Ultimately, it’s up to the AC to decide how much of internal audit’s time and resources should be devoted to the external audit process. The AC should discuss this separately with both the internal audit and external audit teams and then bring them together to try to identify specific internal audit areas of responsibility that may support external auditors in order to help avoid duplication of effort and maximize efficiency.

2. ERM underlies the process

Management, internal audit and external audit all start by understanding the business, its inherent risks and its mitigating policies, procedures and controls. The presence of a robust enterprisewide risk management program provides a framework for addressing risk and can be a springboard to the audit process. It’s the place where everybody can come together and begin the process of thinking about risk of financial misstatement. Any ERM findings, as well as other risk assessments analyzed internally, should be shared with the external auditors.

3. Coordinated planning starts early

The external and internal auditors should communicate early and often to help eliminate duplicate work, avoid eleventh-hour surprises, gain efficiencies and enhance audit quality. Both audit functions should agree on status meetings and tracking mechanisms to keep the audit on track and help prevent issues from unnecessarily growing or going to the audit committee. Before starting the work, internal audit should verify that the work that they will be generating is going to meet external audit’s needs.

Additional considerations:

  • Share plans and timelines.
  • Coordinate internal control documentation and procedures to reduce duplication of efforts.
  • Employ common work paper standards and templates.
  • Confirm that sample sizes, selection methodologies and testing guidelines align.
  • Communicate what work will be used and what won’t.
  • Determine how to efficiently share documentation.

4. IA are trained and objective and deliver high-quality work

The internal auditors must be independent, competent and objective. Independence and objectivity are required standards of the IA profession. However, these attributes may be questioned by external auditors depending upon IA functional reporting lines, evaluation and remuneration practices, and consulting projects performed. IA should have an external quality assessment, performed by a third party, which can help validate their conformance with the independence and objectivity standards.

Furthermore, the internal audit team should complete and maintain evidence of training and development programs, as well as strive to obtain appropriate certifications. Training should be provided for IA staff on the desired audit evidence required by the external auditor.

The bottom line

If done effectively, organizations can leverage internal audit activities to reduce external audit fees while concurrently improving audit quality, reducing audit fatigue and increasing efficiency of resources. Companies should consider the recommendations above when thinking about how to approach their next audit.


Tags: HIPAA
Previous Post

Attorney-Client Privilege in WA No Longer Applies When Employment Ends

Next Post

Diligent Launches New Tool for Board Evaluations and Analysis

Justin Gwin

justin-gwinJustin Gwin, CIA, CPA, CISA, CRMA, CRISC, is a risk advisory services manager at Kaufman Rossin where he provides internal controls consulting and internal audit for businesses in a variety of industries. Justin also serves as president of the Institute of Internal Auditors (IIA) Miami chapter. He can be reached at jgwin@kaufmanrossin.com.

Related Posts

folder of Chinese apps blacklisted in the US (QQ, Alipay, CamScanner, WeChat, SHAREit, WPS Office)

EO Sets in Motion Ban on Transactions with Chinese App Developers and Owners

January 27, 2021
invisible man in black on neutral background

The Curious Absence of Corporate Monitors

January 27, 2021
businessmen in miniature studying volatile stock market

The Risk of Undervaluing Culture in a Volatile Market

January 27, 2021
digital cybersecurity and network protection

Vetting Vendors’ Cybersecurity

January 26, 2021
Next Post
Pushing a button that says evaluation

Diligent Launches New Tool for Board Evaluations and Analysis

Access realtime data
Dynamic Risk Assessments with Workiva

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights