Internal Audit Flashcards
Audit
The process of checking transactions, records and systems in order to vouch for their reasonableness or accuracy
Internal audit
Is an independent and objective function which may be a department of an organisation or an outsourced function which exists to evaluate the activities of the entity as a service to the entity.
Forms of internal audit
Compliance – assessment of activities to determine whether performance conforms with predetermined requirements.
Fraud investigation.
Value for money – assessment of whether proper arrangements of be made for securing economy, efficiency and effectiveness in the use of resources by the company
Management – review of the structure and effectiveness of management to achieve the entities policies and objectives.
Environmental – review of how well an entity is safeguarding the environment by management control of practices and compliance with policies and external regulations.
Social - review of whether an entity has complied with policies and objectives relating to social objectives for example health and safety, working conditions, equal opportunities
Internal audit and risk management functions
Risk management is considered the identification, measurement and control of risks. The role of risk management is to act as an advisory helping management to identify risks and design controls.
Internal audit is involved in testing and evaluation of the risk controls.
Good governance suggests that those that design the controls should not be involved in testing them.
The audit process
Audit planning and strategy – focus on key risk areas and prioritise
Audit planning – individual assignments – auditor should understand the objectives of the work, risks involved and any issues which might need greater time devoted to them.
Ascertaining and documenting systems/policies/regulations
Audit testing – test controls or carry out substantive tests on transactions or events. Consider use of sampling, analytical review, benchmarking. Consider source and reliability of all relevant data.
Document and review.
Characteristics of Effective internal audit
Internal auditor should be independent.
Should have the appropriate status within the organisation. This can be achieved by reporting its findings so the audits committee
Should be appropriately qualified.
Need the appropriate knowledge and understanding of the clients business and processes.
Should be subject to appropriate quality control processes,
The head of internal order should develop an internal audit plan based on risk assessments, submitted to the audit committee for approval and implement the approved plan.