Mod1 Flashcards
An independent and objective assessment of the adequacy and effectiveness of risk management across the organization based on a systematic and disciplined approach.
Assurance
Independent and objective insights and advice on the development, maintenance, and improvement of risk management systems, processes, structures, and implementation.
Consulting (or Advisory Services)
Active engagement with the board and senior management (comprising first and second line roles) to support integrated enterprise-wide strategic risk management through alignment with organizational priorities, effective ongoing communication, joint planning, and use of a common taxonomy and methods.
Coordination
An organization wide perspective of significant risk and the sources of assurance on risk management to ensure sufficient coverage without unnecessary duplication.
Assurance Mapping
To enhance and protect organizational value by providing risk based objective assurance, advice, and insight.
Mission of Internal Auditing
Independent and objective assurance and consulting activities designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
Definition of Internal Auditing
The primary reporting line of the CAE is to the board. This is the “________” reporting line.
Functional Reporting Line
The secondary reporting line may be to an appropriate member of senior management. This is the “______” reporting line.
Administrative Reporting Line
What are the 8 requirements for Independence of the Internal Audit Activity?
Internal audit charter.
Freedom from interference.
Access to people, resources, and information.
Necessary resources.
Accountability and functional reporting line to the board.
Administrative reporting line to senior management at an appropriate level.
Annual confirmation to the board of organizational independence and disclosure of any interference.
Application and safeguards when required.
What are the 7 requirements for Objectivity of the Internal Auditor?
Functional independence of the internal audit activity from senior management.
Absence of, and the appearance of, conflicts of interest.
Objective mindset.
Disciplined and systematic procedures.
Adherence to professional standards.
Supervision, monitoring, and quality assurance.
Application of safeguards when required.
What are the 5 core internal audit rules in regard to ERM?
Giving assurance on the risk management processes.
Giving assurance that the risks are correctly evaluated.
Evaluating risk management processes.
Evaluating the reporting of key risks.
Reviewing the management of key risks.
What are legitimate internal audit roles with safeguards?
Facilitating identification & evaluation of risks.
Coaching management in responding to risks.
Coordinating ERM activities.
Consolidated reporting on risks.
Maintaining and developing the ERM framework.
Championing establishment of ERM.
Developing ERM strategy for board approval.
What are 6 roles that Internal Auditing should not undertake?
Setting the risk appetite. Imposing risk management processes. Management assurance on risks. Taking decisions on risk responses. Implementing risk responses on managements behalf. Accountability for risk management.
What are the five personal characteristics of internal auditors? This is also referred to as the five Cs.
Competence. Credibility. Connectivity. Communication. Courage.
What are the 3 components of competency? This is also referred to as KSAs.
Knowledge.
Skill.
Abilities (attitudes and behaviors).
