Somehow, especially after corporate fraud event, this question about the importance, and also, about the effectiveness of internal auditing, becomes more latent and frequent, mainly in relation to the cost and benefit of having the internal audit in the corporation.

Part of this doubt is generated by the auditors themselves, who are stationed in compliance work, or with the archaic view that a good audit is one that finds errors and irregularities, fail to demonstrate objectively and pragmatically the gains generated by the existence of an audit activity. proactive, structured and integrated audit to the business.

To answer the question above, we first need to understand that internal auditing aims to add value to the organization through smart notes on opportunities for improvement, resulting from independent and objective assessments of the performance of operational processes, considering efficiency, effectiveness and economics of risk management, compliance, internal control system and corporate governance.

It is important to note that the internal audit activity does not exist to find errors or irregularities, it is not a control, it is not an ombudsman, nor a provider of opinions, nor is it a inspection unit.

Internal audit is not control, but it is part of the internal control system, as it is the periodic monitoring activity dealt with in the monitoring component of the COSO Internal Controls Structure management good practice paradigm.

It is an activity based on standards and professional practices that guide your organization and the applied evaluation methodology. The auditors' positioning and opinion are based on factual evidence, obtained through audit procedures and techniques, applied in a systematic and disciplined manner, comparing the activity evaluated with the chosen standard of best management practices, thus allowing for quality notes and effective for improving the entity's operational and strategic management process.

Although the internal audit does not have the objective of detecting irregularities, the auditor is proficient in detecting indications of the existence of possible irregularities and, therefore, directing the finding to the competent bodies. He is also proficient in identifying operational vulnerabilities that may contribute to fraud and / or corruption events, suggesting, for responsible management, taking actions to mitigate this vulnerability.

Internal audit is also responsible for the dissemination of corporate ethical values ​​in the day-to-day activities of the organization, including the dissemination of best management practices, thus contributing to the increase of the organization's capacity to achieve its objectives through economic and effective processes.

It is worth remembering that, according to our experience, only with the presence of the audit activity in the organizational structure, possible acts of irregularities are already prevented, as it changes the view of the “rational” attribute, considered in the concept of the fraud triangle.

Finally, an independent, proactive and integrated internal auditing activity is essential for strengthening the corporate governance structure. Furthermore, it should not be seen as a cost center, since through your work, the company will have:

• More aligned, effective and economical operating processes,
• Better understanding of existing risks, resulting in a better mitigation process,
• Minimization of losses arising from possible acts of irregularities.

But for all of this to be a reality, it is essential to have a modern and integrated internal audit with proficient, proactive auditors aligned with the organization's business, guided by the auditing standards and professional practices.

Be happy!