In my last post I highlighted the benefit of supplier Audits, shared my opinion as to what makes a good supplier Auditor and identified the primary reason as to why we Audit. In today's post, I wish to expand a little further on what makes a good Auditor, by looking at the principles of an Auditor;
- Provide integrity
- Report truthfully and accurately
- Ensure confidentiality
- Provide impartially and objectively of Audit conclusions
- Provide professional care
Integrity and the Auditor
The Oxford dictionary defines integrity as "the quality of being honest and having strong moral principles". Integrity is one of the most crucial characteristics of a good Auditor.
External Auditors are independent of the organisation being Audited and therefore, will be free from bias and conflict of interest. An Auditor that maintains integrity will diminish any conflicts of interest that the Auditee or Audit client may have.
Conflicts of interest can arise when;
- You may have a stake in the organisation that is being audited
- Have family members or friends working within the organisation
- You have worked previously within the organisation
- You have a vested interest in a competitor of the Auditee.
It is imperative that the Auditors are objective throughout the Audit process to guarantee that findings are based only on the Audit evidence. As a good Auditor who exercises integrity, you must report any conflict of interest to the Audit client or management team and decline to participate in the Audit.
Other principles include;
Fairness "treating people equally without favouritism or discrimination" (Oxford dictionary). Auditors are required to report the audit findings, its conclusions and ensure the presentation of the report is in an authentic and precise way. Any issues that may have arisen during the audit should be disclosed in the report. Auditors must be independent in order to avoid favouritism (i.e., having a stake in the organisation) or discrimination (i.e., having a vested interest in a competitor of the Auditee).
Due Professional Care: According to ISACA due professional care can be viewed as;
- How the Auditor conducted him/herself during the audit process
- The professional image expected of an Auditor towards the Auditee
- Adding value to the client by providing solutions instead of a problem.
Auditors should exercise care in accordance of the importance of the task they perform and the confidence which has been intrusted to them by the Audit client.
Confidentiality is defined by the Oxford dictionary as " a way that is intended to be private or secret". Therefore appropriate handling of sensitive information is vital. Information should be protected and not used for personal gain and filed confidentially.
The principles of integrity, fairness, professional care and confidentiality equate to ethical conduct and morals. Throughout my studies I have come to know these as basic codes of professionalism. Ethics is a system of moral principles, where morals is the branch of philosophy dealing with values relating to human conduct, for example, the conduct of the Auditor.
As mentioned earlier, morals forms the backbone of integrity. A good Auditor will endorse, and adhere to these ethical principles, knowing that effective auditing relies on its execution. Any Auditors who are not behaving in an ethical manner during the audit process should be reported immediately to management, and the audit client.
What do you think, are there more principles that can be added? Share your thoughts below.