Beruflich Dokumente
Kultur Dokumente
TO INTERNAL
AUDITING
INTAUD1 - H001
(For In ternal Use Onl y)
Defining Internal Audit
Internal auditing is an independent, objective assurance and
consulting activity designed to add value and improve an organization’s
operations. It helps an organisation accomplish its objectives by bringing a
systematic, disciplined approach to evaluate and improve the effectiveness of
risk management, control and governance processes. (Institute of Internal
Auditors)
Page | 1
Add value – Organizations exist to create value or benefit to their
owners, other stakeholders, customers and clients. This concept
provides purpose for their existence. Value is provided through their
development of products and services and their use of resources to
promote those products and services. In the process of gathering data to
understand and assess risk, internal auditors develop significant insight
into operations and opportunities for improvement that can be
extremely beneficial to their organization.
Control – any action taken by management, the board, and other parties
to enhance risk management and increase the likelihood that
established objectives and goals will be achieved.
Page | 2
4. satisfactory operating criteria are met;
Page | 3
f) Management needs - A wide scope requires a good understanding of
the operations being reviewed and it is necessary to include
management’s needs in the terms of reference by adopting a more
participative style.
Page | 4
Responsibility and Authority of Internal Auditing
The internal auditing department is an integral part of the organization
and functions under the policies established by senior management and the
board. The purpose, authority and responsibility of internal auditing
departments should be defined in a formal written document called Audit
Charter.
Page | 5
KEYSTONE AUDIT SERVICES
AUDIT CHARTER
This audit charter sets out the role, authority and responsibilities of the internal
audit function and has been formally adopted by Keystone Ltd. on 1 January
2016.
1. Role
Internal auditing is an independent, objective assurance and consulting
activity designed to add value and improve an organization’s operations.
2. Responsibilities
Management is responsible for maintaining an adequate system of internal
control to manage risks to the organization. Internal audit will provide
assurance services to management, the board and the audit committee in
terms of reviewing the adequacy of these systems of internal control.
Internal audit will also provide a consulting role in helping promote and
facilitate the development of effective systems of risk management and
internal control.
Page | 6
Furthermore, internal audit shall have no responsibilities over the
operations that it audits over and above the furnishing of recommendations
to management. The results of consulting and ad hoc projects requested by
management will be used to inform internal audit’s position on assurances
where appropriate.
3. Plans
Internal audit is required to publish an annual audit plan to the board and
audit committee and perform the audits that are contained within this plan,
to the standards set out in the audit manual. Annual audit plans will be
based on the risk assessments carried out by management and the board and
take into account issues derived from the current audit strategy that is
approved by the audit committee.
4. Reports
All audit reports will be cleared with the relevant management and once
agreed will be copied to the appropriate director, the audit committee and
external audit. Management is expected to implement all agreed audit
recommendations within a reasonable time frame and each audit will be
followed up to assess the extent to which this has happened. The audit
committee will be given a summary of audits where agreed
recommendations have not been implemented by management without
reasonable explanation.
The audit committee will also receive a summary of all audits where
management have decided not to implement an audit recommendation
without reasonable explanation. The overall results of audit work will be
reported quarterly to the audit committee (who in turn report to the board of
directors). Internal audit is also required to furnish an annual assurance on
the state of internal control in the organization.
5. Access
Internal audit has access to all officers, buildings, information, explanations
and documentation required to discharge the audit role. Any interference
with this right of access will be investigated and, if found to be
unreasonable, will be deemed a breach of organizational procedure and
dealt with accordingly.
Page | 7
6. Independence
Internal audit is required to provide an objective audit service in line with
professional auditing standards (as embodied within the audit manual) and
the auditor’s code of ethics.
To this end it is essential that sufficient independence attaches to this work
for it to have any impact on Keystone Ltd. This is dependent on sufficient
organizational status and the ability to work to professional standards and
the audit committee will undertake an ongoing review of the impact of
these two factors.
CHIEF EXECUTIVE
DATE
The provisions of the code are applied broadly to all organizations and
persons who perform internal audit services not just CIAs and members of IIA.
Page | 8
Element Principle Rule of Conduct
Integrity The integrity of internal 1.1 Shall perform their work
(1) auditors establishes trust and with honesty, diligence,
thus provides the basis for and responsibility.
reliance on their judgement.
1.2 Shall observe the law and
make disclosures
expected by the law and
the profession.
Page | 9
2.2 Shall not accept anything
that may impair or be
presumed to impair their
professional judgement.
Page | 10
4.3 Shall continually improve
their proficiency and the
effectiveness and quality
of their services.
Page | 11