The document discusses the purpose and role of internal auditing. It describes internal auditing as an independent function that examines and evaluates an organization's activities to help management discharge their responsibilities effectively. The objective is to promote control within the organization at a reasonable cost. The document outlines the audit process, including planning, performing, reporting, and following up on corrective actions. It provides best practices for tasks like risk assessment, test design, documentation, reporting findings, and building trust with auditees.
Internal Audit is a tool of control to measure and evaluate the effectiveness of the working of an organization primarily with accounting, financial and operational matters.
Internal Audit plays a constructive role by rendering service to the management with objective appraisal of systems, procedures, practices, compliance with policies.
LetzConsult presents a smarter ways for companies to find the most relevant Consultant for their business needs. Find the right consultants for your Company on LetzConsult.com
An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
What is the purpose of internal auditing? How important is it to the business? How are internal audits planned and carried out? These slides show the relevance of internal audit to the business, how internal audits relate to the objectives and risks of the business, how they are planned and the work involved in an internal audit. Further advice is available from www.internalaudit.biz
Many leaders in today’s business environment have recognized the need for internal audit to play a larger role – one that expands on its historic focus on value preservation to encompass activities related to value creation. Leading integrated internal audit functions will need to stay ahead of the risk curve rather than simply follow the business, whilst preserving the core compliance and assurance activities senior management and the audit committee require. Audit functions that focus their efforts on significant risks are able to concentrate their audit resources on issues that drive the business. This 3-day course has been designed to help internal auditors understand what is needed to make the audit function totally risk based
Internal Audit is a tool of control to measure and evaluate the effectiveness of the working of an organization primarily with accounting, financial and operational matters.
Internal Audit plays a constructive role by rendering service to the management with objective appraisal of systems, procedures, practices, compliance with policies.
LetzConsult presents a smarter ways for companies to find the most relevant Consultant for their business needs. Find the right consultants for your Company on LetzConsult.com
An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
What is the purpose of internal auditing? How important is it to the business? How are internal audits planned and carried out? These slides show the relevance of internal audit to the business, how internal audits relate to the objectives and risks of the business, how they are planned and the work involved in an internal audit. Further advice is available from www.internalaudit.biz
Many leaders in today’s business environment have recognized the need for internal audit to play a larger role – one that expands on its historic focus on value preservation to encompass activities related to value creation. Leading integrated internal audit functions will need to stay ahead of the risk curve rather than simply follow the business, whilst preserving the core compliance and assurance activities senior management and the audit committee require. Audit functions that focus their efforts on significant risks are able to concentrate their audit resources on issues that drive the business. This 3-day course has been designed to help internal auditors understand what is needed to make the audit function totally risk based
Internal auditing departments are led by a chief audit executive ("CAE") who generally reports to the audit committee of the board of directors, with administrative reporting to the chief executive officer (In the United States this reporting relationship is required by law for publicly traded companies).
Firstly, it will be clarify some of the misunderstandings of some of the fundamental audit concepts and principals that are implemented during the audit or planning of the audit program, focusing on audit guidelines, auditor principles, audit process principles and types of audits. Furthermore, gaining understanding of the management and preparation of an ISO 9001 audit through audit program pillars, good audit practices and prepared work documents and checklists. Outline how to conduct and close an ISO 9001 audit in a professional manner with the precise audit review.
Main points covered:
• Fundamental audit concepts and principles
• Managing an ISO 9001 audit program
• Preparation of an ISO 9001 audit
• Conduct of an ISO 9001 audit & Closing the audit
Presenter:
This webinar was presented by Kefah El-Ghobbas, PECB Certified Trainer and Organizational Development expert and operations manager at TURBO CARBO.
Link of the recorded session published on YouTube:https://youtu.be/kK8pAc3QM5E
The most comprehensive definition of internal audit is given by the IIA, USA. It is,
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes."
The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?
Internal auditing departments are led by a chief audit executive ("CAE") who generally reports to the audit committee of the board of directors, with administrative reporting to the chief executive officer (In the United States this reporting relationship is required by law for publicly traded companies).
Firstly, it will be clarify some of the misunderstandings of some of the fundamental audit concepts and principals that are implemented during the audit or planning of the audit program, focusing on audit guidelines, auditor principles, audit process principles and types of audits. Furthermore, gaining understanding of the management and preparation of an ISO 9001 audit through audit program pillars, good audit practices and prepared work documents and checklists. Outline how to conduct and close an ISO 9001 audit in a professional manner with the precise audit review.
Main points covered:
• Fundamental audit concepts and principles
• Managing an ISO 9001 audit program
• Preparation of an ISO 9001 audit
• Conduct of an ISO 9001 audit & Closing the audit
Presenter:
This webinar was presented by Kefah El-Ghobbas, PECB Certified Trainer and Organizational Development expert and operations manager at TURBO CARBO.
Link of the recorded session published on YouTube:https://youtu.be/kK8pAc3QM5E
The most comprehensive definition of internal audit is given by the IIA, USA. It is,
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes."
The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?
Presentation by Jose Viegas Ribeiro on internal control and internal audit given at the workshop on Improving outputs of internal control units through self-assessment co-organised by SIGMA with the Ministry of Finance of Jordan, Amman 6 November 2014
This is a presentation I gave at the 2007 PMI NCR Symposium on how to conduct a Project Audit. Contact me at Larry.Cooper@IGPLI.Net if you have questions.
I’ve created a model that enables audit leaders to determine where their group falls across a range of performance levels. The Audit Department Excellence Model, is intended primarily as a means to help guide audit functions toward improved practices, though it can also be used to facilitate dialog with senior management and the audit committee.
2. The Purpose of Internal Auditing?
“Eyes and Ears”
“Policeman”
“Watchdog”
“Consultant”
“Catalyst”
2
3. IIA Statement of Responsibilities
Purpose:
Internal auditing is an independent appraisal
function established within an organization to
examine and evaluate its activities as a service to
the organization.
The objective of internal auditing is to assist
members of the organization in the effective
discharge of their responsibilities.
The audit objective includes promoting control at a
reasonable cost.
3
4. The Audit Process Model
INPUTS PROCESSES OUTPUTS OUTCOMES
Internal Audit
Knowledge
and Skills
Analyses,
Appraisals,
Computers, Recommendations,
Software and Counsel and
IIA Standards Information Supporting the
Internal Audit
Organization in
Practices and
the Discharge of
Procedures
their
Responsibilities
Time and Promote the
Money Effective use of
Internal Control
Reputation
for Integrity
and Fairness
4
5. IIA Statement of Responsibilities
Scope:
The scope of internal auditing should encompass
the examination of the adequacy and effectiveness
of the organization’s system of internal control
and the quality of performance in carrying out
assigned responsibilities.
Assessment (adequacy and effectiveness).
Enhancement (measuring performance quality
improvement).
5
6. The Nature of Business Risk
Risk is a concept used by
auditors and managers
to express concerns about
the probable effects of an
uncertain environment.
6
7. Control and Risk
Control mitigates risk:
Feedback Loop Preventive Control
INPUT ? PROCESS OUTPUT
Compare to
Standard Criteria
Detective Control Feedback Loop
INPUT PROCESS ? OUTPUT
Compare to
Standard Criteria
7
8. AUDIT Phase I:
Internal Audit
ASSIGNMENT
AND OBJECTIVE Planning the Audit
Framework RESEARCH
PRELIMINARY
SURVEY
Planning
RISK
ASSESSMENT
Performing DEVELOP AUDIT
PROGRAM
Reporting FIELDWORK Phase II:
(TESTING) Performing the Audit
DISCUSS
CONCLUSIONS
DRAFT AUDIT Phase III:
REPORT Documenting the Audit
8
9. Establishing Audit Objective
and Scope
Ensure a positive link between the audit objective
and the entity’s goals.
Ensure the audit program will produce the
evidence as required.
Ensure that each test will provide the evidence
required by the audit program.
Linking the Audit
to the Business Plan
Audit Unit Entity
Objective Goals Purpose
Serving
Customer
Needs 9
10. Planning the Audit
Research
Risk Assessment
Audit Strategy
Preliminary Survey
Policies and Procedures
Inputs and Outputs
Control Steps
People
10
11. Planning Step #1
Perform Research on Area under Audit
Research is important for understanding, but we
must be able to recognize when “enough is
enough”
Research tells us define the historical issues, current
issues, marketing issues, pervasive risks, personnel
issues, and future issues.
11
12. Planning Step #2
Prepare Your Hypothesis
1. The activity is operating normally
What is = What should Be
2. The activity is not operating as it should in
some significant way
What is does not = What should be
3. Some value in between
There are minor differences between
What is and What should be
12
13. Planning Step #3
Send Engagement Memo
1. To executive management
2. Include the name of the audit effort and the
initiation date
3. Request the name of a contact person
13
14. Designing Audit Tests
Evidence is created from tests or questions.
The creation of the right test or question to ask is a
process of working backwards from the audit objective.
A Logical Sequence: From Tests to Objective
Tests: Evidence: Hypothesis:
What creates the What proves the What do you Audit
evidence (y/n)? hypothesis? want to prove? Objective
14
15. Documenting the Audit
Automated Work Papers provide
A framework to guide the audit process.
Support for the conclusions reached by the audit.
A record of the audit process and its conformance
to standards.
15
16. Work Papers –
Good Practices
Use electronic templates to capture data:
* Background & Scope Document
* Risk
* Control
* Test
* Audit Point Sheet
Structure your work paper documents as carefully as
you would the final audit report.
16
17. A Framework for the Audit
1. Audit Strategy/ Audit Scope & Objective.
2. Creation of Risk Based Work Papers
3. Collection of basic reference materials (flow
charts, etc.)
4. Determination of tests needed
5. Sample Design
6. Preparation of meeting agendas
7. Follow-up on information gleaned/re-direction
8. Documentation of test results and conclusions.
9. Creation of Audit Point Sheets.
10. Audit Report
17
18. Writing Up Conclusions
Best practices include:
Test description or question.
Results (clearly stated).
Conclusion reached as a result of that test.
18
19. Best Practices (cont)
Discussion of the conclusion with management.
To avoid misunderstandings.
To give management a ‘heads-up’ about issues.
To encourage corrective action as soon as possible.
Cross-reference the audit point sheets to the
conclusions in the audit work papers (and back-
reference the conclusions to the report).
19
20. Summarizing and Evaluating
Results
The audit process creates evidence.
The Logical Results: From Tests to Findings
Test: Evidence: Conclusion:
Creates the Provides factual Puts the facts in FINDING
evidence. information. context (impact).
Evidence is summarized into conclusions.
Evidence (facts) + Context (impact) = Finding
20
21. The Audit Point Sheet
Ensures all aspects of problems (findings) are
captured.
Useful as ready documentation.
Serves as a basis for
discussion.
Aids the summarization
and report writing.
21
22. Writing Effective Audit
Reports
Reports are important because they:
Provide documented communication and
assurance to senior management.
Provide operating management with
assessments of operations and corrective action.
Provide the auditor with records for follow-up
of audit results.
Provide the audit group with marketing
opportunities to demonstrate added value.
22
23. Following Up – Corrective Actions
The control aspect of auditing is not
complete until corrective action is taken (or
the risk formally assumed by senior
management).
Effective statements of corrective action
include:
The specific steps to be taken,
The completion date and
The person responsible for completion.
23