Strategic and Operational Roles of Internal Audit Flashcards
- Initiate, manage, be a change catalyst, cope with change.
- Build and maintain networking with other organization executives and the audit committee.
- Organize and lead a team in mapping, analysis, and business process improvement.
- Assess and foster the ethical climate of the board and management.
- Educate senior management and the board on best practices in governance, risk management, control, and compliance.
- Communicate internal audit key performance indicators to senior management and the board on a regular basis.
- Coordinate IA efforts with external auditor, regulatory oversight bodies and other internal assurance functions.
- Assess the adequacy of the performance measurement system and the achievement of corporate objectives.
Strategic Role of Internal Audit
- Formulate policies and procedures for the planning, organizing, directing, and monitoring of IA operations.
- Review the role of the IA function within the risk management framework.
- Direct administrative activities (i.e., budgeting, human resources) of the IA department.
- Interview candidates for IA positions.
- Report on the effectiveness of corporate risk management processes to senior management and the board.
- Report on the effectiveness of the internal control and risk management frameworks.
- Maintain effective Quality Assurance Improvement Program.
Operational Role of IA
According to the IIA’s definition of Internal Auditing, the internal audit activity..
helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
Combination of processes and structures implemented by the board to inform, direct, manage, and monitor the activities of the organization toward the achievement of its objectives.
Governance
Process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization’s objectives.
Risk Management
Any action taken by management, the board, and other parties to management risk and increase the likelihood that established objectives and goals will be achieved.
Control
Policies, procedures (both manual and automated), and activities that are part of a control framework designed and operated to ensure that risks are contained within the level that an organization is willing to accept.
Control Processes
Who is responsible for governance?
The Board
Adherence to policies, plans, procedures, laws, regulations, contracts, or other requirements.
Compliance
Accomplishes objectives in an accurate, timely, and economical fashion.
Efficient Performance
Accomplishes objectives with minimal use of resources or cost proportionate to the risk exposure.
Economical Performance
Two basic types of IA engagements
Assurance and Consulting
An objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the organization.
Assurance Services
Types of engagements: financial performance, compliance, system security, and due diligence.
Assurance
Advisory and related client service activities, the nature and scope of which are agreed with the client, are intended to add value and improve an organization’s governance, risk management, and control processes without the internal auditor assuming management responsibility.
Consulting Services
