An auditor's conclusion that is held with confidence but not substantiated by positive knowledge or proof
(Adapted from the Auditing Dictionary of Terms produced by the Accounting Institute Seminars, http://www.ais-cpa.com/glosa.html)
Internal audit activities are being asked by the board, management, and other stakeholders to provide opinions as part of each individual audit report as well as on the overall adequacy of governance, risk management, and control within the organization. These requests may be for an assurance or opinion at a broad level for the organization as a whole (macro-level opinion) or on individual components of the organization’s operations (micro-level opinion).
Examples of macro and micro opinions include:
- An opinion on the organization’s overall system of internal control over financial reporting (macro)
- An opinion on the organization’s controls and procedures for compliance with applicable laws and regulations, such as health and safety, when those controls and procedures are performed in multiple countries or subsidiaries (macro).
- An opinion on the effectiveness of controls such as budgeting and performance management, when such controls are performed in multiple subsidiaries and coverage comprises the majority of the organization’s assets, resources, revenues, etc. (macro).
- An opinion on an individual business process or activity within a single organization, department, or location (micro).
- An opinion on the system of internal control at a subsidiary or reporting unit, when all work is performed in a single audit (micro).
- An opinion on the organization’s compliance with policies, laws, and regulations regarding data privacy, when the scope of work is performed in a single or just a few business units (micro).
Formulating and Expressing Internal Audit Opinions, The Institute of Internal Auditors, http://www.theiia.org/guidance/standards-and-guidance/ippf/practice-guides/formulating-and-expressing-internal-audit-opinions/, Visited on July 30, 2009