8. 2 KP14 Audit & Compliance

Question 1

What are the functions and the importance of internal audit?

Answer 1

Internal Function & Importance:-

- Check over other controls, responsibility for monitoring the internal control system, ensuring that other controls are working correctly.

• The work of an internal audit is varied, from reviewing financial controls through to checking compliance with legislation.

- Normally under the control of a chief internal auditor reporting to the audit committee.

External Importance:

• SOX it is a statutory requirement to have an internal audit.
• In others, codes of corporate governance strongly suggest that an internal audit department is necessary.

Question 2

What roles and tasks of internal audit?

Answer 2

• Reviewing accounting and internal control systems
• Share work with external auditors
• Report and comment on current control system effectiveness.
• Assisting with the identification of significant risks, both internal and external
• Reviewing compliance with laws and other external regulations
• Special investigations
• Reviewing the economy, efficiency and effectiveness of operations (VFM audits)
• Examining financial and operating information, for accuracy, timeliness and completeness

Question 3

What types of audit work will the internal audit team carry out?

Answer 3

• financial audit
• operational audit
• project audit
• value for money audit
• social and environmental audit
• management audit.

Question 4

Why is internal audit important?

Answer 4

Internal

• • it provides an independence check on the control systems in a company
• • It is management control.
• • Helps ensure the effectiveness and efficiency of operations

External

• • Underpins investor confidence.
• • Reassures investors and regulators. The company is run well
• • in some situations, it is required by statute (SOX) or by codes of good corp gov practice

Question 5

What factors affect the need or scope for an internal audit?

Answer 5

• The scale, diversity and complexity of the company’s activities.
• The number of employees.
• Cost/benefit considerations.
• Changes in the organisational structures, reporting processes or
• Underlying information systems.
• Changes in key risks (could be internal or external in nature).
• Problems with existing internal control systems.
• An increased number of unexplained or unacceptable events.

Question 6

Describe what is the meaning of Internal Auditor independence? and How can it be Protected?

Answer 6

• - Internal audit is an independent objective assurance activity.​
  
  • Reporting is unbiased and objective, free from any influence
• To ensure activity is objective, they must protect their independence.
• Lines of reporting and accountability. Not being accountable to the person they are reviewing
• By an appropriate structure within internal auditors work.
• Assured by following ethical and work standards.

Question 7

What are the risks if an internal auditor is not independent?

Answer 7

• • Failure to report control breaches
• • Ignore discrepancies
• • Back down on matters of principle
• • Accept explanations without checking
• • Turn a blind eye to unethical practices
• • Give undeserved positive feedback

Question 8

What are the ethical threats to auditors independence?

Answer 8

Advocacy

Self-interest threat

Self Review threat

Intimidation threat

Familiarity

Question 9

How can the independence of an internal auditor be protected?

Answer 9

• They should be independent of executive management and should not be involved in the activities they audit.
• The head of internal audit should report directly to a senior director or the audit committee.
• In addition, the head of internal audit should have direct access to the chairman, and to the audit committee, and should be accountable to the audit committee.
• The audit committee (Full of NEDS) should approve the appointment and termination of the appointment of the head of internal audit.

The ideal situation will seek the:

• Independence of the mind
• Independence in appearance

Following IASB Standards:-

• Independence
• Objectivity
• Professional Care - Trained and experienced to the job
• Managing Internal Audits - Planning, risk-based approach, the scope, with annual reviews of the plans, ensure work is value-adding.
• Risk Management - involved with identifying, evaluating and contribute to the management of risks, regarding the operational and information systems on:-
  
  • reliability and integrity of financial and operating information, t
  • the effectiveness and efficiency of operations,
  • safeguarding of assets,
  • compliance with laws, regulations and contracts
• Control - Help to maintain control over the organisation for Senior Exc and the board.
• Governance - The ability to report on the corp gov without fear of dismissal
• Internal Audit work - Based on sufficient, quality records, relevant to objectives with suitable analysis to give evaluations and recommendations.
• Communicating Results - to the appropriate persons and monitor responses to the reporting.

Question 10

What is the role of an audit committee?

Answer 10

‘While all directors have a duty to act in the interests of the company the audit committee has a particular role, acting independently from the executive, to ensure that the interests of shareholders are properly protected in relation to financial reporting and internal control.’

• Most of the board objectives relating to internal controls will be delegated to the audit committee.
• Consists entirely of NEDs – one with recent financial experience.

Duties:

• • Review of internal control systems
• - Oversee internal audit work
• - Monitor integrity of financial statements
• - Engage, Appoint and Review work of external auditors
• - Ensure compliance with external reporting regulations
• - check significant accounting policies or estimations are appropriate
• - clarity of disclosures

Question 11

What are the responsibilities of the audit committee in regards to internal control?

Answer 11

• - Review financial controls
• - Monitor Adequacy of the I.C Systems, with a specific focus:
  
  • - Control environment
  • - Management attitude
  • - Management controls
• - Review compliance of regs, laws and ethical practices
• - Review companies fraud risk management policy
• - give its approval of the annual financial statements
• - Report on the conclusions of tests carried out
• - Supervise major/material transactions

Question 12

What are the responsibilities of the audit committee regarding the internal audit?

Answer 12

• Assess the role and effectiveness of the internal audit function within the risk management system of the company
• Check the efficiency of internal audit by, for example, comparing actual costs and output against a target.
• Approve the appointment, or termination, of the head of internal audit
• Ensure internal audit function has direct access to chairman and is accountable to the audit committee
• Review the annual internal audit work plan
• Receive periodic reports about the work of the internal audit function
• Monitor the response of management to internal audit findings
• Ensure that recommendations made by the internal audit are actioned
• Preserve the independence of the internal auditors from interference.

Question 13

what are the responsibilities of the audit committee regarding the external auditors?

Answer 13

• Primary responsibility to recommend to the board on the appointment, re-appointment or removal of the external auditors
• ‘oversee’ the selection of new auditors are being considered
• Approve the terms of engagement and remuneration fora Audit services
• Have annual procedures for the independence and objectivity
• Review the scope of the audit, and satisfy that it is sufficient
• Make sure appropriate plans are in place at the start of each annual audit
• Carry out a post-completion audit review.

Question 14

What are the post-completion audit review responsibilities of the audit committee?

Answer 14

- Review the level of errors identified during the audit

- Review key accounting or audit judgements

- Discuss any major issues that arose during the audit, and have they been solved

Question 15

Why should a company disclose its internal control activities to shareholders?

and

What are the Benefits?

Answer 15

Why?

• Shareholders are entitled to know whether the internal control system is sufficient to safeguard their investment.
• To provide SH with the assurance, board the should, annually, conduct a review of the effectiveness of I.C and report.
• Additional reporting requirements apply under SOX.

Benefits

• SH satisfied and assured the company is looked after well and their investment is safe. Companies that are more open with their disclosures regarding internal controls may benefit from increased shareholder satisfaction as they know their assets are being well looked after.
• Company may benefit from Constructive Criticism - By reporting on their internal controls, a company opens itself to additional scrutiny by shareholders (and other interested parties) which may improve corporate governance.
• The knowledge that their work will be reported on externally may help regulate the work of the audit committee.
• By making the chair of the audit committee available for questions at the AGM, the company demonstrates that it has nothing to hide, therefore increasing shareholder confidence.

Question 16

Why and What should be reported regarding internal controls to shareholders?

Answer 16

Review Reporting:

• This review should be conducted against COSO’s 5 elements
• The review should cover all material controls:
  
  • financial,
  • operational
  • compliance
  • risk management systems.
• The annual report should inform on the work of the audit committee.
  
  • Objectives of audit work
  • Summary of the process carried out
  • Report on findings (Audit Opinion)
  • Recommendations