Topic 4- Internal Audit

Question 1

what is the definition of an internal audit

Answer 1

An independent, objective assurance and consulting activity designed to add value and improve an organizations operations.

“an appraisal or monitoring activity established by management and directors for the review of the accounting and internal control systems as a service to the entity.

It functions by, amongst other things, examining, evaluating and reporting to management and the directors on the adequacy and effectiveness of components of the accounting and internal control systems.”

Question 2

the need for an internal audit depends on

Answer 2

▪ Nature of operations (scale, diversity and complexity of activities) – the more diverse or complex the more there is to monitor

▪ Scale and size (Number of employees)– more employees likely to undertake human error

▪ Cost / Benefit considerations

▪ Internal / External change triggers – new markets / new products

▪ Problems with existing systems and controls

▪ Compliance requirements

▪ The desire of senior management to have assurance and advice on risk and control

Question 3

what kind of questions do IA address or work on?

Answer 3

▪ The adequacy and reliability of financial and non financial information

▪ Safe guarding of business assets, do special investigation projects

▪ Are procedures being followed

▪ The degree of compliance with the law/legislation

▪ Are systems and controls operating effectively? Identify control deficiencies

▪ Fraud investigations

▪ Value for money assessments- e.g. of specific vendor used

▪ Assess how risks are being identified, analyzed and managed

• -> assess the risk response
• -> Give independent advice on how to embed risk management services into business activities

▪ Provide assurance to the BOD that the main business risks are being managed
▪ Identify any significant control deficiencies and make recommendations

▪ focus on matters of high risk

Question 4

who appoints the head of internal audit and who do they report to

Answer 4

The head of an internal audit should be appointed by the audit committee and have independent reporting responsibilities

They report to the chairman of the board and audit committee

Question 5

explain the years plan of Internal audit and the life cycle

Answer 5

1) Developing an audit plan based on an assessment of the significant risks to which the organization is exposed
2) Submitting plan to the audit committee for approval
3) Maintain audit team with knowledge, skill and experience
4) Implementing the agreed audit plan

Question 6

.

Answer 6

.

Question 7

what are the advantages of having an IA

Answer 7

✓ Reduces the risk of fraud and error
✓ Increases the confidence of the financial statements

✓ Deficiencies will be highlighted sooner and can be rectified to improve the systems- being proactive

✓ Value for money audits can be initiated within the company leading to cost savings

• Improvements in working systems for the company

Question 8

what are the DISadvantages of having an IA

Answer 8

✓ The Internal audit department could be reviewing their own work- if not independent (could be friends with the employees so difficult to be independent)

✓ Directors influencing the internal audit department, may direct attention away from problem areas

✓ The internal audit department may have to report directly to management who have been involved in fraud or issues

✓ Internal audit staff may have been in service for a considerable time and therefore loose professional scepticism

✓ Standard of internal audit departments could be variable

–> Success depends on who is doing the IA and their experience and qualification

–> Success is determined by how much attention the BOD/ or the audit committee pay to the reports being produced by IA

Question 9

what are the advantages of having an Outsourced IA

Answer 9

▪ Greater focus on cost and efficiency of the internal audit function (Pay for what you need)

▪ Staff may be drawn from a broader range of expertise (specialist skills)

▪ Risk of staff turnover is passed to the outsourcing firm (don’t have to worry about training and then the employee leaving- risk and cost reduced)

▪ Specialist skills may be more readily available

▪ Costs of employing permanent staff are avoided

▪ May improve independence/objectivity because they are independent parties

▪ Access to new market place technologies, e.g. audit methodology software without associated costs

▪ Reduced management time in administering an in-house department and managing that line of communication

Question 10

what are the DISadvantages of having an Outsourced IA

Answer 10

▪ Possible conflict of interest if provided by the external auditors who also do your year end audit

▪ Risk of blurring of roles between internal and external audit, losing credibility for both

▪ Pressure on the independence of the outsourced function due to, for example, a threat by management not to renew contract

▪ Risk of lack of knowledge and understanding of the organisation’s objectives, culture or business

▪ Cost focus may reduce the effectiveness of the functioThe decision may be based on cost with the effectiveness of the function being reduced

▪ Flexibility and availability may not be as high as with an in-house function. Also required them to ‘Plan in advance’

▪ Lack of control over standard of service- no control over the work that’s done/testing/when it’s done

Question 11

what is the general approach in internal audit assignments

Answer 11

▪ Identify key risk areas
▪ Are there any procedures to mitigate the risk?
▪ Are the procedures being followed?
▪ Are the procedures effective?
▪ Report and recomment

Question 12

what are the 3categories of work that the internal audit work on

Answer 12

Value for money audits
audit of Information technology
Financial internal audit

Question 13

what are the three value for money

Answer 13

Economy- Least cost

Efficiency- Best use of resources

Effectiveness- Best results

Question 14

Internal audit assignments: financial internal audit,

what are some questions that need to be answered

Answer 14

▪ Do the records and evidence support financial and management reporting?

▪ Are there errors and/or fraud?

▪ Does the analysis of information identify trends and potentially significant variations from the norm

Question 15

Internal audit assignments: Audit of IT,

what are some questions that need to be answered

Answer 15

▪ Do the systems provide a reliable basis for preparation of financial statements

▪ do internal controls reduce the risk of misstatement

▪ does the system represent value for money/best value?

▪ are the controls over awarding contracts for IT installations effective?

Question 16

what four general things are included in an internal audit report

Answer 16

similar to report to management

describe deficiencies

explain the consequences to the organisation

provide a recommendation for improvement

Question 17

.

Answer 17

.

Question 18

.

Answer 18

.

Question 19

when comparing internal and external audit

what 6 things could you talk about

Answer 19

.role required by
appointed by 
Reports to
Reports on/objective
opinion on 
scope of assignment

Question 20

when comparing internal and external audit

explain the differences between external and internal on :

role required by

Answer 20

External- Statue for limited companies

Internal- Directors, usually in larger
organisations

Question 21

when comparing internal and external audit

explain the differences between external and internal on :

appointed by

Answer 21

External- External auditors are appointed by the company’s shareholders. They are
independent of the company.

Internal- Internal auditors are appointed bymanagement. As internal auditors are
normally employees of the company
they lack independence. However, the
internal audit department can be
outsourced and this can increase their
independence.

Question 22

when comparing internal and external audit

explain the differences between external and internal on :

Reports to

Answer 22

External-  External auditors report to the
shareholders or members of the
company. External audit reports are
contained within the financial
statements and hence are publicly
available.

Internal- Internal auditors normally report to management or those charged with
governance. Internal audit reports not
publicly available and are only
intended to be seen by the addressee
of the report. The reports are normally
provided to the board of directors and
those charged with governance such as
the audit committee.

Question 23

when comparing internal and external audit

explain the differences between external and internal on :

Reports on/objective

Answer 23

External- The main objective of the external auditor is to express an opinion on the truth and fairness of the financial
statements.

Internal- The main objective of internal audit is to improve a company’s operations, by reviewing the efficiency and effectiveness of the company’s internal controls.

Question 24

when comparing internal and external audit

explain the differences between external and internal on :

opinion on

Answer 24

External- The truth and fairness of the Financial Statements

Internal- Adequacy of the systems, and
contributes to the effectiveness and
efficiency of resources

Question 25

when comparing internal and external audit

explain the differences between external and internal on :

scope of assignment

Answer 25

External- Per the auditing standards (to fulfil the statutory obligation) and focuses on the financial statements

The external auditor’s work is limited
to verifying the truth and fairness of
the financial statements of the company.

Internal- The internal auditor can have a wide scope of work and it is determined by the requirements of management or
those charged with governance.
Commonly internal audit focus on the
company’s internal control environment, but any function is in their remit