Internal Auditor Part 1 Flashcards
11 Jan 2024
Here’s a simplified explanation of the concept and role of internal audit:
Purpose and Functions of Internal Audit
Internal audit is a voluntary review process carried out by an entity to ensure its internal controls are adequate. The primary purpose of internal audit is to provide assurance to management and the board of directors that:
- Financial controls are adequate.
- Operational controls are effective.
- IT systems are secure.
- Operations are efficient and effective (Value for Money audits).
- Compliance with laws and regulations is maintained.
Range of Audit and Investigation Work
Internal auditors may perform various tasks, including:
- Auditing financial controls.
- Auditing operational controls.
- Reviewing IT system controls.
- Conducting Value for Money (VFM) audits.
- Checking compliance with laws and regulations.
- Examining and reviewing financial information.
- Conducting special investigations (e.g., fraud investigations).
Role of Internal Audit
The internal audit function plays a crucial role in:
- Identifying and mitigating risks.
- Improving internal controls.
- Enhancing operational efficiency.
- Ensuring compliance with laws and regulations.
- Providing assurance to management and the board of directors.
In summary, internal audit is a vital component of an entity’s governance structure, providing assurance on internal controls, risk management, and compliance.
Here’s a simplified explanation of ISA 610 (Revised):
Introduction to ISA 610 (Revised)
ISA 610 (Revised) deals with the external auditor’s responsibilities when using the work of internal auditors. This includes:
- Using internal audit work as audit evidence
- Using internal auditors for direct assistance under the external auditor’s direction, supervision, and review
Definition of Direct Assistance
Direct assistance means using internal auditors to perform audit procedures under the external auditor’s direction, supervision, and review.
Scope of ISA 610 (Revised)
ISA 610 (Revised) applies when:
- The entity has an internal audit function
- The internal audit function’s responsibilities and activities are relevant to the audit
- The external auditor expects to use the work of the internal audit function in obtaining audit evidence
Objectives of the External Auditor
When applying ISA 610 (Revised), the external auditor’s objectives are:
- Determine whether to use the work of the internal audit function or direct assistance from internal auditors
- If using internal audit work, determine whether it is adequate for audit purposes
- If using internal auditors for direct assistance, direct, supervise, and review their work appropriately
Key Considerations
1. The external auditor may be prohibited or restricted by law or regulation from using internal audit work or direct assistance.
2. The external auditor must evaluate the internal audit function’s objectivity, competence, and work performance.
Here’s a simplified explanation of evaluating the internal audit function:
Evaluating Internal Audit Function
To determine if internal audit work is adequate, the external auditor must evaluate:
- Objectivity: Assess whether internal audit is independent and unbiased.
- Competence: Evaluate internal audit’s skills, knowledge, and experience.
- Systematic and Disciplined Approach: Review internal audit’s processes, procedures, and quality control.
Objectivity Criteria
1. Reporting lines: To whom does internal audit report?
2. Access to those charged with governance
3. Freedom from conflicting responsibilities
4. Oversight of employment decisions by those charged with governance
5. Membership in professional bodies and compliance with standards
6. Restrictions on communicating findings to the external auditor
7. Remuneration policy determined by those charged with governance
Competence Criteria
1. Membership in relevant professional bodies
2. Technical training and proficiency
3. Hiring and training policies
4. Knowledge of financial reporting
Systematic and Disciplined Approach Criteria
1. Planning, supervision, review, and documentation of internal audit work
2. Quality control procedures, audit manuals, work programs, and relevant documents
Consequences of Inadequate Internal Audit Function
If any of the above factors are lacking, the external auditor cannot use the work of the internal audit function (ISA 610 Revised).
Here’s a simplified explanation of the work of internal auditors and how external auditors can use it:
Examples of Internal Audit Work
1. Testing operating effectiveness of controls
2. Substantive procedures with limited judgment
3. Observing inventory counts
4. Tracing transactions through the information system
5. Testing compliance with regulatory requirements
Evaluating Internal Audit Work
External auditors must evaluate each piece of internal audit work before using it as evidence. They consider:
- Nature and scope of the work
- Relevance to the external audit strategy and plan
- Planning, performance, supervision, review, and documentation
- Sufficiency and appropriateness of evidence
- Conclusions reached and exceptions resolved
Agreeing Matters in Advance
External auditors may agree on:
- Timing of the work
- Nature of the work
- Extent of audit coverage
- Materiality and performance materiality
- Methods of item selection and sample sizes
- Documentation and review procedures
Further Procedures
External auditors may perform:
- Inquiries of internal audit staff
- Observation of procedures
- Review of work programs and papers
- Re-performance of internal audit procedures
Documentation
If using internal audit work, external auditors document:
- Evaluation of internal audit objectivity, competence, and approach
- Nature and extent of work used
- Basis for using the work
- Procedures performed to evaluate the work’s adequacy
