Auditors are used every day by thousands of organizations. They play a vital role in private companies and huge corporations, as well as government departments and agencies and nonprofit groups. Auditors follow the Generally Accepted Auditing Standards (GAAS). There are ten requirements under GAAS that auditors must follow. These include general standards, which state that auditors must have standing of being a professional as well as having the appropriate training and experience. The Standards of Field Work under GAAS is to ensure that the auditing process is carefully planned, and any other staff working on the auditing must be supervised.
The Standards of Field Work also state that auditors should do research and learn as much about the company as they can. The last part of GAAS states the standards of reporting, which is what the auditor is responsible for delivering. Financial audits are primarily conducted by publically traded companies. These corporations especially need assurance from their investors that their statements are correct and can be trusted. According to Chapter 1 of the text (Auditing and the Public Accounting Procession – Integrity of Financial Reporting), it states that in most states only qualified CPAs are able to perform these kind of audits.
Independent, as well as internal audits of all financial activities are vital to the trust and financial well-being for any public corporation. The main role of a financial auditor is to provide reasonable assurance that the financial statements prepared and presented by the corporation are correct and trustworthy. An operational audit is where auditors do research into how a company or organization is managing their activities and to make sure that they are the most efficient and helping the company achieve their goals, as well as remaining transparent.
Compliance audits are when the internal audits have been done, but the organization needs an independent audit to confirm that they are in compliance with all requirements. In my organization, compliance audits are most common. I work in a private pediatric clinic, and we are contracted with nearly all insurance companies as well as Medicaid. Practices that accept Medicaid/Medicare programs are especially subject to special audits and requirements that practices that don’t take insurance or only take certain private plans do not have to deal with.
One example I can think of easily is vaccines. Vaccines are mandated by the health department (as well as schools, camps, etc) in most, if not all states. Since a lot of insurance companies will not pay for the price the practice pays for the vaccine, in Texas there is a program called Vaccines for Children which will provide the vaccines at no cost to the patient – so if a patients insurance will not pay for their routine vaccines (which can cost several hundred dollars an injection) – we can get reimbursed by the state.
Of course, with such an agreement, there has to be careful auditing. It isn’t just medical, it is also financial since we have strict billing standards and each vaccine must be accounted for. Of course the government wants to make sure we are giving the VFC vaccines only to patients who need them (eliminating fraud) and that they are not paying us too much money (which would be fraud on our part, if we were not careful). There are also a number of other audits that can and are done at our office.
Insurance companies can come in and check over our billing and medical records to make sure that we are not making up claims or submitting undocumented claims. The Health Department can also audit to make sure we are complying with the state set Vaccination schedule. Other private companies and nonprofits have other issues to worry about when it comes to auditing, partly thanks to some legislation called the Sarbanes-Oxley Act. The Sarbanes-Oxley Act passed in 2002 as a response to a large number of public scandals involving corporations committing massive fraud which disenfranchised investors and employees and communities.
One of the primary purposes of Sarbanes-Oxley is to make sure that internal controls are set in place to prevent these types of fraud from happening again. This gives the internal auditor a much bigger role to play if the company is going to follow new standards and regulations. The SOX created the Public Company Accounting Oversight Board (PCAOB) which has the duty to make sure that all public companies are registered correctly, following auditing standards.
The PCAOB also can conduct inspections and open cases against suspected abuse. It is the job of the Public Company Accounting Oversight Board to enforce the rules of the Sarbanes-Oxley Act on private companies. Many private companies (especially big corporations with a lot of investors) may have started to panic, as they realize they need to tighten their own internal controls and make sure they are doing everything the right way – SOX was one step towards accountability in the private (and nonprofit) sector.