Bayt.com

Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

What are the differences between control and audit? In terms of purpose, usage, frequency, main processes, authority, and reporting structure.

Auditing Internal Audit
user-image
Question added by Deleted user
Date Posted: 2013/07/22
Upvote (0) Views (7) Followers (1) Answers (3) Report Question
Write an Answer
Register now or log in to answer.
Sohail Yousaf
by Sohail Yousaf , DIRECTOR , BUILDMART INTERNATIONAL LDA

There is absolute difference owing to spirit of both.
Controls established to establish and run a system while audit is to check the effectiveness of the established control.
If we discuss purpose of control, it is to run operations of the organization smmothly in transparent manner while audit aims at checking if controls and being followed and these are effective really.
In terms of usage, the controls are used to eliminate loop holes in the system while audit is also used to check the possible improvements in these.
In terms of frequency controls may be daily, recurring or monthly but on regular basis depending on the nature but audit may be once a year of as per any applicable legislation.
(Internal audit may be regular, even100% substantive) In terms of processes controls may be different or many for an operation depending on processes of the organization while audit has its own processes as to risk assessment, execution, review etc.
In terms of authority the person responsible for implementing a particular control has authority to ensure implementation of that while auditor has authority to access to information, showing the past or present implementation of that control.
Reporting structure depends on the established pattern for control and on applicable framework for audit.

KEITH JOHNSTON
by KEITH JOHNSTON , Various from Senior Internal Auditor to Internal Audit Manager to ERM/GRC Consultant , Both Public & Private Sector

Audits should independently assess the effectiveness of how risks impacting achievement of objectives are being managed.
Risks are managed by designing appropriate (e.g.
level of resources, frequency of application, etc) control measures to cost effectively provide reasonable assurance that objectives can be met.
Corporate wide Enterprise Risk Management should be embodied within the organisation's GRC framework to determine related reporting structures, roles and authorities.
The '3 Lineds of Defence' model is recommended.
Keith Johnston.

Fakhar Syed ACCA CPA CFC CICA
by Fakhar Syed ACCA CPA CFC CICA , Senior Management Accountant , Alijarah Holding (Public Joint Stock Company)

An audit is performed by an independent party; a control is exercised by an internal party (Company's management) .
A control provides assurance to management, while an audit provides assurance to investors.
An audit is used to check the adequacy and effectiveness of controls.

Write Your Answer
More Questions Like This