The document discusses various topics related to internal auditing including financial accounting and budgeting risks, business challenges, project management, organizational change, fraud risks, forensic accounting, and emerging issues. It provides details on budget variance analysis, internal audit areas of focus, challenges during the pandemic, and comparisons of in-house, outsourcing, and co-sourcing internal audit assignments. Risk management approaches including the COSO framework are outlined. Types of fraud investigations like corruption, asset misappropriation, and financial statement fraud are defined. Emerging issues facing internal auditors related to technology and standards are also noted.
Internal Audit Guide for Financial, Risk, Fraud and Emerging Issues
1.
2. Topics to be Covered
Financial Accounting and Budgeting Risks
Business Related Challenges
Project Management/ Organizational Change
In-house vs. Outsourcing Audit Assignments
Fraud Risk, Forensic Accounting and Investigations
Emerging/Contemporary Issues
3. Financial Accounting and Budgeting Risks
• Budgeting Risk: A budget is never going to be exact.
Budgets typically uses rounded and estimated figures which
are simply forecast.Analysis of budget help us to provide
insight for positive or negative variance.
4. Importance of BudgetVariance Analysis by
Internal Auditor
4. It helps in identifying needed changes in the overall strategies, i.e., to revaluate the company’s
product line or target-customer base.
5. Without a variance analysis, a budget ceases to be a working document.
5. Internal Audit Areas to Focus
Take action on neglected risks
Lead your organization into the age of analytics
Do more with less
Be a thought leader to your management, audit committee, and board
Evaluate your professional skills
8. Project Management/ Organizational
Change
• Where there is an internal audit function, its status is
derived from the needs of the organisation and should be
set at the top of the organisation, i.e. by the board and
the audit committee.
• They seek assurance that:
• The organisation has a formal governance process
which is operating as intended:
• Significant risks within the organisation are being
managed and controlled to an acceptable level
10. In-house Function
Pros Cons
✓ Continuity of Staff
✓ Certain controllable cost
✓ Full control of function
✓ A resource pool for the business
✓ Training ground for employees
✓ Greater cultural alignment
✓ Insiders
× May not be fully employed effectively and
efficiently
× Difficult to acquire necessary /maintain all skills
and experience to meet the risk profile of the
business
× Need to continually invest in training and
development
× Recruitment hassles
× Ineffective / inefficient start up
× Retention and development strategies required
× Reduces opportunities to provide fresh
perspective / risk of complacency or familiarity
11. Co-Sourcing
Pros Cons
✓ Long term permanent onsite presence through
HIA
✓ Access to broad range of skills through the
partner
✓ Draw on specialist skills as and when,and only
when,needed
✓ Continuity through HIA
✓ Pull in up to date skills and experience as needed
✓ Quick to implement skills transfer to in house
team
✓ Flexible approach, clearly defined service level
and KPI measures
✓ Credibility to third parties
✓ No or reduced training cost
× Time taken to recruit HIA
× Possible cost impact
× Management resource needed in recruitment
and relationship development
× Dependency of third part
× Possible lack of staff continuity
× Other challenges for in house resource as
discussed earlier
12. Outsourcing
Pros Cons
✓ Established methodologies and benefit of
refreshment based on experiences across
different organisations
✓ Up to date skilled staff
✓ Ability to draw on a wide range of skills as and
when required
✓ No time taken up by managing service and
resources
✓ Clearly defined service level and performance
measures
✓ Easily established and quickly effective
✓ Credibility to third parties
× No permanent on-site resource to help other
areas of the business
× Potential cost impact
× Possible lack of staff continuity
× Remote from business developments, the culture
and politics
× Management time to establish and maintain
relationships
16. Risk Management Approach
A well known and respected risk management approach has been developed by COSO.The COSO (2004)
model of internal control comprises eight components:
17. Risk Management Approach Contd.
(Source: Committee of Sponsoring Organizations of theTreadway Commission (COSO:2004) Enterprise Risk Management – Integrated Framework.)
18. Forensic Accounting
• Forensic accounting, forensic
accountancy or financial
forensics is the specialty practice
area of accounting that
investigates whether firms
engage in financial reporting
misconduct. Forensic
accountants apply a range of
skills and methods to determine
whether there has been financial
reporting misconduct.
19. Forensic Auditing
• ‘Forensic auditing’ covers a broad spectrum of
activities, with terminology not strictly defined in
regulatory guidance.
• ‘Forensic auditing’ refers to the specific procedures
carried out in order to produce evidence.
• Audit techniques are used to identify and to gather
evidence to prove, for example, how long the fraud
has been carried out, and how it was conducted and
concealed by the perpetrators.
• Evidence may also be gathered to support other
issues which would be relevant in the event of a
court case.
20. Type of Investigation
• The forensic accountant could be asked to investigate many different types of
fraud. It is useful to categorise these types into three groups to provide an
overview of the wide range of investigations that could be carried out.
• The three categories of frauds are:
• Corruption,
• Asset misappropriation; and
• Financial statement fraud.
22. Asset Misappropriation
• By far the most common frauds are those involving asset misappropriation, and
there are many different types of fraud which fall into this category.
• Examples:
• Cash theft
• Fraudulent disbursements
• Inventory frauds
• Misuse of assets
23. Financial Statement Fraud
• This is also known as fraudulent financial
reporting, and is a type of fraud that causes a
material misstatement in the financial
statements.
• It can include:
• deliberate falsification of accounting records;
• omission of transactions, balances or disclosures
from the financial statements; or
• the misapplication of financial reporting standards.
24. Emerging/ Contemporary Issues
Time Lag
Data Extraction
Lack of
Knowledge of
International
Standards
Documentation
in IT
Environment
Technological
Changes
25. CA Sana Baqai
Partner,Vinod Krishna & Associates | Chief Editor, IIA India
Sana.Baqai@vkaassociates.com | +91-9971938000