Structure of an audit

Laws and voluntary commitments (Corporate Control and Transparency Act (KonTraG), German Corporate Governance Code, Stock Corporation Act with an impact on the scope of duties of managing directors of other corporate forms, in particular medium-sized and large companies with limited liability, amendments to data protection laws, etc.) as well as increasing liability claims against members of the company management and supervisory bodies make it necessary to intensify auditing activities. (I think this would read better in bullet points)

Internal Auditing as a sub-function of corporate supervision helps to create transparency and supports the management in its decision-making processes.

It fulfills the role of a risk management system, corporate governance and protection of stakeholder interests, i.e. the demands of investors, customers, employees and the public.

According to the auditing standard 340 of the IDW (German Institute of Certified Public Accountants) an independent body is required to monitor a company's risk management.

This task is performed by the auditing department.

In accordance with the Three-Lines-of-Defense model, the internal audit function as an auditing and advisory body (“third line of defense”) supports the management, executives and supervisory bodies and ensures adequacy and effectiveness of the internal control system, risk management as well as monitoring and control structures.

When establishing an audit procedure, we focus on the following key areas:

  • Goals and tasks of the internal audit department
  • Structure and organization of an audit
  • Guidelines for an efficient audit process (planning, preparation, execution, reporting)
  • Best practice approaches for the audit

The following binding guidelines are taken into consideration:

  • Basic principles for the professional practice of auditing (which formulate in their entirety the effectiveness of the audit)
  • Definition (which describes the basic purpose, nature and scope of internal audit)
  • Code of Ethics (which describes the principles for and expectations of individuals and organizations in the performance of audit engagements)
  • International Standards for the Professional Practice of Auditing (which serves as the framework for auditing activities)

We can support you with the following:

- Compliance with the basic principles of the German Institute for Internal Auditing
- Identifying the Audit Universe
- Performing a risk analysis
- Creating Internal Control Points
- Developing a systematic, risk-oriented audit plan
- Creating a follow-up process
- Establishing a continuous auditing process
- Improving security and the internal control system
- The proper consideration of special audits
- The creation of an audit order and an audit manual.


If you have any questions, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.