Module 6 Flashcards
What is internal auditing?
An independent, objective assurance and consulting activity designed to add value and improve an organisations operations
Helps accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve risk management, control and governance
Difference between internal and external audits?
Internal audits are reported within the organisation. Relates to management
External reports a publicly published and shared to shareholders
What are the key elements of an internal audit function?
Independent Measures and evaluates Within organisation Integral part of controls Service to all levels Effectiveness and efficiency
IM WISE
What are the main objectives of the internal audit function?
To provide reasonable assurance to board on adequacy of risk management and control systems
To assist all members to effectively discharge their responsibilities
The internal audit function should report to who?
The audit committee if there is one
CEO if not
Shoulder review scope of work
IAF has to be independent of operational parts
Internal auditors are not required to have what?
The same qualifications as external auditors
There are some available
CIIA
What is the general rule for the need for an internal audit?
No statutory requirement
Some entities are required under statute or due to regulatory arrangements e.g public sector
What does the UK Corporate Governance code recommend about internal audit?
Where a company has an IAF the audit committee should monitor and review
Where one does not exist, the audit committee should consider annually whether there is a need for an IAF
Why choose to have an internal audit function?
To gain assurance that the management and control of the organisation is robust
Responsibilities and relationships of internal audit to directors?
NEDs on audit committee have a duty to oversee activities of execs
IAF has a responsibility to provide the directors with objective assurance over that quality of controls exercised by management (by reporting to audit committee)
Responsibilities and relationship of internal audit to shareholders?
Provide shareholders with a degree of assurance regarding the effective operation and control of company
Responsibilities and relationships of internal audit to management?
Provide with an independent view on the quality of internal control exercised by then
Who has the responsibility of overall risk management?
The directors
What is the role of internal audit?
To challenge processes and controls and identity and respond to risks
Monitor progress to resolve issues
Assist in facilitating risk workshops designed to increase awareness
What are the types of internal audit? 11
Financial Systems Management Value for money Contract Post implementation review Investigations Inspection and quality control Compliance Follow up Culture
What is a financial audit?
Carried our prior to statutory f/s audit
What is a systems audit?
Review and evaluation of the systems (manual and computer) by which an org regulates and controls activity
IAF would evaluate design and test operations
What is a management audit?
Evaluates and appraises the process and policies of management to ensure functioning optimally
What is a value for money audit?
More common in public sector
Audit review of
Key business systems to achieve VFM
Investigate specific incidents
Identify scope for improved VFM and savings
What is a contact audit?
More common in public sector
Review activity involving high value and potentially high risk contracts
What is an operational audit?
Systematic review and evaluation of an organisation to determine effectiveness and efficiency
What is a post implementation review?
An objective appraisal of the success or otherwise of a business initiative
Improve quality of future decisions and learn from mistakes
What are investigations?
Undertake investigation into internal or external fraud, operational losses, breaches of security or serious concerns
Due diligence of potential takeover targets
What is inspection and quality control audit?
Continuous, periodic examination of procedures applied and transactions to ensure their operation complies with instructions
What is a compliance audit?
Reviews adherence to laws and regs, policies, gov requirements and restrictions
What is a follow-up audit?
Conducted after an internal or external audit report has been issued
Evaluate corrective action
What is a culture audit?
Cultural considerations can be integrated into some audits or conduct stand alone examinations of cultural values and attitudes
What contributes to the effectiveness of internal audit?
Process Audit committee Resources and competence Independence Status of IA Standards
An organisation can help to ensure independence of IAF by?
- Having them report direct to audit committee
- Audit plan approved by committee
- Remuneration to support independence
- Not involved with operational areas
