Brink’s Modern Internal Auditing, Fifth Edition
By Robert Moeller and Herbert N. Witt
John Wiley and Sons; 1,200 pp.; $168 hardcover; ISBN: 0-471-52132-9
Reviewed by Allan M. Rabinowitz, Professor of Accounting, Lubin School of Business, Pace University
With his first edition in 1942, Victor Brink began pioneering the fields of professional internal auditing and operational auditing. An active practitioner for many years, his influence in these areas was profound. This fifth edition serves as a comprehensive, state-of-the-art publication.
Too often, the significant effect that the operating or nonfinancial portions of organizations can have on their income statements is unrecognized. Auditors frequently spend little or no time in reviewing, let alone understanding, these areas along with the financial implications of undesirable occurrences, including impropriety, waste, losses, and errors. This volume effectively demonstrates what auditors and accountants must be aware of in areas outside of their primary competency.
Many readers will be surprised to learn how far internal auditing has evolved and how sophisticated the function has become in many larger organizations. Today’s internal auditors are generally CPAs or Certified Internal Auditors (CIA). The Institute of Internal Auditors (IIA) has become an international force in its field and has spurred extensive research that the author capably integrates in this book.
Part One, “Foundations of Internal Auditing,” provides an introduction to the field and internal control. It compares external and internal auditors and indicates how the latter go beyond the financial statements to examine the policies, decisions, procedures, and performances that impact them. Operational auditing is intended to maximize any entity’s performance by effectively using its resources. This thrust can and should take internal auditors into every part of the organization.
Part Two, “Administering Internal Audit Activities,” explains how the internal audit function can be of greatest value to all levels of an entity. It stresses the independent nature of the function and how this is reinforced when internal auditors report to the audit committee of an organization’s board of directors or trustees.
This section of the book also presents and discusses the “Standards for the Professional Practice of Internal Auditing” developed by the IIA. The evaluation of an entity’s (along with the auditors’) exposure to risk from loss or injury, the structuring and planning of the internal audit function, and the recruiting and development of staff are covered as well. Conducting audits through all phases, the preparation of working papers, and the reporting of findings are all considered.
Specific chapters relate to using computers and software to perform audit work, audit sampling techniques, and automated audit processes. Mention is made of continuous computer audit monitoring of selected transactions in order to identify unauthorized transactions.
Part Three, “Impact of Information Systems on Internal Auditing,” offers basic information on risks, controls, and review procedures in mainframe operations, LAN-based client-server applications, and Internet-connected computers. This section discusses the evaluation of business application controls and auditing systems under development as well as the review of physical and logical security, contingency planning procedures, ever-changing systems technologies, and related audit concerns.
Part Four, “Areas for Operational Auditing,”is the book’s best feature. It first discusses the financial, information systems, and operational portions of such internal audits. It then describes specific areas along with appropriate controls, audit procedures or questionnaires, and report findings and recommendations.
Part Five, “Special Audit Activities,” examines the challenging areas of loss prevention and fraud investigation, coordination of internal audit work with external auditors, and quality-assurance reviews of the internal audit functions.
Part Six, “Internal Audit Future Direction,” considers the expanding role of internal auditing and its outsourcing, as well as the critical area of business ethics and social responsibility and the role that internal auditors play in that broad arena.
In all, this book renders excellent service to internal auditing. It is a superb tool for internal auditors as well as supervisors, managers, executives, and directors who should seek to acquaint themselves with how this function can assist them. External auditors can benefit by seeing how they can effectively draw and rely upon internal audit work to extend their own reach and avoid significant blind spots in their own work. Study of this volume would also be invaluable to audit committee members, who could then pursue their mission with greater insight.
©2006 The CPA Journal. Legal Notices
Visit the new cpajournal.com.