Audit is a term that refers to the examination of certain activities, information and data in order to verify their validity and reliability. The result of the audit is an audit report. Audit is always conducted by an independent and qualified person, called the auditor. The audit can be external or internal, depending on its type and nature.
- Internal Audit - is performed by an organizational part embedded into the organizational structure of the organization (internal auditor)
- External audit - is performed by an external body (auditor, audit firms, government agencies, etc.)
There are several types of audit:
- Financial audit or audit of financial statements verifies the accuracy of the financial statements of the organization
- Quality audit or audit of the quality management system verifies the quality management system in the organization according to predetermined criteria. It is usually done according to some of the ISO standards
- Environmental audit or audit of environmental impacts verifies compliance with the requirements of environmental protection
- Information System Audit or IT audit verifies hardware, software, information, safety, or operating documentation for information system
- Security audit verifies the security management system in the organization
- Technical audit verifies the quality of products
- Process audit verifies processes in the organization
- Management audit verifies the level of management or degree of maturity of the organization’s management
- Personal audit
- Strategic audit
- Forensic audit
- Energy audit
- and more
The best known and most formal even from an international perspective, is the financial audit. It is based on the laws of the given state or international standards (e.g. SOX, IAS/IFRS). It is performed by a certified auditor. Regarding the timing, there are annual or continuous audits. In terms of range and depth of the audits, there are selective or comprehensive audits.
Audit in practice: Audit is primarily used to determine the state of the organization by an independent and qualified person (auditor). In practice, there are many reasons for the audit. It is always important to know the purpose of the audit and to whom it is addressed. The results of the external audit are intended for owners (e.g. shareholders), investors, the public, government agencies and other interest groups. In some cases, the audit is required by law. In contrast, internal audit serves to top management of the organization as part of internal control (such as fraud) or for optimization (optimization of processes, organization and management). Audit is so used to verify the actual state, as a basis for decision-making and implementation of changes.