The document discusses the application of professional practices frameworks in internal audit practice. It addresses different scenarios that internal audit functions may encounter in corporate environments.
It discusses challenges that may be faced by internal audit functions that are led by senior professionals, junior auditors, or in group company structures. It also addresses internal audit in small and medium enterprises that currently lack such functions.
The document identifies top 10 standards from professional practices frameworks that require attention, such as independence and objectivity, continuing professional education, quality assurance, risk management, and ethical culture. It analyzes issues around implementing these standards in various contexts.
The document outlines best practices for internal audit departments across five key areas: roles and structure, people, process, technology, and knowledge. It provides examples of best practice features for each area and a template for departments to evaluate the evidence of these features in their own practices. The template can be used to assess areas as low, medium, or high and identify opportunities for improvement. The document aims to help internal audit departments evaluate their practices against industry standards and enhance their ability to add value through continuous improvement.
Resume : "Internal audit quality : developing a quality assurance and improve...asvary asvary
This book will assist chief audit executives and internal auditors to develop a quality assurance and improvement program and embed processes that enhance the quality of their internal audit function. The book looks at what constitutes quality, and how a greater understanding of quality drivers can lead to more valuable internal audit practices. Most internal auditors understand quality and performance. Good internal audit practice benchmarks organizational areas and activities against commonly accepted criteria. This book provides similar criteria for internal audit functions to benchmark themselves against
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps evaluate and improve risk management, control, and governance processes. Internal audits are important for monitoring business assets, verifying compliance with policies and procedures, and providing objective insight, improving efficiency, evaluating risks, assessing controls, and ensuring legal compliance. The main types of internal audits are compliance, environmental, information technology, operational, and performance audits. The internal audit process involves planning, fieldwork, reporting, and follow-up phases.
The document discusses internal audit, providing definitions, objectives, principles and need. It defines internal audit as an independent function that appraises an entity's operations to strengthen governance and risk management. The scope of internal audit includes reviewing accounting and controls, ensuring efficiency and compliance. It is needed due to increased business size, regulations, and technology usage. Internal audit adds value through risk management, assurance, compliance and fraud prevention. Key principles are integrity, objectivity, independence and professional care. The Companies Act 2013 requires certain public and private companies to appoint internal auditors.
This document provides an internal auditor competency framework developed by the Institute of Internal Auditors - Australia. It outlines competencies across four key areas: standards, technical skills, interpersonal skills, and knowledge areas. It describes the behaviors expected at different job levels (new internal auditor, practicing internal auditor, internal audit manager, chief audit executive). The framework is intended to guide professional development, recruitment, performance reviews, and succession planning for internal auditors in Australia.
An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
The document discusses internal auditing. It defines internal auditing as an independent, objective assurance function that aims to add value and improve an organization's operations by evaluating risk management and governance processes. It outlines the roles of internal auditing such as being objective in assessing controls and independent in reviewing operations. The history shows how the role has evolved from checking accounts to facilitating risk management. Internal auditing can assist external auditors in audit planning and has taken on more complex roles in recent years to address corporate uncertainty.
The most comprehensive definition of internal audit is given by the IIA, USA. It is,
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes."
The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?
The document outlines best practices for internal audit departments across five key areas: roles and structure, people, process, technology, and knowledge. It provides examples of best practice features for each area and a template for departments to evaluate the evidence of these features in their own practices. The template can be used to assess areas as low, medium, or high and identify opportunities for improvement. The document aims to help internal audit departments evaluate their practices against industry standards and enhance their ability to add value through continuous improvement.
Resume : "Internal audit quality : developing a quality assurance and improve...asvary asvary
This book will assist chief audit executives and internal auditors to develop a quality assurance and improvement program and embed processes that enhance the quality of their internal audit function. The book looks at what constitutes quality, and how a greater understanding of quality drivers can lead to more valuable internal audit practices. Most internal auditors understand quality and performance. Good internal audit practice benchmarks organizational areas and activities against commonly accepted criteria. This book provides similar criteria for internal audit functions to benchmark themselves against
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps evaluate and improve risk management, control, and governance processes. Internal audits are important for monitoring business assets, verifying compliance with policies and procedures, and providing objective insight, improving efficiency, evaluating risks, assessing controls, and ensuring legal compliance. The main types of internal audits are compliance, environmental, information technology, operational, and performance audits. The internal audit process involves planning, fieldwork, reporting, and follow-up phases.
The document discusses internal audit, providing definitions, objectives, principles and need. It defines internal audit as an independent function that appraises an entity's operations to strengthen governance and risk management. The scope of internal audit includes reviewing accounting and controls, ensuring efficiency and compliance. It is needed due to increased business size, regulations, and technology usage. Internal audit adds value through risk management, assurance, compliance and fraud prevention. Key principles are integrity, objectivity, independence and professional care. The Companies Act 2013 requires certain public and private companies to appoint internal auditors.
This document provides an internal auditor competency framework developed by the Institute of Internal Auditors - Australia. It outlines competencies across four key areas: standards, technical skills, interpersonal skills, and knowledge areas. It describes the behaviors expected at different job levels (new internal auditor, practicing internal auditor, internal audit manager, chief audit executive). The framework is intended to guide professional development, recruitment, performance reviews, and succession planning for internal auditors in Australia.
An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
The document discusses internal auditing. It defines internal auditing as an independent, objective assurance function that aims to add value and improve an organization's operations by evaluating risk management and governance processes. It outlines the roles of internal auditing such as being objective in assessing controls and independent in reviewing operations. The history shows how the role has evolved from checking accounts to facilitating risk management. Internal auditing can assist external auditors in audit planning and has taken on more complex roles in recent years to address corporate uncertainty.
The most comprehensive definition of internal audit is given by the IIA, USA. It is,
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes."
The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?
Slide gives information about working style of internal audit department in micro-finance institution. It helps the viewer to enhance the skills and knowledge about audit activities in MFI.
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. The internal audit activity must be independent, and internal auditors must be objective in performing their work. Internal auditors must possess the knowledge, skills, and other competencies needed to perform their individual responsibilities and apply the care and skill expected of a reasonably prudent and competent internal auditor. The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity.
The document discusses planning and documentation standards for internal audits. It covers objectives of planning, factors affecting the planning process and scope, and the planning process itself which includes establishing the audit universe and objectives. It emphasizes obtaining appropriate audit evidence to draw reasonable conclusions and reviewing evidence obtained. Documentation standards are also outlined, including matters to be documented, identification of preparers and reviewers, and document retention policies.
The document discusses internal audit training, including evaluating internal controls, audit approaches, planning and controlling internal audits, performing audits, documenting findings, and reporting. It covers defining internal control systems, the objectives they achieve, types and classifications of controls, control activities, monitoring, and evaluating internal controls. The key topics are organizing an effective internal control system and the internal auditor's role in evaluating controls and audit approaches.
ICQs provide system for the assessment of risks embedded in the internal control system. Every internal auditor prepares ICQs according to his understanding of the internal control system. There are some certain common areas that are present in every organization. This ICQs deal with those common areas that are integral part of every organization's internal control system.
A performance audit examines the effectiveness, economy, and efficiency of a government program or agency. It assesses if resources are being managed properly and accountability requirements are met. A performance audit reviews employee performance against goals, measures efficiency, effectiveness, and economy, and identifies what is and is not working. The process involves project selection, planning, conducting the audit, reporting findings, and follow up to ensure recommendations are implemented.
This document provides an overview of management audits. It defines a management audit as a systematic examination and appraisal of management's overall performance. The aims are to improve efficiency, ensure optimal resource use, identify deficiencies, and suggest improvements. Key differences from a cost audit are that management audits evaluate objectives/actions, require knowledge of management/production, and have no statutory obligations. The process involves identifying objectives, evaluating performance against objectives, and providing suggestions. The scope includes evaluating management efficiency, reviewing policy implementation, appraising performance, and recommending improvement areas. Advantages include aiding decisions and utilizing resources effectively. Disadvantages are the high cost for large organizations only. Operational aspects examined include objectives, production, sales,
The document defines management audit as an examination of an organization's structure and use of resources to ensure efficient management. It discusses the objectives of a management audit such as improving efficiency and assessing if the organization can achieve its goals. The scope includes reviewing the current organizational structure and studying aspects like return on investment. Functional areas that are analyzed include purchase, production, distribution, personnel, finance, and accounting. The types of information required are objectives, planning, organization, control, and functional areas.
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKHaresh Lalwani
This presentation is my endeavor to bring to notice the new position that internal audit enjoys today in the corporate framework, expectations of the industry and emerging opportunities for the professionals.
The document provides an overview of auditing and the audit process in organizations. It defines auditing as the systematic and independent examination of an entity's data, statements, records, operations and performance. The document then outlines the objectives, importance and functions of auditing. It discusses the different types of audits, including statutory, private, internal and external audits. The document also describes the key stages of the audit process, including planning, execution and reporting. It explains the different types of audit reports and provides recommendations to conclude.
Management audit involves the independent examination of a company's management, operations, and policies to evaluate how well objectives are being met. It identifies strengths and weaknesses, recommends improvements, and helps management better utilize resources and achieve goals. A management audit reviews areas like organizational structure, planning, resource allocation, procedures, and control systems. Its aims include improving efficiency, profitability, and the effective discharge of management responsibilities.
Practical approach to Risk Based Internal AuditManoj Agarwal
The document provides an overview of risk based internal auditing. It discusses key concepts like the definition of risk, COSO ERM framework, three lines of defense model, definition of internal audit, and risk based internal audit approach. The approach involves identifying the audit universe and processes, risk identification and assessment, risk scoring and heat mapping, developing the risk based internal audit plan, and executing the plan. Various tools for risk based auditing like the audit tracker, audit report templates, and resources are also outlined.
The document provides an overview of internal auditing basics and best practices. It discusses the purpose and objectives of internal auditing, which includes independently evaluating activities within an organization to examine controls and ensure responsibilities are carried out effectively and efficiently. The document also outlines the audit process, including planning, performing, and reporting phases. It describes establishing objectives and scope, assessing risks, designing tests, documenting work, summarizing results, and following up on corrective actions. The overall goal is to help organizations achieve their objectives and promote continuous improvement.
This document discusses an internal audit quality assessment workshop held in Riyadh, Saudi Arabia on November 18, 2014. The workshop objectives were to understand quality requirements and assessments for internal audits based on the International Professional Practices Framework (IPPF) and International Standards. Specific topics included quality definitions, assessment processes, tools and techniques, common observations, and attributes of high-performing assessments. The benefits of quality assessments for internal auditors, management, employees, and the audit committee/board were also reviewed.
Common internal audit findings & how to avoid themSurajit Datta
The document summarizes topics that were covered in a workshop on common internal audit findings and how to avoid them. It discusses internal auditing and controls, elements of internal controls, common audit findings such as non-compliance and lack of monitoring, fraud indicators, and how to avoid findings by establishing policies, procedures, and internal controls.
The internal audit document summarizes an upcoming audit of HR processes at an organization. The audit will evaluate the effectiveness and accuracy of processes like onboarding, internal movements, separation, talent management, and performance management. It outlines the audit objective, topics to be covered, compliance-based methodology, 5-step process for conducting the audit, and recommendations to be provided in the final report. An appendix includes sample documents for review and a template for the final audit report.
The document provides an overview of internal audit methodology. It defines internal audit as an independent function that appraises entity operations to strengthen governance and controls. The agenda outlines types of audits like compliance, operational and risk-based audits. It then describes the stages of a risk-based internal audit framework from defining scope to the audit report. Tools discussed include an audit tracker, control testing, and preparing audit reports and presentations.
The document provides information about Spire Advisors Pvt Ltd, a risk management firm. It discusses Spire's risk management solutions which include risk-based internal audits, compliance audits, internal financial controls, IT audits, and standard operating procedures. It then goes into further detail about Spire's approach to risk-based internal audits, compliance audits, and internal financial controls. The document emphasizes the importance of these risk management processes and Spire's role in providing professional services around them.
The management audit is a comprehensive examination of an organization or corporation that identifies problems or weaknesses. It assesses all functions, including objectives, strategy, structure, planning, resources, decision-making, operations, and systems. The audit is conducted by an internal task force or external analysts in a logical process including interviews, documentation review, fact-finding, and external perspectives. It analyzes performance, efficiency, and effectiveness to develop conclusions and prioritized recommendations to improve organizational effectiveness and efficiency. The management audit is a powerful tool for executives seeking to enhance profits and stability when done thoroughly, objectively, and with follow-through of recommendations.
The document outlines the skills required of internal auditors, which are divided into cognitive skills, behavioral skills, and individual attributes. Cognitive skills include technical skills like following routines, analytic skills like problem identification, and appreciative skills like making complex judgments. Behavioral skills encompass personal skills, interpersonal skills, and organizational skills. Individual attributes span technical skills, analytic/design skills, problem-solving skills, judgment/synthesis skills, personal skills, interpersonal skills, and organizational skills. The document provides detailed descriptions and examples of the types of skills and attributes needed at different levels within the internal auditing field.
The document outlines the skills required of internal auditors, which are divided into cognitive skills, behavioral skills, and individual attributes. Cognitive skills include technical skills like following routines, analytic skills like problem identification, and appreciative skills like making complex judgments. Behavioral skills encompass personal skills, interpersonal skills, and organizational skills. Individual attributes span technical skills, analytic/design skills, problem-solving skills, judgment/synthesis skills, personal skills, interpersonal skills, and organizational skills. The document provides detailed descriptions and examples of the types of skills and attributes needed at different levels within the internal auditing field.
Slide gives information about working style of internal audit department in micro-finance institution. It helps the viewer to enhance the skills and knowledge about audit activities in MFI.
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. The internal audit activity must be independent, and internal auditors must be objective in performing their work. Internal auditors must possess the knowledge, skills, and other competencies needed to perform their individual responsibilities and apply the care and skill expected of a reasonably prudent and competent internal auditor. The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity.
The document discusses planning and documentation standards for internal audits. It covers objectives of planning, factors affecting the planning process and scope, and the planning process itself which includes establishing the audit universe and objectives. It emphasizes obtaining appropriate audit evidence to draw reasonable conclusions and reviewing evidence obtained. Documentation standards are also outlined, including matters to be documented, identification of preparers and reviewers, and document retention policies.
The document discusses internal audit training, including evaluating internal controls, audit approaches, planning and controlling internal audits, performing audits, documenting findings, and reporting. It covers defining internal control systems, the objectives they achieve, types and classifications of controls, control activities, monitoring, and evaluating internal controls. The key topics are organizing an effective internal control system and the internal auditor's role in evaluating controls and audit approaches.
ICQs provide system for the assessment of risks embedded in the internal control system. Every internal auditor prepares ICQs according to his understanding of the internal control system. There are some certain common areas that are present in every organization. This ICQs deal with those common areas that are integral part of every organization's internal control system.
A performance audit examines the effectiveness, economy, and efficiency of a government program or agency. It assesses if resources are being managed properly and accountability requirements are met. A performance audit reviews employee performance against goals, measures efficiency, effectiveness, and economy, and identifies what is and is not working. The process involves project selection, planning, conducting the audit, reporting findings, and follow up to ensure recommendations are implemented.
This document provides an overview of management audits. It defines a management audit as a systematic examination and appraisal of management's overall performance. The aims are to improve efficiency, ensure optimal resource use, identify deficiencies, and suggest improvements. Key differences from a cost audit are that management audits evaluate objectives/actions, require knowledge of management/production, and have no statutory obligations. The process involves identifying objectives, evaluating performance against objectives, and providing suggestions. The scope includes evaluating management efficiency, reviewing policy implementation, appraising performance, and recommending improvement areas. Advantages include aiding decisions and utilizing resources effectively. Disadvantages are the high cost for large organizations only. Operational aspects examined include objectives, production, sales,
The document defines management audit as an examination of an organization's structure and use of resources to ensure efficient management. It discusses the objectives of a management audit such as improving efficiency and assessing if the organization can achieve its goals. The scope includes reviewing the current organizational structure and studying aspects like return on investment. Functional areas that are analyzed include purchase, production, distribution, personnel, finance, and accounting. The types of information required are objectives, planning, organization, control, and functional areas.
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKHaresh Lalwani
This presentation is my endeavor to bring to notice the new position that internal audit enjoys today in the corporate framework, expectations of the industry and emerging opportunities for the professionals.
The document provides an overview of auditing and the audit process in organizations. It defines auditing as the systematic and independent examination of an entity's data, statements, records, operations and performance. The document then outlines the objectives, importance and functions of auditing. It discusses the different types of audits, including statutory, private, internal and external audits. The document also describes the key stages of the audit process, including planning, execution and reporting. It explains the different types of audit reports and provides recommendations to conclude.
Management audit involves the independent examination of a company's management, operations, and policies to evaluate how well objectives are being met. It identifies strengths and weaknesses, recommends improvements, and helps management better utilize resources and achieve goals. A management audit reviews areas like organizational structure, planning, resource allocation, procedures, and control systems. Its aims include improving efficiency, profitability, and the effective discharge of management responsibilities.
Practical approach to Risk Based Internal AuditManoj Agarwal
The document provides an overview of risk based internal auditing. It discusses key concepts like the definition of risk, COSO ERM framework, three lines of defense model, definition of internal audit, and risk based internal audit approach. The approach involves identifying the audit universe and processes, risk identification and assessment, risk scoring and heat mapping, developing the risk based internal audit plan, and executing the plan. Various tools for risk based auditing like the audit tracker, audit report templates, and resources are also outlined.
The document provides an overview of internal auditing basics and best practices. It discusses the purpose and objectives of internal auditing, which includes independently evaluating activities within an organization to examine controls and ensure responsibilities are carried out effectively and efficiently. The document also outlines the audit process, including planning, performing, and reporting phases. It describes establishing objectives and scope, assessing risks, designing tests, documenting work, summarizing results, and following up on corrective actions. The overall goal is to help organizations achieve their objectives and promote continuous improvement.
This document discusses an internal audit quality assessment workshop held in Riyadh, Saudi Arabia on November 18, 2014. The workshop objectives were to understand quality requirements and assessments for internal audits based on the International Professional Practices Framework (IPPF) and International Standards. Specific topics included quality definitions, assessment processes, tools and techniques, common observations, and attributes of high-performing assessments. The benefits of quality assessments for internal auditors, management, employees, and the audit committee/board were also reviewed.
Common internal audit findings & how to avoid themSurajit Datta
The document summarizes topics that were covered in a workshop on common internal audit findings and how to avoid them. It discusses internal auditing and controls, elements of internal controls, common audit findings such as non-compliance and lack of monitoring, fraud indicators, and how to avoid findings by establishing policies, procedures, and internal controls.
The internal audit document summarizes an upcoming audit of HR processes at an organization. The audit will evaluate the effectiveness and accuracy of processes like onboarding, internal movements, separation, talent management, and performance management. It outlines the audit objective, topics to be covered, compliance-based methodology, 5-step process for conducting the audit, and recommendations to be provided in the final report. An appendix includes sample documents for review and a template for the final audit report.
The document provides an overview of internal audit methodology. It defines internal audit as an independent function that appraises entity operations to strengthen governance and controls. The agenda outlines types of audits like compliance, operational and risk-based audits. It then describes the stages of a risk-based internal audit framework from defining scope to the audit report. Tools discussed include an audit tracker, control testing, and preparing audit reports and presentations.
The document provides information about Spire Advisors Pvt Ltd, a risk management firm. It discusses Spire's risk management solutions which include risk-based internal audits, compliance audits, internal financial controls, IT audits, and standard operating procedures. It then goes into further detail about Spire's approach to risk-based internal audits, compliance audits, and internal financial controls. The document emphasizes the importance of these risk management processes and Spire's role in providing professional services around them.
The management audit is a comprehensive examination of an organization or corporation that identifies problems or weaknesses. It assesses all functions, including objectives, strategy, structure, planning, resources, decision-making, operations, and systems. The audit is conducted by an internal task force or external analysts in a logical process including interviews, documentation review, fact-finding, and external perspectives. It analyzes performance, efficiency, and effectiveness to develop conclusions and prioritized recommendations to improve organizational effectiveness and efficiency. The management audit is a powerful tool for executives seeking to enhance profits and stability when done thoroughly, objectively, and with follow-through of recommendations.
The document outlines the skills required of internal auditors, which are divided into cognitive skills, behavioral skills, and individual attributes. Cognitive skills include technical skills like following routines, analytic skills like problem identification, and appreciative skills like making complex judgments. Behavioral skills encompass personal skills, interpersonal skills, and organizational skills. Individual attributes span technical skills, analytic/design skills, problem-solving skills, judgment/synthesis skills, personal skills, interpersonal skills, and organizational skills. The document provides detailed descriptions and examples of the types of skills and attributes needed at different levels within the internal auditing field.
The document outlines the skills required of internal auditors, which are divided into cognitive skills, behavioral skills, and individual attributes. Cognitive skills include technical skills like following routines, analytic skills like problem identification, and appreciative skills like making complex judgments. Behavioral skills encompass personal skills, interpersonal skills, and organizational skills. Individual attributes span technical skills, analytic/design skills, problem-solving skills, judgment/synthesis skills, personal skills, interpersonal skills, and organizational skills. The document provides detailed descriptions and examples of the types of skills and attributes needed at different levels within the internal auditing field.
This document provides an overview of the skills, qualities, and traits needed to be an effective auditor. It discusses technical skills like knowledge of auditing principles and techniques, human skills like tact and the ability to draw logical conclusions, and personal attributes like a strong business sense and attention to detail. It also covers qualities of character like adaptability and determination. The document outlines key behaviors for auditors such as exhibiting courage and integrity, taking a proactive approach, and maintaining communication with all levels of an organization. It discusses applying concepts from neuro-linguistic programming to improve interpersonal communication during audits. Finally, it addresses anticipating and preventing problems, as well as being effective in reaching target customers within an organization similar to how
The document discusses an internal audit team developing and implementing a balanced scorecard to achieve excellence. It presents a sample balanced scorecard with objectives in four categories: learning growth, internal processes, customer perspective, and finance perspective. Metrics and targets are identified for monitoring progress over the current and next two years. The scorecard aims to improve audit practices, processes, customer satisfaction, and cost management through quantitative and qualitative tracking.
Balanced Scorecard, A Comprehensive Guide Upendra K
The Balanced scorecard is a management system that enables organizations to clarify their vision and strategy and translate them into action.
Provides an organization with feedback of both the internal business processes and external outcomes, which allows for continuous improvement of strategic performance and results.
Nerve center of an enterprise
The term “scorecard” signifies quantified performance measures and “balanced” signifies the system is balanced between:
Short-term and long term objectives
Financial and non-financial measures
Lagging and leading indicators
Internal and external performance perspectives
The concept of the balanced scorecard was first touted in the Harvard Business Review in 1992 in a paper written by Robert S Kaplan and David P Norton.
The paper introduced the idea of focusing on human issues as well as financial ones, and measuring performance across a much wider spectrum than businesses had done before.
Kaplan and Norton published their ideas in full in The Balanced Scorecard: Translating Strategy into Action in 1996 and it became a business bestseller.
The balanced scorecard is centered on four performance metrics or perspectives:
Customers
Internal processes
Financial
Learning and growth
When implemented properly, each one of these perspectives contains four subparts consisting of
Objectives
Measures
Targets
Initiatives
The document provides guidelines for project risk management based on the six risk management processes from the PMBOK Guide. It discusses identifying risks, performing qualitative and quantitative risk analysis, planning risk responses, and controlling risks. An example application to a PMP certification course project is provided to demonstrate practical use of identifying risks, creating a risk register, and customizing a risk breakdown structure for the project.
This document discusses techniques for basic risk identification:
1) Interviewing subject matter experts allows risks to be identified that may not be known to the project team. Brainstorming encourages identifying many risks but must be facilitated properly. The Delphi technique uses anonymous interviews to get expert opinions.
2) Nominal group technique combines individual and group work in a structured process. Crawford slips have individuals privately write risks for fast identification. Analogy identifies risks based on similarities to past projects.
3) Checklists and templates systematize the identification of risks based on historical data from other organizations.
The Balanced Scorecard is a strategic planning and management system that monitors organizational performance against strategic goals. It was developed in 1992 by Kaplan and Norton to provide a balanced perspective beyond just financial measures. The Balanced Scorecard approach suggests viewing an organization from four perspectives: financial, customer, internal business processes, and learning and growth. Key to implementation is obtaining executive support, involving leaders and employees, enhancing information systems, and monitoring progress.
Risk management is the process of identifying and mitigating risks that may have a positive or negative impact on a project. It includes risk management planning, identification, analysis, response planning, and monitoring and control. Analyzing risks qualitatively and quantitatively helps prioritize them so appropriate responses can be developed, such as avoiding, transferring, mitigating, or accepting risks. Monitoring risks ensures new risks are identified and risk responses remain effective over the project lifecycle. The benefits of effective risk management include more efficient resource use, continuous improvement, fewer failures, and enhanced communication and accountability.
The document discusses project risk management and outlines six processes for managing risk: risk management planning, risk identification, qualitative risk analysis, quantitative risk analysis, risk response planning, and risk monitoring and control. It provides details on tools and techniques used in each process, such as documentation reviews, information gathering, probability and impact matrices, and quantitative risk analysis modeling. The overall goal of risk management is to increase the probability of positive events and decrease the probability of negative events on a project.
The document discusses the balanced scorecard framework. It describes the balanced scorecard as having four key business perspectives: financial, customer, internal process, and learning and growth. It provides examples of metrics that could be used for each perspective. Companies adopt the balanced scorecard to help with change, growth, and implementation efforts. The balanced scorecard helps align business activities with vision and strategy and provides a comprehensive view of organizational performance.
The document discusses risk management frameworks and processes. It provides:
1) An overview of risk management, including highlighting risks at the project, program, and portfolio levels.
2) A risk management framework involving establishing context, risk identification, analysis, evaluation, and treatment.
3) Details of risk governance, including risk management plans, risk registers, governance documents, and ongoing and discrete risk activities.
This document provides guidance on developing a balanced scorecard for internal audit departments. It outlines seven steps to create a balanced scorecard: 1) identify customer needs, 2) assess internal audit capabilities, 3) develop strategic objectives, 4) identify performance measures, 5) identify targets and initiatives, 6) develop a strategic map, and 7) develop a scorecard for each performance category. Examples and exercises are provided for each step. The goal is to develop a performance measurement system that is driven by strategy and includes cause-and-effect linkages, leading indicators, and outcome measures. Continuous refinement of the system is emphasized.
The document discusses the importance of values and beliefs for internal auditors. It states that values and beliefs drive internal auditors and lead them to achieve objectives with satisfaction. Some key values and beliefs mentioned are independence, objectivity, adherence to ethical norms, and continual professional development. The document emphasizes that internal auditors should be proud of their role and view themselves as true professionals.
The IA-CM is a universal model for assessing and improving internal audit capabilities. It consists of 5 levels with increasing maturity in internal audit practices, processes, and performance. The model is based on principles of selecting the optimum internal audit capability based on organizational needs, applying professional standards, and continuous improvement. It can be used as a framework to assess current capabilities, identify improvement opportunities, and develop plans to enhance internal audit effectiveness over time.
The document discusses various methods and techniques for conducting organizational appraisal, including analyzing an organization's internal environment, resources, capabilities, and competitive advantages. It describes frameworks for assessing financial, marketing, operations, personnel and general management capabilities. These include the VRIO framework, balanced scorecard, BCG matrix, GE matrix, and McKinsey 7S model. Examples are provided of using organizational capability profiles and competitive advantage profiles to evaluate strengths and weaknesses.
The document discusses performance appraisal systems and some key considerations in developing an effective system. It notes that the objectives of performance appraisal should include employee development, providing feedback, setting realistic goals, and input to compensation decisions. When developing key result areas and objectives, they should characterize critical job functions and allow distinction between effective and ineffective performance. An effective system requires trust between managers and employees and a focus on development over quantitative ratings. Cultural factors like loyalty and group relationships also influence performance appraisal in India.
What ISO Management Systems can learn from Balanced Scorecard?PECB
Balanced Scorecard is a Strategy Management System developed by Professors Kaplan and Norton. It is probably the most comprehensive system/tool in the modern world. It allows an organization balance its Strategy across 4 perspectives (Financial, Customer, Internal Process and Learning and Growth Perspectives). It further lets an organization break down each of these 4 perspectives based on 4 criteria which are Objectives, Measures, Target and Initiatives. There is a lot that ISO Implementers and Auditors need to learn from a Balanced Scorecard that will help in better delivering ISO engagements. This webinar will take a critical look at what is Balanced Scorecard and what ISO Consultants need to know to about it.
Main points covered:
• What is a Balance Scorecard?
• How Balance Scorecard allows organization to balance its Strategy across 4 perspectives (Financial, Customer, Internal Process and Learning and Growth Perspectives)
• How an organization breaks down each 4 perspective based on 4 criteria (Objectives, Measures, Target and Initiatives)
Presenter:
This webinar was presented by Orlando Olumide Odejide, who is the Chief Trainer for Training Heights Limited. Orlando is an experienced Enterprise Architect and Programme Director working on various technology solutions including SharePoint, SQL Server, Oracle, SAP, Odoo and Qlikview Technologies for clients in the Financial Services, Government and Manufacturing Sectors.
Link of the recorded session published on YouTube: https://youtu.be/XPPj9XhXl0s
The CIA (Certified Internal Auditor)and Internal auditing certification is the monopoly and the only designation recognized globally for internal auditors ( IIA- Institute of Internal Auditors, USA). Any person with or without relevant background can take up this course become a CIA so long as the prerequisites are fulfilled. Once you have fulfilled your education and work experience requirements, our consultants at Zabeel Institute will help you complete the evaluation process and guide you on the further steps.
Linda Huey has over 15 years of experience in project management, process improvement, auditing, and training. She has led process improvement projects that have increased revenue and driven cultural change through Lean Six Sigma methodologies. As a senior consultant, she has coached project teams, developed value stream maps, analyzed data, and presented solutions to executive management. Previously, she performed internal audits and ensured compliance in finance, operations, and asset management at the FDIC and Ford Motor Company, developing corrective actions that increased revenue and reduced findings. Huey holds certifications in project management, Lean Six Sigma Black Belt, and training and has managed teams of up to 65 auditors.
In corporations, we see a number of out-sourced Internal Auditors partnering with the internal team in executing audit assignements . How do we leverage and monitor this activity to deliver high quality audits ?
This document outlines a process for a leadership group to assess their organization's quality improvement (QI) culture. The group will engage in a facilitated discussion to administer the Organizational Culture of Quality Self-Assessment Tool (SAT) through group scoring. The assessment is based on 6 foundational elements of QI with 14 sub-elements. Placeholder slides are included to guide scoring of each sub-element. The results will be used to prioritize strategies from the QI Roadmap to address any gaps and incorporate them into the organization's QI plan.
Performance is often defined simply in output term .i.e. the achievement of quantified objectives.
-It is however not only the matter of what people achieve but how they achieve it.
-Performance means both behaviors and results. Behaviour emanates from the performer and transform performance from abstraction to action. Not just the instruments for results, behaviors are also outcomes in their own right – the product of mental and physical effort applied to tasks – and can be judged apart from results.
performance management – considers inputs (behaviour) and outputs (results).
Government Quality Management - It's Not an Oxymoron!
Government can and does provide quality performance in management. One way is through the use of the Baldrige Criteria for Performance Excellence and see some of the national stars from around the nation.
Performance appraisal of 5 companies done by shweta-bebartaShweta Bebarta
It is a PPT which describes briefly about Performance appraisal process of 5 companies. they are - TCS, GENERAL ELECTRIC, SAP, BIG BAZAAR and TITAN. These 5 companies, which process they have adopted for appraisal and why it is good for the company?
The document provides information on a series of certificate training courses for internal audit professionals held in Dubai, UAE in 2017. It includes five courses that cover essential internal audit topics from introductory to advanced levels, with each course offering up to 30 CPE credits. The courses are designed for professionals with varying levels of internal audit experience, from new entrants to heads of internal audit functions. Course topics range from the essentials of internal audit to risk-based auditing, advanced techniques, and leading internal audit functions. The document provides details on course objectives, instructors, prerequisites, and registration.
The document describes the EISA Audit methodology, which takes a continuous improvement approach. It outlines key elements of the EISA Audit including acceptance and continuance, the audit comfort cycle, substantive procedures, other audit procedures, and the audit committee communications plan. The audit comfort cycle involves understanding what management needs comfort on, how they get comfort, if they are entitled to that comfort, and if the auditors can audit that comfort. The methodology is designed to be adaptable to all clients and continuously improve over time with a focus on audit quality.
Kaustubh Vikas Donde has over 14 years of experience in internal audit, specializing in risk management. He currently works as Senior Manager of Internal Audit at Forbes & Company Limited, where he leads internal audit teams, presents findings to the Audit Committee, and helps improve risk management and compliance processes. Prior to this, he held internal audit roles at several other companies where he performed audits, developed audit programs, and provided inputs to strengthen internal controls and risk management.
This document outlines a presentation on implementing an internal audit (IA) balanced scorecard to measure IA effectiveness and efficiency. The presentation covers: setting the context for an IA balanced scorecard; components of an IA balanced scorecard including perspectives like audit committee, management, internal audit processes, and innovation; and identifying measurement criteria. Key points include establishing performance metrics in critical areas like stakeholder satisfaction and processes, setting a desired maturity state for the IA function, and defining an IA balanced scorecard to demonstrate IA's value and contribution to the organization.
Hur kan kvaliten förbättras på din internrevisionsaktivitet vad fungerarTranscendent Group
Presentation från GRC 2015 den 20 maj. Kontakta gärna talaren om du har några frågor. Hela schemat för eventet hittar du här: http://www.transcendentgroup.com/sv/har-har-du-hela-schemat-for-grc-2015/
This document discusses enterprise performance management. It provides details about the course code, type, credits, books, and chapters to be studied. Performance management is defined as systematically evaluating employee and organizational performance against goals. It is important for implementing business strategies, motivating employees, and improving organizational effectiveness. The key steps in performance management include setting goals, measuring and monitoring performance, providing feedback, and evaluating performance. Performance management is important for human resource planning, recruitment, compensation, and developing employees.
Similar to Z 3h 2 - application of ppf in practice (20)
The document discusses conducting risk assessment for an internal audit department. It begins by outlining the key objectives and activities of the internal audit function. It then provides a list of 27 questions and answers to map out the internal audit processes, inherent risks, and key controls. The questions cover topics like audit planning, coordination with other departments, reporting structure, budgeting, performance metrics, theoretical risks, and controls. The overall purpose is to establish a proper risk management process for the internal audit department.
This document summarizes the process undertaken by the Management Audit division of EID Parry (India) Limited to achieve ISO 9002 quality certification for their internal audit processes. It provides background on the need for certification to bring standardization and process discipline. It outlines their approach of consulting other organizations, developing quality manuals based on Institute of Internal Auditors frameworks, and working with consultants. It describes achieving certification in 2001 and future plans to upgrade to ISO 9002:2000 and internal IIA standards. The certification process and requirements facilitated defining responsibilities, audit planning, training, and process reviews.
The document discusses the importance of auditor-auditee partnerships for effective audits. It states that effective audits require a proactive auditor combined with a participative auditee. The objectives of both the auditor and auditee are to achieve efficiency, effectiveness, and economy of operations through proper systems, controls, compliance, and financial reporting. Both parties must work cooperatively as an operating team for management-driven audits that add value rather than find faults.
This document discusses how an organization's internal audit division addresses quality management principles. It provides examples of actions taken to demonstrate adherence to each of the eight principles: 1) Customer focus, 2) Leadership, 3) People involvement, 4) Process approach, 5) System approach to management, 6) Continual improvement, 7) Fact-based decision making, and 8) Beneficial supplier relationships. For each principle, it outlines the division's approach and specific initiatives taken to ensure the principle is followed in its auditing practices and processes. The overall intent is to apply a quality management system to the internal audit function to improve effectiveness and efficiency.
This document provides information about technical audits conducted by the Management Audit Division of E I D Parry (India) Ltd for various companies in the Murugappa Group. The objectives of the technical audits are to recommend cost savings and quality improvements through identifying areas for increased energy efficiency and facilitating their implementation. The audit process involves creating awareness, identifying areas to audit, prioritizing and conducting pilot audits, implementing recommendations, and sharing learnings. Key focus areas of the audits are energy sources like steam, electricity, renewable energy as well as factory assets, production processes, safety and environment. Methodologies, skills required, and tools used for conducting energy and other technical audits are also outlined.
The internal audit team provides a range of audit and consulting services to help the organization meet its objectives and mitigate risks. These services include monitoring controls, compliance, cost analysis, and fraud prevention. The internal audit team acts as a governance partner by ensuring accuracy, evaluating controls, and supporting external auditors. It aims to be a resource to management by providing objective assessments and recommendations to improve operations, reduce costs, and enhance performance.
Este documento resume las principales ideas de un texto sobre la filosofía de la vida. En 3 oraciones:
El texto explora las diferentes dimensiones del ser humano como la mente superior e inferior, la conciencia subconsciente y el cuerpo físico. También analiza las influencias positivas y negativas que afectan a cada dimensión. Finalmente, presenta algunos dichos tradicionales para ilustrar conceptos como la mente, las emociones y la energía psíquica.
The document describes the features of the WEBMARS audit management software. It includes features such as engagement monitoring, task assignment, follow-up reminders, an executive summary report, integrated messaging, offline form updates, external user access, security controls, audit reporting, standards compliance, a bulletin board, and a knowledge warehouse. The software aims to help automate audit processes and improve communication and information sharing.
This document summarizes an audit process management tool called WEBMARS that aims to simplify and automate audit workflows. The tool allows auditors to plan audits, create engagement orders, manage audit reports, assign and track follow-up tasks to auditees, and analyze processes to ensure compliance with standards. Key benefits highlighted include enabling a paperless audit process, centralized data access, automated reminders, and time savings which allow auditors to focus more on process improvement.
Este documento presenta una discusión sobre la conciencia humana y su relación con diferentes niveles del ser: físico, emocional, mental e intuitivo/espiritual. Propone que la conciencia superior puede guiar a la mente inferior hacia pensamientos y acciones positivas que conduzcan al bienestar individual y colectivo.
The document outlines 5 stages of an empowerment process: (1) manager makes decisions alone, (2) manager asks for suggestions then decides, (3) manager and team discuss then decide, (4) decisions made cooperatively, (5) manager delegates decisions to team. It also discusses the importance of control systems and how empowerment depends on process effectiveness. The chairman's speech discusses goals of an ERP implementation including flexibility, brand strengthening, leaner organization, and increased sales. The chairman expresses confidence in the difficult task despite challenges like resistance to change and past emphasis on individual work over teamwork.
The document outlines good internal audit practices and working with a board audit committee. It discusses establishing vision, mission, and quality policies. It also discusses structured audit documentation and coverage, automation tools, seminars for auditees, and using computers. The document recommends the audit committee meet quarterly to review the audit plan, results, and status updates. It also suggests the internal auditor act as a liaison between the committee and business to ensure reliable information, compliance, and efficient use of resources.
1. The document discusses frameworks for evaluating IT investments and measuring their efficiency and impact on business performance. It provides models for assessing costs, benefits, and value added by IT.
2. Key factors that influence the success of IT projects are identified such as strategic alignment, clear objectives, management processes, and maturity of business judgement. Common causes of project failure include neglecting strategic considerations and overfocus on costs.
3. Metrics are suggested for measuring improvements from implementing integrated systems like ERP. Case studies demonstrate how organizations achieved efficiency gains, cost savings, and better decision making through IT.
The document provides an overview of information systems (IS) auditing including what it is, why it is important, who can perform IS audits, the types of work done, and how audits are conducted. Key points include:
- IS auditing independently appraises IS processing and ensures operations are efficient, effective, and assets are safeguarded.
- IS auditing has grown in importance due to increased computer access, data security concerns, and complex systems/fraud risks.
- IS audits are typically performed by Certified Information Systems Auditors and may involve technical experts.
- Audit work focuses on areas like security, operations, implementations, and training.
- Audits use tools and interviews
The document describes the features of the WEBMARS audit management software. It includes features such as engagement monitoring, task assignment, follow-up reminders, an executive summary report, integrated messaging, offline form updates, external user access, security controls, audit reporting, standards compliance, a bulletin board, and a knowledge warehouse. The software aims to help automate audit processes and improve communication and information sharing.
This document summarizes an audit process management tool called WEBMARS that aims to simplify and automate audit workflows. The tool allows auditors to plan audits, create engagement orders, manage audit reports, assign and track follow-up tasks to auditees, and analyze processes to ensure compliance with standards. Key benefits highlighted include enabling a paperless audit process, centralized data access, automated reminders, and time savings which allow auditors to focus more on process improvement.
The document discusses the need for an internal audit department of a company to obtain ISO certification. It outlines how ISO requirements can help address intangible assets of the organization like customer relationships, knowledge, brand and reputation through establishing quality systems, structured processes, and employee training. The document also provides an overview of the internal audit methodology, which includes elements like audit planning, assignment execution and control, quality forms, and an overall framework focusing on assurance, systems and consultancy.
1. Good energy management starts with an energy audit that evaluates and improves energy usage and identifies inefficiencies.
2. Technical audits help organizations accomplish their objectives through a systematic review of energy consumption across operations.
3. Energy audits identify areas of wasted energy and recommend cost-effective solutions to reduce energy usage and improve the bottom line.
The document discusses the evolving role of the internal auditor. It notes that today's internal auditor is a sought-after professional equipped to partner with management in a changing corporate world characterized by increased risks, regulations, and complexity. The internal auditor provides independent assurance that risks are understood and managed, acts as a consultant, and helps protect the organization through comprehensive audits and recommendations to strengthen governance.
A Free 200-Page eBook ~ Brain and Mind Exercise.pptxOH TEIK BIN
(A Free eBook comprising 3 Sets of Presentation of a selection of Puzzles, Brain Teasers and Thinking Problems to exercise both the mind and the Right and Left Brain. To help keep the mind and brain fit and healthy. Good for both the young and old alike.
Answers are given for all the puzzles and problems.)
With Metta,
Bro. Oh Teik Bin 🙏🤓🤔🥰
Andreas Schleicher presents PISA 2022 Volume III - Creative Thinking - 18 Jun...EduSkills OECD
Andreas Schleicher, Director of Education and Skills at the OECD presents at the launch of PISA 2022 Volume III - Creative Minds, Creative Schools on 18 June 2024.
How to Setup Default Value for a Field in Odoo 17Celine George
In Odoo, we can set a default value for a field during the creation of a record for a model. We have many methods in odoo for setting a default value to the field.
🔥🔥🔥🔥🔥🔥🔥🔥🔥
إضغ بين إيديكم من أقوى الملازم التي صممتها
ملزمة تشريح الجهاز الهيكلي (نظري 3)
💀💀💀💀💀💀💀💀💀💀
تتميز هذهِ الملزمة بعِدة مُميزات :
1- مُترجمة ترجمة تُناسب جميع المستويات
2- تحتوي على 78 رسم توضيحي لكل كلمة موجودة بالملزمة (لكل كلمة !!!!)
#فهم_ماكو_درخ
3- دقة الكتابة والصور عالية جداً جداً جداً
4- هُنالك بعض المعلومات تم توضيحها بشكل تفصيلي جداً (تُعتبر لدى الطالب أو الطالبة بإنها معلومات مُبهمة ومع ذلك تم توضيح هذهِ المعلومات المُبهمة بشكل تفصيلي جداً
5- الملزمة تشرح نفسها ب نفسها بس تكلك تعال اقراني
6- تحتوي الملزمة في اول سلايد على خارطة تتضمن جميع تفرُعات معلومات الجهاز الهيكلي المذكورة في هذهِ الملزمة
واخيراً هذهِ الملزمة حلالٌ عليكم وإتمنى منكم إن تدعولي بالخير والصحة والعافية فقط
كل التوفيق زملائي وزميلاتي ، زميلكم محمد الذهبي 💊💊
🔥🔥🔥🔥🔥🔥🔥🔥🔥
2. “Internal Audit Standards” in my opinion are
Values & Beliefs /
Way of life in Internal Audit
and
not just Rules / Prescriptions!
IIA Madras
M Rajeshwaron
Dec 2005
3. “Effectiveness of Implementation”
Role of…..
Internal Auditor
CEO / CFO
Audit Committee
IIA Leaders
…… is
vital
IIA Madras
M Rajeshwaron
Dec 2005
4. Application – Different Scenario!
Corporates
A. Senior level Professional responsible for Internal Audit
Status
No / Little awareness !
Prescription
Self conviction / Determination / Thorough understanding
Presentations to Audit Stake Holders
Gaining Acceptance
Drafting an “Audit Charter”
Implementation & Monitoring
IIA Madras
M Rajeshwaron
Dec 2005
5. Application – Different Scenario!
Corporates
B. Internal Audit co-ordinated by a by Junior level Auditors
Status
No / little awareness
Interested in PPF implementation – Require guidance!
Organisation not informed of the importance of PPF, New
Definition etc.
Prescription
Seek IIA – Leaders’ support & do all the activities as in ‘A’
IIA Madras
M Rajeshwaron
Dec 2005
6. Application – Different Scenario!
Corporates
C. Group of Companies
Status
Different companies with different status!
Different Audit Committees / CEOs
With or without a Group level Internal Audit co-ordinator!
IIA Madras
M Rajeshwaron
Dec 2005
7. Application – Different Scenario!
Corporates
C. Group of Companies….
Prescription
Group level Head should be a seasoned career internal
auditor
He / She should convince ACs / CEOs of different
Companies
Gain acceptance / put a system in place with Negotiables /
Non-negotiables
Create a strong ‘Group Audit Forum’ / Develop Activities
relating to ‘Standards’
IIA Madras
M Rajeshwaron
Dec 2005
8. Application – Different Scenario!
D. SMEs
Status
No Internal Audit
Blissfully unaware of IIA / PPF etc. !
Prescription
IIA leaders to identify such SMEs & have programs for
educating, guiding and making things happen!
SMEs could seek the help of IA Practitioners for installing
the system.
IIA Madras
M Rajeshwaron
Dec 2005
9. Top 10! Standards that require attention!
• Independence & Objectivity
• Competent Advice / Assistance
• Continuing Professional Education
• Quality Assurance & Improvement
• Establishing Measures
• Planning
• Reporting to Board & Senior Management
• Relationship with Audit Committee
• Role in Risk Management
• Ethical culture
IIA Madras
M Rajeshwaron
Dec 2005
11. 1110 – Independence & Objectivity
Focus:
Organisational Status / Objectivity
The Internal audit activity should be independent and internal
auditors should be objective in performing their work
The Chief Audit Executive should report to a level within the
organisation that allows the internal audit activity to
accomplish its responsibilities
The CAE administratively reports to the CEO of the company
and functionally to the Chairman of Audit Committee
IIA Madras
M Rajeshwaron
Dec 2005
12. 1110 – Independence & Objectivity
Issues
Present level of Internal Auditor in our organisations ?
Responsible for two functions (Resource Utilisation Objective!)
Conflict of interest?
Priority shift between those functions?
Budget constraints coming in the way?
CEO’s time for supervision a constraint? – Delegation to CFOs?
Audit Committee’s time allocation for Internal Audit?
Why does the status of Internal Audit often seem to be a direct
consequence of organisational ledership attitudes? (Long standing IA
functions : JC Penny & Ford Motor)
IIA Madras
M Rajeshwaron
Dec 2005
13. 1130 A2 – Impairments to Independence or Objectivity
Focus
Assurance engagements for functions over which the Chief
Audit Executive has responsibility should be overseen by a
party outside the internal audit activity.
Issues
Who will be the party outside the Internal Audit Activity?
Level of his intervention?
If Field Auditors who report to the CAE were to do the audit?
Escalation of issues to Audit Committee from his (CAE) own
areas?
IIA Madras
M Rajeshwaron
Dec 2005
14. 1210 A1 – Competent Advice / Assistance
Focus
CAE should obtain competent advice and assistance if
the internal audit staff lacks the knowledge, skills, or
other competencies needed to perform all or part of the
engagement
CAE should assess the competency, independence &
objectivity of the outside providers.
IIA Madras
M Rajeshwaron
Dec 2005
15. 1210 A1 – Competent Advice / Assistance
Issues
Normal approach to ‘oursourcing’ Internal Audit vs the
above approach
External Auditors doing internal audit assignments
Internal processes for effective evaluation of outside service
providers
GAP – Guest Audit Pool as a strong Resource!
Strong Business Knowledge
IIA Madras
M Rajeshwaron
Dec 2005
16. 1230 - 1- Continuing Professional Development
Focus
Internal Auditors should enhance their knowledge, skills
and other competencies through continuing professional
development
IIA Madras
M Rajeshwaron
Dec 2005
17. 1230 - 1- Continuing Professional Development
Issues
Normal Training Plan in an organisation vis-à-vis – IA!
Training in Internal Audit:
* Continuous Involvement in Professional Associations
* Knowledge on Standards / its interpretation /
Application
* Technology Adoption (Audit Tools, Risk Assessment
Models)
* Research Projects on various aspects of IA
* Certification for Audit Staff (CIA / CISA etc)
IIA Madras
M Rajeshwaron
Dec 2005
18. 1300 - Quality Assurance and Improvement
Programme (QA & IP)
Focus
The Chief Audit Executive should develop and maintain a
quality assurance and improvement program that covers
all aspects of the internal audit activity and continuously
monitor its effectiveness
IIA Madras
M Rajeshwaron
Dec 2005
19. 1310 -1 – Quality Programme Assessment
Focus
This programme includes periodic internal and external
quality assessments (once in 5 years) and on-going internal
monitoring. Each part of the programme should be designed
to help the internal auditing activity add value and improve
the organisation’s operations and to provide assurance that
the internal audit activity is confirming with the standards.
IIA Madras
M Rajeshwaron
Dec 2005
20. 1300 -1 – Quality Assurance and Improvement
Programme (QA & IP)
1310 – 1 – Quality Programme Assessment
Issues
Do we have a structured system?
What is the system? ISO – 9000?
How are we evidencing the continuous improvement
in the Internal Audit Division? (Kaizen etc)
How do we communicate the results of such Quality
System to Top Management?
Who will do the review (Internal / External)?
Do we have a manual on this?
IIA Madras
M Rajeshwaron
Dec 2005
21. 1311 -2 – Establishing Measures
Quantitative Metrics and Qualitative Assessments to support
reviews of Internal Audit Activity performance
Focus
Identifying critical performance categories:
* Audit stake holders satisfaction
* Audit Processes
* Innovation & capabilities of internal audit
(See chart in next slide)
IIA Madras
M Rajeshwaron
Dec 2005
22. Performance Categories
Internal Customers
• Board / Audit Committee
•Senior Management
•Operating Management
External Customers
•Regulators
Professional Practices
Framework
•Community
Corporate and
Internal Audit
Strategies
•Corporate Customer
Laws and Regulations
•External Audit
Internal Audit Process
•Risk Assessment / Audit
Planning
•Planning & Performing
the Audit Engagement
•Reporting
Innovation and Capabilities
•Training
•Technology
•Industry Knowledge
IIA Madras
M Rajeshwaron
Dec 2005
23. 1311 -2 – Establishing Measures…
Issues
Are we trying to use GAIN – Parameters?
Level of contribution to the improvement of Risk
Management and controls & Governance processes
factored?
Customer Feed back obtained? Matrix prepared?
Achievement of key goals and objectives depicted?
Evaluation of progress against Audit Activity Plan done?
Improved staff productivity substantiated?
A Balance Score Card Frame Work in place? (See chart
next slide)
IIA Madras
M Rajeshwaron
Dec 2005
24. Balance Score Card for Internal Audit
Board / Audit Committee
• Audit Committee satisfaction survey
• Role of internal auditing viewed by
audit committee
• Audit committee risk concerns
Internal Audit Process
Management and Auditees
•Auditee satisfaction survey
results
•Percent of audit
recommendations
implemented
•Number of management
requests
•Management expectations of
internal auditing
Professional Practices
Framework
Corporate and
Internal Audit
Strategies
Laws and Regulations
• Importance of audit issue
• Completed vs. planned audits
• Number of major audit findings
• Amount of audit savings
• Quality assurance techniques
developed
• Number of repeat findings
• Days from end of field work to
report issurance
•Number of complaints about
audit
Innovation and Capabilities
•Staff experience
•Training hours per internal auditor
•CAE reporting relationship – functional
•Percent of certified staff
IIA Madras
M Rajeshwaron
Dec 2005
25. 1311 -2 – Establishing Measures…
Issues…
Increased cost efficiency of the audit process
highlighted?
Increased number of action plans for process (IA)
improvements captured?
Adequacy of engagement planning / supervision
documented?
Effectiveness in meeting the needs of stake holders
measured?
(Next year by this time IAs have to report these to ACs –
Clause 49)
IIA Madras
M Rajeshwaron
Dec 2005
26. 2010 –A1 – Planning
Focus
The Chief Audit Executive should establish risk based
plans to determine the priorities of the internal audit activity
consistent with the organisation’s goals.
Issues
Have we adopted the required Technology to do this Risk
Ranking?
Do we have access to the organisation’s strategy, Goals,
Business Plan etc.,?
Does the organisation have a risk management system in
place or not? Has it been factored in our risk prioritation?
Do we consider Auditee Management, a partner in this
exercise?
IIA Madras
M Rajeshwaron
Dec 2005
27. 2060 – Reporting to Board & Senior Management
Focus
The Chief Audit Executive should report periodically to the
Board and Senior Management on the Internal Audit
activity’s purpose, authority, responsibility & performance
relaltive to its plan.
Reporting should also include significant risk exposures
and control issues, Corporate Governance issues, and
other matters needed or requested by the Board / Senior
Management
IIA Madras
M Rajeshwaron
Dec 2005
28. 2060 – Reporting to Board & Senior Management..
Issues
AC’s dual role – IA oversight responsibility & Internal
Control System
Isolated ‘control’ issues reported often? (Risks vs.
Risk Management Process)
Overall assurance statements not made (data
inadequacy with audit)?
‘Materiality concept’ defined, discussed & agreed?
IIA Madras
M Rajeshwaron
Dec 2005
29. 2060 – Reporting to Board & Senior Management..
Issues…
Significant Material issues
* Conditions dealing with irregularities
* Illegal Acts
* Errors
* Inefficiency
* Waste
* Ineffectiveness
* Conflicts of interest
* Control weaknesses
IIA Madras
M Rajeshwaron
Dec 2005
30. 2060 -2 – Relationship with Audit Committee
Focus
Inter-locking goals of Internal Auditor & Audit Committee
Effective & strong working relationship only will achieve this
* Internal Auditor as an ‘Advisor’ to Audit committee
* Audit Committee who has an ‘oversight responsibility’ for
internal Audit
Issues
20 Questions Directors should ask about Internal Audit (IIA
Research) - click
This should form part of the ‘Internal Auditor’s initial
presentation to the Board / Audit committee / Senior
Management in the organisation
Belief is that when IA Stds. are followed , AC can discharge its
responsibility more effectively.
IIA Madras
M Rajeshwaron
Dec 2005
31. 2100 -3 – Internal Auditors’ role in
Risk Management Process
Focus
The Internal Audit activity should evaluate and contribute
to the improvement of risk management, control and
governance processes using a systematic and disciplined
approach
Issues
Primary responsibility – Management
Support / Facilitating Role – Internal Audit
Risks
- Strategic direction – Board
-
Ownership – Senior Management
Residual Risk Acceptance – Executive Management
Monitoring Activities – operating management
Periodical Assessment / Assurance – Internal Audit
IIA Madras
M Rajeshwaron
Dec 2005
32. 2100 -3 – Internal Auditors’ role in
Risk Management Process…
Issues….
Factors to be considered while adopting the standard
* Culture of organisation / Entity’s size
* Ability of Internal Audit
* Local Conditions / Customs of the Country
IIA Madras
M Rajeshwaron
Dec 2005
33. 2100 -4 – Role in Organisation without a Risk
Management Process
Focus
Consulting Role – Internal Audit
Improving fundamental processes
Issues
What adds value to ‘Risk Services’ by IA?
- Measurement
- Completeness
- Process Assurance
- Second look
- Objectivity
IIA Madras
M Rajeshwaron
Dec 2005
34. 2100 -7 – Environmental Risks
Focus
SHE Audits
Issues
Do we have a Technical Audit system?
Normally Safety Audits are with the Safety Department
No reports placed at the Board by them
Should be an integral part of Internal Audit to effectively
communicate risks to Top Management / Board
Competency building efforts within Internal Audit?
IIA Madras
M Rajeshwaron
Dec 2005
35. Other Risk related Standards
2100 – 5 - Regulatory Compliance
2100 – 6 - e-commerce activities
2100 – 8 - Privacy Framework
2100 - 9 - Application System Reviews
2100 - 10 – Audit Sampling
2100 - 1,2, 11-- Risk Elements
(Definition, Information Security, IT Controls etc.)
IIA Madras
M Rajeshwaron
Dec 2005
36. 2130 – Ethical Culture
Focus
Governance Related
Internal Audit as an “Ethics Advocate”
Issues
Do we look at this at present?
Do we see the connectivity & shift in focus?
* Fraud – Investigation role
* Ethics – Advocacy role
IIA Madras
M Rajeshwaron
Dec 2005
37. 2130 – Ethical Culture
Key Organisational Ethics Activities
IA’s effective Role
-
Set an ethical tone at the top
Promote strong and effective internal controls
Establish a whistle blower policy
Prevent reprisals
Provide ethics & fraud training for staff
Implement a confidential tips hotline
-
Create a culture of doing the right thing
IIA Madras
M Rajeshwaron
Dec 2005
38. 2130 – Ethical Culture
IA can play a ‘Change Agent’ role :
- Establishing a ‘whistle-friendly’ accountable Corporate
Culture?
- Educating the Corporation about the ‘risk of not
knowing what is going wrong!’
Have we built the required credibility and got the
competency to address this area?
IIA Madras
M Rajeshwaron
Dec 2005
39. 2600 – Management’s Acceptance of Risks
Focus
When the Chief Audit Executive believes that senior
management has accepted a level of residual risk that is
unacceptable to the organisation, the Chief Audit Executive
should discuss the matter with Senior Management
If the decisions regarding residual risk is not resolved, the
Chief Audit Executive and senior management should
report the matter to the board for resolution.
IIA Madras
M Rajeshwaron
Dec 2005
40. 2600 – Management’s Acceptance of Risks…
Issues
Are we doing this?
Are issues getting dropped at the Executive Management
level?
Level of Support / Freedom provided by Audit Committee
in this regard?
Residual Risk – Assessment – How scientific is it ?
IIA Madras
M Rajeshwaron
Dec 2005
41. All these mean……
Passion and thirst for excellence!
Strong belief in IIA Standards
High level of Professionalism
Effectiveness in energising,educating, convincing
and gaining acceptance from all stake holders
Ruthless Execution of a robust audit system
Sustaining the Best Practices adopted
- A WILL TO DO !
IIA Madras
M Rajeshwaron
Dec 2005
42. “Will to do”
±ñ½¢Â ±ñ½¢Â¡íÌ ±öÐÀ ±ñ½¢Â¡÷
¾¢ñ½¢Â÷ ¬¸ô ¦ÀÈ¢ý
-¾¢ÕìÌÈû
The will to do achieves the deed
When mind that wills is strong in deed
-Thirukkural
IIA Madras
M Rajeshwaron
Dec 2005
44. 20 Questions
Directors ask about Internal Audit
1.
2.
3.
4.
5.
6.
7.
8.
Should we have an Internal Audit Function?
What should our Internal Audit function do?
What should be the mandate of the Internal Audit
Function?
What is the relationship between Internal Audit and the
Audit Committee?
To whom does Internal Audit report administratively?
How is the Internal Audit function staffed?
How does Internal Audit get and maintain the
expertise it needs to conduct its assignments?
Are the activities of Internal Audit appropriately coordinated with those of external auditors?
IIA Madras
M Rajeshwaron
Dec 2005
45. 20 Questions
Directors ask about Internal Audit
9. How is the Internal Audit Plan developed?
10. What does the Internal Audit Plan not cover?
11. How are internal audit findings reported?
12.How are Corporate Managers required to respond to
Internal Audit findings and recommendations?
13. What services does Internal Audit provide in connection
with fraud?
14. How do you assess the effectiveness of your internal
audit function?
15. Does Internal Audit have sufficient resources?
16. Does Internal Audit function get appropriate support
from the CEO and Senior Management Team?
IIA Madras
M Rajeshwaron
Dec 2005
46. 20 Questions
Directors ask about Internal Audit
17. Are you satisfied that this organisation has adequate
internal controls over its major risks?
18. Are there any other matters that you wish to bring to
the Audit Committee’s attention?
19. Are there other ways in which internal audit and the
audit committee could support each other?
20. Are we (the Audit Committee) satisfied with our Internal
Audit Function?
back
IIA Madras
M Rajeshwaron
Dec 2005