CH 1 study guide Flashcards
Definition of Internal Auditing
Internal auditing is an independent, objective assurance and consulting activity designed to ADD VALUE and improve an organization’s operations.
- It helps an organization accomplish its objectives (tasks)
Know how an organization’s objectives serve as the foundational link for internal audit engagement objectives
An organization’s objectives define what it wants to achieve and its ongoing success depends on the accomplishments of its objectives.
- For internal audit to help the organization achieve its objectives, there must be a direct link between: business objectives and internal audit engagement objectives.
2013 COSO objectives:
–> Strategic (ERM): refers to “how management plans to achieve” the organization’s objectives via value creation choices.
–> Operation (IC): refers to “how management plans to achieve” effectiveness and efficiency of the organization’s operations.
–> Reporting (IC): refers to “how management plans to achieve” the reliability of internal and external reporting of financial and non-financial information.
–> Compliance (IC): refers to “how management plans to achieve” adherence to applicable laws and regulations.
Know the services provided by internal audit
Assurance services: refers to an objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the organization.
Assurance services: nature and scope determined by internal audit
- Parties involved:
–> auditee who is directly involved in the subject matter of interest
–> internal auditor making the assessment and providing the conclusion
–> user relying on the internal auditor’s assessment of evidence and conclusion.
Advisory (consulting) services: refers to advisory and related service activities, the nature and scope of which are agreed with the customer, are intended to add value and improve an organization’s governance, risk management, and control process without the internal auditor assuming management responsibility.
—> examples include counsel, advise, facilitation, and training.
Advisory (consulting) services: nature and scope is mutually agreed upon by customer and Internal Audit
-Parties involved:
–> customer who is seeking and receiving advice
–> internal audit offering and providing the advice
Assurance and advisory engagements differ in three ways:
1.) the parties involves
2.) the primary purpose of the engagement
3.) Who determines the nature and scope of the engagement.
Know the relationship between auditing and accounting
Internal auditing is NOT a subset of accounting
The relationship of accounting to auditing is close, yet their natures are very different
- Accounting includes the collection, classification, summarization, and communication of financial data
–> the task of accounting is to reduce a tremendous mass of detailed information to manageable and understandable proportions.
-Auditing does none of these things
–> The task of auditing is to review the measurements and communications of accounting for property (i.e., proof/ support).
Thus auditing has its principal roots, not in accounting, which it reviews, but in logic on which it leans heavily for ideas and methods.
The primary difference between financial reporting ASSURANCE services provided by internal auditors and (independent) external auditors
Internal auditors provide their financial reporting assurance services primarily for the benefit of the board of directors and management
- Management relies on the financial reporting assurance services provided by the company’s internal audit function to provide them with confidence (i.e., reasonable assurance) regarding the truthfulness of their financial reporting assertions
The independent (CPA), external, outside audit firm provide their financial reporting assurance services primarily for the benefit of the third party decision makers (GAAP, PCAOB), and, accordingly, increase the users’ confidence regarding the accuracy, completeness, and validity of the information upon which they base their decision.
Know the stakeholders served by internal auditors and why
Stakeholders served by internal audit:
- internal audit helps the organization achieve its business objectives - by evaluating and improving the effectiveness of governance, risk management, and control processes.
- within each of these processes there are opportunities for improving the business operation, reporting and compliance.
- thus, the stakeholders served by internal audit include the:
–> board of directors
–> management
–> employees
–> interested parties outside the organization
Know the full titles for IIA, CIA, CRMA, and CCSA certifications and the AICPA CITP certification - they all may increase one’s annual salary
CIA: certified internal auditor: the globally accepted certification for internal auditors.
IIA: The institute of Internal Auditors: the internal audit profession’s global voice, standard-setter, and resource for professional development and certification. The mission is to provide dynamic leadership for the global profession of internal auditing.
CRMA: Certified in Risk Management Assurance
CCSA: Certified Control Self-Assessment
AICPA: Association of Certified Public Accountants
CITP: Certified Information Technology Professional
–> AICPA sponsors the CITP.
Know the ethical core qualities that successful internal auditors have
Integrity: Integrity is IMPERATIVE
- integrity is strict adherence to moral principles and (professional standards, which builds trust and reliance on what internal auditors conclude and recommend.
Learning: Learning is CONSTANT
- internal auditors continue to learn throughout their careers - so, one of the most important skills to develop while in school is “learning how to learn.”
Practice: Practice makes PROFICIENCY
- nobody is an expert internal auditor when they graduate from college. Internal auditing 0- like any other profession - is learned primarily through on-the-job experience, and under the watchful eyes of experienced supervisors, coaches, and mentors.
Know the skills and accomplishments to qualify for an internal auditor, entry-staff level
- Education in auditing, accounting, information systems and technology, business risks and controls, management, finance.
- Hands-on experience with audit-related software - flowcharting, spreadsheets, database, and generalized audit software.
- Practice developing interpersonal and communication - speaking and writing - skills.
- Projects that allow you to think analytically, assimilate new information quickly, cope with ambiguity, handle unstructured multidimensional tasks, and effectively manage several deliverables simultaneously.
Other accomplishments may include:
- internship- show the ability to apply what has been learned
- Scholarships and other awards: show respect for achievement
- Part-time work or extracurricular activities: show the ability to multitask
- Serving as an officer in a student organization: shows motivation and the ability to learn.
