Differences and similarities between Internal and External Audit activities

Differences and similarities between Internal and External Audit activities

The term “Audit”, with the advancement of knowledge, has become a word that needs definition to understand what it means.

Of the most prevalent audit types are financial audit, which is usually called External Audit, and Internal Audit.

Financial audit is an important activity used by business entities to express an opinion on the validity and fair presentation of the Financial Statements.

Meanwhile, Internal Audit is an important tool used to verify integrity of internal control systems and their implementation, thus achieving internal control.

There are broad differences between both types of audit. However, both are integral to each other. The following illustrates the differences and similarities between both types:

1. Mandatory Application

Internal AuditExternal Audit
Statuary to listed companies and companies licensed by Capital Markets Authority (CMA).However, it is voluntary for other forms of legal entitiesStatuary to all business entities.

2. Conducted By

Internal AuditExternal Audit
Employees of the organization, usually an internal auditing department.However, there is an increasing number of outsourced, or co-sourced internal audit functions, where internal audit service is provided by an external entityFor the companies subject to CMA and CBK supervision
Independent third-party auditors licensed by regulator, including Ministry of Commerce and Industry, Capital markets Authority, and Central Bank of Kuwait (CBK).For other business entities:Independent third party auditors licensed by the Ministry of Commerce and Industry only.

3. Appointed by, reporting to and responsible before

Internal AuditExternal Audit
Board of directors.Shareholders.

4. Objective

Internal AuditExternal Audit
Seeks to advise the board of directors on whether the entity’s major operations:

  • Have sound systems of risk management and internal controls.
  • Are in compliance with regulatory requirements
  • Are aligned with business strategic objectives
  • Are aligned with best practices
Seeks to provide positive assurance that accounting records and financial statements are true and accurate

5. Scope of Audit

Internal AuditExternal Audit
Covering all organizational unitsLimited to financial unit

6. Binding Standards

Internal AuditExternal Audit
No binding standards in Kuwait.
However, best practices are applied such as:

  • Standards issued by Institute of Internal Auditors (IIA)
  • Other standards, such as Information Systems Auditing Standards
  • Other frameworks issued by international organizations such as Committee of Sponsoring Organizations of the Treadway Commission (COSO), and Control Objectives for Information and Related Technology (COBIT)
From the perspective of accounting

  • Business Entities to apply International Financial Reporting Standards (IFRS) in accounting.

From the perspective of external audit

  • Auditors to perform their audit activities applying International standards on auditing (ISA).

7. Binding rules and regulations

Internal AuditExternal Audit
For companies subject to CMA and CBK supervision

  • Requirements of regulators: CBK and CMA

For other business entities

For companies subject to CMA and CBK supervision

  • Companies law 25/2012
  • Requirements of regulators: CBK and CMA

For other business entities
Companies Law 25/2012

8. Period of audit

Internal AuditExternal Audit
Annually for all companies subject to CMA and CBK to cover the financial year of the companyQuarterly is not mandatory, but normally required by companies for internal use

For other business entities

No internal audit services are mandated.However, voluntary internal audit services can apply.
Annually for all companies as per the regulations of the Ministry of Commerce and Industry Quarterly to meet the requirements of CMA & CBK

For other business entities

Annually as per the financial year set forth in the company memorandum of association to comply with the requirements of Ministry of Commerce and Industry.

9. Approach

Internal AuditExternal Audit
Risk based approach, covering business risksRisk based approach, covering risks of material financial misstatement.

10. The final report

Internal AuditExternal Audit
Customized report format;Forms an opinion on the adequacy and effectiveness of risk management systems and internal control, many of which fall outside the main accounting systems.Standardized report in a format required by Auditing Standards, consisting of two main parts:One part focuses on whether the financial statements give a true and fair view of the financial position of the entityThe other part covers the entity’s compliance with legal and regulatory requirements

11. Recipients of the report

Internal AuditExternal Audit
  • Board of directors
  • Company executive management
  • External auditors
  • Regulators
  • Shareholders
  • Other stakeholders
  • Regulators
  • Company executive management

12. Public disclosure

Internal AuditExternal Audit
Not applicableMandatory for listed companies

13. Service Nature

Internal AuditExternal Audit

14. Staffing

Internal AuditExternal Audit
Any university degree trained in internal AuditingUniversity degree in accounting

15. Career path

Internal AuditExternal Audit
Professional certificate as:Certified Internal Auditor (CIA)Professional certificate as:Certified Public Accountant (CPA) or Chartered Accountant (CA).Academically: Masters/PhD in Accounting

Similarities between internal and external audit are as follows:

    • Testing
      Both the external and internal auditors carry out testing routines and this may involve examining and analyzing many transactions.
    • Internal Control Systems
      The internal auditor and the external auditor are concerned with authenticated procedures, organization’s systems of internal control and relevant implementation. Further, both tend to be deeply involved in information systems, since this is a major element of managerial control, as well as being fundamental to the financial reporting process.
    • Standards
      Both adopt a professional discipline and operate to professional standards.
    • Cooperation
      Both seek active co-operation between the two functions, as they are inter-dependable.
    • Reporting
      Both produce formal audit reports on their activities.