SlideShare a Scribd company logo

Internal Audit Reporting

Download as PPTX, PDF
SALIH AHMED ISLAM
SALIH AHMED ISLAM

Internal auditing departments are led by a chief audit executive ("CAE") who generally reports to the audit committee of the board of directors, with administrative reporting to the chief executive officer (In the United States this reporting relationship is required by law for publicly traded companies).

Business
1 of 46
Presentation On Internal AuditReporting
Agenda 01 02 03 04 05 Introduction Standards On Internal Audit Audit Report Writing Stakeholders Management Concluding Thoughts
INTRODUCTION
Introduction  Dissemination of the results of internal audit and reporting the findings to the management, and those charged with governance, is an essential part of any internal auditreporting.  The internal audit report is the document prepared as an outcome of the internal audit process. It contains a clear written expression of significant findings and recommendations based on the review of the policies, processes, risks, controls and transaction processing.  Audit findings and recommendations in the audit report are designed to facilitate organization achieve financial, management and regulatory compliance objectives.  The internal audit report is presented to the process owners, head of the departments, senior management, audit committee, statutory auditors, and regulatory authorities (if required).  Reporting of results needs to be done with a certain level of uniformity and, both the internal auditor and the recipient of the reports should have clarity and agreement about the nature of assurance being provided through these reports. Key Considerations:  The internal audit report is often the main, routine vehicle through which senior management understands the value that internal audit delivers.  Audit report presents the results of an examination or review within the organization and is considered to be the core deliverable of internal audit services.  Poorly communicated results may completely detract from what may be critical information for senior management and the board.  Well-organized and communicated results are a key indicator of competency andprofessionalism.  Each organization has unique reporting practices and expectations that affect the format, frequency and depth of their communications. 5
STANDARDS ON INTERNAL AUDIT
Share with the auditee, details of all significant findings based on auditprocedures undertaken Allow management to understand the issues and take corrective actions in a methodical and comprehensive manner Provide a sound basis for any assurance being provided by the InternalAuditor 7 01 02 03 Standard On Internal Audit 370 (Earlier SIA 4) – Reporting Results Objectives of issuing internal audit reports
At the end of a particular assignment (Internal Audit Report) On a periodic basis, at the close of a plan period (Audit Committee Report) An “Internal Audit Report” covering a specific area, function or part of the entity is prepared by the Internal Auditor highlighting key observations arising from those assignments. This report is generally issued with details of the manner in which the assignment was conducted and the key findings from the audit procedures undertaken. This report is issued to the auditee, with copies shared with local and executive management, as agreed during the planning phase. A comprehensive report of all the internal audit activities covering the entity and the plan period is prepared by the Chief Internal Auditor (or the Engagement Partner, in case of external service provider). Such reporting is normally done on a quarterly basis and submitted to the highest governing authority responsible for internal audits, generally the Audit Committee. Some part of the aforementioned Internal Audit Reports may form part of the periodic (e.g. Quarterly) report shared with the Audit Committee.  Reporting of internal audit results is generally undertaken in two stages: Standard On Internal Audit 370 (Earlier SIA 4) – Reporting Results Basic Elements of Internal Audit Report Qualities of Good Internal Audit Report Internal Audit Report Formats Audit Committee Report 8
There is a clarity and consensus between the InternalAuditor and the management with regard to the scope, approach, objectives and timing of an internal audit To help inform, persuade and act on matters important to the conduct of an internal audit by promoting a continuous dialogue and free flow of information between the Internal Auditor andmanagement To help resolve any conflicts in a timely manner 9 01 02 03 Standard On Internal Audit 360 (Earlier SIA 9) – Communication With Management Objectives
Exit Meeting Discussion Draft Formal Draft Final Report 01 02 04 03 Exit Meeting The internal auditor should discuss with the management regarding thefindings, observations recommendations, and text of the discussion draft. Formal Draft The internal auditor should thenprepare a format draft report, taking intoaccount any revision or modification resulting from the exit meeting and other discussions. Discussion Draft At the conclusion of the fieldwork, theinternal auditor should share the discussiondraft. Final Report The internal auditor shouldsubmit the final internal audit reportto the appointing authority or management,as directed. Standard On Internal Audit 360 (Earlier SIA 9) – Communication With Management  The Internal Auditor is required to have an effective two-way communication with the management, both while managing the internal audit function, and also while conducting an internal audit assignment.  A continuous dialogue with management, at various stages of the internal audit process, is essential to the achievement of internal audit objectives. 10
STAKEHOLDERS MANAGEMENT
01 12 02 03 04 05 06 07 Identify your stakeholders (who / to whom) Identify stakeholders expectation (why) Identify how the message will be communicated (the stakeholder’s preferredmethod) Identify communication necessary to satisfy stakeholders expectation and keep them informed (what) Identify and finalize how the report will be communicated (this should be finalized at the design stageitself) Identify time frame / frequency of communication Adherence to time frame i.e. avoid last minute rush Stakeholders Management
Process Owner HOD Regulator/ Investor CFO/CEO /MD Statutory Auditor Audit Committee 13 STAKEHOLDERS Who Are The Stakeholders Of Internal Audit
What Are The Stakeholders Expectations Process Owner HOD / CFO / CEO / COO / MD Process understanding Overall risk assessment Genuine observations Categorization based on risk Listen to their point of view Summarized findings Practical suggestions / recommendations Root cause analysis Cost-effective solution Recommendations Process owner’s acceptance, agreed action plan, first-person responsible for implementation and targetdate Value addition Audit Committee Statutory Auditor Overall coverage and risk assessment Overall coverage Statutory non-compliances The Summarized finding of key issues Issues which affects the true and fair view of the accounts/ financial reporting Preventive controls / automated controls Statutory non-compliances Management comments, agreed action plan,first-person responsible for implementation and targetdate Providing assurance / comment on improvement Assurance which they can rely on Comfort which would help them make a proper assessmentand save their time Value addition 14
HOD • The internal audit report • Discussion on observations at exit meeting and prima facie reply Statutory Auditor • Detailed audit report with annexures providing instances Process Owners • Discussion of queries during audit • The draft internal audit report • Detailed annexures CFO / CEO / MD / ACM • Executive summary • Dashboard presentation • Final Internal audit report 1 2 3 4 Stakeholders 15 Different Form Of Communication For Each Stakeholder
What The Stakeholders Likes To See…… Value-Adding Processes Fraud Risks Compliances Revenue / Costs / Savings Efficiency improvement (Rework, Complaints, Rejections, Returns, Inspections, Discounts, etc.) Supply chain / procurement Benchmarking Analytics / Dashboard reporting Fraud scenarios Late adjustments Related parties Exceptions Journal entries New transactions / regions /products Whistleblowing events Comprehensive compliance tracking and monitoring Self-assessments Independent reviews Compliance history and assessments Board certifications Delays Continuing control deficiencies 16
 The situation in which individuals in leadership positions exercise their authority to achieve a personal benefit, or to protect an organization, attempt to manipulate the internal audit activity or internal audit reports.  Such manipulation may result in actions to restrict the scope of audit activities, suppress audit findings, or undermine the credibility of the Chief Internal Auditor or the Internal Audit personnel's activity. Situations Affecting Internal Auditing:  Chief Internal Auditor threatened with the loss of future job opportunities if they continued audit (examples include stagnation when peers upgraded, re-structured out of the company, negotiated package to leave the company, eventual termination & personalthreats).  Chief Internal Auditor who ignored executive and reported the issue to the Board, subsequently excluded from key executive meetings (examples include access to restricted information, treated as not part of the team, not a team player, silent treatment given).  CEO who refused to meet with the Chief Internal Audit to avoid having direct knowledge of the issue at hand. 17 Organizational Pressure – Pervasive Threat To The Internal Audit Objectivity/Reporting
Illustration – Extent of Pressure Aggravating Factors:  Lack of strong ethical culture fromtop-down  Lack of strong, independent and supportive auditcommittee  The culture that embraces risk and notcontrols  Weak relationship between Chief InternalAudit andAudit Committee Chairperson or Chief InternalAuditor and Key Executives  Chief InternalAuditor who lacks objectivity, integrity, courage, or sound judgment  Internal audit function in an organization that lackscompetence Organizational Pressure – Pervasive Threat To The Internal Audit Objectivity /Reporting 55% 27% 10 8% Never 1 or 2 times 3 to 5 times > 5 times 48% 37% 8% 7% Never 1 or 2 times 3 to 5 times > 5 times Number of times requested not to audit high-riskarea Number of times asked to suppress a finding 18
Implications on Reporting Should Make Foundation Strong CIA ‘s Desired Attributes CIA Should Build Relationship Strong governance, knowledgeable board Integrity and courage – Know your internal ‘Limitations’ – Stand firm on importantissues Meet outside of scheduled, formal meetings Strong reporting relationship andposition – Direct reporting relationship –CIAand board/audit committee – Chief Internal Audit – Recognisedsenior independent position Objective and fair Learn about Executives– objectives, accomplishments, interests Clear and supportive charter – Documents showing with clarity-unique role of InternalAuditor – Specifies authority and unrestrictedscope Relationship builder – with theboard, executives and management – “We are all after the same objectives.” Lead outside of Internal Audit role; bevisible Decision framework – when to take a stand – Identify alternatives,consequences Judgement to know what is an important issue and when to take a stand, How totake a stand? Educate on emerging topics/Risks Strong business knowledge Anticipates and proactively addressesissues – Discuss protocols in advance – Know key parties andmotivations Find mutual areas of interest; do not take meetings casually but prepare in detail tobe effective 19
Ideally, the Internal Audit function should report  Functionally to the Audit CommitteeChairperson  Administratively to the CEO/Executive director of theorganization Key measures to ensure the independence of the Internal Auditdepartment:  The Chief InternalAudit should meet privately with the Board/Audit Committee without the presence of the management.  TheAudit Committee should have final authority to review and approve the annual audit plan and all major changes to theAudit plan.  The Audit Committee should review the performance of the Chief Internal Auditor and overall Internal Audit function at least once a year, as well approve the compensation levels for the Chief InternalAudit.  The Internal Audit charter should clearly articulate both functional and administrative reporting lines for the function as well as its principal activities.  The reporting line should facilitate open and direct communications with CEO, senior executive group and line management.  The Internal Audit should have unrestricted access to information flows so that it receives adequate and timely information concerning the activities, plans and business initiatives of theorganization.  Budgetary controls and considerations imposed by the administrative reporting line should not impede internal audit in accomplishing its objective. 20 Reporting of CIA – Lack of Independence Could Have Impact On Internal Audit Reporting
CONCLUDING THOUGHTS
 The people who receive internal audit services (audit clients) are becoming more seeking greater value-add from audits. They are seeking insights gathered from operational audits, rather than a narrow compliance audit approach.  Internal audit is not an isolated technical exercise but it is an integral part of the corporate governance process and the report which is the culmination of the audit process has far-reaching consequences in changing the way the business is done and risks are managed.  A report is a reflection of the auditor’s mindset and is only as good as the approach with which the audit has been done. No amount of add on by way of style and presentation can mask the inadequacy of the auditor’s performance.  The internal auditor has to not only possess adequate knowledge of the business he is auditing but also internalize that he is part of the management and his audit objective is aligned to the business enterprise objective and goals.  Management is seeking internal audit reports that are easy to read, ‘tell a story’, and get to the point.  Management values internal audit reports that provide a conclusion or opinion on the activity audited.  The success of audit reporting is determined largely by the attitude and approach with which internal auditor carries out his duties. As auditors, we should aspire to be the agents of positive change in the organization, and strive to be viewed and accepted as valued insiders. 24 Concluding Thoughts
People begin forming an opinion within seconds Difficult to reverse first opinion 25
REFERENCE MATERIAL
Executive Summary: Report Rating Audit Issues Status of Management RemediationPlan Table Of Contents 02 03 Audit Issues Highlighting: Key Finding Root Cause of Issue Business Impact/Risk Issue Severity - Risk Rating Recommendation Management Comments Issue Owner Target Date ofAction 04 Assurance Limitation Disclaimer Annexures 05 Title Page Addressee Report Distribution List Period of Audit Covered 01 27 Typical Elements In An Internal Audit Report
Opening / introductory paragraph should comprise of thefollowing:  Background of the company / entity  Identification of process and items of financial statementsaudited  Statement of responsibility of the entity’s management and responsibility of the internal auditor Opening / Introductory Paragraph And Scope Paragraph Scope Paragraph should comprise of the following:  Reference to the generally accepted audit procedures in India / overseas as applicable  Description of the audit engagement background and the methodology of the internal audit  Description of the population and the sampling technique used  Limitation in scope / exclusions, if any 28
1 5 4 2 3 CorrectiveAction Action that must be taken to correct the cause 29 Consequences Difference between condition and criteria [impact on the individual, business unit and company as a whole, quantify the impact] Cause Reason for difference between criteria & condition [lack of controls, circumvention of controls or external influences] Condition The factual evidence as to what was found 5Cs Detailed Report – Features Of The Observation Criteria What is the standard that was not met? The standard may be a company policy or other regulatory guideline. expectations used in making an evaluation
30 5 Cs In Report Writing – CaseStudy Observation To Contain 5Cs Observation To Answer The Following Example Criteria What is the standard? Variation in stock on physical verification with the balance as reflected in the stock register should be NIL. Condition What is wrong? The stock physically verified was short by 5045 units as against the balance shown in the stock register. Cause Why is it wrong? Issues made during the night shift were not recorded. Consequences What is the risk / impact? The stock position in the books is overstated and the possibility of stock pilferage is high due to lack of control. Corrective Action What should be done? / How to correct? Night shift stock keeper needs to be appointed. Alternatively, the requirement of stock for the night shift should be issued at day end as per the requisition of the production in charge for the night shift. The consumption during night shift is verified by counting in the morning the balance stock left out of the lot issued to the floor during the previous days close.
31 RISK RATING High (H) Represents critical control weaknesses requiring prompt action to mitigate information systems or business process vulnerabilities. Adequate compensating controls do not exist to mitigate risk exposure, or may not be sufficient given the impact of a risk occurrence should it occur. Regulatory non-compliances involving penalties/prosecutions are also included in this category and having financial impact exceeding say USD 250K. Medium (M) Represents moderate control weaknesses requiring near-term management focus to strengthen existing controls. Some compensating controls are present, but additional controls are necessary to further mitigate risk exposure and having financial impact between say USD 100K to 250K. Low (L) Represents minor control weaknesses requiring management focus to enhance existing controls. Compensating controls are present to mitigate exposure (or if not, the impact of a risk occurrence is minor), but opportunities exist to enhance controls or improve operating efficiency and having financial impact say below USD 100K. CONTROLS RATING Moderate (M) Controls are present to mitigate most process/business risk, but management should evaluate opportunities to enhance existing controls. Limited (L) Existing controls may not mitigate process/business risk and management should consider implementing a stronger control structure. RISK CATEGORY Operational (O) Effectiveness and efficiency of operations. Financial (F) Reliability of financial reporting / financial impact. Compliance (C) Compliance with applicable laws and regulations. Process Improvement (PI) Scope of improvement in the business process. Risk Rating / Risk Category / Controls Rating – Legends
 Management response should be SMART (Specific, Measurable, Achievable, Reliable, Time-bound).  Management response should contain thefollowing: Specific reply to the observation (to the point and not a general reply) Action verbs like Define, Develop, Implement, Review, Approve, Perform, Generate, Set-up,etc. The time frame for taking appropriate correctiveaction Personnel responsible for taking action Resource requirements, if any, for ensuring suchcompliance Management Response 32
Reporting issues that don’t matter to the board and top executives Failing to communicate what matters when it matters Lengthy cycle times – time taken for formal reportwriting Consequences of lengthy audit cyclesare – Audit results are not timely – Stakeholders dissatisfaction – Inefficient use of internal auditorstime Factually incorrect reports Size of the report and maintaining balance Implications or risk not being brought outclearly Focus only on negative aspects or mistakes Projecting process owners as villains or blowing up things out ofproportion Lack of practical recommendations The reader cannot connect with thereport Audit Reporting Challenges 33
Flow of Report Incomplete Information Drafting Errors Use of Technical Jargons More focus on the transaction rather than the process or system failure Lack of pattern or flow in the report – this confuses the reader Starts with the most low risk points – can lead to loss of interest of the reader Important point gets lost in the volume of pages Does not contain proper examples, sample size, extent of problem, root cause Not quantified for business impact or risk of the observations Recommendations (or poorly drafted recommendation) Spelling mistakes Wrong English Incomplete sentences Long sentences Incorrect use of punctuations Confuses the reader Makes report reading more painful 34 Common Mistakes In Internal Audit Reports
35 Accurate Objective Clear Concise Constructive Complete Timely Free from Fair, impartial, Easily Tothe point, Helpful to the Lacking Opportune errors and and unbiased understood avoid auditee /client nothing that is and expedient, distortions and and is a result and logical, unnecessary and the essential to depending on faithful to the of a fair- avoiding elaboration, organization the target the underlying minded and unnecessary superfluous and leads to audience and significance of facts balanced technical detail, improvements includes all the issue, assessment of language and redundancy, where needed significant and allowing all relevant providing all repetitiveness relevant management facts and significant and and wordiness information to take circumstances relevant and appropriate information observations corrective to support action recommendati ons and conclusions Essentials Of A Good Internal Audit Report
 Standards on internal audit do not specify any reportformat  Different organizations use different report formats (Word, Excel and PowerPoint)  The format depends on management expectation and requirements  The appropriate format should be used with consistency  Management will feel more comfortable if it becomes accustomed to the report format and can readily turn to whatever is of interest Report Format Characteristics Word Format Traditional form Simple to use Reference to report page / para Power Point Presentation Most commonly used Facilitates use of risk indicators Excel Sheet Effective tool for grouping of various observations - especially annexures Simple to use Internal Audit Report Format 36
Executive Summary:  An executive summary is a brief section before the commencement of detailed audit report. It is part of the report that is readfirst.  It summarizes the audit findings and action plan in minimal text. People who read only the executive summary should get the essence of the document.  An executive summary provides conclusion / auditors opinion on the area under audit. Need For Executive Summary:  Enables the key personnel to read the report in lesstime.  Macro perspective in short form and quick reference for future use.  Pick and choose – the reader can decide what he wants to read.  Readers judges and decides based on the executive summary to see if the rest of the report is worth reading. Tips For Executive Summary:  Clear and concise, correct and simple. The executive summary should be 1-2 pages at the max.  Stay away from long sentences and big words in the executive summary.  Verify that the headings used in the summary match the body copy of the document.  Present the sections of the executive summary in the same order as in the main report.  Include all the must-know information in the executive summary and remove unnecessary phrases or unclear content.  Format for readability with plenty of space between points and clear headings that guide the reader.  Verify that the summary stands alone and supports the objective if it is the only portion of the document that will beread. 37 Tips For Writing An Effective Executive Summary
Sr. No. Audit Observation Action Plan Risk Category Risk Rating Control Rating Slide Reference 1 2 3 4 5 6 Control Rating Moderate Limited Risk Rating High Medium Low Risk Category Financial Operational Compliance Executive Summary – Sample 1 38
Executive Summary – Sample 2 Issues 39 Due Date Responsible Person Business Impact
1) Observation Heading Issue: Background: Root Cause: Recommendation: Risk & Impact: Management Response: Person Responsible: Target Date: Control Rating Moderate  Limited Risk Rating  High Medium Low Risk Category  Financial Operational Compliance Detailed Observation – Sample 1 40
1. Observation Heading Observation Management Comments Root Cause:  Design Deficiency Operational Ineffectiveness System Deficiency  External Risk & Implication Recommended Action 41 Owner and Target Date Critical Detailed Observation – Sample 2
Content Of Audit Committee Presentation • Dashboard report on current activities • Critical findings or emerging trends • Results of special investigations, status of the annual audit plan and any changes done • Internal audit staffing, impact of resourcelimitations • Department performance metrics / scores Understanding Board Expectations • Understanding board expectations is critical when determining content. • By reviewing key documents such as the audit committee charter, internal audit can gain an understanding of the audit committee’s risks and needs. • It is recommended to meet separately with the audit committee (and senior management if deemed appropriate) to determine reporting framework and expectations upfront. Typical Contents Of An Audit Committee Presentation Quarterly Audit Committee Presentation • Summarize for the committee what they need to know about routine findings in a logical summary format and report separately on more important matters suchas: – Matters that might affect the fairness of financial reporting. – Breaches of the company’s ethics policies. – Details of any frauds discovered, financial values of suchfrauds. – Significant delays in management responding to findings and recommendations. – Monitoring and follow-up activities. Yearly Audit Committee Presentation • Annual report is typically a summary of the four quarterly reports. Additional items to cover may include: – Details of changes in personnel's in the internal auditdepartment. – Report on the year in review to include themes or trends identified. – Update of the risk assessment and audit plan. – Report on the results of the internal quality assurance and improvement program. – Discuss the results of the external quality assurance review, timing / frequency of the external assessment and reviewer’s background. – Review and approve updates to the internal audit departmentcharter. – Confirmation of the independence of the internal audit activity. – Reporting of any impairments of independence or objectivity. 42
Sr. No. Audit Area / Audit Entity Region Audit Rating Detailed Issue And Action Plan Reference 1 Latin America Unsatisfactory Slide no. xx 2 Latin America Unsatisfactory Slide no. xx 3 Asia Improvement Opportunity Slide no. xx 4 Africa Improvement Opportunity Slide no. xx 5 North America Satisfactory - 6 Europe Satisfactory - 7 Middle East Australia , NZ Satisfactory - 1) Number of Audits Completed In Q2 (2019-20): XX Unsatisfactory • Financial Loss / Fraud > USD 1 million • Some key controls do not exist, or are not properly implemented, and there are high risk improvementopportunities. • Control environment is impaired. Improvement Opportunity • Financial Loss / Fraud up to USD 1 million • Adequate control environment in most areas. • Moderate risk improvement opportunities identified, which require corrective action. Satisfactory • Satisfactory overall control environment. • Small number of lower risk improvement opportunities identified, which require correctiveaction. Entity Audit Rating / Conclusion 43 Audit Committee Dashboard – Sample 1
Sr. No. Audit Area / Audit Entity Audit Observation Agreed Action Plan Risk Rating * Risk Category * Control Rating * 1 High Financial Moderate 2 Medium Operational Limited 3 Medium Compliance Limited 4 Low Process Improvement Limited 3) Significant Audit Issues Summary * Legends explained in next slide Open Audit Issues ( at quarter beginning) Issue Closed during current quarter Unresolved / pending issues above 6 months Global CFO intervention/ support required 7 For details, please refer slide no. xx to xx 4 3 (For details, please refer slide no. xx to xx) 1 (For details, please refer slide no. xx to xx) 2) Remediation Status Of Past Quarters Key Audit Observations 44 Audit Committee Dashboard – Sample 1
 The major objective of internal audit review is to understand the key activities and controls in the business processes designed, review design effectiveness of business processes and controls, assess the operating effectiveness of internal controls and provide recommendations for business process and internal controlimprovement.  Internal auditors don’t plan and prepare work with the objective of preventing and discovering fraud and gives no assurance that the period covered by an internal audit would be free of fraud or other irregularities. If during the course of internal audit, we come across any fraudulent activity, we carry out our review in respect of that business process in detail and report on the same to the management and auditcommittee.  The performance of internal audit work is not and should not be taken as a substitute for management’s responsibilities for the application of sound management practices. The responsibility for a sound internal control system and the prevention and detection of fraud and other irregularities rests with management. Work performed by internal audit should not be relied upon to identify all strengths and weaknesses in internal controls, nor relied upon to identify all circumstances of fraud or irregularity. Our focus is more on walkthroughs of business processes and identification of internal control gaps so that the control environment can be strengthened further.  Internal audit procedures are designed to focus on areas of greatest risk and significance which are identified and agreed with management in advance, internal audit scope and approved annual internal audit plan. Since the internal audit is executed by an individual internal auditor on the basis of their ability to assess risk and situation of control environment of a particular audit area/entity, audit procedures may not disclose/conduct an audit of all issues and/or other significant matters about the department/company, or reveal all errors, irregularities and frauds in the underlying information due to limitation of skill set, time spent on an entity for audit and other uncontrollable limitations.  The approach employed during the internal audit work does not constitute a comprehensive review of all the operations and is subject to the level of bias in the method of sample selection.  Internal auditors rely on management to provide accounting and other records for the purposes of audit work to ensure the authenticity of these records. 45 Audit Coverage And Assurance Limitation
Thank you

Recommended

Internal Audit
Internal AuditInternal Audit
Internal Audit
Ahmad Tariq Bhatti
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor Roles
Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditing
Frederick Altum Pokoo-Aikins
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
Letzconsult.com
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal Audit
Karan Puri
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdf
kavyashree k
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal Audit
ArmeniaFED
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writing
Neha Kothari
 

Recommended

Internal Audit
Internal AuditInternal Audit
Internal Audit
Ahmad Tariq Bhatti
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor Roles
Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditing
Frederick Altum Pokoo-Aikins
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
Letzconsult.com
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal Audit
Karan Puri
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdf
kavyashree k
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal Audit
ArmeniaFED
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writing
Neha Kothari
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
Ibrahim Jimalle
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
David Griffiths
 
Internal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo WachiraInternal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo Wachira
Jenard Wachira
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
Vernon Benjamin
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
Sazzad Hossain, ITP, MBA, CSCA™
 
Best Practices in Auditing
Best Practices in AuditingBest Practices in Auditing
Best Practices in Auditing
PECB
 
Improving effectiveness of internal auditing
Improving effectiveness of internal auditingImproving effectiveness of internal auditing
Improving effectiveness of internal auditing
PECB
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEbbongio
 
Internal Audit effectiveness
Internal Audit effectivenessInternal Audit effectiveness
Internal Audit effectiveness
Karan Puri
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditing
grifff
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
Sazzad Hossain, ITP, MBA, CSCA™
 
Internal Audit
Internal AuditInternal Audit
Internal AuditJami Martin
 
Internal auditing
Internal auditingInternal auditing
Internal auditingShach Faisal
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
Ahmad Tariq Bhatti
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit department
Salih Islam
 
Internal audit
Internal auditInternal audit
Internal audit
iPleaders - Re-engineering Legal education, New Delhi
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
Vernon Benjamin
 
Presentation on Audit Findings
Presentation on Audit FindingsPresentation on Audit Findings
Presentation on Audit Findings
Deshapriya Senanayake
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
Debashis Gupta
 
Internal audit training
Internal audit trainingInternal audit training
Internal audit training
Muhammad Zubair
 
Audit Reports Communicating Assurance Engagement Results.pdf
Audit Reports Communicating Assurance Engagement Results.pdfAudit Reports Communicating Assurance Engagement Results.pdf
Audit Reports Communicating Assurance Engagement Results.pdf
Simar Neasy
 
Basic Audit
Basic AuditBasic Audit
Basic Audit
Mohamed Nazzry Nizreen
 

More Related Content

What's hot

Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
Ibrahim Jimalle
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
David Griffiths
 
Internal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo WachiraInternal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo Wachira
Jenard Wachira
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
Vernon Benjamin
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
Sazzad Hossain, ITP, MBA, CSCA™
 
Best Practices in Auditing
Best Practices in AuditingBest Practices in Auditing
Best Practices in Auditing
PECB
 
Improving effectiveness of internal auditing
Improving effectiveness of internal auditingImproving effectiveness of internal auditing
Improving effectiveness of internal auditing
PECB
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEbbongio
 
Internal Audit effectiveness
Internal Audit effectivenessInternal Audit effectiveness
Internal Audit effectiveness
Karan Puri
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditing
grifff
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
Sazzad Hossain, ITP, MBA, CSCA™
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
Ahmad Tariq Bhatti
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit department
Salih Islam
 
Internal audit
Internal auditInternal audit
Internal audit
iPleaders - Re-engineering Legal education, New Delhi
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
Vernon Benjamin
 
Presentation on Audit Findings
Presentation on Audit FindingsPresentation on Audit Findings
Presentation on Audit Findings
Deshapriya Senanayake
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
Debashis Gupta
 
Internal audit training
Internal audit trainingInternal audit training
Internal audit training
Muhammad Zubair
 

What's hot (20)

Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
 
Internal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo WachiraInternal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo Wachira
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
 
Best Practices in Auditing
Best Practices in AuditingBest Practices in Auditing
Best Practices in Auditing
 
Improving effectiveness of internal auditing
Improving effectiveness of internal auditingImproving effectiveness of internal auditing
Improving effectiveness of internal auditing
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCE
 
Internal Audit effectiveness
Internal Audit effectivenessInternal Audit effectiveness
Internal Audit effectiveness
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditing
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Internal auditing
Internal auditingInternal auditing
Internal auditing
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit department
 
Internal audit
Internal auditInternal audit
Internal audit
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
 
Presentation on Audit Findings
Presentation on Audit FindingsPresentation on Audit Findings
Presentation on Audit Findings
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
 
Internal audit training
Internal audit trainingInternal audit training
Internal audit training
 

Similar to Internal Audit Reporting

Audit Reports Communicating Assurance Engagement Results.pdf
Audit Reports Communicating Assurance Engagement Results.pdfAudit Reports Communicating Assurance Engagement Results.pdf
Audit Reports Communicating Assurance Engagement Results.pdf
Simar Neasy
 
Basic Audit
Basic AuditBasic Audit
Basic Audit
Mohamed Nazzry Nizreen
 
ISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docxISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docx
priestmanmable
 
Audit process tonatiuh lozada
Audit process tonatiuh lozadaAudit process tonatiuh lozada
Audit process tonatiuh lozada
Tonatiuh Lozada Duarte
 
Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...
Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...
Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...
Advance Business Consulting
 
Isa 200&240 ppt
Isa 200&240 pptIsa 200&240 ppt
Isa 200&240 ppt
gemachis debala
 
Audit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAudit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, Auditing
Advance Business Consulting
 
AUDIT.pptx
AUDIT.pptxAUDIT.pptx
AUDIT.pptx
beminaja
 
For model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit departmentFor model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit departmentRajeswaran Muthu Venkatachalam
 
audit planning and risk assessment new slides.ppt
audit planning and risk assessment new slides.pptaudit planning and risk assessment new slides.ppt
audit planning and risk assessment new slides.ppt
AdeelAhmad724104
 
How to plan an audit engagement
How to plan an audit engagementHow to plan an audit engagement
How to plan an audit engagement
Aditya Narayan Mishra
 
Internal audit procedure
Internal audit procedureInternal audit procedure
Internal audit procedurebhavikjariwala
 
The process of issuing audit report by ca firm
The process of issuing audit report by ca firmThe process of issuing audit report by ca firm
The process of issuing audit report by ca firm
Enamul Islam
 
Internal Audit Methodology.docx
Internal Audit Methodology.docxInternal Audit Methodology.docx
Internal Audit Methodology.docx
AminAbdullah26
 
financial statements and audit
financial statements and auditfinancial statements and audit
financial statements and audit
سماج سيوك
 
CHAPTER-1 Information Gathering and Administration.pdf
CHAPTER-1 Information Gathering and Administration.pdfCHAPTER-1 Information Gathering and Administration.pdf
CHAPTER-1 Information Gathering and Administration.pdf
Dr. Dinesh Mehta
 

Similar to Internal Audit Reporting (20)

Audit Reports Communicating Assurance Engagement Results.pdf
Audit Reports Communicating Assurance Engagement Results.pdfAudit Reports Communicating Assurance Engagement Results.pdf
Audit Reports Communicating Assurance Engagement Results.pdf
 
Basic Audit
Basic AuditBasic Audit
Basic Audit
 
ISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docxISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docx
 
SA 200 to 299
SA 200 to 299SA 200 to 299
SA 200 to 299
 
Ia audit process_lisd
Ia audit process_lisdIa audit process_lisd
Ia audit process_lisd
 
Audit process tonatiuh lozada
Audit process tonatiuh lozadaAudit process tonatiuh lozada
Audit process tonatiuh lozada
 
Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...
Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...
Audit Process, Planning,Field work,Audit report,Audit follow up,Audit program...
 
Isa 200&240 ppt
Isa 200&240 pptIsa 200&240 ppt
Isa 200&240 ppt
 
Audit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAudit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, Auditing
 
AUDIT.pptx
AUDIT.pptxAUDIT.pptx
AUDIT.pptx
 
For model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit departmentFor model i 4a - 11 - risk assessment in the internal audit department
For model i 4a - 11 - risk assessment in the internal audit department
 
audit planning and risk assessment new slides.ppt
audit planning and risk assessment new slides.pptaudit planning and risk assessment new slides.ppt
audit planning and risk assessment new slides.ppt
 
How to plan an audit engagement
How to plan an audit engagementHow to plan an audit engagement
How to plan an audit engagement
 
Operational audit
Operational auditOperational audit
Operational audit
 
Internal audit procedure
Internal audit procedureInternal audit procedure
Internal audit procedure
 
The process of issuing audit report by ca firm
The process of issuing audit report by ca firmThe process of issuing audit report by ca firm
The process of issuing audit report by ca firm
 
Internal Audit Methodology.docx
Internal Audit Methodology.docxInternal Audit Methodology.docx
Internal Audit Methodology.docx
 
WIRC-IFC.pdf
WIRC-IFC.pdfWIRC-IFC.pdf
WIRC-IFC.pdf
 
financial statements and audit
financial statements and auditfinancial statements and audit
financial statements and audit
 
CHAPTER-1 Information Gathering and Administration.pdf
CHAPTER-1 Information Gathering and Administration.pdfCHAPTER-1 Information Gathering and Administration.pdf
CHAPTER-1 Information Gathering and Administration.pdf
 

More from SALIH AHMED ISLAM

10 advice for ia executives
10 advice for ia executives10 advice for ia executives
10 advice for ia executives
SALIH AHMED ISLAM
 
8 moves to becoming an agile internal audit
8 moves to becoming an agile internal audit8 moves to becoming an agile internal audit
8 moves to becoming an agile internal audit
SALIH AHMED ISLAM
 
7 musts to establish a strategic plan
7 musts to establish a strategic plan7 musts to establish a strategic plan
7 musts to establish a strategic plan
SALIH AHMED ISLAM
 
6 implications of internal audit
6 implications of internal audit6 implications of internal audit
6 implications of internal audit
SALIH AHMED ISLAM
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditing
SALIH AHMED ISLAM
 
5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotline5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotline
SALIH AHMED ISLAM
 
What is risk management
What is risk managementWhat is risk management
What is risk management
SALIH AHMED ISLAM
 
5 critical tasks of Internal Audit
5 critical tasks of Internal Audit5 critical tasks of Internal Audit
5 critical tasks of Internal Audit
SALIH AHMED ISLAM
 
5 fraud tips
5 fraud tips5 fraud tips
5 fraud tips
SALIH AHMED ISLAM
 
What do internal auditors do?
What do internal auditors do?What do internal auditors do?
What do internal auditors do?
SALIH AHMED ISLAM
 
Code of Conduct
Code of ConductCode of Conduct
Code of Conduct
SALIH AHMED ISLAM
 
CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020
SALIH AHMED ISLAM
 
Fraud awareness training
Fraud awareness trainingFraud awareness training
Fraud awareness training
SALIH AHMED ISLAM
 
Cpi 2020 - main -infographic
Cpi 2020 - main -infographicCpi 2020 - main -infographic
Cpi 2020 - main -infographic
SALIH AHMED ISLAM
 
Cpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographicCpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographic
SALIH AHMED ISLAM
 
Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2
SALIH AHMED ISLAM
 
Cpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographicCpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographic
SALIH AHMED ISLAM
 
Cpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographicCpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographic
SALIH AHMED ISLAM
 
Cpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographicCpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographic
SALIH AHMED ISLAM
 
CPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphicCPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphic
SALIH AHMED ISLAM
 

More from SALIH AHMED ISLAM (20)

10 advice for ia executives
10 advice for ia executives10 advice for ia executives
10 advice for ia executives
 
8 moves to becoming an agile internal audit
8 moves to becoming an agile internal audit8 moves to becoming an agile internal audit
8 moves to becoming an agile internal audit
 
7 musts to establish a strategic plan
7 musts to establish a strategic plan7 musts to establish a strategic plan
7 musts to establish a strategic plan
 
6 implications of internal audit
6 implications of internal audit6 implications of internal audit
6 implications of internal audit
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditing
 
5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotline5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotline
 
What is risk management
What is risk managementWhat is risk management
What is risk management
 
5 critical tasks of Internal Audit
5 critical tasks of Internal Audit5 critical tasks of Internal Audit
5 critical tasks of Internal Audit
 
5 fraud tips
5 fraud tips5 fraud tips
5 fraud tips
 
What do internal auditors do?
What do internal auditors do?What do internal auditors do?
What do internal auditors do?
 
Code of Conduct
Code of ConductCode of Conduct
Code of Conduct
 
CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020
 
Fraud awareness training
Fraud awareness trainingFraud awareness training
Fraud awareness training
 
Cpi 2020 - main -infographic
Cpi 2020 - main -infographicCpi 2020 - main -infographic
Cpi 2020 - main -infographic
 
Cpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographicCpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographic
 
Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2
 
Cpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographicCpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographic
 
Cpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographicCpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographic
 
Cpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographicCpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographic
 
CPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphicCPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphic
 

Recently uploaded

Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Navpack & Print
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
Falcon Invoice Discounting
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
Erika906060
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
ofm712785
 
Set off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptxSet off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptx
HARSHITHV26
 
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxTaurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
my Pandit
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
LR1709MUSIC
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
seoforlegalpillers
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
Ben Wann
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
marketingjdass
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
sarahvanessa51503
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Lviv Startup Club
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
dylandmeas
 
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
PaulBryant58
 
Improving profitability for small business
Improving profitability for small businessImproving profitability for small business
Improving profitability for small business
Ben Wann
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
Workforce Group
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
zoyaansari11365
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
anasabutalha2013
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
Naaraayani Minerals Pvt.Ltd
 
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdfDigital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
Jos Voskuil
 

Recently uploaded (20)

Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
 
Set off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptxSet off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptx
 
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxTaurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
 
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
 
Improving profitability for small business
Improving profitability for small businessImproving profitability for small business
Improving profitability for small business
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
 
anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
 
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdfDigital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
 

Internal Audit Reporting

  • 1.
  • 3. Agenda 01 02 03 04 05 Introduction Standards On Internal Audit Audit Report Writing Stakeholders Management Concluding Thoughts
  • 5. Introduction  Dissemination of the results of internal audit and reporting the findings to the management, and those charged with governance, is an essential part of any internal auditreporting.  The internal audit report is the document prepared as an outcome of the internal audit process. It contains a clear written expression of significant findings and recommendations based on the review of the policies, processes, risks, controls and transaction processing.  Audit findings and recommendations in the audit report are designed to facilitate organization achieve financial, management and regulatory compliance objectives.  The internal audit report is presented to the process owners, head of the departments, senior management, audit committee, statutory auditors, and regulatory authorities (if required).  Reporting of results needs to be done with a certain level of uniformity and, both the internal auditor and the recipient of the reports should have clarity and agreement about the nature of assurance being provided through these reports. Key Considerations:  The internal audit report is often the main, routine vehicle through which senior management understands the value that internal audit delivers.  Audit report presents the results of an examination or review within the organization and is considered to be the core deliverable of internal audit services.  Poorly communicated results may completely detract from what may be critical information for senior management and the board.  Well-organized and communicated results are a key indicator of competency andprofessionalism.  Each organization has unique reporting practices and expectations that affect the format, frequency and depth of their communications. 5
  • 7. Share with the auditee, details of all significant findings based on auditprocedures undertaken Allow management to understand the issues and take corrective actions in a methodical and comprehensive manner Provide a sound basis for any assurance being provided by the InternalAuditor 7 01 02 03 Standard On Internal Audit 370 (Earlier SIA 4) – Reporting Results Objectives of issuing internal audit reports
  • 8. At the end of a particular assignment (Internal Audit Report) On a periodic basis, at the close of a plan period (Audit Committee Report) An “Internal Audit Report” covering a specific area, function or part of the entity is prepared by the Internal Auditor highlighting key observations arising from those assignments. This report is generally issued with details of the manner in which the assignment was conducted and the key findings from the audit procedures undertaken. This report is issued to the auditee, with copies shared with local and executive management, as agreed during the planning phase. A comprehensive report of all the internal audit activities covering the entity and the plan period is prepared by the Chief Internal Auditor (or the Engagement Partner, in case of external service provider). Such reporting is normally done on a quarterly basis and submitted to the highest governing authority responsible for internal audits, generally the Audit Committee. Some part of the aforementioned Internal Audit Reports may form part of the periodic (e.g. Quarterly) report shared with the Audit Committee.  Reporting of internal audit results is generally undertaken in two stages: Standard On Internal Audit 370 (Earlier SIA 4) – Reporting Results Basic Elements of Internal Audit Report Qualities of Good Internal Audit Report Internal Audit Report Formats Audit Committee Report 8
  • 9. There is a clarity and consensus between the InternalAuditor and the management with regard to the scope, approach, objectives and timing of an internal audit To help inform, persuade and act on matters important to the conduct of an internal audit by promoting a continuous dialogue and free flow of information between the Internal Auditor andmanagement To help resolve any conflicts in a timely manner 9 01 02 03 Standard On Internal Audit 360 (Earlier SIA 9) – Communication With Management Objectives
  • 10. Exit Meeting Discussion Draft Formal Draft Final Report 01 02 04 03 Exit Meeting The internal auditor should discuss with the management regarding thefindings, observations recommendations, and text of the discussion draft. Formal Draft The internal auditor should thenprepare a format draft report, taking intoaccount any revision or modification resulting from the exit meeting and other discussions. Discussion Draft At the conclusion of the fieldwork, theinternal auditor should share the discussiondraft. Final Report The internal auditor shouldsubmit the final internal audit reportto the appointing authority or management,as directed. Standard On Internal Audit 360 (Earlier SIA 9) – Communication With Management  The Internal Auditor is required to have an effective two-way communication with the management, both while managing the internal audit function, and also while conducting an internal audit assignment.  A continuous dialogue with management, at various stages of the internal audit process, is essential to the achievement of internal audit objectives. 10
  • 12. 01 12 02 03 04 05 06 07 Identify your stakeholders (who / to whom) Identify stakeholders expectation (why) Identify how the message will be communicated (the stakeholder’s preferredmethod) Identify communication necessary to satisfy stakeholders expectation and keep them informed (what) Identify and finalize how the report will be communicated (this should be finalized at the design stageitself) Identify time frame / frequency of communication Adherence to time frame i.e. avoid last minute rush Stakeholders Management
  • 14. What Are The Stakeholders Expectations Process Owner HOD / CFO / CEO / COO / MD Process understanding Overall risk assessment Genuine observations Categorization based on risk Listen to their point of view Summarized findings Practical suggestions / recommendations Root cause analysis Cost-effective solution Recommendations Process owner’s acceptance, agreed action plan, first-person responsible for implementation and targetdate Value addition Audit Committee Statutory Auditor Overall coverage and risk assessment Overall coverage Statutory non-compliances The Summarized finding of key issues Issues which affects the true and fair view of the accounts/ financial reporting Preventive controls / automated controls Statutory non-compliances Management comments, agreed action plan,first-person responsible for implementation and targetdate Providing assurance / comment on improvement Assurance which they can rely on Comfort which would help them make a proper assessmentand save their time Value addition 14
  • 15. HOD • The internal audit report • Discussion on observations at exit meeting and prima facie reply Statutory Auditor • Detailed audit report with annexures providing instances Process Owners • Discussion of queries during audit • The draft internal audit report • Detailed annexures CFO / CEO / MD / ACM • Executive summary • Dashboard presentation • Final Internal audit report 1 2 3 4 Stakeholders 15 Different Form Of Communication For Each Stakeholder
  • 16. What The Stakeholders Likes To See…… Value-Adding Processes Fraud Risks Compliances Revenue / Costs / Savings Efficiency improvement (Rework, Complaints, Rejections, Returns, Inspections, Discounts, etc.) Supply chain / procurement Benchmarking Analytics / Dashboard reporting Fraud scenarios Late adjustments Related parties Exceptions Journal entries New transactions / regions /products Whistleblowing events Comprehensive compliance tracking and monitoring Self-assessments Independent reviews Compliance history and assessments Board certifications Delays Continuing control deficiencies 16
  • 17.  The situation in which individuals in leadership positions exercise their authority to achieve a personal benefit, or to protect an organization, attempt to manipulate the internal audit activity or internal audit reports.  Such manipulation may result in actions to restrict the scope of audit activities, suppress audit findings, or undermine the credibility of the Chief Internal Auditor or the Internal Audit personnel's activity. Situations Affecting Internal Auditing:  Chief Internal Auditor threatened with the loss of future job opportunities if they continued audit (examples include stagnation when peers upgraded, re-structured out of the company, negotiated package to leave the company, eventual termination & personalthreats).  Chief Internal Auditor who ignored executive and reported the issue to the Board, subsequently excluded from key executive meetings (examples include access to restricted information, treated as not part of the team, not a team player, silent treatment given).  CEO who refused to meet with the Chief Internal Audit to avoid having direct knowledge of the issue at hand. 17 Organizational Pressure – Pervasive Threat To The Internal Audit Objectivity/Reporting
  • 18. Illustration – Extent of Pressure Aggravating Factors:  Lack of strong ethical culture fromtop-down  Lack of strong, independent and supportive auditcommittee  The culture that embraces risk and notcontrols  Weak relationship between Chief InternalAudit andAudit Committee Chairperson or Chief InternalAuditor and Key Executives  Chief InternalAuditor who lacks objectivity, integrity, courage, or sound judgment  Internal audit function in an organization that lackscompetence Organizational Pressure – Pervasive Threat To The Internal Audit Objectivity /Reporting 55% 27% 10 8% Never 1 or 2 times 3 to 5 times > 5 times 48% 37% 8% 7% Never 1 or 2 times 3 to 5 times > 5 times Number of times requested not to audit high-riskarea Number of times asked to suppress a finding 18
  • 19. Implications on Reporting Should Make Foundation Strong CIA ‘s Desired Attributes CIA Should Build Relationship Strong governance, knowledgeable board Integrity and courage – Know your internal ‘Limitations’ – Stand firm on importantissues Meet outside of scheduled, formal meetings Strong reporting relationship andposition – Direct reporting relationship –CIAand board/audit committee – Chief Internal Audit – Recognisedsenior independent position Objective and fair Learn about Executives– objectives, accomplishments, interests Clear and supportive charter – Documents showing with clarity-unique role of InternalAuditor – Specifies authority and unrestrictedscope Relationship builder – with theboard, executives and management – “We are all after the same objectives.” Lead outside of Internal Audit role; bevisible Decision framework – when to take a stand – Identify alternatives,consequences Judgement to know what is an important issue and when to take a stand, How totake a stand? Educate on emerging topics/Risks Strong business knowledge Anticipates and proactively addressesissues – Discuss protocols in advance – Know key parties andmotivations Find mutual areas of interest; do not take meetings casually but prepare in detail tobe effective 19
  • 20. Ideally, the Internal Audit function should report  Functionally to the Audit CommitteeChairperson  Administratively to the CEO/Executive director of theorganization Key measures to ensure the independence of the Internal Auditdepartment:  The Chief InternalAudit should meet privately with the Board/Audit Committee without the presence of the management.  TheAudit Committee should have final authority to review and approve the annual audit plan and all major changes to theAudit plan.  The Audit Committee should review the performance of the Chief Internal Auditor and overall Internal Audit function at least once a year, as well approve the compensation levels for the Chief InternalAudit.  The Internal Audit charter should clearly articulate both functional and administrative reporting lines for the function as well as its principal activities.  The reporting line should facilitate open and direct communications with CEO, senior executive group and line management.  The Internal Audit should have unrestricted access to information flows so that it receives adequate and timely information concerning the activities, plans and business initiatives of theorganization.  Budgetary controls and considerations imposed by the administrative reporting line should not impede internal audit in accomplishing its objective. 20 Reporting of CIA – Lack of Independence Could Have Impact On Internal Audit Reporting
  • 21.
  • 22.
  • 24.  The people who receive internal audit services (audit clients) are becoming more seeking greater value-add from audits. They are seeking insights gathered from operational audits, rather than a narrow compliance audit approach.  Internal audit is not an isolated technical exercise but it is an integral part of the corporate governance process and the report which is the culmination of the audit process has far-reaching consequences in changing the way the business is done and risks are managed.  A report is a reflection of the auditor’s mindset and is only as good as the approach with which the audit has been done. No amount of add on by way of style and presentation can mask the inadequacy of the auditor’s performance.  The internal auditor has to not only possess adequate knowledge of the business he is auditing but also internalize that he is part of the management and his audit objective is aligned to the business enterprise objective and goals.  Management is seeking internal audit reports that are easy to read, ‘tell a story’, and get to the point.  Management values internal audit reports that provide a conclusion or opinion on the activity audited.  The success of audit reporting is determined largely by the attitude and approach with which internal auditor carries out his duties. As auditors, we should aspire to be the agents of positive change in the organization, and strive to be viewed and accepted as valued insiders. 24 Concluding Thoughts
  • 25. People begin forming an opinion within seconds Difficult to reverse first opinion 25
  • 27. Executive Summary: Report Rating Audit Issues Status of Management RemediationPlan Table Of Contents 02 03 Audit Issues Highlighting: Key Finding Root Cause of Issue Business Impact/Risk Issue Severity - Risk Rating Recommendation Management Comments Issue Owner Target Date ofAction 04 Assurance Limitation Disclaimer Annexures 05 Title Page Addressee Report Distribution List Period of Audit Covered 01 27 Typical Elements In An Internal Audit Report
  • 28. Opening / introductory paragraph should comprise of thefollowing:  Background of the company / entity  Identification of process and items of financial statementsaudited  Statement of responsibility of the entity’s management and responsibility of the internal auditor Opening / Introductory Paragraph And Scope Paragraph Scope Paragraph should comprise of the following:  Reference to the generally accepted audit procedures in India / overseas as applicable  Description of the audit engagement background and the methodology of the internal audit  Description of the population and the sampling technique used  Limitation in scope / exclusions, if any 28
  • 29. 1 5 4 2 3 CorrectiveAction Action that must be taken to correct the cause 29 Consequences Difference between condition and criteria [impact on the individual, business unit and company as a whole, quantify the impact] Cause Reason for difference between criteria & condition [lack of controls, circumvention of controls or external influences] Condition The factual evidence as to what was found 5Cs Detailed Report – Features Of The Observation Criteria What is the standard that was not met? The standard may be a company policy or other regulatory guideline. expectations used in making an evaluation
  • 30. 30 5 Cs In Report Writing – CaseStudy Observation To Contain 5Cs Observation To Answer The Following Example Criteria What is the standard? Variation in stock on physical verification with the balance as reflected in the stock register should be NIL. Condition What is wrong? The stock physically verified was short by 5045 units as against the balance shown in the stock register. Cause Why is it wrong? Issues made during the night shift were not recorded. Consequences What is the risk / impact? The stock position in the books is overstated and the possibility of stock pilferage is high due to lack of control. Corrective Action What should be done? / How to correct? Night shift stock keeper needs to be appointed. Alternatively, the requirement of stock for the night shift should be issued at day end as per the requisition of the production in charge for the night shift. The consumption during night shift is verified by counting in the morning the balance stock left out of the lot issued to the floor during the previous days close.
  • 31. 31 RISK RATING High (H) Represents critical control weaknesses requiring prompt action to mitigate information systems or business process vulnerabilities. Adequate compensating controls do not exist to mitigate risk exposure, or may not be sufficient given the impact of a risk occurrence should it occur. Regulatory non-compliances involving penalties/prosecutions are also included in this category and having financial impact exceeding say USD 250K. Medium (M) Represents moderate control weaknesses requiring near-term management focus to strengthen existing controls. Some compensating controls are present, but additional controls are necessary to further mitigate risk exposure and having financial impact between say USD 100K to 250K. Low (L) Represents minor control weaknesses requiring management focus to enhance existing controls. Compensating controls are present to mitigate exposure (or if not, the impact of a risk occurrence is minor), but opportunities exist to enhance controls or improve operating efficiency and having financial impact say below USD 100K. CONTROLS RATING Moderate (M) Controls are present to mitigate most process/business risk, but management should evaluate opportunities to enhance existing controls. Limited (L) Existing controls may not mitigate process/business risk and management should consider implementing a stronger control structure. RISK CATEGORY Operational (O) Effectiveness and efficiency of operations. Financial (F) Reliability of financial reporting / financial impact. Compliance (C) Compliance with applicable laws and regulations. Process Improvement (PI) Scope of improvement in the business process. Risk Rating / Risk Category / Controls Rating – Legends
  • 32.  Management response should be SMART (Specific, Measurable, Achievable, Reliable, Time-bound).  Management response should contain thefollowing: Specific reply to the observation (to the point and not a general reply) Action verbs like Define, Develop, Implement, Review, Approve, Perform, Generate, Set-up,etc. The time frame for taking appropriate correctiveaction Personnel responsible for taking action Resource requirements, if any, for ensuring suchcompliance Management Response 32
  • 33. Reporting issues that don’t matter to the board and top executives Failing to communicate what matters when it matters Lengthy cycle times – time taken for formal reportwriting Consequences of lengthy audit cyclesare – Audit results are not timely – Stakeholders dissatisfaction – Inefficient use of internal auditorstime Factually incorrect reports Size of the report and maintaining balance Implications or risk not being brought outclearly Focus only on negative aspects or mistakes Projecting process owners as villains or blowing up things out ofproportion Lack of practical recommendations The reader cannot connect with thereport Audit Reporting Challenges 33
  • 34. Flow of Report Incomplete Information Drafting Errors Use of Technical Jargons More focus on the transaction rather than the process or system failure Lack of pattern or flow in the report – this confuses the reader Starts with the most low risk points – can lead to loss of interest of the reader Important point gets lost in the volume of pages Does not contain proper examples, sample size, extent of problem, root cause Not quantified for business impact or risk of the observations Recommendations (or poorly drafted recommendation) Spelling mistakes Wrong English Incomplete sentences Long sentences Incorrect use of punctuations Confuses the reader Makes report reading more painful 34 Common Mistakes In Internal Audit Reports
  • 35. 35 Accurate Objective Clear Concise Constructive Complete Timely Free from Fair, impartial, Easily Tothe point, Helpful to the Lacking Opportune errors and and unbiased understood avoid auditee /client nothing that is and expedient, distortions and and is a result and logical, unnecessary and the essential to depending on faithful to the of a fair- avoiding elaboration, organization the target the underlying minded and unnecessary superfluous and leads to audience and significance of facts balanced technical detail, improvements includes all the issue, assessment of language and redundancy, where needed significant and allowing all relevant providing all repetitiveness relevant management facts and significant and and wordiness information to take circumstances relevant and appropriate information observations corrective to support action recommendati ons and conclusions Essentials Of A Good Internal Audit Report
  • 36.  Standards on internal audit do not specify any reportformat  Different organizations use different report formats (Word, Excel and PowerPoint)  The format depends on management expectation and requirements  The appropriate format should be used with consistency  Management will feel more comfortable if it becomes accustomed to the report format and can readily turn to whatever is of interest Report Format Characteristics Word Format Traditional form Simple to use Reference to report page / para Power Point Presentation Most commonly used Facilitates use of risk indicators Excel Sheet Effective tool for grouping of various observations - especially annexures Simple to use Internal Audit Report Format 36
  • 37. Executive Summary:  An executive summary is a brief section before the commencement of detailed audit report. It is part of the report that is readfirst.  It summarizes the audit findings and action plan in minimal text. People who read only the executive summary should get the essence of the document.  An executive summary provides conclusion / auditors opinion on the area under audit. Need For Executive Summary:  Enables the key personnel to read the report in lesstime.  Macro perspective in short form and quick reference for future use.  Pick and choose – the reader can decide what he wants to read.  Readers judges and decides based on the executive summary to see if the rest of the report is worth reading. Tips For Executive Summary:  Clear and concise, correct and simple. The executive summary should be 1-2 pages at the max.  Stay away from long sentences and big words in the executive summary.  Verify that the headings used in the summary match the body copy of the document.  Present the sections of the executive summary in the same order as in the main report.  Include all the must-know information in the executive summary and remove unnecessary phrases or unclear content.  Format for readability with plenty of space between points and clear headings that guide the reader.  Verify that the summary stands alone and supports the objective if it is the only portion of the document that will beread. 37 Tips For Writing An Effective Executive Summary
  • 38. Sr. No. Audit Observation Action Plan Risk Category Risk Rating Control Rating Slide Reference 1 2 3 4 5 6 Control Rating Moderate Limited Risk Rating High Medium Low Risk Category Financial Operational Compliance Executive Summary – Sample 1 38
  • 39. Executive Summary – Sample 2 Issues 39 Due Date Responsible Person Business Impact
  • 40. 1) Observation Heading Issue: Background: Root Cause: Recommendation: Risk & Impact: Management Response: Person Responsible: Target Date: Control Rating Moderate  Limited Risk Rating  High Medium Low Risk Category  Financial Operational Compliance Detailed Observation – Sample 1 40
  • 41. 1. Observation Heading Observation Management Comments Root Cause:  Design Deficiency Operational Ineffectiveness System Deficiency  External Risk & Implication Recommended Action 41 Owner and Target Date Critical Detailed Observation – Sample 2
  • 42. Content Of Audit Committee Presentation • Dashboard report on current activities • Critical findings or emerging trends • Results of special investigations, status of the annual audit plan and any changes done • Internal audit staffing, impact of resourcelimitations • Department performance metrics / scores Understanding Board Expectations • Understanding board expectations is critical when determining content. • By reviewing key documents such as the audit committee charter, internal audit can gain an understanding of the audit committee’s risks and needs. • It is recommended to meet separately with the audit committee (and senior management if deemed appropriate) to determine reporting framework and expectations upfront. Typical Contents Of An Audit Committee Presentation Quarterly Audit Committee Presentation • Summarize for the committee what they need to know about routine findings in a logical summary format and report separately on more important matters suchas: – Matters that might affect the fairness of financial reporting. – Breaches of the company’s ethics policies. – Details of any frauds discovered, financial values of suchfrauds. – Significant delays in management responding to findings and recommendations. – Monitoring and follow-up activities. Yearly Audit Committee Presentation • Annual report is typically a summary of the four quarterly reports. Additional items to cover may include: – Details of changes in personnel's in the internal auditdepartment. – Report on the year in review to include themes or trends identified. – Update of the risk assessment and audit plan. – Report on the results of the internal quality assurance and improvement program. – Discuss the results of the external quality assurance review, timing / frequency of the external assessment and reviewer’s background. – Review and approve updates to the internal audit departmentcharter. – Confirmation of the independence of the internal audit activity. – Reporting of any impairments of independence or objectivity. 42
  • 43. Sr. No. Audit Area / Audit Entity Region Audit Rating Detailed Issue And Action Plan Reference 1 Latin America Unsatisfactory Slide no. xx 2 Latin America Unsatisfactory Slide no. xx 3 Asia Improvement Opportunity Slide no. xx 4 Africa Improvement Opportunity Slide no. xx 5 North America Satisfactory - 6 Europe Satisfactory - 7 Middle East Australia , NZ Satisfactory - 1) Number of Audits Completed In Q2 (2019-20): XX Unsatisfactory • Financial Loss / Fraud > USD 1 million • Some key controls do not exist, or are not properly implemented, and there are high risk improvementopportunities. • Control environment is impaired. Improvement Opportunity • Financial Loss / Fraud up to USD 1 million • Adequate control environment in most areas. • Moderate risk improvement opportunities identified, which require corrective action. Satisfactory • Satisfactory overall control environment. • Small number of lower risk improvement opportunities identified, which require correctiveaction. Entity Audit Rating / Conclusion 43 Audit Committee Dashboard – Sample 1
  • 44. Sr. No. Audit Area / Audit Entity Audit Observation Agreed Action Plan Risk Rating * Risk Category * Control Rating * 1 High Financial Moderate 2 Medium Operational Limited 3 Medium Compliance Limited 4 Low Process Improvement Limited 3) Significant Audit Issues Summary * Legends explained in next slide Open Audit Issues ( at quarter beginning) Issue Closed during current quarter Unresolved / pending issues above 6 months Global CFO intervention/ support required 7 For details, please refer slide no. xx to xx 4 3 (For details, please refer slide no. xx to xx) 1 (For details, please refer slide no. xx to xx) 2) Remediation Status Of Past Quarters Key Audit Observations 44 Audit Committee Dashboard – Sample 1
  • 45.  The major objective of internal audit review is to understand the key activities and controls in the business processes designed, review design effectiveness of business processes and controls, assess the operating effectiveness of internal controls and provide recommendations for business process and internal controlimprovement.  Internal auditors don’t plan and prepare work with the objective of preventing and discovering fraud and gives no assurance that the period covered by an internal audit would be free of fraud or other irregularities. If during the course of internal audit, we come across any fraudulent activity, we carry out our review in respect of that business process in detail and report on the same to the management and auditcommittee.  The performance of internal audit work is not and should not be taken as a substitute for management’s responsibilities for the application of sound management practices. The responsibility for a sound internal control system and the prevention and detection of fraud and other irregularities rests with management. Work performed by internal audit should not be relied upon to identify all strengths and weaknesses in internal controls, nor relied upon to identify all circumstances of fraud or irregularity. Our focus is more on walkthroughs of business processes and identification of internal control gaps so that the control environment can be strengthened further.  Internal audit procedures are designed to focus on areas of greatest risk and significance which are identified and agreed with management in advance, internal audit scope and approved annual internal audit plan. Since the internal audit is executed by an individual internal auditor on the basis of their ability to assess risk and situation of control environment of a particular audit area/entity, audit procedures may not disclose/conduct an audit of all issues and/or other significant matters about the department/company, or reveal all errors, irregularities and frauds in the underlying information due to limitation of skill set, time spent on an entity for audit and other uncontrollable limitations.  The approach employed during the internal audit work does not constitute a comprehensive review of all the operations and is subject to the level of bias in the method of sample selection.  Internal auditors rely on management to provide accounting and other records for the purposes of audit work to ensure the authenticity of these records. 45 Audit Coverage And Assurance Limitation