3. Role of internal auditor Review acs & I.C.S Assist with identification of significant risks Review 3 E’s of operations- VFM audit Examine financial & operating information Special investigations , e.g suspected fraud Review compliance with laws & external regulations
4. Financial audit Operational audit Project audit VFM audit Social & environmental audit Mgmt audit I.A looks at controls - PAPAMOSS Types of audit work
5. Need for I.A I.A is a mgmt control- PAPA(M)OSS I.A review effectiveness of other controls in the org. Ensure controls are working properly I.A is also often a statutory requirement Good corporate governance may also suggest an I.A dept I.A is 100% audit – VFM audit Chief internal auditor is in charge of the dept and reports to the audit committee.
6. Need for I.A Factors affecting the need for I.A Scale & complex operations No of employees Cost benefit analysis Change in: org structure, reporting process or Mgmt.Info.Sys Change in key risks- change in PESTEL factors Problems with existing ICS Unexplained / doubtful txns
10. INDEPENDENCE Risks if No Independence Failure to report control breaches Accepting info without checking No professional skepticism Blind on unethical matters Give undeserved positive feedback
11. INDEPENDENCE Threats to independence Threat to independence is when the opinion of the auditor is doubted. Threats can be either REAL or PERCEIVED ACCA code of ethics : Self interest Familiarity Advocacy Self review Intimidation
46. Audit committee Composition Consist of NED’s – at least 3 At least one NED should have recent financial expertise
47. Audit committee Roles Oversight, assessment, review of other functions / systems in the company. Board delegates work to audit comm to meet objectives pertaining to ICS Review ICS, oversee work of IA, monitor integrity of FS , review work of external audit Role of audit comm was considered in combined code & SOX and Kings report contain similar recommendations.
48.
49. Audit comm should have min 3 annual meetings to coincide with external audit assignment.
50. Audit comm should meet once a yr with only internal & external audit – without mgmt. so that the auditors can voice out concern.
51. Chairman of audit comm can informally meet mgmt to get more indepth info about important matters.
59. Review Fraud Risk Mgmt – ensure awareness promoted & a proper reporting/ investigating mechanism exist. Receive reports on conclusions of tests of ctrls by I.A & Ext aud and consider their recommendations.