An integrated audit involves both the audit by an outside auditor of a client's financial statements and its system of controls over financial reporting. An integrated audit will likely include an extensive examination of the controls associated with a firm’s transaction processing systems. Integrated audits are required for larger publicly held companies. The unusual element of this type of audit involves the client's internal controls. The controls audit is a requirement imposed by section 404 of the Sarbanes-Oxley Act. Guidance for how the controls audit is to be conducted is issued by the Public Company Accounting Oversight Board (PCAOB). The auditor must provide an opinion regarding the effectiveness of the client's internal controls over its financial reporting.
There is no requirement for smaller public companies or private companies to pay for an integrated audit; instead, they usually prefer to only pay for an audit of their financial statements. However, if a company anticipates being sold to an acquirer, it may pay for an integrated audit; a clean opinion from the auditor can enhance the sales price of the company, since it implies the presence of a strong system of controls.