Part 1 Section E.2. Internal Auditing 内部監査

Definition of Internal Auditing 内部監査の定義


以下は、the Institute of Internal Auditors による内部監査の目的・性質・スコープに関する定義

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.


Characteristics of an effective internal auditing function 特徴

An effective internal audit functions to management and the audit committee a means of monitoring the reliability of financial reporting and the organization’s control over operations.

The monitoring of control over operations includes the effectiveness and efficiency of operations and the organization’s compliance with applicable laws and regulations.


The functional areas of internal auditing are similar to the functional areas of internal control. Internal control is a process designed to provide reasonable assurance that the company’s objectives is the areas of

(i) effectiveness and efficiencyof operations,
(ii) reliability of financial reporting, and
(iii) compliance with applicable laws and regulations

will be achieved.

Internal auditing services contribute to the achievement of these internal control objectives by providing monitoring services for the respective control.

Types of Engagement

  • Internal auditors perform two basic categories of services:
    1. Assurance services
      • provide an independent opinionor conclusions regarding an entity, an operation, a function, a process, a system, or some other subject.
        • financial audit
        • performance audit
        • audit of financial controls
        • risk management audit
        • compliance audit
        • audit of system security
        • due diligence
    2. Consulting services
      • provide advice to management at the request of the client.
      • are intended to add value and improve the organization’s governance, risk management, and control processes.

Financial Audit

A financial audit tests the reliability and integrity of reported information and ascertains the degree to which the company’s assets are properly safeguarded.


Operational Audit (Performance Audit)

Operational audits are assurance services.

The purpose of an operational audit is to examine and evaluate systems of internal control, overall company operations, and the quality of performance in carrying out assigned responsibilities.

They focus on the three “E”s.

  • Efficiency 効率性
  • Effectiveness 効果性
  • Economy 経済性

An operational audit is a comprehensive review of the varied functions within an enterprise to appraise the efficiency and economy of operations and the effectiveness with which those functions achieve their objective.

An example would be an audit to assess productivity. Other examples could include an evaluation of processes to reduce rework, or reduce the time required to process paperwork or goods.

Compliance Audit

Compliance audits are assurance services.

A compliance audit determines the degree to which an organization is operating in an orderly way, conforming effectively and visibly to certain specific requirements of its policies, procedures, standards, or laws and complying with governmental regulations.

In a compliance audit, the internal auditor focuses on issues of compliance (or lack of compliance). In the case of noncompliance, the auditor will also determine the cause of the noncompliance, the costof the noncompliance, and appropriate actions that must be taken in order for a company to be in compliance.

A compliance audit is the review of both financial and operating controls to see how they conform to establish laws, standards, regulations, and procedures.

An environment audit would be an example of a compliance audit. Other examples of compliance audit could include the review of controls over industrial wastes or the review of procedures ensuring that proper disclosure is made regarding hazardous materials on site.