“Audit-grade” is a term that gets used loosely. A software vendor claims their output is audit-grade. A consultant promises to bring your data to audit-grade quality. But what does it actually mean in the context of a mid-market finance function?
The standard is straightforward in principle: audit-grade data is data that an independent third party can verify against defined criteria, trace back to its source, and rely on for forming an opinion. In practice, this means every number in your financial statements must satisfy five properties.
The Five Properties of Audit-Grade Data
Completeness. All transactions that should be recorded are recorded. Nothing is missing. This is harder than it sounds — completeness is the one assertion where the evidence you need is evidence of what is not there. Auditors test it by looking for unrecorded liabilities, unprocessed invoices, and transactions that occurred in the period but were not captured.
Accuracy. Transactions are recorded at the correct amounts, in the correct accounts, in the correct periods. A revenue invoice posted for £10,000 when the contract says £10,500 is an accuracy failure. A cost posted to marketing when it should be in IT is a classification accuracy failure.
Existence. Recorded transactions and balances actually exist. That fixed asset on the register is physically present. That receivable is owed by a real customer who has acknowledged the debt. Existence testing catches fictitious entries and balances that no longer reflect reality.
Valuation. Assets and liabilities are recorded at appropriate values. Receivables are carried net of a supportable provision. Inventory is valued at the lower of cost and net realisable value. Fixed assets are depreciated using justifiable useful lives.
Cut-off. Transactions are recorded in the correct period. Revenue earned in March is recorded in March, not April. A cost incurred in Q4 is not deferred to Q1. Cut-off errors are among the most common adjustments in mid-market audits because the discipline of matching transactions to periods is often weak.
ISACA (Information Systems Audit and Control Association) positions data integrity — which maps directly to these five properties — as the foundation of every other governance and assurance objective. If the data does not meet these standards, the controls built on top of it, the reports derived from it, and the decisions made from it are all compromised.
The Gap in Practice
Most mid-market companies produce management accounts that are “approximately right.” The P&L is in the right ballpark. The balance sheet broadly reflects the business position. Revenue is recognised broadly when earned. This is adequate for internal management but insufficient for external scrutiny.
The gap typically shows up in three areas:
Reconciliations. Audit-grade data requires that every material balance be reconciled to an independent source. Bank balances to bank statements. Receivables to customer confirmations. Payables to supplier statements. In many mid-market companies, full reconciliation happens once a year for the audit, not monthly as a matter of course.
Documentation of judgements. Every estimate — bad debt provisions, useful life assumptions, revenue recognition timing for complex contracts — needs a documented methodology with supporting data. KPMG identifies management estimates as one of the highest-risk areas in mid-market audits precisely because the methodology is often implicit rather than documented.
Audit trail. Every number should be traceable from the financial statement back through the ledger to the source transaction, and from the source transaction to external evidence. When auditors cannot follow this trail, they must perform extended testing — which costs you time and fees.
How to Close the Gap
The gap between management-grade and audit-grade is smaller than most companies fear. It does not require new systems or additional headcount. It requires systematic habits:
Perform monthly reconciliations for bank, receivables, payables, intercompany, and any other material balances. Not at year-end — every month. This distributes the work and catches errors while they are still recent and correctable.
Document every estimate and judgement at the time the decision is made. A one-paragraph note explaining the basis for a provision, attached to the journal entry, is sufficient. Reconstructing the rationale six months later is not.
Maintain a consistent chart of accounts and posting conventions. If the rules change — a new cost centre, a reclassification — document when and why. Auditors expect consistency. When they find unexplained changes between periods, they investigate.
What This Means for Mid-Market Companies
Audit-grade is not an unreachable standard. It is a set of disciplines that, once established, run in the background of normal operations. The monthly close becomes the quality gate — if every month closes to audit standard, the annual audit becomes a confirmation exercise rather than a discovery exercise.
The return is not just a smoother audit. Audit-grade data is also the foundation for reliable management reporting, credible investor communication, and — increasingly — the governed input layer that AI and automation tools require to produce trustworthy output.