Integrated audit definition
/What is an Integrated Audit?
An integrated audit involves both the audit by an outside auditor of a client's financial statements and its system of controls over financial reporting. An integrated audit will likely include an extensive examination of the controls associated with a firm’s transaction processing systems. The unusual element of this type of audit involves the client's internal controls. The controls audit is a requirement imposed by section 404 of the Sarbanes-Oxley Act. Guidance for how the controls audit is to be conducted is issued by the Public Company Accounting Oversight Board (PCAOB). The auditor must provide an opinion regarding the effectiveness of the client's internal controls over its financial reporting.
Related AccountingTools Course
How to Conduct an Audit Engagement
Who Uses an Integrated Audit?
Integrated audits are required for larger publicly held companies. There is no requirement for smaller public companies or private companies to pay for an integrated audit; instead, they usually prefer to only pay for an audit of their financial statements, or whatever lesser form of review or compilation their investors and lenders will allow.
Advantages of an Integrated Audit
There are several advantages to conducting an integrated audit, which are as follows:
Increases company valuation. If a company anticipates being sold to an acquirer, it may pay for an integrated audit; a clean opinion from the auditor can enhance the sales price of the company, since it implies the presence of a strong system of controls.
Reduces total audit cost. Conducting a single, large audit is generally less expensive than conducting several separate ones that cover the same areas.
Enhances risk knowledge. By including a review of internal controls in an audit, an organization’s managers obtain a better understanding of the risks to which the entity is subjected.
FAQs
What is the difference between an integrated audit and an internal audit?
An integrated audit is performed by an external auditor and combines an audit of the financial statements with an audit of internal control over financial reporting. An internal audit is conducted by employees or internal professionals to evaluate risk management, controls, and operational effectiveness for management and the board. The key difference is that an integrated audit provides external assurance for users of financial statements, while internal audit provides internal assurance and advisory support.
How are control deficiencies evaluated in an integrated audit?
Control deficiencies in an integrated audit are evaluated based on their severity and the likelihood that they could result in a material misstatement of the financial statements. Auditors consider the magnitude of potential misstatements, the nature of affected accounts, and the presence of compensating controls. Based on this evaluation, deficiencies are classified as control deficiencies, significant deficiencies, or material weaknesses and communicated accordingly.