Welcome to:

Internal Auditing

Internal Auditing
Lecture 1
Consultation Time
Helianti Utami Ph.D
Building D4
Email:
Consultation time:
Wednesday: 10.00-13.00
Thursday: 10:00-12:00
Assessment Summary

Assignments 20%
Midterm Test 20%
Final Test 60%
 Topics Covered
Introduction to Internal Auditing
The International Professional Practices
Framework: Authoritative Guidance for the
Internal Audit Profession
Governance
Risk Management
Business Process and Risks
Internal Control
Information Technology Risks and Controls
 Topics Covered - continued
Risk of Fraud and Illegal Acts
Managing the Internal Audit Function
Audit Evidence and Working Papers
Audit Sampling
Introduction to the Engagement Process
Conducting the Assurance Engagement
Performing Follow up Procedures
The Consulting Engagement
 Introduction to Internal Auditing -
Learning Objectives
Understand the value proposition that
stakeholders expect from the internal audit
function
Obtain a basic understanding of internal
auditing and the internal audit process
Understand the relationship between auditing
and accounting
Distinguish between financial reporting
assurance services: internal and external
 Learning objectives
Familiar with the internal audit profession and
the IIA
Understand the competencies needed to excel
as an internal auditor
Be aware of the various internal audit career
opportunities
 The Value Proposition

Assurance
(Governance, Risk & Control)

Internal Auditing
Insight Objectivity
(Catalyst, Analyses & (Integrity, Accountability
Assessments) & Independence)
 Definition of Internal Auditing

Internal auditing is an independent, objective

assurance and consulting activity designed to
add value and improve an organizations
operations. It helps an organization
accomplish its objectives by bringing a
systematic, disciplined approach to evaluate
and improve the effectiveness of risk
management, control, and governance
processes (IIA, 2013).
Slide: 9
 Helping the Organisation Accomplish Its
Objectives
Objectives are reflected in the organizations
mission and vision statements
4 categories of business objectives (COSO,
2004):
Strategic Objectives
Operations Objectives
Reporting Objectives
Compliance Objectives
Slide: 10
 Business and
Audit Engagement Objectives

Slide: 11
Evaluating and Improving the Effectiveness of Risk
Management, Control & Governance Processes
Governance:
the process conducted by the board of directors to authorize,
direct, and oversee management toward the achievement of
the organizations objectives.
Risk Management:
the process conducted by management to understand and
deal with uncertainties (risks and opportunities) that could
affect the organizations ability to achieve its objectives
Control:
The process conducted by management to mitigate risks to
acceptable levels.
Slide: 12
Assurance and Consulting Activity Designed
to Add Value and Improve operations

Slide: 13
 Independence and Objectivity

Independence:
The freedom from conditions that threaten
objectivity or the appearance of objectivity.
Objectivity:
An unbiased mental attitude that allows internal
auditors to perform engagements in such a manner
that they have an honest belief in their work product
and that no significant quality compromises are
made.

Slide: 14
 A Systematic and Disciplined Approach:
the Engagement Process
Engagement:
A specific internal audit assignment or project that
includes multiple tasks or activities designed to
accomplish a specific set of objectives
Three fundamental phases:
Planning the engagement
Performing the engagement
Communicating engagement outcomes

Slide: 15
 The Relationship between
Auditing and Accounting

Slide: 16
 Financial Reporting Assurance Services:
External vs Internal

Slide: 17
 The Internal Audit Profession
Modern Internal Auditing: A Dynamic Profession in
High Demand:
the profession of auditing in general, and internal
auditing in particular, is ancient
The target of IA attention:
Operational effectiveness and efficiency of business
processes.
Reliability of information system and the quality of the
decision making information produced by those systems
Safeguarding assets against lost, including losses resulting
from management and employee fraud
Compliance with organisation policies, contracts, laws, and
regulations
 Evaluating and improving the effectiveness of
governance, risk management and control processes
cover all areas of the organisation:
Productions of goods and services, financial
management, human resources, R/D, logistics and IT.
The procedures to test include:
Inquiring of managers and employees
Observing activities
Inspecting resources and documents
Reperforming control activities
Performing trend and ration analysis
Performing data analysis using computer-assisted
audit techniques
 Gathering corroborating information from
independent third parties
Performing direct test of events and transactions

Consulting activities including :

Advisory services designed to provide guidance on
effective governance, risk management, and control
processes
Facilitative services through which internal auditors
facilitate exercises designed to encourage sound
governance, risk management, and control processes.
Training on current and emerging governance, risk
management, and control process concepts.
 Professionals Who Perform Internal Audit Services:
In-house
Outsourcing
Co-sourcing
 The Institute of Internal Auditors

1. The IIA, headquartered in Altamonte Springs, Florida

2. Its recognised as:
The internal audit professions global voice
Standard-setter
Resource for professional development and
certification
3. Professional guidance provided by the IIA:
It is embodied in IPPF: Mandatory Guidance and
Strongly Recommended Guidance
The IIA's Mission

The mission of the IIA is to provide dynamic leadership for the global
profession of internal auditing. Activities in support of this mission
will include, but not be limited to:
advocating and promoting the value internal audit professionals
1.
add to their organisations
providing comprehensive professional education and
2. development opportunities, standards and other professional
practice guidance, and certification programs

researching, disseminating, and promoting knowledge concerning

3. internal auditing and its appropriate role in control, risk
management, and governance to practitioners and stakeholders
educating practitioners and other relevant audiences on best
4.
practices in internal auditing
bringing together internal auditors from all countries to share
5.
information and experiences
 The Institute of Internal Auditors

4. Professional Certifications:
CIA
ISACA
Etc
5. Research and Educational Products and Services
 Internal Auditors Competencies

1. Inherent Personal Qualities

Integrity
Passion
Work Ethic
Curiosity
Creativity
Initiative
Flexibility
3. Knowledge, Skills, and Credentials
It depends on auditors responsibilities and current
stage in a persons career
 Internal Auditors Competencies

Certain levels of knowledge and skills can be obtained

through:
Education
Experience
 Internal Audit Career Paths
1. Pathways into internal auditing
Public accounting firm
Hiring internal auditors from college & universities
2. Pathways out of internal auditing
Business executives
Financial / nonfinancial management positions
Professional services firm
3. Careers in internal auditing
CAE