Internal Auditing For Beginners

Governance, Risk
Management & Compliance

Governance, Risk
Our Vision
To be the lead advocate, trainer
and practitioner in internal
auditing in Africa by providing
superior internal audit solutions
to the private and public sectors
as well as the third sector .
Governance, Risk
Our Mission
To engage internal audit leaders
and their customers; government
officials, corporate executives and
senior management in a constant
dialogue on the position, role and
value of the internal audit
activity.
Governance, Risk
Governance, Risk
Internal Audit 101:
Audit Principles and Techniques

Governance, Risk
Course Overview
Day One
Modern Internal Auditing
The Audit Process
Risk Management and Risk Assessment
Audit Planning

Day Two
Process Documentation
Audit Programs
Audit Fieldwork
Audit Reports
Soft Skills

Governance, Risk
Module One
Governance, Risk
Internal Auditing Defined
Code of Ethics
The Value Proposition of IA
The Role of Internal Auditor
The IIA Competency Framework
Components of the Audit Model
Governance, Risk
independent, objective assurance
and consulting activity designed to
1
add value and improve an
organizations operations. It
2
helps
an organization accomplish its
objectives by bringing a systematic,
disciplined approach to
3
evaluate
and improve the effectiveness of
risk management, control, and
governance processes

Governance, Risk
The
what
The
how
The
why
Governance, Risk
What are we doing?
1
adding value and improving on
organisations operations

Making things better than when
we met it.

Systems | Processes | Procedures
Governance, Risk
Why are we doing it?
2
helping the organization
accomplish its objectives

How do you determine
organisational objectives?

Gain a seat at the table
Governance, Risk
How are you doing it?
3
evaluating and improving the
effectiveness of risk
management, control, and

The triple magic wand
Governance, Risk
IIA Definition Logic
Helps the organization
accomplish its objectives
Adding value and improving on
organisations operations
Evaluating and improving on the effectiveness
of GRC processes
Governance, Risk
independent, objective assurance
and consulting activity designed to
1
add value and improve an
organizations operations. It
2
helps
an organization accomplish its
objectives by bringing a systematic,
disciplined approach to
3
evaluate
and improve the effectiveness of
risk management, control, and

Governance, Risk
Code of Ethics
Principles and Rules
Integrity
Objectivity
Confidentiality
Competency

Governance, Risk
Code of Ethics Principles
Integrity
The integrity of internal auditors
establishes trust and thus provides
the basis for reliance on their
judgment
Governance, Risk
Integrity Rules
Shall perform their work with honesty,
diligence, and responsibility
Shall observe the law and make
disclosures expected by the law and the
profession
Shall not knowingly be a party to any
illegal activity, or engage in acts that are
discreditable to the profession of internal
auditing or to the organization
Shall respect and contribute to the
legitimate and ethical objectives of the
organization
Governance, Risk
Objectivity
Internal auditors exhibit the
highest level of professional
objectivity in gathering,
evaluating, and communicating
information about the activity or
process being examined.

Governance, Risk
Objectivity Rules
Shall not participate in any activity or
relationship that may impair or be
presumed to impair their unbiased
assessment.
Shall not accept anything that may
impair or be presumed to impair their
professional judgment.
Shall disclose all material facts known
to them that, if not disclosed, may
distort the reporting of activities
under review.

Governance, Risk
Confidentiality
Internal auditors respect the value
and ownership of information they
receive and do not disclose
information without appropriate
authority unless there is a legal or
professional obligation to do so.

Governance, Risk
Confidentiality Rules
Shall be prudent in the use and
protection of information acquired
in the course of their duties.
Shall not use information for any
personal gain or in any manner
that would be contrary to the law
or detrimental to the legitimate
and ethical objectives of the
organization.

Governance, Risk
Competency
Internal auditors apply the
knowledge, skills, and experience
needed in the performance of internal
audit services.

Governance, Risk
Competency Rules
Shall engage only in those services
for which they have the necessary
knowledge, skills, and experience.
Shall perform internal audit services
in accordance with the International
Standards for the Professional
Practice of Internal Auditing.
Shall continually improve their
proficiency and the effectiveness and
quality of their services

Governance, Risk
Internal Auditing is the
cornerstone for sustainable
organisational success

The IIA Value Proposition
Governance, Risk
Role of Internal Auditors
Re- Corporate Governance
Re- Risk Management
Re- Fraud
Re- Corporate Ethics
Re- Internal Controls
Re- Information Technology
Re- Financial Reporting

Governance, Risk
The IIA Global Internal Audit
Competency Framework - 2013
Governance, Risk
Module Two
The Audit Process
Governance, Risk
The Audit Process

Governance, Risk
The Audit Process
Governance, Risk
The Internal Audit Process
Governance, Risk

Governance, Risk
How an audit is conducted

Governance, Risk
Planning
Distribute Audit Notification
Conduct Pre-Audit Meeting
Interview Department Personnel
Review Policies and Procedures
Understand and Document the
Business Processes
Perform Risk Assessment
Prepare a Detailed Audit Program
Prepare audit budget (in hours)
Select items to be Audited (samples,
not 100%)

Governance, Risk
Fieldwork
Review Supporting Documentation
Interview department personnel
Perform analyses
Identify Exceptions
Identify Recommendations for
Improvement
Prepare Written Audit Comments (i.e.,
findings)
Department Provides Written
Response and Corrective Action Plan
for findings
Governance, Risk
Reporting
Issue a draft report
Discuss draft report with unit
management
Issue final report
Report is factual, clear, concise,
with an appropriate tone

Governance, Risk
Module Three
Risk Management/Assessment
Governance, Risk

Governance, Risk
A few things about Risk
What is Risk?
The effect of uncertainty on an
objective
Could be positive or negative

Governance, Risk
What is Risk Management?
Coordinated activities to direct and
control an organisation with regard to
risk

Governance, Risk
The Risk Management Process
Governance, Risk
What is Risk Management
Process?
Systematic application of management
policies, procedures and practices to
the activities of communicating,
consulting, establishing the context,
and identifying, analyzing, evaluating,
treating, monitoring and reviewing
risk.

Governance, Risk
Components of Risk Assessment
Risk Identification

Risk Analysis

Risk Evaluation
Governance, Risk
2013 COSO Internal Control
Definition
Pillars | Components | Standards
Principles

Governance, Risk
The ORC Relationship
Group Work

Governance, Risk
Module Four
Audit Planning
Governance, Risk
Audit Planning
Annual Audit Planning
Components of the Audit Project
Plan
Governance, Risk
Annual Audit Planning
Risk Based Audit Planning
Overview
Governance, Risk
Components of the Audit Project Plan
Audit Objectives
Audit Scope
Audit Methodology
Audit Program
Audit Time Budget
Audit milestone dates
Governance, Risk
Audit Objectives
General audit objectives
Specific audit objectives
Governance, Risk
Audit Objectives
Select one functional area in
your organisation and formulate
a general audit objective and the
appropriate specific objectives
for that function

Governance, Risk
Module Five
Audit Programs
Governance, Risk
Audit Programs
Components of the Audit
Program
Audit Objectives and Lines of
Enquiry
Governance, Risk
Components of the Audit Program
the audit objective(s);
the relevant line(s) of inquiry,
criteria, and audit questions;
the information to be requested
from entities
how the evidence will be
analyzed;

Governance, Risk
Example of Audit Program
Cash at Bank and on Hand
Cash and bank.doc
Governance, Risk
Module Six
Governance, Risk
Process Flow charts
Tools for Process Mapping
System Narratives
Interviewing Skills
Governance, Risk
Process Flow charts
A Flowchart is a diagram that
uses graphic symbols to depict
the nature and flow of the steps
in a process

This is very helpful in identifying
the risks embedded within the
process

Governance, Risk
Drawing a flow chart
Start with the big picture
Observe the current process
Record process steps
Arrange the sequence of steps
Draw the Flowchart

Governance, Risk

Governance, Risk
Example Washing of Hands

Governance, Risk
Module Seven
Audit Fieldwork
Governance, Risk
Audit Fieldwork
Testing Controls design and
operating effectiveness
Techniques for gathering audit
evidence
Working paper preparation

Governance, Risk
Testing Controls design and
operating effectiveness
Group work.
Design procurement (G1) and
recruitment and selection G2)
systems with requisite controls
for review by the audit team.
Governance, Risk
Module Eight
Audit Reporting
Governance, Risk
Why write internal audit reports?
Required by Standards.
Inform- (Tell what auditors
found)
Persuade (Convince
management of worth and
validity of findings)
Get Results (Move
management towards change
and improvement.)
Governance, Risk
Audit Reports
From issues to findings
The Five Cs
Reporting Formats
Other Reports
Governance, Risk
From issues to findings
Findings are issues which are
fully developed to add value
Improve the current condition

Governance, Risk
The 5 Cs

Criterion
Consequence
Corrective action
condition
Cause
Governance, Risk
In a nutshell
What should be?
What is?
Why the deviation from the what
should be occurred?
What happened or could happen
because the what is differed from
the what should be?
What is needed to correct the
condition and improve operations?
Governance, Risk
Soft Skills
Team work
Communication

Discussion with delegates
Importance of teamwork and
communication
Improving teamwork and
comunication

Governance, Risk
The End

Thank you for your time

Internal Auditing For Beginners

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Internal Auditing For Beginners

Hochgeladen von

Copyright:

Verfügbare Formate

Governance, Risk

Management & Compliance

Das könnte Ihnen auch gefallen