SlideShare ist ein Scribd-Unternehmen logo

Internal Auditing Basics

Jim Kaplan CIA CFE
Jim Kaplan CIA CFE

Many auditors often forget the fundamentals of internal auditing. This webinar will focus on areas of internal auditing that every auditor should know. This includes understanding Audit’s role in the organization, IIA standards, internal control, and the key components of the audit process. This webinar is for auditors who want to understand the key components of the audit process including characteristics of successful auditors. The learning objectives include the following: Learn about the IIA Professional Practices Framework Learn about the framework of internal control as defined by the Committee of Sponsoring Organizations (COSO) Learn about the basic elements of the audit process

Business
1 von 24
Downloaden Sie, um offline zu lesen
11/2/2017 1 Internal Audit Skills Training Internal Auditing Basics About Jim Kaplan, CIA, CFE  President and Founder of AuditNet®, the global resource for auditors  Auditor, Author, Web Site Guru, Internet for Auditors Pioneer  Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.
11/2/2017 2 About AuditNet LLC • AuditNet®, the global resource for auditors, is the pre-eminent online portal for the global audit community hosting a comprehensive catalogue of audit procedures. • Available on the Web, iPad, iPhone, Windows and Android devices and features: • Over 2,700 Reusable Templates, Audit Programs, Questionnaires, and Control Matrices • Webinars focusing on fraud, data analytics, IT audit, and internal audit with free CPE for subscribers and site license users. • Audit guides, manuals, and books on audit basics and using audit technology • LinkedIn Networking Groups • Monthly Newsletters with Expert Guest Columnists • Surveys on timely topics for internal auditors Housekeeping This webinar and its material are the property of AuditNet® and its Webinar partners. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden.  If you logged in with another individual’s confirmation email you will not receive CPE as the confirmation login is linked to a specific individual  This Webinar is not eligible for viewing in a group setting. You must be logged in with your unique join link.  We are recording the webinar and you will be provided access to that recording after the webinar. Downloading or otherwise duplicating the webinar recording is expressly prohibited.  You must answer all the polling questions to qualify for CPE per NASBA.  If you meet the NASBA criteria for earning CPE you will receive a link via email within 5 days to download your certificate. You must be able to receive emails from gensend.io with HTML links. Check you inbox and junk mail folders and contact your IT department if your system blocks emails. The email will be sent to the same email address that you used to register for the Webinar.  Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.  Please complete the evaluation questionnaire to help us continuously improve our Webinars.
11/2/2017 3 IMPORTANT INFORMATION REGARDING CPE!  Regarding CPE – If you attend the Webinar and are a basic, premium , group subscriber or a site license users and answer all the polling questions you will receive an email within one week with the link to download your CPE certificate. The official email for CPE will be sent out and the sender address will be NoReply@gensend.io. Blocks or spam filters in your email system or a firewall that will redirect or not allow delivery of this email from Gensend.io will impact your receiving the email with the link.  If we receive an email request for CPE after sending out the official CPE email because you did not receive your CPE we will require a $10 processing fee to resend to an alternate email address or to send you a claim link.  We cannot manually generate a CPE certificate as these are handled by our 3rd party provider. We highly recommend that you work with your IT department to identify and correct any email delivery issues prior to attending the Webinar.  We are not responsible for any connection, audio or other computer related issues. You must have pop-ups enabled on you computer otherwise you will not be able to answer the polling questions which occur approximately every 20 minutes. We suggest that if you have any pressing issues to see to that you do so immediately after a polling question. The views expressed by the presenters do not necessarily represent the views, positions, or opinions of AuditNet® LLC. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant-client relationship. While AuditNet® makes every effort to ensure information is accurate and complete, AuditNet® makes no representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. AuditNet® specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation, including any websites maintained by third parties and linked to the AuditNet® website. Any mention of commercial products is for information only; it does not imply recommendation or endorsement by AuditNet® LLC
11/2/2017 4 William Woodington CPA CIA CRMA  President Woodington Training Solutions  Managed the Learning & Development (L&D) function for Wells Fargo Audit & Security for 18 years.  Audit Specialist for 4 years supervising audit projects prior to moving into the L&D position.  Worked for First Bank System and Deloitte and Touche.  Member IIA and ATD  Teaches audit, business writing, and leadership seminars Internal Auditing Basics
11/2/2017 5 Training Objectives  Learn about the IIA Professional Practices Framework  Lean about COSO  Learn about the basic elements of the audit process Definition of Internal Auditing Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
11/2/2017 6 Audit’s Impact on the Company Identify risk exposures and evaluate the adequacy and effectiveness of risk management and control practices for the business’s governance, operations and information systems regarding:  Reliability and integrity of financial and operational information  Effectiveness and efficiency of operations  Safeguarding of Assets  Compliance with policies, procedures, laws, regulations, and contracts  Effectiveness of security of computer systems that support the business processes Audit’s Role and Responsibilities Audit provides independent, objective assurance and advisory services to evaluate and improve the effectiveness of risk management, control, and governance processes.  Conducts tests and provides conclusive reporting regarding the health of the risk management and internal control structure within the Company.  Advises management on cost effective risk management practices and controls in the design of new business products/processes.  Ensures risk issues are escalated and resolved.  Functions as a source of talent and a training ground for other areas in the Company.
11/2/2017 7 Audit & Exam (A&E) Committee The principal objectives of the Board of Directors A&E Committee are:  Review and approve the annual audit plan.  Review and approve the audit department’s annual financial budget.  Recommend board approval of the corporation’s external audit firm each year.  Receive reports and updates from the regulators, external accounting firm, and others relating to the control environment in the corporation. The A&E Committee assists the Board in fulfilling its oversight role related to risk management and establishes a forum for open exchanges of views and information. Polling Question #1
11/2/2017 8 Foreign Corrupt Practices Act The Act arose because of illegal payments (bribes) made to officials in foreign countries. In most cases the payments were legal under the laws of the countries in which they were made, but they were not in accordance with American business ethics. In some instances these questionable payments were made without the authorization or knowledge of the top executives of the companies involved. This legislation is government's attempt to eliminate these unauthorized transactions. It makes the person giving the bribe as guilty as the one receiving it. Foreign Corrupt Practices Act The Act requires each SEC registrant to devise and maintain a system of internal accounting control sufficient to provide the following assurances:  Transactions are executed with the knowledge and authorization of management.  Transactions are recorded as necessary to permit preparation of the financial statements and to maintain accountability for assets.  Access to assets is permitted only with management's authorization.  Existing assets are compared with recorded accountability, and appropriate action is taken with respect to any differences.
11/2/2017 9 IIA International Professional Practices Framework IIA Website Polling Question #2
11/2/2017 10 The Foundation of Success Successful companies typically adhere to the following:  Control  Profitability  Growth Control Comes First! Management’s Responsibility Management is responsible for controlling its operations. This includes the following:  Identify and evaluate the risks and exposures of conducting operations.  Establish appropriate controls to mitigate risks to an acceptable level.  Monitor controls to ensure they remain in place and function effectively.
11/2/2017 11 Polling Question #3 Treadway Commission Report of the National Commission on Fraudulent Financial Reporting (Treadway Commission):  The company has the final responsibility for its financial statements.  The tone set by senior management (the corporate environment or culture within which financial reporting occurs) is the single most important factor contributing to the integrity of the financial reporting process.
11/2/2017 12 Committee of Sponsoring Organizations (COSO) Internal Control - A process, effected by an entity’s board, management, and other personnel designed to provide reasonable assurance regarding the achievement of objectives in the following categories:  Effectiveness and efficiency of operations  Reliability of financial reporting  Compliance with applicable laws and regulations 24 COSO Internal Control Integrated Framework Control Environment Risk Assessment Control Activities Information & Communication Monitoring Scope of 404
11/2/2017 13 Internal Control Components The control environment provides an atmosphere in which people conduct their activities and carry out their control responsibilities. It serves as the foundation for the other components. Within this environment, management assesses risks to the achievement of specified objectives. Control activities are implemented to help ensure that management directives to address the risks are carried out. Meanwhile, relevant information is captured and communicated throughout the organization. The entire process is monitored and modified as conditions warrant. Control Environment  Sets the tone of an organization  Influences the control consciousness of its people - “tone at the top”  Provides discipline and structure and is the foundation for all other components of internal control  Key Factors to a successful control environment:  Integrity and ethical values  Commitment to competence  Management’s philosophy and operating style  Organizational structure and assignment of authority  Direction from the board of directors
11/2/2017 14 Risk Assessment  The identification and analysis of relevant risks to the achievement of the entity’s objectives.  Forms the basis for determining how the risks should be managed.  Leads to Management decisions related to acceptable levels of risk. Control Activities A control is any action taken by management to enhance the likelihood that established objectives and goals will be achieved. Control activities include a wide range of activities such as approvals, verifications, policies, and standards that help ensure:  Management directives are carried out.  Actions are taken to address risks and achieve the entity’s objectives.
11/2/2017 15 Control Activities Control Types  Preventive - Controls that deter undesirable events from occurring. (proactive) Examples include segregation of duties and computer passwords.  Detective - Controls that detect and correct undesirable events that have occurred. (reactive) Examples include supervisor reviews and exception reports.  Directive - Controls that cause or encourage a desirable event to occur. (proactive) Examples include employee training programs and employee bonus plans. Auditors ensure that controls are adequate and function effectively! Information & Communication  Information and communication systems “surround” control activities.  Enable people to capture and exchange information needed to conduct, manage, and control the operations.  Effective communication must flow down, across, and up the organization.
11/2/2017 16 Monitoring  Ensures that internal controls continue to operate effectively.  Includes regular management and supervisory activities and separate evaluations.  Ensures modifications to controls are made as necessary.  Allows for dynamic reaction to changing conditions. Polling Question #4
11/2/2017 17 Audit Process Overview Understand the Enterprise Define Audit Universe and Validate Completeness Risk Analysis Assess Risk and Develop Audit Plan Execute Audit Plan Identify and Manage Resources Analyze Business Processes Review Strategies, Finances, Systems and Processes Execute Audit Program Test Controls, Issue Findings Report to Management Report results, agree on action plans with management Validation Assess Management’s progress in resolving significant issues and report to the A&E Risks Assessment Assess risk levels and control design to develop Audit Program Business Monitoring Understand the Business Strategies, Processes, Products, Systems, Regulations, etc. Plan Approval Review Plan with Senior Management and Present to A&E Committee Annual Audit Plan Development Audit Plan Development Risk Considerations Audit Universe Accounting/Financial Technology OperationalOperational Compliance Credit Market Plan is evaluated on an ongoing basis in response to emerging risks and changing business requirements. Time Since Last Audit Risk Frequency Considerations
11/2/2017 18 Steps in the Audit Process  Pre-Audit Planning  Planning  Fieldwork  Reporting & Wrap-Up  Validation  Business Monitoring Audit Process – Pre-Audit Planning  Assignment of AIC – Senior Audit Manager or Supervisor  Review of business information – AIC  Business Partner notification – AIC or Supervisor  Request for information from Business Partner – AIC
11/2/2017 19 Audit Process - Planning  Business Analysis – AIC  Understanding the Business  Process Flowcharts – Identification of key control points  Risk Assessment – AIC  Identification and assessment of risks and controls  Business Partner validation  Audit scope definition and Audit Program development (Risk, Control & Test Documents) – AIC  Engagement letter delivered to Business Partner – AIC  Kickoff meeting with Business Partner and Audit Team – AIC Audit Process - Fieldwork Testing For Control Effectiveness Related To Key Risk Areas – Audit Team  Completed within 75 days – Audit Team  Documentation of data analysis – AIC  Sampling of key control areas – Audit Team  Workpaper completion – Audit Team  Business Partner status updates – AIC  Significant Issues & Recommendations communicated in writing – Audit Team  Written management response required – Business Partner
11/2/2017 20 Audit Process – Reporting & Wrap-Up  Audit Ratings Matrix completion  Draft report shared with Business Partner  Exit conference held With Business Partner  Final report issued within 30 days of fieldwork end date  Written interim performance appraisals completed for team members who work at least 80 hours on an audit project Audit Process – Reporting Final Report includes:  Executive Summary  Summary Assessment of the Internal Control Environment  Summary of Issues and Corrective Actions  Best Practices  Objective and Scope of the Audit  Business Unit Summary  Risk Assessment and Ratings Methodology  Enterprise Risk Area Coverage  Details of Issues and Corrective Actions
11/2/2017 21 41 5-Tier Audit Rating – Matrix Overview CONDITON 5 4 3 2 1 Control Environment The tone of the organization influences the control consciousness of its people. Examples include the integrity, ethical values, attitude and competence of employees; management philosophy; and input provided by the board of directors. Risk Identification & Assessment Identification and analysis of risks relevant to achieving corporate goals, determination of how such risks should be managed and implementation of a process to address risk associated with change. Control Activities Policies, procedures and processes that help ensure a company carries out management directives. Examples include approvals, verifications, reconciliations, reviews of operating performance, security of assets & segregation of duties. Information & Communication Communication within the company and with external parties such as customers, regulators and shareholders. For example, reports that contain operational, compliance or financial data or that share ideas or events across lines of business are generated from a company’s information systems. Monitoring & Testing Assessing the quality of a company’s internal control systems. This is done through ongoing monitoring of activities within the business unit and an independent evaluation of existing controls by auditors. 42 5-Tier Audit Rating – Opinion Statements Audit Rating Standard Opinion Statements 5 The system of internal control, as defined in the scope of this audit, is strong and effective and provides assurance the risks are well-managed. 4 The system of internal control, as defined in the scope of this audit, is effective and provides reasonable assurance the risks are being effectively managed. 3 The system of internal control, as defined in the scope of this audit, is generally effective and provides reasonable assurance that risks are being managed. Control exceptions exist but corrective action plans are in place. 2 The system of internal control, as defined in the scope of this audit, needs improvement and may not provide reasonable assurance the risk are being managed. Control exceptions exist that need to be addressed. 1 The system of internal control, as defined in the scope of this audit, is ineffective and does not provide assurance the risks are being managed. Immediate management attention is needed to address the control exceptions.
11/2/2017 22 Audit Process – Follow-Up  Standardized process to capture, monitor and report corrective actions from reported audit issues  Establishes guidelines for the timing/extent of follow-up work  Issues close when business partner notifies Audit  Results of follow-up work communicated to business partner Audit Process – Issue Escalation  Issues aged based on original corrective action due dates and number of date revisions tracked  Aging reports/escalation of past due issues discussed with business unit and senior management as part of Business Monitoring by Audit Manager and/or AIC  All Very High, High and Moderate risk issues past due over 31 days are reported to the Audit & Examination Committee
11/2/2017 23 Audit Process – Business Monitoring  Typically managed at the Senior Director, Director and SAM levels thru email, phone conversations, and live meetings. Frequency is based on risk of auditable unit.  Fosters strong relationships between WFAS and Business Partners  Provides a mechanism for validating the status of corrective actions taken  Allows for identification of emerging risks  Re-validates risk assessments  Enables timely reaction to business/risk changes  Enables identification and escalation of adverse trends  Allows for discussion of investigation issues  Ensures key information is communicated to management Questions?
11/2/2017 24 Thank You! William Woodington, CPA, CIA Woodington Training Solutions 763-568-1181 http://woodingtontraining.com/ bill@woodingtontraining.com Jim Kaplan, CIA, CFE AuditNet LLC® 800-385-1625 www.auditnet.org webinars@auditnet.org AuditNet® and cRisk Academy  If you would like forever access to this webinar recording  If you are watching the recording, and would like to obtain CPE credit for this webinar  Previous AuditNet® webinars are also available on-demand for CPE credit http://criskacademy.com http://ondemand.criskacade my.com Use coupon code: 50OFF for a discount on this webinar for one week

Empfohlen

Forensic and investigating audit reporting
Forensic and investigating audit reportingForensic and investigating audit reporting
Forensic and investigating audit reportingJim Kaplan CIA CFE
 
Visualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelVisualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelJim Kaplan CIA CFE
 
Internal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governananceInternal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governananceBrowne & Mohan
 
Enhanced fraud detection with data analytics
Enhanced fraud detection with data analyticsEnhanced fraud detection with data analytics
Enhanced fraud detection with data analyticsJim Kaplan CIA CFE
 
How to prepare for your first anti fraud review
How to prepare for your first anti fraud reviewHow to prepare for your first anti fraud review
How to prepare for your first anti fraud reviewJim Kaplan CIA CFE
 
Are You a Smart CAAT or a Copy CAAT
Are You a Smart CAAT or a Copy CAATAre You a Smart CAAT or a Copy CAAT
Are You a Smart CAAT or a Copy CAATJim Kaplan CIA CFE
 
Technology development: What is audit's role?
Technology development: What is audit's role?Technology development: What is audit's role?
Technology development: What is audit's role?Jim Kaplan CIA CFE
 
COSO 2013: What you need to know
COSO 2013: What you need to knowCOSO 2013: What you need to know
COSO 2013: What you need to knowjennyhollingworth
 

Empfohlen

Forensic and investigating audit reporting
Forensic and investigating audit reportingForensic and investigating audit reporting
Forensic and investigating audit reportingJim Kaplan CIA CFE
 
Visualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelVisualize audit sampling and fraud detection in excel
Visualize audit sampling and fraud detection in excelJim Kaplan CIA CFE
 
Internal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governananceInternal controls maturity and SME corporate governanance
Internal controls maturity and SME corporate governananceBrowne & Mohan
 
Enhanced fraud detection with data analytics
Enhanced fraud detection with data analyticsEnhanced fraud detection with data analytics
Enhanced fraud detection with data analyticsJim Kaplan CIA CFE
 
How to prepare for your first anti fraud review
How to prepare for your first anti fraud reviewHow to prepare for your first anti fraud review
How to prepare for your first anti fraud reviewJim Kaplan CIA CFE
 
Are You a Smart CAAT or a Copy CAAT
Are You a Smart CAAT or a Copy CAATAre You a Smart CAAT or a Copy CAAT
Are You a Smart CAAT or a Copy CAATJim Kaplan CIA CFE
 
Technology development: What is audit's role?
Technology development: What is audit's role?Technology development: What is audit's role?
Technology development: What is audit's role?Jim Kaplan CIA CFE
 
COSO 2013: What you need to know
COSO 2013: What you need to knowCOSO 2013: What you need to know
COSO 2013: What you need to knowjennyhollingworth
 
Ethics for Internal Auditors
Ethics for Internal AuditorsEthics for Internal Auditors
Ethics for Internal AuditorsJim Kaplan CIA CFE
 
Internal Audit's Role in Ethics, Governance, & Culture
Internal Audit's Role in Ethics, Governance, & CultureInternal Audit's Role in Ethics, Governance, & Culture
Internal Audit's Role in Ethics, Governance, & CultureJim Kaplan CIA CFE
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor RolesIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
COSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It RightCOSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It RightBlackLine
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkBlackLine
 
The iia s 2017 international professional practices framework
The iia s 2017 international professional practices frameworkThe iia s 2017 international professional practices framework
The iia s 2017 international professional practices frameworkDr .Maizar Radjin, SE., M.Ak., QIA., QRMA, CRGP
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?Jim Kaplan CIA CFE
 
Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation Amit Bhargava
 
20160210 webinarslides
20160210 webinarslides20160210 webinarslides
20160210 webinarslidesJim Kaplan CIA CFE
 
Fieldwork Webinar
Fieldwork WebinarFieldwork Webinar
Fieldwork WebinarJim Kaplan CIA CFE
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit planessbaih
 
How ERM and audit work together, a combined assurance approach
How ERM and audit work together, a combined assurance approach How ERM and audit work together, a combined assurance approach
How ERM and audit work together, a combined assurance approach Jim Kaplan CIA CFE
 
Compliance framework
Compliance frameworkCompliance framework
Compliance frameworkManoj Agarwal
 
Assessing the Impact of a Disruption: Building an Effective Business Impact A...
Assessing the Impact of a Disruption: Building an Effective Business Impact A...Assessing the Impact of a Disruption: Building an Effective Business Impact A...
Assessing the Impact of a Disruption: Building an Effective Business Impact A...PECB
 
Best Practices: Change Management
Best Practices: Change ManagementBest Practices: Change Management
Best Practices: Change ManagementCorporate Compliance Seminars
 
Right to Audit Clauses: What you need to know!
Right to Audit Clauses: What you need to know!Right to Audit Clauses: What you need to know!
Right to Audit Clauses: What you need to know!Jim Kaplan CIA CFE
 
Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Jim Kaplan CIA CFE
 
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Jim Kaplan CIA CFE
 
Future audit analytics
Future audit analyticsFuture audit analytics
Future audit analyticsJim Kaplan CIA CFE
 
IT Fraud and Countermeasures
IT Fraud and CountermeasuresIT Fraud and Countermeasures
IT Fraud and CountermeasuresJim Kaplan CIA CFE
 
Structuring your organization for success with data analytics
Structuring your organization for success with data analytics Structuring your organization for success with data analytics
Structuring your organization for success with data analytics Jim Kaplan CIA CFE
 

Weitere ähnliche Inhalte

Was ist angesagt?

Internal Audit's Role in Ethics, Governance, & Culture
Internal Audit's Role in Ethics, Governance, & CultureInternal Audit's Role in Ethics, Governance, & Culture
Internal Audit's Role in Ethics, Governance, & CultureJim Kaplan CIA CFE
 
COSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It RightCOSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It RightBlackLine
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkBlackLine
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?Jim Kaplan CIA CFE
 
Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation Amit Bhargava
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit planessbaih
 
How ERM and audit work together, a combined assurance approach
How ERM and audit work together, a combined assurance approach How ERM and audit work together, a combined assurance approach
How ERM and audit work together, a combined assurance approach Jim Kaplan CIA CFE
 
Compliance framework
Compliance frameworkCompliance framework
Compliance frameworkManoj Agarwal
 
Assessing the Impact of a Disruption: Building an Effective Business Impact A...
Assessing the Impact of a Disruption: Building an Effective Business Impact A...Assessing the Impact of a Disruption: Building an Effective Business Impact A...
Assessing the Impact of a Disruption: Building an Effective Business Impact A...PECB
 
Right to Audit Clauses: What you need to know!
Right to Audit Clauses: What you need to know!Right to Audit Clauses: What you need to know!
Right to Audit Clauses: What you need to know!Jim Kaplan CIA CFE
 

Was ist angesagt? (17)

Ethics for Internal Auditors
Ethics for Internal AuditorsEthics for Internal Auditors
Ethics for Internal Auditors
 
Internal Audit's Role in Ethics, Governance, & Culture
Internal Audit's Role in Ethics, Governance, & CultureInternal Audit's Role in Ethics, Governance, & Culture
Internal Audit's Role in Ethics, Governance, & Culture
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor Roles
 
COSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It RightCOSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It Right
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls Framework
 
The iia s 2017 international professional practices framework
The iia s 2017 international professional practices frameworkThe iia s 2017 international professional practices framework
The iia s 2017 international professional practices framework
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?
 
Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation
 
20160210 webinarslides
20160210 webinarslides20160210 webinarslides
20160210 webinarslides
 
Fieldwork Webinar
Fieldwork WebinarFieldwork Webinar
Fieldwork Webinar
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit department
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit plan
 
How ERM and audit work together, a combined assurance approach
How ERM and audit work together, a combined assurance approach How ERM and audit work together, a combined assurance approach
How ERM and audit work together, a combined assurance approach
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
 
Assessing the Impact of a Disruption: Building an Effective Business Impact A...
Assessing the Impact of a Disruption: Building an Effective Business Impact A...Assessing the Impact of a Disruption: Building an Effective Business Impact A...
Assessing the Impact of a Disruption: Building an Effective Business Impact A...
 
Best Practices: Change Management
Best Practices: Change ManagementBest Practices: Change Management
Best Practices: Change Management
 
Right to Audit Clauses: What you need to know!
Right to Audit Clauses: What you need to know!Right to Audit Clauses: What you need to know!
Right to Audit Clauses: What you need to know!
 

Ähnlich wie Internal Auditing Basics

Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Jim Kaplan CIA CFE
 
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Jim Kaplan CIA CFE
 
Structuring your organization for success with data analytics
Structuring your organization for success with data analytics Structuring your organization for success with data analytics
Structuring your organization for success with data analytics Jim Kaplan CIA CFE
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of samplingHow analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of samplingJim Kaplan CIA CFE
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling Jim Kaplan CIA CFE
 
Embracing Multigenerational Teams in Audit
Embracing Multigenerational Teams in AuditEmbracing Multigenerational Teams in Audit
Embracing Multigenerational Teams in AuditJim Kaplan CIA CFE
 
Retrospective data analytics slides
Retrospective data analytics slidesRetrospective data analytics slides
Retrospective data analytics slidesJim Kaplan CIA CFE
 
How to build a data analytics strategy in a digital world
How to build a data analytics strategy in a digital worldHow to build a data analytics strategy in a digital world
How to build a data analytics strategy in a digital worldJim Kaplan CIA CFE
 
Agile auditing for financial services
Agile auditing for financial services Agile auditing for financial services
Agile auditing for financial services Jim Kaplan CIA CFE
 
How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel Jim Kaplan CIA CFE
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
 
Focused agile audit planning using analytics
Focused agile audit planning using analyticsFocused agile audit planning using analytics
Focused agile audit planning using analyticsJim Kaplan CIA CFE
 
How to data mine your print reports
How to data mine your print reports How to data mine your print reports
How to data mine your print reports Jim Kaplan CIA CFE
 
The Future of Auditing and Fraud Detection
The Future of Auditing and Fraud Detection The Future of Auditing and Fraud Detection
The Future of Auditing and Fraud Detection Jim Kaplan CIA CFE
 
2015 Personal Evaluation_ACF15 (3) (2)
2015 Personal Evaluation_ACF15 (3) (2)2015 Personal Evaluation_ACF15 (3) (2)
2015 Personal Evaluation_ACF15 (3) (2)Durmon Coates
 
When is a Duplicate not a Duplicate? Detecting Errors and Fraud
When is a Duplicate not a Duplicate? Detecting Errors and FraudWhen is a Duplicate not a Duplicate? Detecting Errors and Fraud
When is a Duplicate not a Duplicate? Detecting Errors and FraudJim Kaplan CIA CFE
 

Ähnlich wie Internal Auditing Basics (20)

Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?
 
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
 
Future audit analytics
Future audit analyticsFuture audit analytics
Future audit analytics
 
IT Fraud and Countermeasures
IT Fraud and CountermeasuresIT Fraud and Countermeasures
IT Fraud and Countermeasures
 
Structuring your organization for success with data analytics
Structuring your organization for success with data analytics Structuring your organization for success with data analytics
Structuring your organization for success with data analytics
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of samplingHow analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
 
Embracing Multigenerational Teams in Audit
Embracing Multigenerational Teams in AuditEmbracing Multigenerational Teams in Audit
Embracing Multigenerational Teams in Audit
 
Retrospective data analytics slides
Retrospective data analytics slidesRetrospective data analytics slides
Retrospective data analytics slides
 
How to build a data analytics strategy in a digital world
How to build a data analytics strategy in a digital worldHow to build a data analytics strategy in a digital world
How to build a data analytics strategy in a digital world
 
Agile auditing for financial services
Agile auditing for financial services Agile auditing for financial services
Agile auditing for financial services
 
How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
 
Focused agile audit planning using analytics
Focused agile audit planning using analyticsFocused agile audit planning using analytics
Focused agile audit planning using analytics
 
How to data mine your print reports
How to data mine your print reports How to data mine your print reports
How to data mine your print reports
 
GDPR Series Session 4
GDPR Series Session 4GDPR Series Session 4
GDPR Series Session 4
 
The Future of Auditing and Fraud Detection
The Future of Auditing and Fraud Detection The Future of Auditing and Fraud Detection
The Future of Auditing and Fraud Detection
 
Ethics for Internal Auditors
Ethics for Internal AuditorsEthics for Internal Auditors
Ethics for Internal Auditors
 
2015 Personal Evaluation_ACF15 (3) (2)
2015 Personal Evaluation_ACF15 (3) (2)2015 Personal Evaluation_ACF15 (3) (2)
2015 Personal Evaluation_ACF15 (3) (2)
 
When is a Duplicate not a Duplicate? Detecting Errors and Fraud
When is a Duplicate not a Duplicate? Detecting Errors and FraudWhen is a Duplicate not a Duplicate? Detecting Errors and Fraud
When is a Duplicate not a Duplicate? Detecting Errors and Fraud
 

Mehr von Jim Kaplan CIA CFE

mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) Jim Kaplan CIA CFE
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Jim Kaplan CIA CFE
 
How to detect fraud like a pro detective slides
How to detect fraud like a pro detective slides How to detect fraud like a pro detective slides
How to detect fraud like a pro detective slides Jim Kaplan CIA CFE
 
Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Jim Kaplan CIA CFE
 
General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6 General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6 Jim Kaplan CIA CFE
 
General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10Jim Kaplan CIA CFE
 
Ethics and the Internal Auditor
Ethics and the Internal AuditorEthics and the Internal Auditor
Ethics and the Internal AuditorJim Kaplan CIA CFE
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Jim Kaplan CIA CFE
 
Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10) Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10) Jim Kaplan CIA CFE
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation Jim Kaplan CIA CFE
 
How to use ai apps to unleash the power of your audit program
How to use ai apps to unleash the power of your audit program How to use ai apps to unleash the power of your audit program
How to use ai apps to unleash the power of your audit program Jim Kaplan CIA CFE
 
Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated AnalyticsJim Kaplan CIA CFE
 
Building and Striving for Data Analytics Excellence
Building and Striving for Data Analytics ExcellenceBuilding and Striving for Data Analytics Excellence
Building and Striving for Data Analytics ExcellenceJim Kaplan CIA CFE
 

Mehr von Jim Kaplan CIA CFE (18)

mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10)
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10)
 
How to detect fraud like a pro detective slides
How to detect fraud like a pro detective slides How to detect fraud like a pro detective slides
How to detect fraud like a pro detective slides
 
Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10) Implementing and Auditing GDPR Series (8 of 10)
Implementing and Auditing GDPR Series (8 of 10)
 
Tracking down outliers
Tracking down outliersTracking down outliers
Tracking down outliers
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6 General Data Protection Regulation Webinar 6
General Data Protection Regulation Webinar 6
 
General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10
 
Ethics and the Internal Auditor
Ethics and the Internal AuditorEthics and the Internal Auditor
Ethics and the Internal Auditor
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
 
Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10) Implementing and Auditing GDPR Series (3 of 10)
Implementing and Auditing GDPR Series (3 of 10)
 
Ethics for internal auditors
Ethics for internal auditorsEthics for internal auditors
Ethics for internal auditors
 
Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10) Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10)
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
 
How to use ai apps to unleash the power of your audit program
How to use ai apps to unleash the power of your audit program How to use ai apps to unleash the power of your audit program
How to use ai apps to unleash the power of your audit program
 
Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated Analytics
 
Building and Striving for Data Analytics Excellence
Building and Striving for Data Analytics ExcellenceBuilding and Striving for Data Analytics Excellence
Building and Striving for Data Analytics Excellence
 

Kürzlich hochgeladen

Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756dollysharma2066
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 

Kürzlich hochgeladen (20)

Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 

Internal Auditing Basics

  • 1. 11/2/2017 1 Internal Audit Skills Training Internal Auditing Basics About Jim Kaplan, CIA, CFE  President and Founder of AuditNet®, the global resource for auditors  Auditor, Author, Web Site Guru, Internet for Auditors Pioneer  Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.
  • 2. 11/2/2017 2 About AuditNet LLC • AuditNet®, the global resource for auditors, is the pre-eminent online portal for the global audit community hosting a comprehensive catalogue of audit procedures. • Available on the Web, iPad, iPhone, Windows and Android devices and features: • Over 2,700 Reusable Templates, Audit Programs, Questionnaires, and Control Matrices • Webinars focusing on fraud, data analytics, IT audit, and internal audit with free CPE for subscribers and site license users. • Audit guides, manuals, and books on audit basics and using audit technology • LinkedIn Networking Groups • Monthly Newsletters with Expert Guest Columnists • Surveys on timely topics for internal auditors Housekeeping This webinar and its material are the property of AuditNet® and its Webinar partners. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden.  If you logged in with another individual’s confirmation email you will not receive CPE as the confirmation login is linked to a specific individual  This Webinar is not eligible for viewing in a group setting. You must be logged in with your unique join link.  We are recording the webinar and you will be provided access to that recording after the webinar. Downloading or otherwise duplicating the webinar recording is expressly prohibited.  You must answer all the polling questions to qualify for CPE per NASBA.  If you meet the NASBA criteria for earning CPE you will receive a link via email within 5 days to download your certificate. You must be able to receive emails from gensend.io with HTML links. Check you inbox and junk mail folders and contact your IT department if your system blocks emails. The email will be sent to the same email address that you used to register for the Webinar.  Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.  Please complete the evaluation questionnaire to help us continuously improve our Webinars.
  • 3. 11/2/2017 3 IMPORTANT INFORMATION REGARDING CPE!  Regarding CPE – If you attend the Webinar and are a basic, premium , group subscriber or a site license users and answer all the polling questions you will receive an email within one week with the link to download your CPE certificate. The official email for CPE will be sent out and the sender address will be NoReply@gensend.io. Blocks or spam filters in your email system or a firewall that will redirect or not allow delivery of this email from Gensend.io will impact your receiving the email with the link.  If we receive an email request for CPE after sending out the official CPE email because you did not receive your CPE we will require a $10 processing fee to resend to an alternate email address or to send you a claim link.  We cannot manually generate a CPE certificate as these are handled by our 3rd party provider. We highly recommend that you work with your IT department to identify and correct any email delivery issues prior to attending the Webinar.  We are not responsible for any connection, audio or other computer related issues. You must have pop-ups enabled on you computer otherwise you will not be able to answer the polling questions which occur approximately every 20 minutes. We suggest that if you have any pressing issues to see to that you do so immediately after a polling question. The views expressed by the presenters do not necessarily represent the views, positions, or opinions of AuditNet® LLC. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant-client relationship. While AuditNet® makes every effort to ensure information is accurate and complete, AuditNet® makes no representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this presentation. AuditNet® specifically disclaims all liability for any claims or damages that may result from the information contained in this presentation, including any websites maintained by third parties and linked to the AuditNet® website. Any mention of commercial products is for information only; it does not imply recommendation or endorsement by AuditNet® LLC
  • 4. 11/2/2017 4 William Woodington CPA CIA CRMA  President Woodington Training Solutions  Managed the Learning & Development (L&D) function for Wells Fargo Audit & Security for 18 years.  Audit Specialist for 4 years supervising audit projects prior to moving into the L&D position.  Worked for First Bank System and Deloitte and Touche.  Member IIA and ATD  Teaches audit, business writing, and leadership seminars Internal Auditing Basics
  • 5. 11/2/2017 5 Training Objectives  Learn about the IIA Professional Practices Framework  Lean about COSO  Learn about the basic elements of the audit process Definition of Internal Auditing Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
  • 6. 11/2/2017 6 Audit’s Impact on the Company Identify risk exposures and evaluate the adequacy and effectiveness of risk management and control practices for the business’s governance, operations and information systems regarding:  Reliability and integrity of financial and operational information  Effectiveness and efficiency of operations  Safeguarding of Assets  Compliance with policies, procedures, laws, regulations, and contracts  Effectiveness of security of computer systems that support the business processes Audit’s Role and Responsibilities Audit provides independent, objective assurance and advisory services to evaluate and improve the effectiveness of risk management, control, and governance processes.  Conducts tests and provides conclusive reporting regarding the health of the risk management and internal control structure within the Company.  Advises management on cost effective risk management practices and controls in the design of new business products/processes.  Ensures risk issues are escalated and resolved.  Functions as a source of talent and a training ground for other areas in the Company.
  • 7. 11/2/2017 7 Audit & Exam (A&E) Committee The principal objectives of the Board of Directors A&E Committee are:  Review and approve the annual audit plan.  Review and approve the audit department’s annual financial budget.  Recommend board approval of the corporation’s external audit firm each year.  Receive reports and updates from the regulators, external accounting firm, and others relating to the control environment in the corporation. The A&E Committee assists the Board in fulfilling its oversight role related to risk management and establishes a forum for open exchanges of views and information. Polling Question #1
  • 8. 11/2/2017 8 Foreign Corrupt Practices Act The Act arose because of illegal payments (bribes) made to officials in foreign countries. In most cases the payments were legal under the laws of the countries in which they were made, but they were not in accordance with American business ethics. In some instances these questionable payments were made without the authorization or knowledge of the top executives of the companies involved. This legislation is government's attempt to eliminate these unauthorized transactions. It makes the person giving the bribe as guilty as the one receiving it. Foreign Corrupt Practices Act The Act requires each SEC registrant to devise and maintain a system of internal accounting control sufficient to provide the following assurances:  Transactions are executed with the knowledge and authorization of management.  Transactions are recorded as necessary to permit preparation of the financial statements and to maintain accountability for assets.  Access to assets is permitted only with management's authorization.  Existing assets are compared with recorded accountability, and appropriate action is taken with respect to any differences.
  • 9. 11/2/2017 9 IIA International Professional Practices Framework IIA Website Polling Question #2
  • 10. 11/2/2017 10 The Foundation of Success Successful companies typically adhere to the following:  Control  Profitability  Growth Control Comes First! Management’s Responsibility Management is responsible for controlling its operations. This includes the following:  Identify and evaluate the risks and exposures of conducting operations.  Establish appropriate controls to mitigate risks to an acceptable level.  Monitor controls to ensure they remain in place and function effectively.
  • 11. 11/2/2017 11 Polling Question #3 Treadway Commission Report of the National Commission on Fraudulent Financial Reporting (Treadway Commission):  The company has the final responsibility for its financial statements.  The tone set by senior management (the corporate environment or culture within which financial reporting occurs) is the single most important factor contributing to the integrity of the financial reporting process.
  • 12. 11/2/2017 12 Committee of Sponsoring Organizations (COSO) Internal Control - A process, effected by an entity’s board, management, and other personnel designed to provide reasonable assurance regarding the achievement of objectives in the following categories:  Effectiveness and efficiency of operations  Reliability of financial reporting  Compliance with applicable laws and regulations 24 COSO Internal Control Integrated Framework Control Environment Risk Assessment Control Activities Information & Communication Monitoring Scope of 404
  • 13. 11/2/2017 13 Internal Control Components The control environment provides an atmosphere in which people conduct their activities and carry out their control responsibilities. It serves as the foundation for the other components. Within this environment, management assesses risks to the achievement of specified objectives. Control activities are implemented to help ensure that management directives to address the risks are carried out. Meanwhile, relevant information is captured and communicated throughout the organization. The entire process is monitored and modified as conditions warrant. Control Environment  Sets the tone of an organization  Influences the control consciousness of its people - “tone at the top”  Provides discipline and structure and is the foundation for all other components of internal control  Key Factors to a successful control environment:  Integrity and ethical values  Commitment to competence  Management’s philosophy and operating style  Organizational structure and assignment of authority  Direction from the board of directors
  • 14. 11/2/2017 14 Risk Assessment  The identification and analysis of relevant risks to the achievement of the entity’s objectives.  Forms the basis for determining how the risks should be managed.  Leads to Management decisions related to acceptable levels of risk. Control Activities A control is any action taken by management to enhance the likelihood that established objectives and goals will be achieved. Control activities include a wide range of activities such as approvals, verifications, policies, and standards that help ensure:  Management directives are carried out.  Actions are taken to address risks and achieve the entity’s objectives.
  • 15. 11/2/2017 15 Control Activities Control Types  Preventive - Controls that deter undesirable events from occurring. (proactive) Examples include segregation of duties and computer passwords.  Detective - Controls that detect and correct undesirable events that have occurred. (reactive) Examples include supervisor reviews and exception reports.  Directive - Controls that cause or encourage a desirable event to occur. (proactive) Examples include employee training programs and employee bonus plans. Auditors ensure that controls are adequate and function effectively! Information & Communication  Information and communication systems “surround” control activities.  Enable people to capture and exchange information needed to conduct, manage, and control the operations.  Effective communication must flow down, across, and up the organization.
  • 16. 11/2/2017 16 Monitoring  Ensures that internal controls continue to operate effectively.  Includes regular management and supervisory activities and separate evaluations.  Ensures modifications to controls are made as necessary.  Allows for dynamic reaction to changing conditions. Polling Question #4
  • 17. 11/2/2017 17 Audit Process Overview Understand the Enterprise Define Audit Universe and Validate Completeness Risk Analysis Assess Risk and Develop Audit Plan Execute Audit Plan Identify and Manage Resources Analyze Business Processes Review Strategies, Finances, Systems and Processes Execute Audit Program Test Controls, Issue Findings Report to Management Report results, agree on action plans with management Validation Assess Management’s progress in resolving significant issues and report to the A&E Risks Assessment Assess risk levels and control design to develop Audit Program Business Monitoring Understand the Business Strategies, Processes, Products, Systems, Regulations, etc. Plan Approval Review Plan with Senior Management and Present to A&E Committee Annual Audit Plan Development Audit Plan Development Risk Considerations Audit Universe Accounting/Financial Technology OperationalOperational Compliance Credit Market Plan is evaluated on an ongoing basis in response to emerging risks and changing business requirements. Time Since Last Audit Risk Frequency Considerations
  • 18. 11/2/2017 18 Steps in the Audit Process  Pre-Audit Planning  Planning  Fieldwork  Reporting & Wrap-Up  Validation  Business Monitoring Audit Process – Pre-Audit Planning  Assignment of AIC – Senior Audit Manager or Supervisor  Review of business information – AIC  Business Partner notification – AIC or Supervisor  Request for information from Business Partner – AIC
  • 19. 11/2/2017 19 Audit Process - Planning  Business Analysis – AIC  Understanding the Business  Process Flowcharts – Identification of key control points  Risk Assessment – AIC  Identification and assessment of risks and controls  Business Partner validation  Audit scope definition and Audit Program development (Risk, Control & Test Documents) – AIC  Engagement letter delivered to Business Partner – AIC  Kickoff meeting with Business Partner and Audit Team – AIC Audit Process - Fieldwork Testing For Control Effectiveness Related To Key Risk Areas – Audit Team  Completed within 75 days – Audit Team  Documentation of data analysis – AIC  Sampling of key control areas – Audit Team  Workpaper completion – Audit Team  Business Partner status updates – AIC  Significant Issues & Recommendations communicated in writing – Audit Team  Written management response required – Business Partner
  • 20. 11/2/2017 20 Audit Process – Reporting & Wrap-Up  Audit Ratings Matrix completion  Draft report shared with Business Partner  Exit conference held With Business Partner  Final report issued within 30 days of fieldwork end date  Written interim performance appraisals completed for team members who work at least 80 hours on an audit project Audit Process – Reporting Final Report includes:  Executive Summary  Summary Assessment of the Internal Control Environment  Summary of Issues and Corrective Actions  Best Practices  Objective and Scope of the Audit  Business Unit Summary  Risk Assessment and Ratings Methodology  Enterprise Risk Area Coverage  Details of Issues and Corrective Actions
  • 21. 11/2/2017 21 41 5-Tier Audit Rating – Matrix Overview CONDITON 5 4 3 2 1 Control Environment The tone of the organization influences the control consciousness of its people. Examples include the integrity, ethical values, attitude and competence of employees; management philosophy; and input provided by the board of directors. Risk Identification & Assessment Identification and analysis of risks relevant to achieving corporate goals, determination of how such risks should be managed and implementation of a process to address risk associated with change. Control Activities Policies, procedures and processes that help ensure a company carries out management directives. Examples include approvals, verifications, reconciliations, reviews of operating performance, security of assets & segregation of duties. Information & Communication Communication within the company and with external parties such as customers, regulators and shareholders. For example, reports that contain operational, compliance or financial data or that share ideas or events across lines of business are generated from a company’s information systems. Monitoring & Testing Assessing the quality of a company’s internal control systems. This is done through ongoing monitoring of activities within the business unit and an independent evaluation of existing controls by auditors. 42 5-Tier Audit Rating – Opinion Statements Audit Rating Standard Opinion Statements 5 The system of internal control, as defined in the scope of this audit, is strong and effective and provides assurance the risks are well-managed. 4 The system of internal control, as defined in the scope of this audit, is effective and provides reasonable assurance the risks are being effectively managed. 3 The system of internal control, as defined in the scope of this audit, is generally effective and provides reasonable assurance that risks are being managed. Control exceptions exist but corrective action plans are in place. 2 The system of internal control, as defined in the scope of this audit, needs improvement and may not provide reasonable assurance the risk are being managed. Control exceptions exist that need to be addressed. 1 The system of internal control, as defined in the scope of this audit, is ineffective and does not provide assurance the risks are being managed. Immediate management attention is needed to address the control exceptions.
  • 22. 11/2/2017 22 Audit Process – Follow-Up  Standardized process to capture, monitor and report corrective actions from reported audit issues  Establishes guidelines for the timing/extent of follow-up work  Issues close when business partner notifies Audit  Results of follow-up work communicated to business partner Audit Process – Issue Escalation  Issues aged based on original corrective action due dates and number of date revisions tracked  Aging reports/escalation of past due issues discussed with business unit and senior management as part of Business Monitoring by Audit Manager and/or AIC  All Very High, High and Moderate risk issues past due over 31 days are reported to the Audit & Examination Committee
  • 23. 11/2/2017 23 Audit Process – Business Monitoring  Typically managed at the Senior Director, Director and SAM levels thru email, phone conversations, and live meetings. Frequency is based on risk of auditable unit.  Fosters strong relationships between WFAS and Business Partners  Provides a mechanism for validating the status of corrective actions taken  Allows for identification of emerging risks  Re-validates risk assessments  Enables timely reaction to business/risk changes  Enables identification and escalation of adverse trends  Allows for discussion of investigation issues  Ensures key information is communicated to management Questions?
  • 24. 11/2/2017 24 Thank You! William Woodington, CPA, CIA Woodington Training Solutions 763-568-1181 http://woodingtontraining.com/ bill@woodingtontraining.com Jim Kaplan, CIA, CFE AuditNet LLC® 800-385-1625 www.auditnet.org webinars@auditnet.org AuditNet® and cRisk Academy  If you would like forever access to this webinar recording  If you are watching the recording, and would like to obtain CPE credit for this webinar  Previous AuditNet® webinars are also available on-demand for CPE credit http://criskacademy.com http://ondemand.criskacade my.com Use coupon code: 50OFF for a discount on this webinar for one week