Words Count

The Thomas Howell Ferguson Blog

Audit vs. Review vs. Internal Controls Assessment

Posted on
Audit

Does your organization need an audit, review, or internal controls assessment?

Because every organization is different, there are different types of assurance services that your company can undergo based on your needs. There are many things that will help determine which services are the right fit for your organization. Your organization’s primary purpose, mission, funding, and board expectations, among other items, should be taken into consideration. Continue reading to learn about the differences in an audit, review, and internal control assessment.

Audit

The objective of an audit is to provide an opinion that the financial statements are presented fairly, in all material aspects, in conformity with the applicable financial reporting framework. Having an audit done provides a high, but not absolute, level of assurance. The assurance relates to the financial statements taken as a whole (not specific accounts, classes of transactions, or note disclosures). The audit opinion can be unmodified, qualified, adverse, or can be a disclaimer of opinion. Audits are performed in accordance with auditing standards generally accepted in the United States. If you are a large association, it is a best practice that you get an annual audit. Having up-to-date audited financial statements are important to the board when making key financial decisions.

Review

Next, the objective of a review is to provide a report (not an opinion). This report states that the accountant is not aware of any material modifications that should be made to the financial statements for the statements to be in conformity with the applicable financial reporting framework. This provides a limited level of assurance. A review is substantially less in scope than an audit. There is no requirement to obtain an understanding of internal controls, assess fraud risk, or test accounting records. Reviews are performed in accordance with Statements on Standards for Accounting and Review Services issued by the AICPAs. If you are a smaller organization, it may make more sense to perform an annual review with audits every 3-5 years.

Internal Controls Assessment

Last, the objective of an internal control assessment is to evaluate and test the operational effectiveness and design of the current internal control structure. If your organization is not receiving an annual audit, which includes an assessment of internal controls each year, it is important to routinely have an assessment of your internal controls to determine if there are any inefficiencies or issues with the current structure.  

In closing, there is not one right answer for each organization. You must evaluate each service option and make the best decision for your organization. For help when evaluating the options or to determine which one is best for your organization, always consult a certified public accountant.

Related Blog Posts

IRS releases guidance on Roth catch-up contributions under SECURE 2.0

IRS extends tax filing deadline for Hurricane Idalia victims

Advantages and disadvantages of claiming big first-year real estate depreciation deductions