Although “integrated” is in the name, integrated audit can sometimes defy its name—especially if accounting processes are manual and disparate.
Let’s back up. What is integrated audit?
Integrated audit combines the financial statement audit with the audit of internal controls. For public companies, Sarbanes-Oxley requires auditors to assess the existence, maintenance, and effectiveness of internal controls. One of the auditor’s objectives during an integrated audit is to express their opinion of a company’s controls over financial reporting.
Although this is not required for smaller and private companies, auditors may choose to use an integrated approach in anticipation of growth or acquisition, or to save time on substantive testing.
You may be thinking, well obviously—integrated audit is a no-brainer. However, integrated audit is not as standard or well-executed as it may seem.
The Current State of Integrated Audits
Think about all those companies who very well may be taking a one-audit-at-a-time approach. Auditors come in to focus on different areas at different times. For example, auditors may choose to look at the operational side of controls, then the IT side, and then consider how they play into financial reporting. Each audit costs Accounting time and money.
If you’re using an integrated approach, consider how disparate your processes and even company locations are. If you’re performing a reconciliation that requires a journal entry, you may be storing a copy of that journal in the journal entry binder, and another copy of the reconciliation in a separate reconciliation binder.
You and your auditor have to hunt down each binder, make copies, and then potentially track that binder down again if something is missed. We’ve all had that staff auditor tiptoe back into our office asking to see a binder for the second time: “I thought I just needed to see signoffs, but I need supporting documentation as well.” Although an innocent oversight, this disrupts workflows and creates redundancies.
Or, if you’re a global company with physical audit evidence at different locations, you may find your auditors traveling between offices or wasting Accounting’s time scanning in binders of evidence.
Under these conditions, integrated audit certainly isn’t integrated. Even if your intention is to perform the financial statement audit with internal controls, how do you combat disjointed workflows and add more efficiency throughout the process?
A Self-Service Model
With a unified, cloud-based platform like BlackLine, the close tasks, reconciliations, journal entries, and controls required during an integrated audit are stored in one globally accessible location. Evidence of preparation and review, supporting documentation, and substantive elements for a reconciliation and/or journal entry, for example, are bundled together and ripe for the integrated audit approach.
Accounting can even give auditors controlled, read-only access to their work so that auditors can pull control evidence and evaluate the substantive side without having to bother Accounting.
Pick any completed reconciliation or journal entry and see everything you need—reconciling items, signoffs, supporting documentation—without having to sift through multiple binders. Additionally, BlackLine can be accessed from anywhere at any time, so when the auditor wants to work on Saturday, Accounting doesn’t have to.
And if that staff auditor forgets to look at supporting documentation? Accounting is not interrupted. The auditor can go into the system themselves to pull supporting evidence because everything they need is stored in one centralized system. This leads to a self-service model that makes integrated audit more efficient and truer to its name.
Read this blog to learn more about how to bridge the gap between Accounting and Internal Audit.