What is an audit?

An audit is the examination of the financial report of an organisation - as presented in the annual report - by someone independent of that organisation. The financial report includes a balance sheet, an income statement, a statement of changes in equity, a cash flow statement, and notes comprising a summary of significant accounting policies and other explanatory notes.

The purpose of an audit is to form a view on whether the information presented in the financial report, taken as a whole, reflects the financial position of the organisation at a given date, for example:
  • Are details of what is owned and what the organisation owes properly recorded in the balance sheet?
  • Are profits or losses properly assessed?
When examining the financial report, auditors must follow auditing standards which are set by a government body. Once auditors have completed their work, they write an audit report, explaining what they have done and giving an opinion drawn from their work. With some exceptions, all organisations subject to the Corporations Act must have an audit each year. Other organisations may require or request an audit depending on their structure and ownership or for a special purpose.

What don't auditors do?

  • Audit other information provided to the members of the organisation, for example, the directors' report.
  • Check every figure in the financial report – audits are based on selective testing only.
  • Judge the appropriateness of the organisation's business activities or strategies or decisions made by the directors.
  • Look at every transaction carried out by the organisation.
  • Test the adequacy of all of the organisation's internal controls.
  • Comment to shareholders on the quality of directors and management, the quality of corporate governance or the quality of the organisation's risk management procedures and controls.

What can't auditors do?

  • Predict the future – The audit relates to a specific past accounting period. It does not judge what may happen in the future, and so cannot provide assurance that the organisation will continue in business indefinitely.
  • Be there all the time – The audit is carried out during a defined timeframe, and auditors are not at the organisation all the time. The prime purpose of the audit is to form an opinion on the information in the financial report taken as a whole, and not to identify all possible irregularities. This means that although auditors are on the look-out for signs of potential material fraud, it is not possible to be certain that frauds will be identified.

How is the audit conducted?

  • The organisation's management prepares the financial report. It must be prepared in accordance with legal requirements and financial reporting standards.
  • The organisation's directors approve the financial report.
  • Auditors start their examination by gaining an understanding of the organisation's activities, and considering the economic and industry issues that might have affected the business during the reporting period.
  • For each major activity listed in the financial report, auditors identify and assess any risks which could have a significant impact on the financial position or financial performance, and also some of the measures (called internal controls) that the organisation has put in place to mitigate those risks.
  • Based on the risks and controls identified, auditors consider what management does has done to ensure the financial report is accurate, and examine supporting evidence.
  • Auditors then make a judgement as to whether the financial report taken as a whole presents a true and fair view of the financial results and position of the organisation and its cash flows, and is in compliance with financial reporting standards and, if applicable, the Corporations Act.
  • Finally, auditors prepare an audit report setting out their opinion, for the organisation's shareholders or members.

What do auditors do, specifically?

Auditors discuss the scope of the audit work with the organisation – the directors or management may request that additional procedures be performed. Auditors maintain independence from management and directors so that tests and judgments are made objectively. Auditors determine the type and extent of the audit procedures they will perform, depending on the risks and controls they have identified. The procedures may include:
  • asking a range of questions - from formal written questions, to informal oral questions - of a range of individuals at the organisation
  • examining financial and accounting records, other documents, and tangible items such as plant and equipment
  • making judgments on significant estimates or assumptions that management made when they prepared the financial report
  • obtaining written confirmations of certain matters, for eg, asking a debtor to confirm the amount of their debt with the organisation
  • testing some of the organisation's internal controls
  • watching certain processes or procedures being performed.