Internal Audit Plan (Part 2, Unit 4)

Question 1

What are the 3 elements in an Audit plan?

Answer 1

1. Input by SM / Board
2. CAE / IAD Risk Based Assessment (L X I)
3. Audit Universe (Anything that can be audited)

Question 2

How often should Audit Universe be assessed?

Answer 2

Annually

Question 3

How often should Audit Plan be adjusted?

Answer 3

Frequently

Question 4

Do the skills, knowledge and competencies affect the Risk Assessment?

Answer 4

No (It affects Engagement planning)

Question 5

What affects the Risk Assessment?

Answer 5

1. Inputs by SM / Board
2. Risk Prioritisation (L X I) -> Risk Response (TARA)

This is linked to Part 1, Unit 4 on Risk Management (includes Risk Assessment). ERM - management.

Question 6

What are the different types of risks factors considered by Internal Auditors?

Answer 6

1. Internal risks factors - degree of change, strength of and adherence to controls, timing and results of last engagement
2. External risk factors - suppliers, competitors, industry issues

Question 7

What are the different types of risks considered by Internal Auditors?

Answer 7

1. Inherent Risk
2. Residual Risk
   (after controls)
3. Control Risk
   (IC will not timely prevent, detect, correct, a material misstatement of an assertion)
4. Detection Risk
   (Intended audit procedures to reduce audit risk to an acceptably low level will not detect a m.m.)

Question 8

Which risks are related to management?

Answer 8

Inherent risk and control risk

Question 9

Which risks are related to internal auditors?

Answer 9

Detection risk

Question 10

What is audit risk?

Answer 10

AR = Romm X DR
AR = IR X CR X DR