March 05, 2019
Susanna Metzler
Are your internal audit findings visible to you and your teams? Do you know who your internal auditors are? What is your relationship with your external auditors―love or hate?
An internal or external audit can be perceived as an agonizing experience for most accountants. Not only is the process time consuming, but often boundless in the middle of other accounting tasks.
Creating an exemplary partnership with your internal auditors will enable a seamless, positive process with your external auditors.
Here are three areas to consider that will help your organization build an effective partnership with your internal and external auditors.
The purpose of an audit is to review your system for internal controls. This includes understanding and articulating your Risk and control matrix to the various auditors, and making sure your control environment conclusion matches expectations.
When your organization’s financial information is contained within a finance automation platform, IT and other general controls will require additional scrutiny. This can include security, processing integrity, program change management, general IT controls, and over-arching entity-level controls.
You want to further promote transparency to ensure that high standards of accuracy are met, proper audit processes are in place, and your workforce is following compliance procedures. This raises the accountability of each party involved in the audit process, and results in a more accurate audit.
This can also position your organization to promote honesty, teamwork, real-time detailed reviews, and checks and balances. Auditors relate to the ability to easily trace processes from the beginning to the end of the transactions, and understand the relationship of the amounts on the financial statements.
We’ve all experienced the audit that never ends. It happens in a variety of months, quarterly, and the dreadful year-end audit.
A successful audit results in a positive experience, reduced prep time, and improved audit time for your accountants. A well-understood control environment demonstrated by your accountants is fully understood and appreciated by all auditors.
The most common best practices for achieving a successful audit experience is providing proper support, conducting quality reviews, and maintaining internal policies. The right planning, best practices, and controls contribute to this as well.
It took years for the internal audit findings in Accounting to become available to me. It wasn’t until after my previous organization transitioned to BlackLine that I was able to start building a relationship with our auditors, as I added them as users in the platform.
BlackLine is the leading technology solution for your audit needs. The solution provides the ability to configure and create best practices that you can implement to partner with your auditors and balance the workload within this partnership.
With online training tools, your auditors can fully understand your accounting processes in the system. Organization policies, along with process and support documentation, are directly accessible through a link or attachment to the respective account(s).
With BlackLine Reporting, your user reviews are seamless, providing the assurance of completeness at regular intervals.
To further enhance your customer controls, BlackLine incorporates adequate control features, including audit trails, SOC reports, and ISO 27001 and ISAE 3402 certifications.
Digital transformation delivers a rigid control environment while building partnerships with your auditors. Here are some general guidelines to achieve success after implementing BlackLine.
Ensure your auditors have been trained on the BlackLine system. There are BlackLine U courses on topics like Introduction to Account Reconciliations and Completing a Reconciliation that will help them learn how to use the platform.
There is also a certification in BlackLine Account Reconciliations available―or you can train them.
After they’ve completed the training, provide the audit team with BlackLine user licenses. Best practice is to activate the setting that ensures auditors can only see reconciliations that have been completed and approved.
Role security for external audit roles is based on assigned entities assigned. The internal audit role is based on account assignment. It’s not unusual to reverse and rename these two roles.
Ensure your organization’s policies and procedures are properly attached in BlackLine, and maintain documentation on any specific tolerances, waivers to policy, or other information that may be helpful. These can also be included in BlackLine.
Perform quarterly user audits to ensure validation that user activity is appropriate, and create appropriate audit trail reports within reporting. This will ensure key IT controls and changes are monitored and documented.
Finally, prove segregation of duties using BlackLine standard IT controls and grant real-time access (past periods, quarters and years) to easily perform comparisons.
Read this blog to learn more about how to bridge the gap between Accounting and Internal Audit.
About the Author