Upload
alban-hutchinson
View
218
Download
5
Tags:
Embed Size (px)
Citation preview
ACUIA Conference 6/14/2011 1
Internal Audit ProcessInternal Audit ProcessCredit Union Internal AuditingCredit Union Internal Auditing
from the Ground Upfrom the Ground Up
John GallagherJohn Gallagher, , Director Internal Audit Director Internal Audit SEFCU (New York)SEFCU (New York)
Barry Lucas, Barry Lucas, Internal AuditorInternal Auditor Desco Desco FCU (Ohio)FCU (Ohio)
Pat RicheyPat Richey, , Director Internal AuditDirector Internal Audit Finance Center FCU (Indiana)Finance Center FCU (Indiana)
ACUIA Conference 6/14/2011 2
Serving Many MastersServing Many Masters
Internal Audit DefinitionInternal Audit Definition
Internal auditing is an independent, objectivInternal auditing is an independent, objective e assurance andassurance and consulting activity designed to consulting activity designed to add value and improve anadd value and improve an organization's organization's operations. It helps an organizationoperations. It helps an organization accomplish its objectives by bringing a accomplish its objectives by bringing a systematic,systematic,
disciplined approach to evaluate and improve disciplined approach to evaluate and improve thethe effectiveness of risk management, effectiveness of risk management, control, and governancecontrol, and governance processes.processes.
ACUIA Conference 6/14/2011 3
Serving Many MastersServing Many Masters
RoleRole
Independence and Objectivity
Reporting Structure
Assurance and Consulting Add Value and Improve Services Systematic and Disciplined
Board of Directors(13 members)
Supervisory Committee(4 Members)
Board Committees(ALCO, Governance, CEO Compensation)
President/CEO Internal Audit
Chief Administrative Officer
Chief Financial Officer
Chief Banking Officer
Chief
Marketing Officer
President Commercial
Services
Chief Technology
Officer
CUSOs
ORM
HR
AccountingFinance
Collections
Ops Support
Branch Network
Call Center
Marketing
e-Services
CRM
Commercial Lending
Business Accounts
IT
Facilities
Lending
SEFCU Organizational Chart
Members
ACUIA Conference 6/14/2011 5
Barb Hess Chief Administrative Officer
John Anderson EVP, Organizational Risk Management
Donna Chardeen Director of Regulatory Compliance and Fraud Mitigation
Chrisopher Duwe Director of Business Continuity, Safety, and Security
Kirsten LeBlanc Contracts Administrator
Jeffrey Bregenzer Commercial Loan Review Officer
John Gallagher Director of Internal Audit
Suzanne Alderman Fraud/Loss Mitigation
Christine Wheeler Compliance Analyst
Dennis Whiteford Internal Auditor
Rachael Martin Internal Auditor
ACUIA Conference 6/14/2011 6
ACUIA Conference 6/14/2011 7
Serving Many MastersServing Many Masters
ResponsibilitiesResponsibilities
o Internal Audit Charter
o Supervisory/Audit Committee Charter
o Audit Staff Structure
o Job Descriptions
ACUIA Conference 6/14/2011 8
Serving Many MastersServing Many Masters
Relationships and PoliticsRelationships and Politics
Management
Employees
ACUIA Conference 6/14/2011 9
Serving Many MastersServing Many Masters
RelationshipsRelationships
Supervisory & Audit CommitteesSupervisory & Audit Committees
Board of DirectorsBoard of Directors
ACUIA Conference 6/14/2011 10
Serving Many MastersServing Many Masters
RelationshipsRelationships
External AuditorsExternal Auditors
RegulatorsRegulators
ACUIA Conference 6/14/2011 11
Serving Many MastersServing Many Masters
QUESTIONS ?QUESTIONS ?
ACUIA Conference 6/14/2011 12
Performing Audit WorkWhere Do I Start?
Risk Assessment
Audit Universe
Models
Risk Priority
ACUIA Conference 6/14/2011 13
Performing Audit WorkWhere Do I Start?• Business/Audit Plan
ACUIA Conference 6/14/2011 14
Performing Audit WorkWhere Do I Start?• Audit Scheduling• Distractions
– Fraud Investigation– New Products / Services– Training / Vacations– Turn over
ACUIA Conference 6/14/2011 15
Performing Audit Work Objectives
- broad statements
- risks Scope
- who-
what-
when-
where
ACUIA Conference 6/14/2011 16
Performing Audit Work Audit Program
- written procedures- interview questions- collecting information- testing, sampling- analyzing- evaluation
ACUIA Conference 6/14/2011 17
Performing Audit Work Workpapers
- support findings- restricted access- retention- testing, sampling- analyzing- evaluation
ACUIA Conference 6/14/2011 18
Performing Audit Work
QUESTIONS ?
ACUIA Conference 6/14/2011 19
Communications and Follow Communications and Follow UpUp
Audit ReportsAudit ReportsManagement & Internal Audit need to agree Management & Internal Audit need to agree
up frontup front
•FindingsFindings
•RecommendationsRecommendations
•Report StructureReport Structure
•Who gets them?Who gets them?
ACUIA Conference 6/14/2011 20
Communications and Communications and Follow-UpFollow-Up
Follow-UpFollow-Up
• Follow-up AuditsFollow-up Audits
• Monitoring resultsMonitoring results
• Implementation of recommendationsImplementation of recommendations
If you do not do this – Nothing If you do not do this – Nothing
happens!happens!
ACUIA Conference 6/14/2011 21
Communications and Communications and Follow-UpFollow-Up
Supervisory / Audit Committee Supervisory / Audit Committee MeetingsMeetings
•FrequencyFrequency
•StructureStructure
•AgendaAgenda
ACUIA Conference 6/14/2011 22
Communications and Communications and Follow-UpFollow-Up
QUESTIONS ?QUESTIONS ?
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 2323
Tools and ResourcesTools and Resources
TechnologyTechnology
Paperless auditingPaperless auditing
Internet toolsInternet tools
Analytical review using audit Analytical review using audit
softwaresoftware
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 2424
Tools and ResourcesTools and Resources
Credit Union Objectives- Operations- Financial Reporting- Compliance
Internal Control Components- Control Environment- Risk Assessment- Control Activities- Information and
Communication- Monitoring
Basic Internal Controls - COSO
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 2525
Tools and ResourcesTools and Resources
Credit Union Objectives- Operations- Financial Reporting- Compliance
- Strategic
ERM Components- Internal Environment
- Objective Setting - Event Identification
- Risk Assessment- Risk Response
- Control Activities- Information and Communication- Monitoring
Enterprise Risk Mgmt - COSO
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 2626
Tools and ResourcesTools and Resources
International Standards for the Professional Practice of Internal Auditing - Attribute Standards - Performance Standards - Quality Assurance Review
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 2727
Tools and ResourcesTools and Resources
Control Self-AssessmentControl Self-Assessment
Management Buy InManagement Buy In Business ObjectivesBusiness Objectives Identify RisksIdentify Risks Gather Best PracticesGather Best Practices Provide DocumentsProvide Documents
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 2828
Tools and ResourcesTools and Resources
ResourcesResources Professional Journals Professional Journals
- IIA, ACFE, ISACA- IIA, ACFE, ISACA
Professional StandardsProfessional Standards
- COBIT - COBIT
- GTAGs- GTAGs
Current Issues of Internal Auditing – GovernanceCurrent Issues of Internal Auditing – Governance
WebsitesWebsites
- Credit union industry, regulatory, professional- Credit union industry, regulatory, professional
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 2929
Audit ProfessionalismAudit Professionalism
CertificationCertification
- CIA – - CIA – Common Body of KnowledgeCommon Body of Knowledge
- CFE- CFE
- CUCE, NCCO- CUCE, NCCO
- CISA- CISA
- CPA- CPA
- CFSA- CFSA
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 3030
Audit ProfessionalismAudit Professionalism
TrainingTraining
- Conferences / Seminars- Conferences / Seminars
- Local Chapters- Local Chapters
- Webinars / Teleseminars- Webinars / Teleseminars
- Compliance Schools- Compliance Schools
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 3131
Audit ProfessionalismAudit Professionalism
ACUIAACUIA Website Website Message ForumMessage Forum Membership DirectoryMembership Directory Audit GuideAudit Guide The Audit Report magazineThe Audit Report magazine Lending LibraryLending Library Conferences, seminarsConferences, seminars
ACUIA Conference 6/14/2011ACUIA Conference 6/14/2011 3232
Tools and ResourcesTools and Resources
QUESTIONS ?QUESTIONS ?