By Eric Berman
May 29, 2018
A medium–sized organization reached out to one of our offices with a problem. A long-term employee responsible for the reconciliation of the organization’s deposit account retired. A little over a year after this retirement, another employee discovered the account had not been reconciled since that person’s departure. Something was amiss. But how to resolve this situation? The employee wondered if they needed an internal audit.
Determining if an internal audit is needed versus a forensic examination can easily be misunderstood. Both types of engagements can be extremely helpful to improve internal controls for any entity of any size. Deciding which type of engagement fits best depends on facts, circumstances, goals and objectives.
Your entity may actually need an internal audit if:
Your entity may actually need a forensic audit if:
While there are cases where you may need both a forensics examination and an internal audit, the key differential between the two types of services is time and objective of the project(s). An internal audit engagement is typically much more current and forward looking focusing on where the organization is today while simultaneously taking a consultative look at the future state of an organization’s inherent risks and what they are or should potentially be doing to control those risks.
A forensic examination is retrospective in nature with the focus on reconstructing how things should be and uncovering what may have happened. After considering these factors, the organization above determined that it wanted to look back in time to determine what happened and to reconcile their deposit account. It was agreed that a forensic examination was actually what they needed.