Study on the Internal Audit for Listed Companies Based on Value-added View

As the function of internal audit is being cognizing deeply and changing, the function of internal audit in Chinese listed company governance is gradually being strengthened. Combining with the new definition of internal audit, the enterprise risk management frame and the re-oriented value-added aim of internal audit, the measures such as perfecting the corporate governance structure and implementing many measures about management audit oriented by internal control and risk management were proposed to promote the listed companies to reform the management, evaluate the risk and added values, and fully exert the value-added function.


Orientation of internal auditing
In the up to date definition of internal audit, IIA pointed out that "internal audit is a kind of independent and objective affirming and consulting activity, and its targets are to add values and improve the operation of the organization.It evaluates and improves the effects of risk management, control and governance procedure, and helps organization to realize its target."IIA defined the internal audit as a kind of value-created activity, and its final target is to help the organization to realize its target, i.e. creating values for shareholders and other stakeholders.The modern audit has developed from the financial audit of "independently evaluating activity" to the "guaranteeing and consulting activity to add values and improve the management of enterprise".From initial fault-checking to helping manager better carry out their responsibilities, and to helping enterprise add values, the range of internal audit has be extended to risk management, internal control, corporate governance, perfecting the corporate governance structure and enhancing the management level of enterprise.
In the speech of "Tell the Whole World" in the 65th national conference of IIA of 2006, Stephen Geffett, the present of IIA, pointed out "internal audit is a very hot occupation, because it is very important to add the values of the organization (Stephen, 2006)."IIA made following explanations for the "adding values" in the definition, "the existence intention of the organization is to create values, or benefit the owners, other shareholders, consumers and clients of the organization.The mode that the organization offers value is to produce products or offer services, and sale these produces or services by means of resources".The internal audit department is such a department which can add values for the organization."Sarbanes-Oxley Act" defined the audit committee as the legal audit supervision department that the company must established, and concretely regulated the audit committee, which enhanced the status of the internal audit, and further increased the independence of the internal audit, and offered important platform to exert the value-added function of internal audit.

The cognition about internal auditing is deficient, and the status of the internal audition department is low and its independence is bad
One survey indicated that 67% internal audit departments in China were leaded by the chief accountant or the deputy general manager who charged the finance, and 33% internal audit departments were leaded by the general manager.Obviously, the power of the internal audit department leaded by the financial controller is low, and it can not independently supervise the financial controller, general manager and directors.And though the internal audit department directly leaded by the general manager can be independent from other audited functional departments, but it still can not independently supervise the general manager and directors.According to the rules of "Chinese Public Company Governance Standards" issued China's Securities Regulatory Commission in Jan 2002, the directorate of listed company could establish the audit committee, and definitely regulated various functions of the audit committee.But in Chinese listed companies at present, many companies have not established the audit committee, which indicates that before the establishment of the audit committee has not been the compulsive rule, the decision-making layer of listed company still lacks in the internal audit, and the governance environment of the audit committee is still deficient.This kind of concept lacking in cognitions about internal audit certainly will not guarantee the stabilization of the internal audit department and personnel, and the setup of audit department is basically parallel or lower than other departments and the audit department is leaded by the financial controller and the general manager, which can not effectively supervise the financial department, financial controller and directors.The lower leading layer certainly will induce the low status and bad independence of the audit department.

The standardization degree of internal audit is low
According to the audit laws and regulations, most internal audit departments of listed company established the bylaws about the audit work, but that is still far away from the standardized requirements of the audit work.Up to now, there is no one department which could really perform the quality checking of internal audit.Because of the deficiency of these basic criterions, and the coarse management of many years, the internal audit has been gotten into the strange circle that there are no laws to follow, and laws and regulations can not be followed, and qualities of audit works are intermingled, for example, the audit exceeds the responsible range, the operation procedure gets out of line, and the audit method and measure are improper, which can not only influence the efficiency and effect of audit but bring large audit risk.

The function and work range of internal audit is limited to some extent
It is the development tendency of modern internal audit that the function of internal audit turns from the financial target to the economic management target, which had been definitely regulated in the "Regulations about Internal Audit Works of Chinese Audit Administration".But the range of most internal audit departments and personnel is still limited in traditional economic supervision audit, and the subject is always the underling department (or secondary department) of the company, and the internal audit department can not effectively supervise the financial activities of the company, which is the result that the leader layer of the internal audit department is lower, and the function and work range of some internal audit departments is dominated by the managers' will, and the managers often artificially weaken the audit function, reduce or transfer the work range of audit, so the supervision and management function of internal audit can not be exerted effectively.

The quality of internal audit personnel can not adapt the requirements of auditing
Most internal audit personnel possess low quality in China, and they can not adapt the requirements of modern audit work.For the personnel learning experience, few internal audit personnel have bachelor's degree, and post graduate certificate can be counted on one's fingers.And many internal audit personnel come from financial and management departments in the department reforming and recombining processes and their professional abilities are relatively weak.For the personnel specialty, most audit personnel are graduated from traditional specialties such as finance and engineering, and the personnel of specialties such as law, computer and auditing are deficient seriously.For the work ability, most internal audit personnel only implement simple accounting evidence and account checking because of the professional and audit experiences, and the personnel who know well computer technology and legal knowledge have more deficient ability of applied audit ability.Above situations objectively make the internal audit personnel can not adapt the quick change of the auditing environment and reply various challenges.

Perfecting the corporate governance structure of listed company
The corporate governance structure of Chinese listed company has not been perfect at present, and to really establish effective internal audit system, the corporate governance structure of Chinese listed company must be perfected.First, the adjustment of Chinese listed company equity structure should be strengthened.The listed company should actively and stably adjust the equity structure and perfect the corporate governance structure under the guidance of national macro policy.Second, the independent director system should be established and perfected.The directorate is the core of corporate governance, and the proportion of independent director in the directorate and the full exertion of their functions can mainly decide the efficiency of the directorate.Only the effective independent director system is established, the directorate can fully exert its unction, and effectively instruct the internal audit of listed company.Therefore, according to the requirements of "Listed Company Articles of Incorporation" and "Listed Company Governance Rules", the listed company should establish and perfect the independent director system, and set up the listed company audit committee composed by most independent directors based on that, and the audit committee would harmonize the internal and external audition relations for the listed company, and enhance the participation degree of internal audition in the internal management of listed company.

Strengthening the internal control audit and improving the system and flow of enterprise internal control
At present, to push the internal control construction of enterprise and develop the internal control system audit has been the hotspot concerned by the enterprises.Chinese State-owned Assets Supervision and Administration had definitely require the central enterprises should establish and perfect the internal control system, and strength the supervision and checking of the implementation of internal control, and part central enterprises had been the efficiency evaluation experimental units for the internal control, and it also required that the enterprises listed in US should make the construction and evaluation of internal control well according to the "Sarbanes-Oxley Act".Taking the internal control frame in the COSO report of 1992 as the original version, the internal control includes control environment, risk evaluation, control activity, information communication and supervision.For the enterprises which internal control constructions can not achieve the requirements, the principles and chief accountant of these enterprises should assume corresponding legal responsibilities.Thus it can be seen that the internal control auditing is one of important contents of internal auditing.
The essential tenet of the internal control auditing is "to increase benefit and prevent risk", and according to the auditing concept of "giving priority to preventing and the prevention is better than correction", the emphasis of internal control should be the prevention and control of risk in advance, and properly give attention to the checking in the case and the supervision after the case, and establish the restriction and supervision mechanism giving priority to the prevention.To check, analyze and evaluate the internal control system, find out the weak part of the internal control system by scientific evaluation method, put forward the improved advices, and build up the system holes can perfect the internal control system and nip in the bud.The transfer of the control point can report and process the discovered violations of rules and regulations in time, and perish the abnormal events in the bud possibly and avoid potential risk loss.The development of the internal control audit can impel the management layer to establish and perfect the internal control system, strengthen the management, fully exert the function of the internal control system, and enhance the economic benefit of the company.

Giving priority to defend and control risks, developing the risk management audit and enhancing enterprise's ability to reply the risks
In the risk-oriented internal control times, the work emphasis of internal audit also changes from "control" to "risk"."Except for traditional internal control, the modern internal auditing more concerns effective risk management mechanism and perfect corporate governance structure (Wang, 2006)."In 2004, US National Commission on Fraudulent Reporting (it is also called Treadway Committee) put forward that the enterprise risk management was composed by eight mutually associated factors including control environment, target establishment, proceeding identification, risk evaluation, risk reaction, control activity, information and communication, and supervision in the "Enterprise Risk Management Frame".Different with five factors in COSO report of 1992, it classified the risk evaluation into target establishment, proceeding identification, risk evaluation and risk reaction, and it more emphasized the risk management.The risk management which transfers the control emphasis to the organization brings the change of internal audit content, and induces the transfer of the audit work center."Internal audit is the function of risk management, and it is the re-management of risk management (Zheng, 2006)."The financial audit is always the base, and the "control" is still important, but the risk management audit more gives attention to analyze, affirm and open out pivotal management risk and management risk."The evaluation of the implementation and utilization degree of risk management could ensure managers to use proper governance and control to treat the risk, which can offer advices to reduce, transfer and abide risks for managers".The enterprises in the present market competition face many challenges, and especially some enterprises have weak independent innovation ability and R&D ability, and over depend on the foreign capitals, some enterprises lack in development power and stable market status, and some enterprises possess single product.These points are the risk points to block the development of enterprise.Therefore, the internal auditing should point out the real risks and potential risks in time, deeply know the operation, primarily evaluate and affirm the fixed risks, judge the importance, decide the important accounts which need to be audited, confirm the materials influencing the accounts, confirming important auditing domain, establish tables for key data information and control points for important operations, perform risk supervision and clues, and actively offer advices and ideas for decision-makers.

Enhancing the conversion and utilization of auditing result, and strengthening the audit quality control
The audit quality is the lifeline of the audit work, but it is not the final target of the audit work.The target of audit is to help the company to discover and solve existing problems and enhance the economic benefit.If the discovered problems have not been modified, the labors paid by the auditors will be wasted, and even if the audit quality is higher, the values created for the company are nothing.To make the value-added function of audit to be exerted effectively, the company must pay more attention to the conversion and utilization of audit results, and form the closed-loop management of the audit work.
The listed companies must highly emphasize the conversion and utilization of audit results, and effectively translate the audit results into the enhancement of enterprise management efficiency and management benefit.And they also should pay attention to the problems discovered in the audit, adopt effective measures to modify and correct the faults, and reduce the occurrence rate of same kind of problem in the subsequent audit, until these problems are solved completely, then the management behaviors of the listed companies can be really improved.The internal audit should actively dynamically follow these problems, harmonize and supervise relative departments to correct these problems in time, and run the responsibilities of a few departments with bad corrected effects, and the internal audit should strengthen the subsequent audit power, continually enhance the conversion and utilization of audit results, and fully exert the value-added function of the audit.
Li Jinhua, Chinese chief auditor, pointed out that "the management and benefit of any one department are unending, and though it is unending to enhance the management level and benefit, so the work of internal audit is also unending (Li, 2006)."Therefore, the internal audit has extensive development space, and to confirm the orientation of the internal audit, convert audit results into productivity by pushing internal control audit and risk management audit under the guidance of value-added target, and promote enterprises to strengthen the management and enhance the benefit is not the demands of the situation, but the requirements of the time, which can fully embody the value-added value of the internal audit.