Internal audit is. Features of internal audit in the organization

The standard is intended to organize the planning and conduct of internal audits (inspections) at the enterprise and serves as a guide for their participants.

The standard was developed by the BUSK service.

During its development, the requirements of ISO / TS 16949 section 8.2.2 "Internal audits" were taken into account.

1. Foreword
2. Introduction
3. Application area
4. Normative references
5. Terms and Definitions
6. Designations and abbreviations
7. General provisions
8. Check objects
9. Planning for internal audits
10. The procedure for conducting, formalizing the results of audits and taking corrective actions

• Annex A (mandatory) Internal Audit Checklist Form
• Annex B (mandatory) Requirements for the qualifications, experience and personal qualities of auditors.
• Annex B (mandatory) Form of the annual schedule of internal audits
• Annex D (recommended) Form of the audit program
• Appendix E (mandatory) Internal audit report form
• Annex E (mandatory) Form of the internal audit log
• Annex G (mandatory) Action plan form
• Signatures
• Reference list
• Change Registration Sheet

INTRODUCTION

The Quality Management System of an enterprise must comply with:

• ISO/TS 16949 requirements,
• requirements for the QMS developed by the enterprise itself,
• planned activities.

In order to confirm that the Quality Management System has been effectively implemented and maintained in working order, internal audits are carried out at the enterprise.

The main organizational principles of internal audit are:

• The principle of uniformity: Each audit is carried out according to the established procedure, which ensures its orderliness, unambiguity and comparability.
• The principle of consistency: Planning and conducting an audit for various processes and activities is carried out taking into account their established structural relationship in the management system;
• Documentation principle: The conduct of each audit is documented in a certain way in order to ensure the safety and comparability of information about the actual state of the audited object.
• Precautionary principle: Each audit is planned and the personnel of the audited process or individual unit is notified in advance of the objectives, object, criteria, time and methods of the audit in order to ensure the necessary level of confidence in the auditors and to exclude the possibility of personnel avoiding the presentation and demonstration of all required data.
• The principle of regularity: Audits are carried out at regular intervals so that the management system is subject to constant review by the management of the organization.
• The principle of openness: The results of each audit should be made public in order to ensure "transparency of the system" for its users, consumers and external auditors.

The purpose of this standard is to establish the main provisions regarding the development of a procedure for conducting internal audits.

1 area of ​​use

This standard regulates the procedure for conducting internal audits (inspections) in the organization's divisions.

This standard serves as a guide for specialists performing internal audits (inspections) and is mandatory for all structural divisions enterprises.

2 Normative references

• Quality Management System.
• ISO/TS Specific requirements for the application of ISO 9001:2008
• STP Enterprise Standard. Quality Management System. Organization of control of technological discipline in production.
• Enterprise standard. Quality Management System. Testing control. Periodic and type tests of products and their components. Organization of the holding and evaluation of the results.
• organization standard. Quality Management System. Personnel training and development system.
• Instruction. Quality Management System. Management responsibility. Analysis of the QMS by the Management
• Instruction. Quality Management System. Nonconformity management. History of problem solving.

3 Terms and definitions

The following terms and definitions are used in this enterprise standard:

• Audit (verification)— a systematic, independent and documented process for obtaining audit evidence (inspection) and its objective evaluation in order to establish the degree to which the agreed audit (inspection) criteria are met.
• Auditor- a person with competence to conduct an audit (inspection)
• Audit Team- one or more auditors conducting an audit (inspection), with the support of technical experts.

Note: One member of the audit team is appointed as the audit team leader.

• Conclusion— audit output provided by the audit (review) team based on the results of the audit after considering the audit objectives and all observations.
• Major discrepancy- the presence of any of the following options:

absence or complete non-compliance of the QMS established requirements. Several minor nonconformities for one requirement may be considered together as a major nonconformity;

any non-compliance that could result in the shipment of non-conforming products. A condition that could cause failure or significantly reduce the usefulness of a product or service for its intended use;

nonconformity that actually or potentially causes the quality system to fail or significantly reduce its ability to control processes and product quality.

• Audit Criteria— A set of policies, procedures, or requirements.
• Competence- a pronounced ability to apply their knowledge and skills.
• Corrective action— The action taken to eliminate the cause of a detected nonconformity or other undesirable situation.

Note: There may be several reasons for the discrepancy. Corrective action is taken to prevent the reoccurrence of the event, while preventive action is taken to prevent the occurrence of the event.

• Correction— The action taken to correct a detected nonconformity.

Note: Correction may be carried out in combination with corrective action. The correction may include, for example, reshaping or degrading.

• Minor discrepancy— is a nonconformity to specified requirements that is unlikely to be realistically or documented to cause: a failure of the quality system, or — a reduction in its ability to provide process control or lead to the likely shipment of nonconforming product.

It can be:

1. or a deficiency in some part of the documentation of the quality system,
2. or one or more observed cases of non-compliance with the requirements of the enterprise's quality management system.

• Audit Observations— the results of evaluating the collected audit evidence against the audit criteria (audit observations may indicate compliance or non-compliance with audit criteria or opportunities for improvement).
• Mismatch- non-compliance with the requirement.
• Preventive action— Action taken to eliminate the cause of a potential nonconformity or other undesirable situation.
• Audit program- a description of the activities and agreements for the audit.
• Products is the result of the process.
• Process- a set of interrelated and interacting activities that transforms inputs into outputs. The inputs to a process are usually the outputs of other processes. Processes in an organization are typically planned and executed under controlled conditions to add value.
• Procedure— the established way in which an activity or process is carried out.
• Audit evidence— Records, statements of fact or other information related to the audit criteria and which can be verified. Audit (inspection) evidence can be qualitative or quantitative.
• Quality Management System— a management system for directing and controlling an organization with regard to quality.
• technical expert— a person with specialized knowledge and skills who provides them to the audit team.

Note: Specialized knowledge and skills are related to the organization, processes and activities being audited. The technical expert is not an auditor in the audit team.

4 Symbols and abbreviations

• BUSK– Quality System Management Bureau
• MS- outline drawing
• IIL– measuring and testing laboratories
• KD- design documentation
• LVK— incoming control laboratory
• MS ISO- ISO international standard
• JSC- public corporation
• Ogmeter— department of the chief metrologist
• OTK— department of technical control
• PSI— acceptance tests
• QMS- Quality Management System
• STP— enterprise standard
• THAT— technical conditions

5 General provisions

5.1 Internal audits (checks) allow you to solve the following tasks:

• confirmation of the compliance of activities and their results in the QMS with the established requirements;
• analysis and elimination of the causes of identified nonconformities;
• confirmation that corrective actions have been taken;
• evaluation of the effectiveness of a functioning quality system;
• determining the degree of understanding by the staff of the goals, objectives and requirements, established documents QMS;
• identifying ways to further improve the QMS;
• assessment of opportunities in relation to the quality of production processes;
• assessment of product quality characteristics and confirmation of their compliance;
• confirmation of the relevance and compliance with the requirements of the ND.

5.2 Internal audits (checks) are carried out at scheduled intervals in all work shifts. The purpose of the audits is to establish that the QMS of the enterprise complies with:

• the requirements of ISO/TS 16949;
• QMS requirements developed by the enterprise itself or established by consumers;
• planned activities.

5.3 Internal audits (checks) are carried out:

• in accordance with the schedule (scheduled inspection);
• at the direction of the management of the enterprise (unscheduled inspection);
• based on consumer requirements.

5.4 Conduct the following types of audits:

• Audit of the system Management system Evaluation of the completeness and effectiveness of the quality of fulfillment of basic requirements
• Process audit Creation process Evaluation of product/serial quality capabilities for special production of products/groups of products and their manufacturing processes
• Assessment of quality characteristics

5.5 Internal audits are conducted using Checklists (Appendix A).

5.6 The person responsible for the functioning of the procedure "Internal audits" is the Representative of the management in the QMS.

Representative of the management in the QMS:

• determines the special staff of the enterprise capable of carrying out internal audits;
• organizes, together with the Directorate for Personnel, training of personnel in the field of methods and organization of internal audits and training;
• manages the selection of inspection objects, development of the inspection schedule;
• organizes the analysis of the results of inspections and informing the management of the enterprise about them.

5.7 Specialists are trained in accordance with STO on the basics of internal audit.

5.8 The Register of internal auditors and specialists involved in internal audits is compiled annually. The register is approved by the Management Representative in the JMC and updated as necessary.

The form of the Register and the list of requirements for qualifications, experience and personal qualities of auditors are given in Appendix 5.

5.9 When conducting an internal audit (inspection), the head of the audit team is appointed. The functions and powers of the head of the audit team are given in Appendix B.

6 Objects of internal audit

6.1 The objects of internal audits (checks) are:

• Quality Management System;
• manufacturing process;
• products.

6.2 Audit of the System is focused on the system as a whole; during its implementation, processes, procedures, and QMS requirements are assessed.

The purpose of system audits is to assess the precise implementation of established QMS procedures and to identify areas for improvement.

6.3 Audit of production processes is focused on the technological processes of manufacturing products. During its implementation, specific production processes are checked to determine their effectiveness (compliance with established requirements).

These audits are carried out according to the annual schedule by technologists of HSE and KTS of workshops and employees of the quality service.

6.4 Product audit focuses on the product itself. It is carried out on serial products during periodic tests in measuring and testing laboratories.

Periodic testing is scheduled annually. During the audit of products, their compliance with established requirements is checked, including geometric dimensions, functionality, packaging and labeling.

6.5 Audit principles

The audit is based on the following principles, which provide information that is used to improve existing performance:

6.5.1 Ethical behavior is the foundation of professionalism.

When conducting an audit, interested parties must be prudent, take responsibility for their actions and perform their duties honestly, incorruptibly, keeping the information obtained in the course of work confidential. In the case when the audited activity is of a confidential nature, the auditor should have permission to participate in this work.

6.5.2 Impartiality - the obligation to present truthful and accurate reports;

Audit findings, audit opinions and records should truthfully and accurately reflect the work performed. Unresolved conflicts between the audit team and the audited unit, uncertainties and/or any obstacles encountered during the audit that may reduce the reliability of the audit conclusions are indicated in the audit report.

6.5.3 Due diligence is diligence and the ability to make the right decisions when conducting an audit.

The selection of the audit team is carried out in such a way that the auditors have all necessary knowledge and have the appropriate skills to conduct a particular audit. If all the knowledge and skills necessary for conducting an audit are not fully provided by the auditors, then the missing knowledge can be filled by the involvement of technical experts.

6.5.4 Independence is the basis for the impartiality and objectivity of the audit conclusions.

Auditors should not be interested in the results of the audit and should state the facts objectively and impartially. The selection of audit teams is carried out in such a way that their members do not audit their own activities and are independent of those responsible for conducting the audited activities.

6.5.5 An evidence-based approach is the basis for reaching reliable and reproducible audit conclusions in a systematic audit process.

Due to the fact that the audit is carried out in a limited period of time and with limited resources, the audit evidence is based on samples of the information analyzed, therefore, the auditor must have statistical thinking skills in order to be able to present the seen picture as a whole, and then evaluate it and provide an opinion. based on the results of the audit.

7 Planning for internal audits

7.1 The draft schedule for conducting internal audits (inspections) is developed by the head of the BUSK in the form of Appendix B.

7.2 When forming the schedule, the factors set out in sections 5.2, 6.2-6.4 are taken into account, proposals received by BUSK before December 1, from stakeholders, and data on inconsistencies in products, processes and QMS, including those identified by the results of previous inspections. Be sure to take into account the number of work shifts in the enterprise. At the same time, each QMS process is subject to verification at least once a year.

Unscheduled internal audits (inspections) are entered in free columns indicating the date and reason for the conduct.

7.3 The schedule of internal audits is agreed with the Management Representative and approved by the General Director of the enterprise no later than December 25 current year for the coming year.

7.4 Process managers (services, departments) are notified of the timing of scheduled internal audits in accordance with the approved schedule via e-mail and telephone communication three days prior to the audit. Along with the notification, checklists with control questions are transmitted.

7.5 There may be a deviation in the objects of checks associated with the need to conduct unscheduled audits. They are carried out in cases of deviations, mass production of defective products, changes in the manufacturing technology of products, development of new products, significant changes in organizational structure enterprise management.

Upon receipt of proposals, requirements from; Consumers, the decision to conduct an unscheduled audit is made by the General Director on the proposal of the Consumer's Representative and is issued by order for the enterprise.

In this case, notification of an unscheduled audit is carried out similarly to clause 7.4.

7.6 Based on the schedule of internal audits, if necessary, draw up an audit program.

The audit program (Appendix D) contains: the time of the audit, the distribution of responsibilities among the members of the audit team, the audit schedule, the list of objects and elements of the audit.

The need to draw up an audit program depends on its scope and is determined by the head of the audit team.

It is possible that the information listed above should be indicated directly in the checklists.

8.2 Comments on scheme 1.

Checklists (Checklists) are compiled taking into account the specifics of the audit. When compiling, the List “Quality Management System. Internal audits. List of checklists used in internal audits”. The control questions of the checklists are entered in the Journal of internal audits (Appendix E) columns 1,3‚4,5,6,7,8.

The need for an audit program depends on its scope (for example, the audit is carried out in several departments).

During the inspection of the object:

• The head of the audited unit is obliged to ensure the conduct of the audit and provide all the necessary information, determine the responsible employees of the unit to work with auditors.
• The auditor must examine the object being checked, get acquainted with the actual state of affairs, study the documentation, check the relevance and compliance with the requirements of the ND, links to which are given in the documentation under study, talk with the employees of the audited unit in order to be able to draw reasonable conclusions. In the Journal, Appendix E is filled in column 9.10.

At each internal audit in the unit, the auditor must ask questions regarding general requirements to QMS:

• Are employees familiar with the plant's quality policy?
• Do employees know which QMS processes they participate in, who is the process owner and process manager?
• Do employees know what QMS documentation has been developed at the plant?

During the audit, the implementation of measures developed on the basis of the results previous audit.

Discussion of the results of the audit is carried out jointly with the Head and representatives of the audited unit. The head of the audit team reports and explains the results of the audit, which will be included in the report.

The final report is drawn up in the form of Appendix D within three days from the end of the audit. When summing up the results of the audit, the yes/no method (OK/NOK) is used. To formulate a conclusion on the report, the following gradation of assessment is applied:

“unsatisfactory”, “satisfactory”, “corresponds, improvement is possible”.

If one significant discrepancy is revealed during the audit, the general conclusion is made - “unsatisfactory”, and the timing of an unscheduled audit is determined.

If one or more minor nonconformities were identified during the audit, the overall conclusion is “satisfactory”.

If no discrepancies were found during the audit, a general conclusion is made - “corresponds” or “corresponds”, an improvement is possible in the report, the implementation / non-compliance of the previous audit activities is noted, they are also indicated whether they are repeated or not.

BUSK registers a report in the journal (Appendix E column 2). The report is sent to the head of the audited unit, the Representative of the Management (Director for Quality) and the representative of the Quality Control Department of the shop (during the audit of the production unit).

Heads of other departments related to the elimination of inconsistencies identified during the audit receive information in the water of e-mails marked “based on the results of the internal audit

The report with the attached documents (checklists, action plans, audit program, etc. records) are stored in BUSK for three years.

Based on the results of the audit, the head of the audited unit analyzes the causes of inconsistencies with filling out forms 5

Develops an Action Plan (Appendix G) to eliminate the identified nonconformities and their causes, indicating the timing and responsibility, agrees and submits the Action Plan and analysis forms 5 why to BUSK.

BUSK postpones events to electronic journal(Appendix E columns 11,12,1З,14)‚ monitors the implementation (column 15). Evidence of completion (column 17) is provided by those responsible for the implementation of activities.

The auditor evaluates the effectiveness of the measures during the next audit (column 16).

Based on the results of the development of corrective actions, the audit manager decides on the need to extend corrective actions to other processes / departments, if the identified discrepancy can also be detected during the functioning of these processes / departments. Columns 18.19.20 of the Journal are filled. Information is sent to the heads of these processes / departments in the form of e-mails, with the mark “following the results of internal audit

If necessary, the events are put on the electronic plant-wide accounting "Card for recording events". Evaluation of performance occurs monthly while supervising the passage of these cards.

If the discrepancy is not eliminated, BUSK informs the Representative of the Management for a decision.

The head of the audited facility must give a written explanation of the reasons for not eliminating the non-compliance and agree on the postponed deadline for elimination with the Representative of the Management.

8.3. According to the results audits The head of BUSK provides information:

• 1 time per month to the Quality Director for a report at the factory Quality Dnepropetrovsk;
• 1 time per year to the General Director for the analysis of the QMS of the enterprise

Audit checklist, form

APPENDIX B

(mandatory)

Requirements for qualifications, experience and personal qualities of auditors

Qualification (knowledge):

• the presence of higher or secondary specialized education;
• knowledge of fundamental regulatory documents (including lSO / TS 16949-2009);
• knowledge of enterprise QMS documentation;
• special knowledge of the technique of preparing and conducting audits;
• knowledge of statistical methods of quality management;
• knowledge of the principles of functioning of the organization (size, structure, functions);
• basic knowledge of production processes and manufactured products (terminology, requirements, critical characteristics).

An experience:

• At least 1 year experience in the company;
• ability to work with documents;
• participation in at least two internal audits conducted by specialists admitted to work (during the first year of the implementation of the QMS, it is allowed to participate in audits of auditors without practical experience in audits).

Personal qualities:

• ability to listen to the interlocutor, sociability;
• objectivity and realism;
• ability to think analytically and flexibly;
• commitment to quality improvement;
• the ability to express one's thoughts orally and in writing;
• tact, loyalty;
• non-disclosure confidential information received in the course of internal audits

Functions and powers of the Audit Team Leader

Functions:

• formation of the composition of the audit team and organization of its work;
• establishing and explaining the object and objectives of the audit to auditors and the management of the audited unit;
• presentation of the group to the management of the audited unit;
• resolving disputes at their level and presenting unresolved disputes to a management representative;
• preparation of reporting documents based on the results of the audit;
• control over the implementation of corrective actions;
• checking the effectiveness of corrective actions;
• holding a final meeting;
• transfer (distribution) of documents on internal audit;
• storage and maintenance of audit documentation until delivery to BUSK.

Powers:

• receive all the information necessary for the audit;
• make decisions on the organization of the audit and evaluation of its results;
• monitor the implementation of corrective actions;
• appoint an additional audit to verify the effectiveness of corrective actions to eliminate deviations identified during the audit.

You will learn:

What's happened internal audit And how is it different from outside?
What legal requirements exist regarding internal audit.
How can an internal auditor help in the work of an enterprise.

Until recently, internal audit was mandatory only for certain categories of organizations (banks, insurance companies, etc.). Their internal audit activities are regulated by a large number of special regulations (related directly to their industry), which require separate consideration. And we will not pay attention to them in this article.

For other organizations, internal audit (control) became mandatory after the entry into force of the Federal Law "On Accounting" dated 06.12.2011 N 402-FZ. In particular, in this law, Art. 19 of this law says the following: “an economic entity is obliged to organize and exercise internal control over the facts committed economic life. An economic entity whose accounting (financial) statements are subject to mandatory audit is obliged to organize and exercise internal control over the conduct of accounting and preparation of accounting (financial) statements (with the exception of cases when its head has assumed the responsibility for accounting).

A little later we will analyze this legal requirement. Now we will pay attention to several significant points:

• Conventionally, internal audit (control) can be divided into general internal control (which, according to Federal Law No. 402-FZ, must be carried out in all organizations and special, regulatory requirements for which have existed for a long time (concerning banks, insurance organizations, etc.))
• Legal Framework concerning general internal audit (control) is quite concise. We will analyze it a little later.
• Clear legal liability for violation of legislation on the implementation of general internal control no. With a fairly large stretch, in this case, you can apply the article of the Code of Administrative Offenses, which establishes sanctions for violation of the rules of accounting. Therefore, many organizations of the requirements of Art. 19 of Federal Law No. 402-FZ is considered declarative.
• Despite the fact that there is no clear responsibility for violating the requirements of the Federal Law "On Accounting", the implementation of internal audit (control) can be more than useful for the organization itself and its founders.

General internal control

Unfortunately, a significant number of people still believe that internal control (audit) is similar to external control. That is, the internal auditor checks the legal, personnel and accounting documentation, as well as external. The only difference is that the internal auditor is an employee of the audited organization, while the external auditor is not. However, this is absolutely not true. And if we carefully study the Information of the Ministry of Finance N PZ-11/2013 “Organization and implementation by an economic entity of internal control of the facts of economic life, accounting and preparation of accounting (financial) statements”, we will see that this point of view is not correct.

First, internal audit can be carried out by external specialists. In clause 18.2. Information of the Ministry of Finance states: “The organization and evaluation of internal control can be carried out by an economic entity independently or (and) by an external consultant (including an audit organization).”

In addition, the content of internal audit is more than significantly different from the external one.

The International Institute of Internal Auditors of the United States, established in 1941, is considered the ancestor of general internal audit. According to the American concept, the task of an internal auditor is to calculate the risks that an enterprise can expect (they can be associated with both internal and external causes); assess the likelihood of their occurrence; isolate those of them to which the business is not tolerant and develop measures to minimize them.

Example 1

The task of the internal auditor is to analyze changes as a result of political events in the external economic situation; forecasting losses from the loss of some economic partners and the need for the enterprise to search for other suppliers and buyers.

At the same time, the scope of activity of the internal auditor is not limited to accounting issues, questions proper management personnel and legal documentation, it concerns all areas of the enterprise, for example, HR.

Example 2

In one manufacturing company, workers were paid meager wages. As a result, this led to staff turnover; high costs for the permanent search for personnel, theft by workers of products from the enterprise. In addition, in order to motivate people to stay and pay them a large salary, the heads of some shops (loading and unloading, logistics) wrote that their piecework subordinates did more work than they actually did. As a result, such savings on wages led to large losses in the company's finances.

If the company had an internal auditor, he would have to calculate Negative consequences such savings.

Thus, the work of an internal auditor concerns all areas of the enterprise: this is also a check of the effectiveness of the rules for building a budget; controlling; grade investment projects; development of an asset protection strategy; control over the creation of a system of measures to minimize abuse within the organization; investigation of fraud within the organization; control over cost accounting; analysis of product quality control; evaluation of customer service quality control and much more. the priority areas of internal audit are: facilitating the company's profit and the safety of assets.
In general, this concept is reflected in the Information of the Ministry of Finance N PZ-11/2013.

Requirements of Russian legislation for internal control (audit)

Consider now the norms Russian legislation relating to internal audit. First, let us note that Art. 19 of the Federal Law "On Accounting" is still a slight contradiction.

According to it, all economic entities must exercise internal control. A priori, it is assumed that this internal control must be exercised in all areas of the organization. But in part 2 of the same article, it is specified that an economic entity whose accounting (financial) statements are subject to mandatory audit is obliged to organize and exercise internal control over accounting and preparation of accounting (financial) statements (except for cases when its head has accepted the obligation to maintain accounting for yourself). A logical riddle arises, but in other areas (besides accounting and reporting), an economic entity is not obliged to carry out internal audit, unlike other organizations? In theory, the requirements for internal control of such organizations, on the contrary, should be more stringent than in relation to those firms that are not subject to mandatory external audit. Or the legislator implies that internal audit is mandatory for all organizations (including in the field of control over the maintenance of accounting records); and for firms subject to internal audit it is strictly required? In general, the article leaves a wide field of activity for its interpretation.
Next normative act, in which we can find the requirements for internal audit - this is the Decree of the Government of the Russian Federation dated September 23, 2002 No. 696 "On approval of the federal

rules (standards) audit activity"). Let us immediately pay attention to the fact that no fresh changes and additions have been made to this document after the entry into force of the law on accounting. Therefore, some of its norms do not quite correspond to the point of view of the Ministry of Finance expressed in the information. For example, according to this document, internal audit - control activities carried out within the audited entity by its division - the internal audit service (as we can see, this rule is at odds with the information of the Ministry of Finance, because according to it, internal audit can also be carried out by a third-party organization). Of course, explaining this contradiction, one can refer to the fact that the information of the Ministry of Finance refers to internal control, while the Decree of the Government of the Russian Federation we are talking on internal audit. But in essence, these two concepts are identical.
According to the authors of this resolution, the functions of the internal audit service include monitoring the adequacy and effectiveness of the internal control system. The scope and objectives of internal audit are different in each case and depend on the size and structure of the audited entity and the requirements of its management. Typically, the functions of the internal audit function include one or more of the following elements:

• monitoring the effectiveness of internal control procedures;
• research of financial and management information;
• control of economy, efficiency and effectiveness, including non-financial controls of the entity being audited;
• monitoring compliance with the law Russian Federation, regulations and other external requirements, as well as policies, directives and other internal management requirements.

Let us analyze in more detail some points of the Information of the Ministry of Finance N PZ-11/2013 “Organization and implementation by an economic entity of internal control of the facts of economic life, accounting and preparation of accounting (financial) statements.
According to the Ministry of Finance, the effectiveness of internal control may be limited by:

• changes in economic conditions or legislation, the emergence of new circumstances outside the sphere of influence of management economic entity;
• abuse of authority by management or other personnel of an economic entity, including collusion of personnel;
• the occurrence of errors in the decision-making process, the implementation of the facts of economic life, accounting, including the preparation of accounting (financial) statements.

In fact, in this case, it is said that it is impossible to create a control system that will not fail under any circumstances. Let us give two specific examples corresponding to the first and second points.

Example 3.

As you know, the situation in Ukraine led to the imposition of sanctions. With partners from the same countries Russian businessmen stopped working, other suppliers and buyers appeared instead. Surely there are enterprises that, at the time of restructuring their business (search for new partners in countries that have not imposed sanctions), suffered some losses. Whether it was possible to predict such an economic situation in the future (when the sanctions had not yet been introduced) is a rather complicated question. It is possible that some enterprises have brilliant specialists who were able to calculate the likelihood of such events and their management began to look for new distribution and supply channels in advance. However, most internal control services most likely failed to do so.

Example 4

Even in a non-governmental organization there is a place for corruption schemes: the head of the procurement department buys goods from those suppliers who give him the biggest kickback; develops a budget for departments in favor of more funding (training of employees, payments wages etc.), whose boss pays him an informal reward in gratitude; in many industries, theft of products is carried out; the number of hours allegedly worked by employees and which must be paid is overestimated, etc. As a rule, an effective system of internal control involves a segregation of duties that can eliminate the possibility of fraudulent actions on the part of employees. However, there is an unshakable rule that any system designed to counteract corruption and fraudulent schemes can be circumvented by the collusion of three employees, between whom the respective responsibilities were divided in order to minimize abuse.

The Ministry of Finance names the following elements of internal control:

• control environment;
• risk assessment;
• internal control procedures;
• information and communication;
• assessment of internal control.

1. Control environment is a set of principles and standards for the activities of an economic entity that define a common understanding of internal control and requirements for internal control at the level of an economic entity as a whole.

2. Risk assessment is a process of identifying and analyzing risks. Risk is understood as a combination of the probability and consequences of failure by the economic entity to achieve the goals of the activity.

The Ministry of Finance draws attention to the fact that one of the important areas of risk assessment is the assessment of the risk of abuse (possible variants of abuse within the organization are named in Example 4). The Information states that abuses may be associated with the acquisition and use of assets, accounting, including the preparation of financial statements, and the commission of actions that are corruptogenic (including commercial bribery). Grade given risk involves identifying areas (areas, processes) where abuses may occur, as well as opportunities for their commission, including those associated with shortcomings in the control environment and internal control procedures of an economic entity.

3. Internal control procedures represent are actions aimed at minimizing risks that affect the achievement of the goals of an economic entity.

Let's look at Example 2 to illustrate what is meant.

Continuation of example 2.

The abuse in this case was expressed in the overestimation of the hours of work of the employees of the enterprise (in fact, the norms of time). The task of the internal auditor, respectively, is to identify this risk and minimize it. In this case, in our opinion, a set of measures could be proposed: a reasonable increase in wages; affixing the hours worked by the head of the shop and confirming these hours by another, independent employee (for example, from the OH&S department).

The Ministry of Finance indicates that an economic entity may apply the following internal control procedures:

• a) documenting(for example, making entries in accounting registers based on primary accounting documents);
• b) confirmation of compliance between objects (documents) or their compliance with established requirements (for example, checking the execution of primary accounting documents for compliance with established requirements when accepting them for accounting). These internal control procedures also include procedures for controlling interrelated facts of economic life (for example, matching the transfer Money in payment material assets with the receipt and posting of these values);
• c) sanctioning (authorization) of transactions and operations, providing confirmation of the eligibility of their performance;
• d) reconciliation of data (for example, an economic entity with suppliers and buyers to confirm the amounts of receivables and payables);
• e) separation of powers and rotation of duties;
• f) procedures for monitoring the actual presence and condition of objects, including physical security, access restriction, ;
• g) supervision, which provides an assessment of the achievement of goals or indicators, etc.

For the purpose of countering abuses, the most effective internal control procedures are authorization (authorization) of transactions and operations, delimitation of powers and rotation of duties, control of the actual availability and condition of objects.

Let's bring specific example, illustrating the risk prevention measure as a rotation.

Example 5.

In the purchasing department there are several managers (each of whom is engaged in purchasing in his area). One of them chooses suppliers for kickbacks. In case of rotation of a purchasing manager who is engaged in unseemly activities with a conscientious employee, the corruption scheme will be broken. In order to agree on kickbacks at the new site, etc., it will take a purchase manager - a fraudster a lot of time and effort.

4. Communication is the dissemination of information necessary for the adoption management decisions and implementation of internal control. For example, the personnel of an economic entity should be aware of the risks related to their area of ​​responsibility, their role and tasks in exercising internal control and informing management.

5. Assessment of internal control carried out at least once a year. The scope of the assessment of internal control is determined by the head or internal auditor (internal audit service) of the economic entity. One of its types is continuous monitoring of internal control. It can be carried out by the management of the economic entity in the form of a regular analysis of the results of the economic entity, verification of the results of the implementation of certain business transactions, regular assessment and clarification of internal organizational and administrative documentation and other forms.

A separate chapter of the information of the Ministry of Finance is devoted to documenting internal control. From it we can conclude that the organization should have the following documents:

• risk matrix (includes quantitative and qualitative description of the risk)
• a document that describes in text or graphic form the business processes and procedures of the organization;
• documents that would reflect the procedure for organizing and exercising internal control(this may be a separate document, or it may be the norms prescribed in various documents of the company (orders, orders, regulations, job and other instructions, regulations, methods, accounting standards of an economic entity). For convenience, the author of this article would advise the company to develop a separate provision on internal control It is not excluded the use of reference technology in such a document (when, on a particular issue, the Regulation will refer the user to other local acts of the organization).
• Documents establishing the rules of communication;

They may be: the provision on information policy (in the field of external and internal communications), schedules for the provision of data and reporting, job descriptions.

• Documents regulating the assessment of the design of internal control.

The documentation that forms the organization of internal control must be updated regularly (at least once a year).

Guided by this information from the Ministry of Finance, you can assess how your company is exposed to risks, give them a quantitative and qualitative assessment, determine which risks your company will be tolerant to and which ones it will not, develop measures to minimize risks (in the information, as we have demonstrated above, the risk countermeasures are listed). Thus, following these recommendations, if desired, you can create an effective control system in the organization.

The success of the company, the level of its profitability, the quality of its assets largely depend on the presence of a management system in the company. An important and necessary element of the management system is the day-to-day internal control. One form of such control is internal audit.

Documents regulating internal audit

Activities within the organization of special employees, aimed primarily at monitoring various aspects of the company's activities in order to provide further, based on the results of control, complete and reliable information to management bodies ( general meeting participants, the board of directors, the executive body), and is the essence of the internal audit activity.

There are no documents strictly regulating the audit at the enterprise. However, it is necessary to focus on the following prescriptive documents. First of all, the activities of internal auditors, the order of work, goals and objectives are described in the international standards of internal auditors, as well as in national auditing standards. In addition, it is necessary to focus on the Federal Law of December 30, 2008 No. 307-FZ “On Auditing Activities”. The peculiarity of this procedure is that the procedure for its organization, verification processes, methodology should be determined by the regulations of the organization itself. It is the internal regulation that will determine the specific objectives of the audit for a particular company. Personal intra-company standards for internal auditing can be detailed and differ greatly from the rules of generally accepted standards, but should not contradict them.

Principles of internal audit

The main principles of internal audit include:

• consistency;
• objectivity;
• independence;
• open and complete documentation;
• courtesy.

Let's take a closer look at these principles. Consistency involves the organization and conduct of internal audit in a comprehensive and systematic manner throughout the company. The principle of objectivity means that the requirements of internal audit are the same and apply to all departments of the organization without exception. The principle of independence of the internal auditor means, first of all, the exclusion of a conflict of interest when he makes a decision regarding the conclusions within the framework of his activities. The Internal Auditor is an independent position. The principle of independence is closely related to the principle of objectivity. Only an independent internal auditor can draw objective conclusions about the state of affairs within the company. The openness of internal audit implies that the information received by the auditor during the audit is not hidden from the management bodies and is fully provided to them for analysis and management decisions. Documentation means that each revealed fact of violation or remark must be supported by documents. Well, the principle of precaution means that the auditor must offer ways and methods to eliminate identified violations.

Advantages and disadvantages of internal audit

The advantages of internal audit can clearly be attributed to:

• the possibility of conducting an audit of all internal control systems of the organization in a continuous mode;
• the possibility of a deeper and more detailed immersion of the auditor into the problems and essence of the audited areas, since he works within the organization and knows all the weaknesses and strengths.

Disadvantages of internal audit include:

• the principle of independence of the internal auditor can always be called into question, since in any case he is an employee of the company;
• a one-time external audit can be cheaper than fixed costs for the maintenance of an internal auditor.

The internal audit of the company is capable of identifying shortcomings and assessing the overall performance of the company. The functions and types of internal audit may vary depending on the size of the company, its type of activity, but they are all aimed at one thing - reducing the risks of activities and increasing the efficiency of a particular organization.

Many companies do not devote much time to conducting internal control and internal audit, limiting themselves only to conducting mandatory audits, inventory or checking the implementation of budgets. However, failure to conduct an internal audit can lead to uncontrolled debt, litigation with counterparties and tax authorities, even liquidation of the company.

To date, the Federal Law of December 6, 2011 No. 402-FZ "On Accounting" (hereinafter - the federal law 402-FZ), there were provisions regarding the conduct of internal control or internal audit, which became mandatory.

Internal audit or internal control?

Organizations often put an equal sign between the concepts of internal audit and internal control, but it cannot be said that they are one and the same.

In Federal Law No. 402-FZ, the functions of internal control are enshrined in Art. 19 "Internal control": an economic entity whose accounting (financial) statements are subject to mandatory audit is obliged to organize and exercise internal control over accounting and preparation of accounting (financial) statements (except for cases when its head has assumed the responsibility of accounting).

By general rule all companies are obliged to organize and exercise internal control over the facts of economic life. Accounting (financial) statements that are subject to mandatory audit must be published together with the audit report, but this rule does not apply to small enterprises for which audit is not mandatory (they can organize internal control on their own).

Currently, the need for internal control is legally fixed, but internal audit is not.

Internal audit may be carried out:

• by a third party in the form of a voluntary audit or tax consulting;
• by the organization itself in the form of an audit of its own structural units.

Voluntary audit is carried out at the initiative of the organization itself, which wants to verify the accuracy of its financial statements. It is more difficult to justify the costs of such an audit, but here the Ministry of Finance of Russia came to the rescue of taxpayers. The financial department considers that the norms of sub. 17 p. 1 art. 264 of the Tax Code of the Russian Federation do not contain restrictions on accounting for profit taxation purposes of the costs of conducting a voluntary audit. Expenses for any audit conducted in accordance with the provisions of Federal Law No. 307-FZ of December 30, 2008 (as amended on November 21, 2011) “On Auditing Activities” (hereinafter referred to as Federal Law No. 307-FZ), can be taken into account by companies in the expenses (letters of the Ministry of Finance of Russia dated 06.06.2006 No. 03-11-04/3/282 “On the costs of a voluntary audit”, 01.26.2006 No. 03-03-04/2/17).

Internal control carried out by the company itself. Control is an objectively necessary term economic mechanism with any mode of production. Therefore, it is the company that independently carries out control measures that allow:

• avoid or reduce errors;
• avoid disputes with regulatory authorities;
• reduce the likelihood of discrepancies between planned indicators and actual ones;
• take measures to control accounts receivable and payable, etc.

A distinction must be made between internal and external audit. Features of internal and external audit are presented in table. one.

The legislation of the Russian Federation on accounting does not establish any restrictions on the procedure, methods, procedures for the implementation of the said internal control . No. 402-FZ “On Accounting””). There are also no restrictions on conducting an audit, so the company can combine these activities and conduct only internal control or internal control and audit activities.

Algorithm for conducting control measures

For the purposes of conducting control activities, the company may establish its own procedure for conducting internal control. Consider some recommendations by its organization:

1. The procedure for conducting internal control must be fixed in a local act or accounting policy for accounting purposes.

2. Since before the introduction of the rules on internal control, companies had to carry out an inventory, which is actually a part of internal control, it is advisable to time the internal control measures with the inventory. The current regulatory legal acts do not provide for a mandatory inventory period. However, according to the Order of the Ministry of Finance of Russia dated June 13, 1995 No. 49 (as amended on November 8, 2010) “On approval Guidelines on the inventory of property and financial obligations ”the timing of the inventory should be determined in the order of the head of the organization on the formation of the inventory commission. Thus, the timing of the inventory and internal control must be indicated in the order for the implementation of relevant activities.

3. The timing of internal control, responsible persons should be established in the order of the head. It is advisable to create a commission responsible for internal control, which will directly carry out the inspection economic activity correctness of bookkeeping.

4. If the company has not previously carried out internal control measures, then it is advisable to apply the already developed methods that are used, for example, by auditors.

Thus, when conducting internal control, it is possible to use the recommendations audit organizations, individual auditors, auditors for the audit of the annual financial statements of organizations for 2012 (attachment to the letter of the Ministry of Finance of Russia dated 09.01.2013 No. 07-02-18 / 01).

5. The company can issue the results of internal control in different ways, and by issuing an act and a statement of results that were identified based on the results of internal control.

6. It should be remembered that there is not a single company that would not make mistakes when processing business transactions. These can be both minor errors and serious errors that affect the payment of taxes and fees. Therefore, it is very important to appoint persons who will be responsible not only for identifying such errors, but also for correcting them.

Of course, the implementation of internal control measures will require the development of special documents. But there is an indicative list of documents that it is advisable to develop for internal control:

• order to create a commission;
• an order to conduct control (indicating the timing and necessary measures;
• the necessary provisions in the accounting policy of the company in relation to the conduct of internal control or a separate provision in relation to internal control;
• the form of the act of internal control;
• an order to carry out corrective actions based on the results of internal control.

As a general rule, the more often internal control measures are taken, the fewer errors will be made. Companies can independently choose the sequence of internal audit, however, we will give practical example implementation of internal control measures.

Types of internal audit activities

At the first stage of internal audit, it is necessary to check the constituent documents:

• compliance of the statutory documents with the requirements of the legislation;
• the presence of registered separate subdivisions, the correspondence of the legal address to the actual one;
• presence of local acts.

Also, as part of the verification of constituent documents, it is advisable verify:

• minutes of the meeting of founders;
• documents confirming the contribution of shares by the founders to the authorized capital;
• register of shareholders, extracts from the register of shareholders.

The creation of enterprise funds must be carried out in accordance with the Charter of the enterprise and accounting policy. These documents must not contradict each other. At the same time, different funds can be created at different enterprises. In societies with limited liability may be taken into account:

• reserve fund;
• other funds created in the manner and in the amount established by the charter of the company (Article 30 of the Federal Law of February 8, 1998 No. 14-FZ (as amended on December 29, 2012) “On Limited Liability Companies”).

When checking licenses, you should set their expiration dates to certain types activities and check whether such activities were carried out after the expiration of the license.

In order to verify the documents confirming the authority, the following should be carried out: procedures:

• check the existence of a contract with the head of the enterprise and the compliance of the content of the contract with the current legislation;
• check the powers of attorney of persons who have the right to sign at the enterprise;
• check the accountability of persons in accordance with the structure of the enterprise;
• check the fact of certification of the head of the enterprise;
• check for approved job descriptions in order to establish the distribution of duties and powers between employees involved in accounting and reporting;
• establish whether there are developed Regulations on structural units related to accounting and reporting. A clear division of powers will help minimize errors and risks associated with inspections by external auditors and tax inspections.

When reviewing common documents, one should also check on:

• orders to create internal commissions (for example, an order to create an inventory commission);
• final documents (acts) based on the results of inspections carried out by various regulatory authorities in the reporting period;
• orders for filling positions, conducting inventories and the results of inventories;
• analysis of certificates of registration with the tax authority, registration with statistical authorities and relevant departments of extra-budgetary and environmental funds;
• orders that determine the list of persons entitled to sign financial documents, materials of audit commissions, internal audit, liability agreements;
• orders for the appointment of the head of the organization, financial director and chief accountant;
• analysis of the list of open settlement and currency accounts, as well as copies of notifications in tax office about opening accounts;
• availability of a workflow schedule;
• analysis of the order of storage of documents reflecting business transactions. When conducting this analysis, it should be noted that documents in accordance with the Tax Code of the Russian Federation must be stored for four years, and for accounting - five years.

Accounting policy must be ordered. At the same time, it is advisable to separate accounting policies for accounting and taxation purposes.

As part of the measures to verify the accounting policy, it is advisable to check whether the accounting policy for tax purposes following:

1) forms of registers and the procedure for reflecting accounting data in them (Articles 313, 314 of the Tax Code of the Russian Federation);

2) date of receipt of income from income tax;

3) whether a list of income attributable to income related to production and sale, and non-operating income has been established in accordance with the statutory activities;

4) whether a method for evaluating purchased goods has been established (clause 1, article 268 of the Tax Code of the Russian Federation);

5) whether the methodology for evaluating the balances of finished products, goods shipped has been approved and whether the nature of production, meters of raw materials, meters of the volume of orders for the performance of work, the provision of services, the calculation procedure are indicated (Article 319 of the Tax Code of the Russian Federation);

6) whether the depreciation procedure is reflected;

7) whether a decision has been made to create a reserve for doubtful debts(Article 266 of the Tax Code of the Russian Federation); if it is created, then the period for creating the reserve, the procedure for using the amount of the unused reserve should be determined;

8) the procedure for warranty repairs and maintenance of fixed assets, the reflection of expenses for the repair of fixed assets (Articles 260, 324 of the Tax Code of the Russian Federation);

9) reserve decision upcoming expenses for vacation pay, payment of annual remuneration for length of service (Article 324.1 of the Tax Code of the Russian Federation);

10) the procedure for evaluating the balances of work in progress, finished products, goods shipped (Article 319 of the Tax Code of the Russian Federation);

11) option for calculating advance payments for income tax (clauses 2, 3 of article 286 of the Tax Code of the Russian Federation);

12) a method for assessing raw materials and materials, goods when they are written off for production and sale (clause 8, article 254 of the Tax Code of the Russian Federation);

13) definition of lines and indirect costs(clause 1 of article 318 of the Tax Code of the Russian Federation and subparagraph 1 of clause 1 of article 254 of the Tax Code of the Russian Federation), including a list of materials that are a necessary component in the production of goods, works, services; a list of positions of employees involved in the process of production of goods, performance of work, provision of services; a list of fixed assets used in the production of goods, works, services;

14) determination of methods for writing off the value of securities as expenses when they are disposed of (Article 280 of the Tax Code of the Russian Federation);

15) determination of the procedure for accounting for intangible assets.

When checking, it is necessary verify following:

• assets and liabilities existed at the end of the reporting period (availability);
• assets and liabilities as of the end of the reporting period (rights and liabilities);
• business transactions and (or) events during the reporting period (existence);
• missing assets, liabilities, transactions, events or undisclosed items not included in the Accounts in accordance with accounting rules;
• assets and liabilities are carried at their respective carrying amounts;
• the amounts of business transactions and (or) events are accounted for properly, and income and expenses are attributed to the relevant periods (accuracy);
• items of financial statements are disclosed, classified and described in accordance with the accepted basis for the preparation of accounting (financial) statements (presentation and disclosure).

It is also important to check primary documents. According to Art. 9 of Federal Law No. 402-FZ, all primary documents must contain mandatory details. Mandatory details primary accounting document are:

1) Title of the document;

2) date of preparation of the document;

3) the name of the economic entity that compiled the document;

5) the value of the natural and (or) monetary measurement of the fact of economic life, indicating the units of measurement;

6) the name of the position of the person (persons) who (who) made (completed) the transaction, operation and responsible (responsible) for the correctness of its execution, or the name of the position of the person (persons) responsible (responsible) for the correctness of registration of the event;

7) signatures of persons.

When checking fixed assets, check following data:

• accounting registers for account 01 "Fixed assets", account 02 "Depreciation of fixed assets";
• acts of acceptance and transfer of fixed assets;
• inventory cards for fixed assets;
• contracts for the sale of fixed assets;
• analytical and synthetic accounting on account 01 "Fixed assets" and account 02 "Depreciation of fixed assets".

If the company has intangible assets, it is also necessary to check the correctness of their reflection and registration of such assets, and when checking cash, the following control measures should be taken:

• assessment of the state of the synthetic and analytical accounting on settlement accounts;
• assessment of the quality of reflection of business transactions in accounting;
• verification of compliance with Decrees of the President of the Russian Federation and Decrees of the Government of the Russian Federation, Regulations of the Central Bank of the Russian Federation;
• information on current accounts in Russian rubles operating in the audited period;
• bank statements and documents attached to them;
• accounting registers for account 51 "Settlement account".

When analyzing settlements with counterparties, it is advisable to check following data:

• accounting registers for account 60 "Settlements with suppliers and contractors", account 62 "Settlements with buyers and customers", account 76 "Settlements with various debtors and creditors";
• contracts for the supply of products, goods, performance of work, provision of services;
• contracts with other debtors and creditors;
• primary documents confirming the fact of delivery of products, goods, performance of work, provision of services by suppliers;
• Documents on payment by buyers of goods and services.

As part of the audit of the execution of budgets and plans, it is necessary to check the following:

• availability of developed plans and budgets;
• the level of implementation of budgets and plans;
• adjustments to budgets and plans;
• business planning aimed at the development of the company.

In addition, attention must be paid to HR audit:

1) Availability employment contracts, staffing, orders for employment, dismissal;

2) carrying out certification of workplaces;

3) availability of vacation schedules;

4) compliance with labor laws.

Of course it's not complete list information to be verified during the internal audit. In general, it is advisable to establish all types of internal control measures and the timing of their implementation in a local act regulating the procedure for conducting internal audit.

Some types of errors that may be identified as a result of an internal audit

The reason for non-fulfillment of the plans set in the organization is often inadequate cash discipline or the lack of accounting for receivables and payables.

Example 1

In 2012, accounts payable were identified at the beginning and end of the period (Table 2).

From 01.01.2012, the procedure for issuing cash under the report is regulated by the Regulations on the procedure for maintaining cash transactions with banknotes and coins of the Bank of Russia on the territory of the Russian Federation, approved by the Bank of Russia on October 12, 2011 No. 373-P.

Within a period not exceeding three working days after the date of expiration of the period for which cash was issued under the report, or from the day of going to work, the accountable person is obliged to present to the chief accountant or accountant, and in their absence, to the manager, an advance report with attached supporting documents. However, often the management takes the money under the report and forgets to report on the amounts spent.

The same thing happens in terms of tracking the execution of contracts with counterparties. For example, companies often have accounts receivable or payable.

In order to identify the debt, it is necessary to check account 60 “Settlements with suppliers and contractors”. So, common mistake is an account receivable formed as a result of the advance payment. In this case, the work may not be performed, and the goods may not be delivered.

Let's take a simple example.

Example 2

In 2012, accounts payable were identified at the beginning and end of the period (Table 3).

In this case, there are significant risks of non-recognition of debt for tax purposes. Such debt cannot be included in the expense in the absence of an agreement. In the Decree of the Federal Antimonopoly Service of the West Siberian District of August 28, 2007 No. F04-5734 / 2007 (37452-A03-15) in case No. A03-16023 / 2006-21 (Determination of the Supreme Arbitration Court of the Russian Federation of November 26, 2007 No. cases to the Presidium of the Supreme Arbitration Court of the Russian Federation), the court indicated that the written-off accounts receivable it is impossible for non-operating expenses, since payment documents in the absence of relevant agreements are not grounds for recognizing such a debt as an expense.

The company must take measures to return the advance or to force the counterparty to deliver the goods. At the same time, the company may form a reserve for doubtful debts in the part of receivables that exceeds the amount of its payables to the same counterparty (letter of the Ministry of Finance of Russia dated 08/06/2010 No. 03-03-06/1/528).

Another mistake is lack of acts of reconciliation of mutual settlements.

The act of reconciliation with this counterparty was not provided for verification. At the same time, the act of reconciliation of settlements (the act of reconciliation of mutual settlements) is a document that confirms debentures. According to paragraph 1 of Art. 9 of Federal Law No. 402-FZ, all business transactions must be documented by supporting documents that serve as primary accounting documents. Due to the fact that the reconciliation of settlements is not a transaction, the act of reconciliation in itself is not a basis for collecting debt from the debtor (Resolutions of the Federal Antimonopoly Service of the North Caucasus District of September 10, 2008 No. F08-5395 / 2008, Federal Antimonopoly Service of the Central District of July 1, 2003 No. A36-268/8-02). At the same time, the signing of the reconciliation act may have certain legal consequences (for example, it may indicate the recognition of a debt by the debtor).

A common mistake is the presence of expenses for the formation intangible asset, which is not reflected in the accounting in the future. For example, a company orders a website from third party organization, but in the future it does not reflect the work of this site in any way, although in fact the site works and makes a profit, that is, the costs are justified.

Example 3

In 2012, accounts payable were identified at the beginning and end of the period (Table 4).

Quite often, companies purchase real estate objects located on the territory of the Russian Federation from non-residents of the Russian Federation - foreign organizations that are tax registered in Russia due to the presence of real estate, and transfer VAT to them as part of the fee. And you shouldn't do it. Article 161 of the Tax Code of the Russian Federation establishes that when goods, works and services are purchased on the territory of the Russian Federation from foreign persons not registered in tax authorities Russia as taxpayers, the tax base for VAT is determined by tax agents.

However, the duty tax agent arises only in relation to foreign persons who are not registered with the tax authorities as taxpayers (clause 1, article 161 of the Tax Code of the Russian Federation).

Often companies under contracts, the price of which is expressed in foreign currency or in conditional monetary units(currency units), but payable in rubles, VAT is charged from exchange rate differences arising at the end of the reporting period in accounting. But this is not entirely true. In the event of the conclusion of such an agreement in accounting, there will be exchange differences, and for tax purposes they will be recognized as sums. The procedure for calculating VAT in the event of exchange rate or sum differences is not established in the Tax Code of the Russian Federation.

There may also be errors associated with settlements with employees. For example, the amount of the bonus paid by the holiday, for example, by March 8, may be erroneously included in the expenses. However, paragraph 2 of Art. 255 of the Tax Code of the Russian Federation provides that labor costs for profit tax purposes include, in particular, incentive accruals, including bonuses for production results, allowances for tariff rates and salaries for professional excellence, high achievements in work and other similar indicators . From this norm, the Ministry of Finance of Russia concludes that expenses in the form of payments in connection with professional holidays, significant dates, personal anniversaries and other similar payments do not meet the requirements of Art. 252 of the Tax Code of the Russian Federation, since they are not related to the production results of employees (letters dated February 22, 2011 No. 03-03-06 / 4/12, July 21, 2010 No. 03-03-06 / 1/474).

This is not a complete list of errors that can be identified as a result of an internal audit. But it is precisely during its implementation that it is possible to detect and identify problems that arise in the company in a timely manner, quickly eliminate them, and, consequently, achieve the maximum economic effect from the company's activities.

Conclusion

Internal audit is not mandatory for companies, although Federal Law No. 402-FZ has recently been amended with regard to the conduct of internal control measures. However, a company that does not conduct any control or audit activities should be aware of the significant risks that may arise. According to statistics, companies that pay more attention to internal audit achieve greater success in meeting plans and budgets.

E. V. Shestakova, general director Actual Management LLC, Ph.D. legal Sciences

Internal audit is one of the types of internal control of subjects entrepreneurial activity. Internal audit is an independent activity of the enterprise aimed at checking and evaluating its activities in the interests of management.

The purpose of internal audit is to protect the interests of the owners to preserve and efficient use resources of the enterprise, as well as obtaining reliable and complete information for making sound management decisions.

A special demand for internal audit has emerged in the last decade. Today, internal auditors provide their services to both public and private enterprises. The need for internal audit is due to a number of factors. The growth in the volume of enterprises' activities creates a problem of information exchange in a multi-level management apparatus, thus complicating the control of various levels of management by the central management, which increases the risk of errors and promotes abuse by staff. The presence of internal audit is relevant for owners who are not directly involved in the management of the representative office, but have transferred these functions to managers. Therefore, despite the professionalism of management, the issue of control over the activities of the enterprise becomes relevant, one of the main tools of which can be an internal audit.

The introduction of internal audit is especially advisable in large and medium-sized enterprises that have at least one of the following features:

Presence of branches or separate subdivisions;

Availability various kinds activities;

Possibility of cooperation;

The desire of top management to have objective and unbiased information about the activities of the enterprise

The subjects of internal audit are employees of internal audit departments, internal audit services that report only to the management of the enterprise

The objects of internal audit are determined by its goals and objectives. The main objects of internal audit are:

The state of accounting at the enterprise;

Financial reporting and its reliability;

The state of the assets of the enterprise and the sources of their formation;

Security of the enterprise with its own working capital;

Security with own funds;

Solvency and financial stability;

Enterprise management system;

The work of economic and technical services;

Payment of taxes by the enterprise;

Reliability of design and estimate documentation;

Business processes;

The subject of internal audit is a set of information that is essential when making management decisions

Note that internal audit should in no case be taken as an alternative to external audit. The difference lies not only in the fact that the external audit is carried out by independent auditors or audit firms, and the internal audit is carried out by employees of the internal audit departments of the audited enterprise.

Figure 31 . Comparative characteristics external and internal audit

If we compare internal and external audit, it turns out that they differ not only in subjects (Fig. 31). So the external audit is independent, while the internal audit is controlled by the owner of the enterprise. Therefore, the users of information will be different. If the owners of the enterprise and managers are satisfied with the information provided by the internal audit service, external users(investors, creditors government bodies etc.) have confidence in the reporting of the enterprise certified by an external opinion, i.e. independent auditor.

In addition, external audit, unlike internal audit, is strictly regulated, based on the norms of international auditing standards and the current legislation of Ukraine. With regard to internal audit, recommendations for its conduct are set out in the standards of professional practice for internal audit developed. Based on the Institute of Internal Auditors. international standards audit. And also the enterprise must be approved. Regulations on the service (department) of internal audit, which determines the tasks, functions of the right and duties and responsibilities of this structural unit.

External audit is carried out periodically, usually once a year, while internal audit is carried out continuously. Given this, internal audit uses methods of preliminary, current and subsequent control, while external audit uses only subsequent control. Also, internal and external audit differ in functions, the degree of openness of information, the volume and objects of verification, and responsibility, too.

It is clear that internal audit cannot replace external audit, but performs separate procedures that can be used for the needs of external audit. That is why these two types of audit should function in parallel, performing their functions and thus complementing each other.

Considering the above, internal audit should meet the following characteristics:

1) impartiality, that is, the auditor must make all conclusions and assessments objectively;

2) independence implies that the internal audit service reports only to the top management of the enterprise;

3) improving the activities of the enterprise, i.e. it must be clearly understood that the purpose of the internal audit service is not to identify errors and violations and subsequently punish the perpetrators, but, first of all, in the identified risks and weaknesses in the activities of the enterprise and provide recommendations to improve the efficiency of the functioning of this enterprise

4) the provision of guarantees is important for the owners of enterprises and can only be ensured as a result of the quality work of the internal audit service;

5) advisory nature provides for the possibility of managerial personnel to receive qualified assistance in solving certain problems related to the activities of the enterprise

So, the requirements for the professional level of internal auditors are growing. And although today in our country the provision of services of an internal auditor does not require him to have a special certificate of his qualification level,. The Institute of Internal Auditors (CIA), which cooperates with auditors in 60 countries, trains and certifies internal auditors. The implementation of certification of internal auditors at the global level is a confirmation of the popularity of the profession of internal auditor and recognition of its necessity and importance in modern conditions.

Internal audit is carried out at the preliminary stage of commercial, technological or financial transaction, during its passage and after completion. It gives an expert scientifically based assessment of business operations and processes.

Internal audit is a systematic and strictly documented, continuous, universal (continuous) measure. Internal auditors working in the public and private sector, they report to the company's top clerical staff, provide analysis, recommendations, advice and information on the activities of the company being audited.

Internal audit provides for preliminary control at the stage of consideration of primary documents, when approving contracts, orders, estimates, etc., that is, it can act as a preventive measure

Current control is carried out during the registration of business transactions and inventory

Subsequent control is carried out at the stage of generalization and analysis of accounting and reporting information

The main tasks of the internal audit system are:

Facilitate the implementation of the activities of the enterprise in an orderly and efficient manner;

Ensuring compliance with management policies;

Ensuring the safety of property;

Achievement of high-quality documentation of operations

Internal audit can be seen as an integral part of common system managerial control. It is carried out within the organization itself at the request and at the initiative of the management.