One of the most important organization  documents to the senior management and board of directors is the Internal Audit Report. The document scrutinized the internal control system of an organization and highlight  areas of weaknesses of  the system check and balances. The primary product of an internal audit exercise is the final internal audit report in which the internal auditors express their opinions, present the audit findings, and discuss recommendations for improvements. To ensure that the recommendations presented in the final report are reasonable and practical, the internal auditors will discuss the draft with the relevant departments before it is finalized and published for the Board of Directors.

How Can Internal Audit Report Effectively to Its Stakeholders

Internal and external stakeholders rely on internal auditors report  to get assurance that the organization is running well and that there are effective controls in place. The internal audit report provide verified information on the operation of the organization’s risk management, control, and governance processes.  The internal audit report provide stakeholders with an overall view of the effectiveness of the organization’s internal control by highlighting ts weaknesses.

Production of Internal Audit Report

In bigger organizations, there are internal auditors or internal audit teams appointed by the Board to perform the task of auditing the organization  operational and financial controls. The result of the audit investigations end with the production of the final internal audit report  submitted to the Board for discussion and remedy actions if any.

Internal Audit Report Template

The contents of the internal audit report is usually detailed under the following headings

1. Executive Summary
2. Background
3. Scope and Objectives
4. Audit Approach
5. Conclusion
6. Acknowledgement
7. High priority recommendations  – Detailed summary of audit findings, Key risks addressed, Priority Ratings

 How To Write An Internal Audit Report?

The report should include a front page with the name of the organization, project title, audit lead and date. To ensure the report is easy to read, a table of contents should be included. Begin with an executive summary regarding your findings with a concise abstract of the issues, state of the findings and conclusions. Include a background summary. This will furnish the background for why the audit was carried out. Explain why the organization made the audit a main issue. Furnish standards and objectives. The objectives detail the project’s goals, and standards notify the reader what set-up you used to carry out the audit. Discuss the methodology used in executing and deriving findings from the audit processes. This should provide the reader with the population for the sample, basis for how you select the sample, the size of the audit and the time period in which you carried out the audit. Conclude the internal audit report with results and conclusions. To assist readers to appreciate your findings, use charts and percentages where possible.Write the conclusions in words and terms anyone in the organization can comprehend, and ensure the conclusions directly correlates to the primary audit objectives.

The audit program is essentially a record of the audit testing. It specifies the nature and extent of the checking, and the members of staff who have carried out the work. It also contains evidence of review of work.

The audit program should

• provide a basis for allocation of work and staff
• pinpoint audit responsibility
• ensure continuity among staff: for example, if a member of the audit team is away sick it should be easy for another person to take over
• facilitate audit review by senior, manager and partner.

How the audit program reflects the application of audit objectives

Detailed audit work involves the testing of controls and substantive procedures. The extent and form of testing is decided by reference to overall and detailed objectives. It is important to set out the audit objectives for each area as shown in the example below. The objectives of a compliance test are different from the objectives of a substantive test and the distinction must be kept clear in order that valid conclusions are drawn.

Although compliance and substantive tests have different objectives, the two types of test may be carried out at the same time on the same sample. This allows a reduction in the volume of work in, for example, extracting a sample. The implicit assumption being made in such an approach is that the compliance tests will not reveal sufficient errors to result in a change in the level of control risk. The substantive sample thus extracted on the basis of the initial assessment of control risk will thus be valid.

If the control risk does need reassessment, a further sample will be required.