First of all, one of the types of audits is Operational Audits. It usually related to a future- oriented, systematic and independent evaluation of organization's activities. Financial data may be used, but the primary sources of evidence are the operational policies and achievements of organizational objectives. They not only will evaluate objective of an area, department or functional operation but also recommend any development or improvement to increase effectiveness or efficiency. Efficiency is concerned with how well an organization uses its resources at a particular level of activity. Effectiveness is a measure of how successful an organization is in achieving its stated goals or objectives. As such, the process considers the adequacy and effectiveness of internal controls designed to manage risks and ensure organization's objectives are reached. In short, it can conclude that the operational audits as a systematic review of effectiveness & efficiency of operating procedures & resource utilization in an organization. For example, assessing the effectiveness or efficiency of computer operations & use of computer resources in an organization or the example is evaluation of organization's efficiency such as internal controls, production procedures, purchasing and marketing as well as distribution methods used.
Besides, the other type of audits is Financial Audits or known as Audit of Financial Statements. It is mostly related on verification of the financial statements of a legal entity together with a view to express an audit opinion. The main purpose of the audit opinion is to provide great assurance that the financial statements are proposed fairly, in all material aspects. It is historically oriented, independent evaluation performed for the purpose of attesting to the fairness, accuracy, and reliability of financial data. Of course it would not left out examining the structure, internal control systems and financial records to determine whether management controls, budgeting, spending, revenue, assets and stores have been managed in accordance with law, regulations and instructions related such as compliance with MASB standards. Internal audit will also conduct audits mostly emphasize on a financial system's controls to ensure that financial controls are adequate and effective. It also provides a summary of the audit's finding. For example, it will briefly state if the financial statements present financial data in a fair way and whether financial reporting and internal control measures follow according the current laws and regulations.
On top of that, Compliance Audits in which the purpose is to determine whether an organization has been audited by following specific procedures or rules that have been set down by the top management or some higher authority. In other words, it is focusing in determining the extent of compliance with rules, regulations, policies, laws, covenants and government regulations. Lastly, it will propose the basis for measuring compliance or the lack of compliance by the audited entity. There are three elements that must be present to be success in compliance audit's performance besides established rules are an auditor is capable of performing the audit well, proper documentation of the work completed by the entity and a way of communicating and presenting the results of the compliance audit. In conclusion, compliance audits can be short described as an audit to ensure the organization in compliance with relevant specifications, contract, or regulation. For example, an organization's business is due for workplace safety certification. So, the manager will hire outside consultant to perform a compliance audit. Through an after-audit report, the ways to improve the plant will be listed out and in the same time will try to fulfil the governmental requirements.
Furthermore, Forensic Audit or known as Financial Forensic is an examination and evaluation of an organization's or individual's financial information and use it as evidence in court. The purpose of this audit is to prosecute a party for fraud, embezzlement or other financial claims. Besides, an audit may be designed to determine negligence or mistakes and then giving comment on the work of other professionals. They even determine how much spousal or determining income available for child support and equitable distribution. It contributed into few categories such as bankruptcy, securities fraud, business valuation and etc. An example for Forensic Audit is sales records to determine the quantum of rent owing under a lease agreement, which is the subject of litigation.
Moreover, Information Systems Audits or known as Information Technology (IT) Audit. It is an examination of the controls within an entity's Information technology infrastructure. Evidence evaluation is obtained to make sure that the organization's information systems safeguard assets, maintains data integrity, and are operating effectively and efficiently to achieve the organization's objectives. It commonly focus on determining risks that are relevant to information assets, and in assessing controls to reduce or eliminate these risks. The only purpose of IS audit is to review and evaluate an organization's information system's availability, confidentiality, and integrity. Below are the three kinds of information system audit:
General Controls Review: A review of the controls which govern the development, operation, maintenance, and security of application systems in a particular environment. This type of audit usually focused on specific aspects of the work of department or individual such as reviewing a data centre, an operating system, a security software tool, or processes and procedures (such as the procedure for controlling production program changes), etc.
Application Controls Review: A review of controls for a specific application system involving examination of the controls over the input, processing, and output of system data. Data communications issues, program and data security, system change control, and data quality issues are also considered.
System Development Review: A review of the development of a new application system. It concern about evaluation of the development process as well as the product. Besides, they will contemplate on general controls over a new application.
Last but not least, Follow-up Audits are audits conducted approximately six months after an internal or external audit report has been proposed. They are formed to evaluate corrective action that has been taken on the audit issues reported in the original report. When these follow-up, audits are completed on external auditors' reports, then the results of it will be reported to the external auditors.
