render an opinion on the bank’s financial statements and/or other bank
functions, depending on the type of audit being conducted.
Types and Scope of Various Audits
I.Risk Assessments and Risk-Based Auditing
Risk assessment is defined as the means by which the board of di-
rectors identifies and evaluates the quantity of the bank’s risks and the
quality of its controls. An effective risk-based auditing program will
cover all of the bank’s activities. The frequency and depth of each area’s
audit will vary according to the area’s risk assessment. All areas of bank
activities are included in order to establish the frequency of the audit
necessary to mitigate any risk in bank safety and soundness and its
reputation.
II.External Audit Function
The primary role of the external auditor is to independently and
objectively review, evaluate, and document its findings about bank ac-
tivities in order to help the board of directors of the bank and its man-
agement maintain and/or improve the efficiency and effectiveness of the
bank’s risk management, internal controls, and corporate governance.
External auditors must understandthe bank’s strategic direction,
objectives, products, services, operating philosophy, strategy, and pro-
cesses. The auditors will communicate their findings to the board of
directors and to senior management.
III.Objectives
The objectives of external audits are:
a.To provide reasonable testing, review, and analysis of the Bank’s op-
erations to ensure the effectiveness of internal controls over financial
reporting, the accuracy and timeliness in recording transactions, and
the accuracy and completeness of financial and regulatory reports
b.To perform an independent and objective view of the bank’s activi-
ties, including processes relative to financial reporting and bank
operations
c.To determine whether the bank complies with laws and regulations
and adheres to established bank policies and whether management is
taking appropriate steps to address control deficiencies
IV.Types of Audits
The type of audit commonly referred to as a Directors’ Examina-
tion entails specified and/or agreed-upon procedural reviews of the ade-
quacy of internal controls and accuracy of financial information. The
independent audit parties can be public accountants, certified internal
auditors, certified information systems auditors, bank management
310 THE ART OF ISLAMIC BANKING AND FINANCE