Internal Auditing for beginners

8/12/2019 Internal Auditing for beginners

http://slidepdf.com/reader/full/internal-auditing-for-beginners 1/72

Governance, Risk

Management & Compliance

Governance, Risk

Our Vision

To be the lead advocate, trainer

and practitioner in internal

auditing in Africa by providing

superior internal audit solutionsto the private and public sectors

as well as the third sector .

Governance, Risk

Our Mission

To engage internal audit leaders

and their customers; government

officials, corporate executives and

senior management in a constantdialogue on the position, role and

value of the internal audit

activity.

Governance, Risk

Course Overview

• Day One – Modern Internal Auditing – The Audit Process

– Risk Management and Risk Assessment

– Audit Planning

• Day Two – Process Documentation

– Audit Programs

– Audit Fieldwork

– Audit Reports

– Soft Skills

Governance, Risk

Module One

Modern Internal Auditing

Governance, Risk

Modern Internal Auditing

• Internal Auditing Defined

• Code of Ethics

• The Value Proposition of IA

• The Role of Internal Auditor

• The IIA Competency Framework

• Components of the Audit Model

Governance, Risk

Internal Auditing Defined

• “independent, objective assurance

and consulting activity designed to1add value and improve an

organization’s operations. It 2helps

an organization accomplish itsobjectives by bringing a systematic,disciplined approach to 3evaluate

and improve the effectiveness ofrisk management, control, and

governance processes”

Governance, Risk

Thewhat

Governance, Risk

What are we doing?

•1adding value and improving on

organisations operations –

• Making things better than whenwe met it.

Systems | Processes | Procedures

Governance, Risk

Why are we doing it?

•2helping the organization

accomplish its objectives

• How do you determineorganisational objectives?

• Gain a seat at the table

Governance, Risk

How are you doing it?

•3evaluating and improving the

effectiveness of risk

management, control, and

governance processes

• The triple magic wand

Governance, Risk

IIA Definition Logic

Helps the organizationaccomplish its objectives

Adding value and improving onorganisations operations

Evaluating and improving on the effectivenessof GRC processes

Governance, Risk

• “independent, objective assurance

and consulting activity designed to1add value and improve an

organization’s operations. It 2helps

an organization accomplish itsobjectives by bringing a systematic,disciplined approach to 3evaluate

and improve the effectiveness ofrisk management, control, and

governance processes”

Governance, Risk

Code of Ethics

• Principles and Rules

– Integrity

– Objectivity

– Confidentiality

– Competency

Governance, Risk

Code of Ethics – Principles

• Integrity

– The integrity of internal auditors

establishes trust and thus provides

the basis for reliance on their

judgment

Governance, Risk

Integrity Rules

• Shall perform their work with honesty,

diligence, and responsibility• Shall observe the law and make

disclosures expected by the law and the

profession• Shall not knowingly be a party to any

illegal activity, or engage in acts that are

discreditable to the profession of internal

auditing or to the organization

• Shall respect and contribute to the

legitimate and ethical objectives of the

organization

Governance, Risk

• Objectivity

–Internal auditors exhibit the

highest level of professional

objectivity in gathering,

evaluating, and communicating

information about the activity or

process being examined.

Governance, Risk

Objectivity Rules

• Shall not participate in any activity or

relationship that may impair or be presumed to impair their unbiased

assessment.

Shall not accept anything that mayimpair or be presumed to impair their

professional judgment.

• Shall disclose all material facts known

to them that, if not disclosed, may

distort the reporting of activities

under review.

Governance, Risk

• Confidentiality

– Internal auditors respect the value

and ownership of information they

receive and do not disclose

information without appropriateauthority unless there is a legal or

professional obligation to do so.

Governance, Risk

Confidentiality Rules

• Shall be prudent in the use and

protection of information acquiredin the course of their duties.

• Shall not use information for any

personal gain or in any manner

that would be contrary to the law

or detrimental to the legitimateand ethical objectives of the

organization.

Governance, Risk

• Competency

– Internal auditors apply the

knowledge, skills, and experience

needed in the performance of internal

audit services.

Governance, Risk

Competency Rules

• Shall engage only in those services

for which they have the necessaryknowledge, skills, and experience.

• Shall perform internal audit services

in accordance with the InternationalStandards for the ProfessionalPractice of Internal Auditing.

Shall continually improve their proficiency and the effectiveness andquality of their services

Governance, Risk

Internal Auditing is the

cornerstone for sustainable

organisational success

The IIA Value Proposition

Governance, Risk

Role of Internal Auditors

• Re- Corporate Governance

• Re- Risk Management

• Re- Fraud

• Re- Corporate Ethics

• Re- Internal Controls

• Re- Information Technology• Re- Financial Reporting

Th IIA Gl b l I t l A dit

Governance, Risk

The IIA Global Internal Audit

Competency Framework - 2013

Governance, Risk

Module Two

The Audit Process

Governance, Risk

The Audit Process

Governance, Risk

The Audit Process

Governance, Risk

The Internal Audit Process

Governance, Risk

H di i d d

Governance, Risk

How an audit is conducted

Governance, Risk

Planning• Distribute Audit Notification

•Conduct Pre-Audit Meeting

• Interview Department Personnel

• Review Policies and Procedures

Understand and Document theBusiness Processes

• Perform Risk Assessment

• Prepare a Detailed Audit Program

• Prepare audit budget (in hours)

• Select items to be Audited (samples,not 100%)

Fi ld k

Governance, Risk

Fieldwork• Review Supporting Documentation

•Interview department personnel

• Perform analyses

• Identify Exceptions

Identify Recommendations forImprovement

• Prepare Written Audit Comments (i.e.,findings)

• Department Provides WrittenResponse and Corrective Action Planfor findings

Governance, Risk

Reporting

• Issue a draft report

• Discuss draft report with unit

management

• Issue final report• Report is factual, clear, concise,

with an appropriate tone

Governance, Risk

Module Three

Risk Management/Assessment

Governance, Risk

A f thi b t Ri k

Governance, Risk

A few things about Risk

• What is Risk?

– The effect of uncertainty on an

objective

– Could be positive or negative

A f thi b t Ri k

Governance, Risk

• What is Risk Management?

– Coordinated activities to direct and

control an organisation with regard to

Th Ri k M P

Governance, Risk

The Risk Management Process

A f thi b t Ri k

Governance, Risk

• What is Risk Management

Process? – Systematic application of management

policies, procedures and practices to

the activities of communicating,consulting, establishing the context,

and identifying, analyzing, evaluating,

treating, monitoring and reviewingrisk.

C t f Ri k A t

Governance, Risk

Components of Risk Assessment

• Risk Identification

• Risk Analysis

• Risk Evaluation

2013 COSO Internal Control

Governance, Risk

2013 COSO Internal Control

• Definition

• Pillars | Components | Standards

• Principles

The ORC Relationship

Governance, RiskManagement & Compliance

The ORC Relationship

• Group Work

Module Four

Audit Planning

• Annual Audit Planning

• Components of the Audit Project

Annual Audit Planning

• Risk Based Audit Planning

– Overview

Components of the Audit Project Plan

• Audit Objectives

• Audit Scope

• Audit Methodology

• Audit Program

• Audit Time Budget

•Audit milestone dates

Audit Objectives

• General audit objectives

• Specific audit objectives

Audit Objectives

• Select one functional area in

your organisation and formulatea general audit objective and the

appropriate specific objectives

for that function

Module Five

Audit Programs

• Components of the Audit

Program

• Audit Objectives and Lines of

Enquiry

Components of the Audit Program

• the audit objective(s);

• the relevant line(s) of inquiry,

criteria, and audit questions;

• the information to be requestedfrom entities

• how the evidence will be

analyzed;

Example of Audit Program

• Cash at Bank and on Hand

– Cash and bank.doc

Module Six

Process Documentation

• Process Flow charts

• Tools for Process Mapping

• System Narratives

• Interviewing Skills

Process Flow charts

• A Flowchart is a diagram that

uses graphic symbols to depictthe nature and flow of the steps

in a process

• This is very helpful in identifying

the risks embedded within the

process

Drawing a flow chart

• Start with the big picture

• Observe the current process

• Record process steps

• Arrange the sequence of steps

• Draw the Flowchart

Example – Washing of Hands

Example Washing of Hands

Module Seven

Audit Fieldwork

• Testing Controls – design and

operating effectiveness

• Techniques for gathering audit

evidence• Working paper preparation

Testing Controls – design and

operating effectiveness

• Group work.

• Design procurement (G1) and

recruitment and selection G2)

systems with requisite controls

for review by the audit team.

Module Eight

Audit Reporting

Why write internal audit reports?

• Required by Standards.

• Inform- (Tell what auditorsfound)

• Persuade – (Convincemanagement of worth andvalidity of findings)

Get Results – (Movemanagement towards changeand improvement.)

Audit Reports

• From issues to findings

• The Five Cs

• Reporting Formats

• Other Reports

From issues to findings

• Findings are issues which are

fully developed to add value – Improve the current condition

The 5 Cs

Criterion

Consequence

Corrective action

condition

In a nutshell

• What should be?

• What is?• Why the deviation from the “what

should be” occurred?

• What happened or could happenbecause the “what is” differed from

the “what should be”?

• What is needed to correct thecondition and improve operations?

Soft Skills

• Team work

• Communication

• Discussion with delegates – Importance of teamwork and

communication

– Improving teamwork and

comunication

The End

• Thank you for your time

Internal Auditing for beginners

Documents

Behavioral Dimensions of Internal Auditing: Behavioral ... · of Internal Auditing: A Practical Guide to Professional Relationships in Internal Auditing, a guide for internal auditors

ISO internal auditing guide

Internal controls in auditing

analisis permintaan jasa internal auditing dan eksternal auditing

Accountability Modules Internal Auditing MANAGEMENT ... · Internal Auditing Accountability Modules Internal Auditing - 4 Texas State Auditor's Office, Methodology Manual, rev. 12/95

Internal auditing

MODUL-1 INTERNAL AUDITING · Ch.1 THE NATURE OF INTERNAL AUDITING Evolusi Audit Internal (The evolution of Internal Auditing). External Auditor & Internal Auditor

Internal Auditing Services

basic internal auditing presentation.pdf

Internal and Governmental Financial Auditing and Operational Auditing

Chapter 1: Internal Auditing

INTERNAL AUDITING VERNMENT - Government … · INTERNAL AUDITING VERNMENT ... auditing of EDP systems, and the auditing of grant programs. ... of the four general advantages:

Basic Internal Auditing Presentation

Internal Auditing - Performance Standards

Internal Auditing Effectiveness

จากคะแนนเต็ม 100 คะแนน Internal Auditing · Internal Auditing Certificate Program (IACP) โครงการอบรมเพื่อรับวุฒิบัตร

Internal Auditing Skill

Definition of Internal Auditing

Internal Auditing at a College or University - … · Definition of Internal Auditing: “Internal auditing is an independent, objective assurance and consulting activity designed

AMS Masterclass Internal Auditing - Internal Audit Governance