2. Some facts
Internal audit aspirations: highlighting the primary purpose and goal
of the function
Outcomes/results of a value based internal audit activity
Designing an ideal model for a forward looking internal audit shop
Capitalising on a process framework that can elevate the status of
internal audit
CONTENTS
2
3. Some Facts
2015 Global Audit Committee Survey - KPMG:
• Top five Challenges and Concerns
1. Uncertainty and volatility (economic,
regulatory, political)
2. Government regulation & impact
3. Legal/regulatory compliance
4. Operational risk/control environment
5. Talent management & development
2015 South Africa Risk Report - IRMSA:
• Top five Risks by Likelihood
1. Corruption
2. Unemployment
3. Critical infrastructure
4. Political and social instability
5. Organised crime
• Top five Risks by Consequence
1. Corruption
2. Governance failure
3. Unemployment
4. IT infrastructure and networks
5. Critical Infrastructure
The IIA’s Audit Executive Center Global Pulse of the
Profession survey, 2014.:
• Top five topics that need to be better addressed according
to Management & Audit Committees in order of priority
1. Risk management processes
2. Information technology and data management
3. Operational risks
4. Compliance and regulation
5. Corruption/fraud
3
4. Internal Audit Aspirations
Internal Audit
Mission
Statement
Greater
Stakeholder
Expectation
Definition
IA
IA
Evolving
To enhance and protect
organizational
value by providing stakeholders with
risk-based, objective and reliable
assurance, advice and insight4
5. Outcomes/Results
• Reliable assurance that
organization is operating as
intended
• past information
• Reliable assurance that risks
are mitigated
• future - risk sources/causes
Insights
• improving controls,
processes,
procedures,
performance and risk
management
• benchmarking
performance and best
practice
• internal audit
developments
Display objectivity and
independence
WHAT SHOULD YOU EXPECT
Proactive and Positive Change
5
6. Outcomes/Results cont……
• Help focus on strong controls,
accurate reporting, effective
oversight, mitigation of risks
• Assist in identifying of risks
• Provide insight on
effectiveness of controls,
compliance with policy and
procedure and recommend
improvements
• Catalyst for improvement -
evaluate processes, report
findings and recommend
action
• Provide insight into process
improvement by analysing
data & information
• Assess efficiency and
effectiveness of operations by
understanding business and
operations
• Accountable in helping
management achieve
objectives
• Continue to have integrity and
be independent when
performing our duties
6
8. Process Framework
Strategic
Management
• Purpose ---- Planning
Quarterly
Assessment
• Purpose ---- Adjust planning accordingly
Forecast
Synopsis
• Purpose ---- Establish whether key year end targets will be met
Risk
Identification
• Purpose ---- Identification of risks, sources and appropriate audit approach
Audit
Management
• Purpose ---- Recommend practical solutions to influence action
FORWARD LOOKING
IA FUNCTION
Facilitate
achievement of
objectives
8
9. Strategic Management
Past Information:
audit reports
risk assessments
performance information
other assurance
information
Strategic Plan
Annual Plan
KPIs• identify obstacles
• what went wrong
• what went right
• process problems
• people problems
• technology problems
Adequate Alignment
PURPOSE OF EXISTENCE
Audit Plans:
Three year and Annual
plans
• Adequacy audits
• Effectiveness audits
• Economy audits
• Compliance audits
• Risk audits
• Process audits
Annual plans could
change quarterly
Adequate Alignment
• insights
• analysis
Consulting projects to consider:
• Control Self Assessments
• Control and risk assessment training
• Benchmarking
• Fraud awareness
• Data analysis provide insights
Phase 1
9
10. Quarterly Assessment
Perform
Analysis
Provide
Insights & Analysis
Adjust
Audit Plan
Accordingly
Adjust audit plan for next quarter
Based:
-under/over achievement
of targets
-identify sources of risk
-additional risks identified
-areas for improvement
-short, valuable, insightful
audits
Phase 2
10
11. Forecast Synopsis
Purpose:
To establish whether key year-end targets will be met
Outputs:
• Year end forecast model
• A planning tool that helps management in its attempts
to cope with the uncertainty of the future, relying
mainly on data from the past, present and analysis of
trends.
• Providing insight, hindsight and foresight
Phase 3
11
12. Risk Identification
Purpose:
To identify risks and its sources that
impedes the achievement of year end
targets
• Categorize risks according to:
• People
• Process
• Technology
• External
• Identify appropriate way of
auditing sources/causes of risks
• Adequacy audit
• Effectiveness audit
• Compliance audit
• Economy audit
Phase 4
12
13. 13
Audit Management Phase 5
Outputs:
• Practical recommendations that influences management
to take action
Purpose:
To assess and evaluate the risks, its root causes/sources, impact &
recommend an action plan
14. 14
“IF WE ALWAYS DO WHAT WE
ALWAYS DID WE ALWAYS GET
WHAT WE ALWAYS GOT”
Quote by Henry Ford
