5 - Internal Audit

Question 1

What is external audit?

Answer 1

Provides assurance on the truth and fairness of an entity’s financial statements and the compliance with regs

Question 2

What is internal audit?

Answer 2

Provide assurance to the directors and management that it’s processes, procedures and activities are operations effectively and efficiently

Independent objective assurance and consulting activity
Improve operations and add value
Systematic disciplined approach to evaluate effectiveness of risk management control and governance

Question 3

Why might internal audit be required?

Answer 3

Statutory e.g bu law, building societies act
Regulatory e.g NHS
Management

Question 4

Risk management and effective internal controls is the responsibility of?

Answer 4

The board

Question 5

Where doe regulatory requirements for internal audit emanate from?

Answer 5

Directives from Committee of Public Accounts
Directives by Secretary of State to nationalised bodies
Recommendations arising from public investigations

Banks required by PRA to have IA

Question 6

Criteria for effectiveness of the internal audit function?

Answer 6

Process
Audit committee
Resource and competence
Independence 
Status 
Standards

Question 7

Internal audit plan

Answer 7

Prepared by head of internal audit 
Factors:
Risk analysis
External audit concerns
Resource availability 
Management concerns

Question 8

Internal audit procedures?

Answer 8

Audit strategy memorandum - timing etc
Planning stage - fieldwork
Document and review work
Findings agreed with members of staff responsible for area before reporting to management

Question 9

Typical internal audit report?

Answer 9

Background and scope of audit
Findings
Necessary corrective action

Question 10

Who received internal audit reports?

Answer 10

Draft to auditees to verify facts
Senior members
Audit committee
External audit

Question 11

Role of audit committee?

Answer 11

Monitor and review effectiveness of internal audit function

Consider factors e.g market environment, changes in structure and risks, unexpected results

Question 12

To ensure effectiveness of IA the audit committee must?

Answer 12

Review and approve their remit
Review findings and ensure actioned
Assess independence 
Ensure resources available 
Ensure appropriate professional standards

Question 13

Who should internal audit report to? INDEPENDENCE

Answer 13

CEO or chairman of audit committee

Should have access to AC if report to CEO

Question 14

Factors of independence for internal audit?

Answer 14

Reporting to audit committee
Audit plan approval by AC
Appointment of internal audit manager 
Salaries and appraisal by AC
Can’t be responsible for day to day of work they are reviewing

Question 15

Why should IA have position and status?

Answer 15

So that their findings aren’t disregarded

So people listen and implement

Question 16

Internal auditing standards?

Answer 16

International standards for the professional practice of internal auditing

• Adhere to IPP framework
• framework for a it iris
• basis for evaluation of performance
• improved process and operations

Question 17

IIA Attribute Standard 1312 suggests that?

Answer 17

IA function should be subjected to an external independent review once every 5 years

Question 18

Sept 2014 FRC issued Guidance one Risk Management, this brought together previous research from?

Answer 18

Turnbull reports 2004

2009 Going Concern guidance

Question 19

Sept 2014 FRC Guidance on risk management, internal control key findings on role of IA are?

Answer 19

Facilitate risk workshops 
Assurance on controls 
Educational roles
Training ground 
Communication
Relationship with audit committee
Assisting in changing environment 
No role in strategic decision making

Question 20

What does SOX require directors to do?

Answer 20

Produce internal audit report

Contain assessment of effective as of internal controls

Question 21

Difference between internal and external audit?

Answer 21

Internal audit reports to AC
For board and management to evaluate effectiveness and efficiency of internal controls
Duty to search and discover fraud

EA for stakeholders
To give true and fair view of FS
Procedures not designed for internal controls
No duty to detect fraud