Chapter 7 - Internal audit Flashcards
Overall objectives of IA:
Safeguard assets Compliance Reduce overheads Effective controls Accounting records Managing risks
What is internal audit?
- Provides independent assurance that an org’s risk management, governance and internal control processes are operating effectively
What is a systems audit?
Tests and evaluates internal controls within any system
Determines:
- How well system is functioning
- What weaknesses there might be
- What reliance can be placed on existing controls
Objectives audit will focus on:
- Suitable and accurate management info
- Compliance with procedures, laws an regulations
- Safeguarding assets
- Securing economies and efficiencies
- Accomplishing objectives
What is a compliance audit?
Form of systems audit which ensures performance conforms to a statutory, regulatory, policy or contractual requirement
Process of internal control:
- Identify business objectives
- Identify risks that will threaten each objective
- Design internal controls to mitigate these risks
- Implement internal controls in accordance with their design
IA and fraud investigations:
- Maintain systems of control for both prevention and detection
- Acts as both investigator and detective (watchdog and bloodhound)
Cressey – fraud was likely to occur if three conditions were present:
- Pressure:
* Motivation to commit fraud comes from financial problems that cannot be solved by legitimate means
* Are staff likely to be affected by external factors? - Rationalisation:
* Fraudster must be able to justify decision to themselves, usually because they perceive themselves as having no other choice or have been wronged in some way
* Are assets likely to be vulnerable and are any controls poor? - Opportunity:
* Fraud can be perpetrated because someone is able to due to low perceived risk of getting caught or fraud can be easily concealed
* Are staff disenfranchised or desperate enough to commit fraud and does recruitment procedures always check employee references?
Value for money audit:
- Best value audit = performance framework used by UK public service orgs to assess how well public money is being used to provide services
Best value can be achieved by attempting to implement four C’s:
- Challenge = How and why is a service provided?
- Compare = Make comparisons with other local authorities and the private sector
- Consult = Talk to local taxpayers, service users and the wider business community in setting performance targets
- Compete = Embrace fair competition as a means of securing efficient and effective services
Management audit:
- Objective and independent appraisal of the effectiveness of managers and the corporate structure in achievement of entity objectives and policies
- Aim to identify existing and potential management weaknesses and to recommend ways to rectify them
- Non-routine investigation that attempts to look at all aspects of management performance
- May cover: achievement of targets, decision making, competence, workloads, delegation, relationships
Carrying out a management audit:
Deciding audit objectives and carry out an investigation, gathering evidence and reporting results
Social audit:
Cover sustainable use of human resources, health and safety compliance, labour conditions and equal opportunities
Involve:
- Establishing whether org has rationale for engaging in socially responsible activity and that rationale is aligned with its mission
- Assessing objectives and priorities related to these programmes
- Evaluating company involvement in such programmes past, present and future
Environmental audit:
Ascertain whether org is complying with codes of best practice, internal guidelines or fulfilling wider requirement of being a good corporate citizen
Concerned with:
* Board and management having good understanding of environmental impact
* Assessment of whether environmental programmes are congruent with comp’s mission
* Adoption + communication of adequate policies and procedures to ensure compliance with relevant std’s and laws
* Adoption + review of progress against quantifiable targets
* Assessment of whether progress is being made economically and efficiently
• True, fair and complete reporting of environmental activities
External audit (Financial audit):
- Examination of books and record of an org with a statutory goal of reporting on the truth and fairness of org’s financial statements
- Audit committee is responsible for making annual assessment on independence and effectiveness of external auditors and making recommendation for reappointment
Internal vs. external audit:
Internal Audit:
- Responsible to = management
- Responsible for = any task required by management or directors
- Activities undertaken = anything
- Standards used = anything
External Audit:
- Responsible to = Shareholders
- Responsible for = opinion on truth, fairness and compliance with laws and regulations
- Activities undertaken = testing via evidence gathering
- Standards used = laws and regulations, auditing std’s and accounting std’s