SlideShare ist ein Scribd-Unternehmen logo

Overview of Internal Audit

Als PPTX, PDF herunterladen
S
seanpizzy

The sole objective of this course is to give you a ground understanding of the basics, what Auditing is all about, the objectives, benefits and concept. We plan to turn beginners in Internal Auditing to masters. Anyone with a keen interest on how to conduct an Internal Audit would benefit from this course.

Bildung
1 von 19
Information Technology Audit Business Practice Training Sean D. Obi, CISA, CISM, PMP IT Audit | IT Risk | IT Compliance Understanding basic approaches towards Information Technology review @seanpizzie 1 www.techembro.com @techembro
Internal Audit - Introduction  Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.  The internal audit program provides assurance that internal controls in place are adequate to mitigate risks, governance processes are effective and efficient, and organizational goals and objectives are being met. @seanpizzie 2 www.techembro.com @techembro
Internal Audit – Introduction (Cont’d)  Internal auditing bridges the gap between management and the executive leadership or the board of an agency; assesses the ethical climate and the effectiveness and efficiency of operations; and serves as an organization’s safety net for compliance with rules, regulations, and overall best business practices.  Internal audits are performed by professionals employed by the agency who have an in-depth understanding of the business culture, systems, and processes.  The internal audit function is an integral part of the agency and derives its authority from senior management. It serves to promote objective, comprehensive review coverage, and to assure the consideration of audit recommendations. @seanpizzie 3 www.techembro.com @techembro
Internal Audit – Introduction (Cont’d)  The chief audit executive (CAE) is the person within an agency with overall responsibility for the internal audit program. The CAE is responsible for developing the internal audit charter, staffing, administering, and managing the internal audit program to ensure it operates in accordance with professional standards and adds value to the organization. The CAE reports to the agency director or board significant nonconformance of professional standards that impacts the overall scope or operation of the internal audit program.  Depending on an agency’s governance structure, an audit committee may be used to help the agency review, monitor, and/or direct the agency’s activities related to maintaining effective internal control. An agency audit committee could also improve financial practices and reporting, and enhance both the internal and external audit functions.@seanpizzie 4 www.techembro.com @techembro
Internal Audit – Introduction (Cont’d)  The internal auditor or other professionals (internal or external to the agency) may provide assurance and advisory support to management in areas such as developing appropriate procedures to conduct risk assessments and internal reviews of control activities.  External auditors are not part of an agency’s internal audit program and cannot be a replacement for or supplement to an adequate internal audit program. The role of the external auditor is to provide independent accountability and assurance to the public and external stakeholders. However, this independent assurance is also valuable feedback to those charged with governance and agency management. @seanpizzie 5 www.techembro.com @techembro
Professional audit standards  The internal audit program must conform to either the International Standards for the Professional Practice of Internal Auditing and Code of Ethics (IIA Red Book), Generally Accepted Government Auditing Standards (GAO Yellow Book), or both.  Regardless of which set of standards are adopted, the internal auditing program should adhere to the following core principles and mandatory attributes of internal auditing. @seanpizzie 6 www.techembro.com @techembro
Professional audit standards Core principles  Demonstrates integrity  Demonstrates quality and continuous improvement  Demonstrates competence and due professional care  Communicates effectively  Is objective and free from undue influence  Provides risk-based assurance  Aligns with the strategies, objectives, and risks of the organization  Is insightful, proactive, and future-focused  Is appropriately positioned and adequately resourced  Promotes organizational improvement @seanpizzie 7 www.techembro.com @techembro
Professional audit standards Common mandatory attributes  Organizational independence  Individual objectivity  Proficiency and due professional care  Quality assurance and improvement program @seanpizzie 8 www.techembro.com @techembro
Internal and external auditors As an integral part of the organization, internal auditors possess an in- depth understanding of the agency’s culture, operations, strategies, and risks. External auditors gain an understanding of operations only as needed to inform their specific audit. Some key differences between internal and external auditing to consider in coordinating efforts include: Internal audit  Staffed by employees or contractors of the agency.  Mandated to provide assurance and advice to senior management (and board, if applicable) to improve the state of governance, risk management, and control within the agency.  Focused on all functions and operations of the agency.  Required to meet audit standards for organizational independence.  Provide continuous services to management. @seanpizzie 9 www.techembro.com @techembro
Internal and external auditors External audit  Staffed by employees or contractors of the external audit organization.  Mandated by authorizing law, rule, or other authority to provide assurance to external stakeholders (the public, legislature, federal regulators, etc.) on the accuracy of agency reports, compliance with laws and rules, and efficiency of operations.  Focused on areas stipulated by statute, rule, or authority.  Independent of the agency.  Audits may be intermittent or routine such as the end of a fiscal period or grant period. @seanpizzie 10 www.techembro.com @techembro
Components of an Internal Audit Charter What is an Audit Charter? Internal audit functions play a vital role in providing assurance of an organization’s risk management practices and protecting and enhancing organizational value. The internal audit charter is a formal document that clearly defines and articulates “marching orders” for the internal audit function from the governing body (typically the audit committee) and management. It should be reviewed and approved by the governing body on an annual basis. The charter must define, at minimum, the following items: @seanpizzie 11 www.techembro.com @techembro
Components of an Internal Audit Charter “Cont’d”  Internal audit’s purpose within the organization  Internal audit’s authority  Internal audit’s responsibility  Internal audit’s position within the organization The charter provides a blueprint for how internal audit will operate and allows the governing body to emphasize the value it places on the independence of the internal audit function. The charter establishes this independence by defining reporting lines from the Chief Audit Executive (CAE) to the governing body and, administratively, to executive management. @seanpizzie 12 www.techembro.com @techembro
Vital Components of an Audit Charter the IIA identified seven vital components that support the overall strength and effectiveness of the internal audit function and should be included in the internal audit charter: 1. Mission and Purpose The charter should define both the mission and the purpose of the internal audit function. The mission should be to enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight. Internal audit’s independent and objective assurance and consulting services should be designed to add value and improve the organization’s operations. @seanpizzie 13 www.techembro.com @techembro
Vital Components of an Audit Charter 2. Adherence to the International Standards for the Professional Practice of Internal Auditing The charter should include details about how the internal audit function governs itself and how it adheres to the IIA’s International Professional Practices Framework (IPPF), including:  Standards  Core principles for the professional practice of internal auditing  Definition of internal auditing  Code of ethics @seanpizzie 14 www.techembro.com @techembro
Vital Components of an Audit Charter 3. Authority The charter should define the CAE’s functional and administrative reporting relationship in the organization as noted above. In addition, a statement should be included affirming that the governing body will establish, maintain, and assure that the internal audit function has sufficient authority to fulfill its duties. @seanpizzie 15 www.techembro.com @techembro
Vital Components of an Audit Charter 4. Independence and Objectivity The charter should state that the CAE will ensure independence and objectivity of the internal audit function to carry out its duties in an unbiased manner. Furthermore, internal audit should have no direct operational responsibility or authority over any of the activities audited. @seanpizzie 16 www.techembro.com @techembro
Vital Components of an Audit Charter 5. Scope of Internal Audit Activities The charter should define the scope of the internal audit function. The scope should include providing independent assessments of the adequacy and effectiveness of governance, risk management, and control processes. @seanpizzie 17 www.techembro.com @techembro
Vital Components of an Audit Charter 6. Responsibility The responsibility of the internal audit function should also be described in the charter and the following should be performed at least annually:  Verification that the internal audit function is fulfilling its mandate  Assurance of compliance with IIA standards  Communication of the results of its work and follow up of agreed corrective actions @seanpizzie 18 www.techembro.com @techembro
Vital Components of an Audit Charter 7. Quality Assurance and Improvement Program The charter should define the internal audit’s Quality Assurance and Improvement Program (QAIP), which covers all aspects of the internal audit function including:  Evaluation of conformance to IIA Standards and requirement to report the results of its QAIP periodically to senior management and the governing body  An external assessment of the activity at least once every five years @seanpizzie 19 www.techembro.com @techembro

Empfohlen

Powerful Audit Report Writing
Powerful Audit Report WritingPowerful Audit Report Writing
Powerful Audit Report WritingSana Baqai
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Nidhi Gupta
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Presentation on Audit Findings
Presentation on Audit FindingsPresentation on Audit Findings
Presentation on Audit FindingsDeshapriya Senanayake
 
Coso Internal Control Integrated Framework
Coso Internal Control Integrated FrameworkCoso Internal Control Integrated Framework
Coso Internal Control Integrated Frameworkhyesue
 
Internal audit
Internal auditInternal audit
Internal auditS.M. Towhidul Islam
 
Internal Audit
Internal AuditInternal Audit
Internal AuditJami Martin
 

Empfohlen

Powerful Audit Report Writing
Powerful Audit Report WritingPowerful Audit Report Writing
Powerful Audit Report WritingSana Baqai
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Nidhi Gupta
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Presentation on Audit Findings
Presentation on Audit FindingsPresentation on Audit Findings
Presentation on Audit FindingsDeshapriya Senanayake
 
Coso Internal Control Integrated Framework
Coso Internal Control Integrated FrameworkCoso Internal Control Integrated Framework
Coso Internal Control Integrated Frameworkhyesue
 
Internal audit
Internal auditInternal audit
Internal auditS.M. Towhidul Islam
 
Internal Audit
Internal AuditInternal Audit
Internal AuditJami Martin
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdfkavyashree k
 
Audit report writing 5
Audit report writing 5Audit report writing 5
Audit report writing 5DJones68
 
Internal control & compliance
Internal control & complianceInternal control & compliance
Internal control & complianceMakhluk Hasan
 
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...himalya sharma
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditingFrederick Altum Pokoo-Aikins
 
Preparing For An FDA Inspection - Employee Review
Preparing For An FDA Inspection - Employee ReviewPreparing For An FDA Inspection - Employee Review
Preparing For An FDA Inspection - Employee Reviewguest22cdb3
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of ControlsSazzad Hossain, ITP, MBA, CSCA™
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologyManoj Agarwal
 
Coso framework
Coso frameworkCoso framework
Coso frameworkDarryl Woolley
 
Utf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeUtf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeAbuallia
 
Standard Operating Procedure (SOP) for Information Technology (IT) Operations
Standard Operating Procedure (SOP) for Information Technology (IT) OperationsStandard Operating Procedure (SOP) for Information Technology (IT) Operations
Standard Operating Procedure (SOP) for Information Technology (IT) OperationsRonald Bartels
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self AssessmentManoj Agarwal
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO FrameworkJesús Gándara
 
COSO Internal Control - Integrated Framework
COSO Internal Control - Integrated FrameworkCOSO Internal Control - Integrated Framework
COSO Internal Control - Integrated FrameworkAziz Fataliyev, Internal Audit Practitioner
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditinggrifff
 
Basics of internal audit
Basics of internal auditBasics of internal audit
Basics of internal auditcomplianceonline123
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 
Internal audit
Internal auditInternal audit
Internal auditRahul Mithia
 
Internal Audit Manual
Internal Audit ManualInternal Audit Manual
Internal Audit ManualDavid Griffiths
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit FrameworkAhmad Tariq Bhatti
 
Applicability of internal audit capsule on ia program good
Applicability of internal audit capsule on ia program goodApplicability of internal audit capsule on ia program good
Applicability of internal audit capsule on ia program goodSARVJEET KAUSHAL
 

Weitere ähnliche Inhalte

Was ist angesagt?

Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdfkavyashree k
 
Audit report writing 5
Audit report writing 5Audit report writing 5
Audit report writing 5DJones68
 
Internal control & compliance
Internal control & complianceInternal control & compliance
Internal control & complianceMakhluk Hasan
 
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...himalya sharma
 
Preparing For An FDA Inspection - Employee Review
Preparing For An FDA Inspection - Employee ReviewPreparing For An FDA Inspection - Employee Review
Preparing For An FDA Inspection - Employee Reviewguest22cdb3
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologyManoj Agarwal
 
Utf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeUtf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeAbuallia
 
Standard Operating Procedure (SOP) for Information Technology (IT) Operations
Standard Operating Procedure (SOP) for Information Technology (IT) OperationsStandard Operating Procedure (SOP) for Information Technology (IT) Operations
Standard Operating Procedure (SOP) for Information Technology (IT) OperationsRonald Bartels
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self AssessmentManoj Agarwal
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO FrameworkJesús Gándara
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditinggrifff
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 

Was ist angesagt? (20)

Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdf
 
Audit report writing 5
Audit report writing 5Audit report writing 5
Audit report writing 5
 
Internal control & compliance
Internal control & complianceInternal control & compliance
Internal control & compliance
 
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditing
 
Preparing For An FDA Inspection - Employee Review
Preparing For An FDA Inspection - Employee ReviewPreparing For An FDA Inspection - Employee Review
Preparing For An FDA Inspection - Employee Review
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
 
Coso framework
Coso frameworkCoso framework
Coso framework
 
Utf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeUtf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committee
 
Standard Operating Procedure (SOP) for Information Technology (IT) Operations
Standard Operating Procedure (SOP) for Information Technology (IT) OperationsStandard Operating Procedure (SOP) for Information Technology (IT) Operations
Standard Operating Procedure (SOP) for Information Technology (IT) Operations
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self Assessment
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO Framework
 
COSO Internal Control - Integrated Framework
COSO Internal Control - Integrated FrameworkCOSO Internal Control - Integrated Framework
COSO Internal Control - Integrated Framework
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditing
 
Basics of internal audit
Basics of internal auditBasics of internal audit
Basics of internal audit
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
 
Internal audit
Internal auditInternal audit
Internal audit
 
Internal Audit Manual
Internal Audit ManualInternal Audit Manual
Internal Audit Manual
 

Ähnlich wie Overview of Internal Audit

Applicability of internal audit capsule on ia program good
Applicability of internal audit capsule on ia program goodApplicability of internal audit capsule on ia program good
Applicability of internal audit capsule on ia program goodSARVJEET KAUSHAL
 
vdocuments.mx_cia-part-1-slides.ppt
vdocuments.mx_cia-part-1-slides.pptvdocuments.mx_cia-part-1-slides.ppt
vdocuments.mx_cia-part-1-slides.pptFraterne1
 
Frequently asked questions on auditing in dubai
Frequently asked questions on auditing in dubaiFrequently asked questions on auditing in dubai
Frequently asked questions on auditing in dubaiManeesha35
 
The Objectives Of Internal Audit
The Objectives Of Internal AuditThe Objectives Of Internal Audit
The Objectives Of Internal AuditSonia Sanchez
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Mohammad Wahid Abdullah Khan
 
UBL AUDITING DUBAI
UBL AUDITING DUBAIUBL AUDITING DUBAI
UBL AUDITING DUBAIVickyRockz1
 
CIA part 1 essentials of internal auditing
CIA part 1 essentials of internal auditingCIA part 1 essentials of internal auditing
CIA part 1 essentials of internal auditingariundalai1
 
Internal Audit Of The California Department Of Public...
Internal Audit Of The California Department Of Public...Internal Audit Of The California Department Of Public...
Internal Audit Of The California Department Of Public...Tina Jordan
 
Tyco Internal Audit Case Study
Tyco Internal Audit Case StudyTyco Internal Audit Case Study
Tyco Internal Audit Case StudyJessica Myers
 
Internal Audit Project
Internal Audit ProjectInternal Audit Project
Internal Audit ProjectSoumeet Sarkar
 
Auditing.docx
Auditing.docxAuditing.docx
Auditing.docxJoelEdau1
 
319155985-project-report-on-a-CA-firm (1).pdf
319155985-project-report-on-a-CA-firm (1).pdf319155985-project-report-on-a-CA-firm (1).pdf
319155985-project-report-on-a-CA-firm (1).pdfInfantRagulD
 
Outsourced Internal Audits in Dubai.pptx
Outsourced Internal Audits in Dubai.pptxOutsourced Internal Audits in Dubai.pptx
Outsourced Internal Audits in Dubai.pptxRishalHalid1
 
Designing Effective Financial Controls
Designing Effective Financial ControlsDesigning Effective Financial Controls
Designing Effective Financial ControlsStephen G. Lynch
 
24201843 studdy-note-8
24201843 studdy-note-824201843 studdy-note-8
24201843 studdy-note-8Akash Saxena
 

Ähnlich wie Overview of Internal Audit (20)

The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
 
Applicability of internal audit capsule on ia program good
Applicability of internal audit capsule on ia program goodApplicability of internal audit capsule on ia program good
Applicability of internal audit capsule on ia program good
 
vdocuments.mx_cia-part-1-slides.ppt
vdocuments.mx_cia-part-1-slides.pptvdocuments.mx_cia-part-1-slides.ppt
vdocuments.mx_cia-part-1-slides.ppt
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Frequently asked questions on auditing in dubai
Frequently asked questions on auditing in dubaiFrequently asked questions on auditing in dubai
Frequently asked questions on auditing in dubai
 
The Objectives Of Internal Audit
The Objectives Of Internal AuditThe Objectives Of Internal Audit
The Objectives Of Internal Audit
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)
 
Fice Of Internal Audit
Fice Of Internal AuditFice Of Internal Audit
Fice Of Internal Audit
 
UBL AUDITING DUBAI
UBL AUDITING DUBAIUBL AUDITING DUBAI
UBL AUDITING DUBAI
 
Value based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal AuditValue based internal auditing - Nilai Dasar Internal Audit
Value based internal auditing - Nilai Dasar Internal Audit
 
CIA part 1 essentials of internal auditing
CIA part 1 essentials of internal auditingCIA part 1 essentials of internal auditing
CIA part 1 essentials of internal auditing
 
Risk based auditing
Risk based auditingRisk based auditing
Risk based auditing
 
Internal Audit Of The California Department Of Public...
Internal Audit Of The California Department Of Public...Internal Audit Of The California Department Of Public...
Internal Audit Of The California Department Of Public...
 
Tyco Internal Audit Case Study
Tyco Internal Audit Case StudyTyco Internal Audit Case Study
Tyco Internal Audit Case Study
 
Internal Audit Project
Internal Audit ProjectInternal Audit Project
Internal Audit Project
 
Auditing.docx
Auditing.docxAuditing.docx
Auditing.docx
 
319155985-project-report-on-a-CA-firm (1).pdf
319155985-project-report-on-a-CA-firm (1).pdf319155985-project-report-on-a-CA-firm (1).pdf
319155985-project-report-on-a-CA-firm (1).pdf
 
Outsourced Internal Audits in Dubai.pptx
Outsourced Internal Audits in Dubai.pptxOutsourced Internal Audits in Dubai.pptx
Outsourced Internal Audits in Dubai.pptx
 
Designing Effective Financial Controls
Designing Effective Financial ControlsDesigning Effective Financial Controls
Designing Effective Financial Controls
 
24201843 studdy-note-8
24201843 studdy-note-824201843 studdy-note-8
24201843 studdy-note-8
 

Kürzlich hochgeladen

INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxRosabel UA
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSMae Pangan
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxVanesaIglesias10
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 

Kürzlich hochgeladen (20)

INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptx
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHS
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 

Overview of Internal Audit

  • 1. Information Technology Audit Business Practice Training Sean D. Obi, CISA, CISM, PMP IT Audit | IT Risk | IT Compliance Understanding basic approaches towards Information Technology review @seanpizzie 1 www.techembro.com @techembro
  • 2. Internal Audit - Introduction  Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.  The internal audit program provides assurance that internal controls in place are adequate to mitigate risks, governance processes are effective and efficient, and organizational goals and objectives are being met. @seanpizzie 2 www.techembro.com @techembro
  • 3. Internal Audit – Introduction (Cont’d)  Internal auditing bridges the gap between management and the executive leadership or the board of an agency; assesses the ethical climate and the effectiveness and efficiency of operations; and serves as an organization’s safety net for compliance with rules, regulations, and overall best business practices.  Internal audits are performed by professionals employed by the agency who have an in-depth understanding of the business culture, systems, and processes.  The internal audit function is an integral part of the agency and derives its authority from senior management. It serves to promote objective, comprehensive review coverage, and to assure the consideration of audit recommendations. @seanpizzie 3 www.techembro.com @techembro
  • 4. Internal Audit – Introduction (Cont’d)  The chief audit executive (CAE) is the person within an agency with overall responsibility for the internal audit program. The CAE is responsible for developing the internal audit charter, staffing, administering, and managing the internal audit program to ensure it operates in accordance with professional standards and adds value to the organization. The CAE reports to the agency director or board significant nonconformance of professional standards that impacts the overall scope or operation of the internal audit program.  Depending on an agency’s governance structure, an audit committee may be used to help the agency review, monitor, and/or direct the agency’s activities related to maintaining effective internal control. An agency audit committee could also improve financial practices and reporting, and enhance both the internal and external audit functions.@seanpizzie 4 www.techembro.com @techembro
  • 5. Internal Audit – Introduction (Cont’d)  The internal auditor or other professionals (internal or external to the agency) may provide assurance and advisory support to management in areas such as developing appropriate procedures to conduct risk assessments and internal reviews of control activities.  External auditors are not part of an agency’s internal audit program and cannot be a replacement for or supplement to an adequate internal audit program. The role of the external auditor is to provide independent accountability and assurance to the public and external stakeholders. However, this independent assurance is also valuable feedback to those charged with governance and agency management. @seanpizzie 5 www.techembro.com @techembro
  • 6. Professional audit standards  The internal audit program must conform to either the International Standards for the Professional Practice of Internal Auditing and Code of Ethics (IIA Red Book), Generally Accepted Government Auditing Standards (GAO Yellow Book), or both.  Regardless of which set of standards are adopted, the internal auditing program should adhere to the following core principles and mandatory attributes of internal auditing. @seanpizzie 6 www.techembro.com @techembro
  • 7. Professional audit standards Core principles  Demonstrates integrity  Demonstrates quality and continuous improvement  Demonstrates competence and due professional care  Communicates effectively  Is objective and free from undue influence  Provides risk-based assurance  Aligns with the strategies, objectives, and risks of the organization  Is insightful, proactive, and future-focused  Is appropriately positioned and adequately resourced  Promotes organizational improvement @seanpizzie 7 www.techembro.com @techembro
  • 8. Professional audit standards Common mandatory attributes  Organizational independence  Individual objectivity  Proficiency and due professional care  Quality assurance and improvement program @seanpizzie 8 www.techembro.com @techembro
  • 9. Internal and external auditors As an integral part of the organization, internal auditors possess an in- depth understanding of the agency’s culture, operations, strategies, and risks. External auditors gain an understanding of operations only as needed to inform their specific audit. Some key differences between internal and external auditing to consider in coordinating efforts include: Internal audit  Staffed by employees or contractors of the agency.  Mandated to provide assurance and advice to senior management (and board, if applicable) to improve the state of governance, risk management, and control within the agency.  Focused on all functions and operations of the agency.  Required to meet audit standards for organizational independence.  Provide continuous services to management. @seanpizzie 9 www.techembro.com @techembro
  • 10. Internal and external auditors External audit  Staffed by employees or contractors of the external audit organization.  Mandated by authorizing law, rule, or other authority to provide assurance to external stakeholders (the public, legislature, federal regulators, etc.) on the accuracy of agency reports, compliance with laws and rules, and efficiency of operations.  Focused on areas stipulated by statute, rule, or authority.  Independent of the agency.  Audits may be intermittent or routine such as the end of a fiscal period or grant period. @seanpizzie 10 www.techembro.com @techembro
  • 11. Components of an Internal Audit Charter What is an Audit Charter? Internal audit functions play a vital role in providing assurance of an organization’s risk management practices and protecting and enhancing organizational value. The internal audit charter is a formal document that clearly defines and articulates “marching orders” for the internal audit function from the governing body (typically the audit committee) and management. It should be reviewed and approved by the governing body on an annual basis. The charter must define, at minimum, the following items: @seanpizzie 11 www.techembro.com @techembro
  • 12. Components of an Internal Audit Charter “Cont’d”  Internal audit’s purpose within the organization  Internal audit’s authority  Internal audit’s responsibility  Internal audit’s position within the organization The charter provides a blueprint for how internal audit will operate and allows the governing body to emphasize the value it places on the independence of the internal audit function. The charter establishes this independence by defining reporting lines from the Chief Audit Executive (CAE) to the governing body and, administratively, to executive management. @seanpizzie 12 www.techembro.com @techembro
  • 13. Vital Components of an Audit Charter the IIA identified seven vital components that support the overall strength and effectiveness of the internal audit function and should be included in the internal audit charter: 1. Mission and Purpose The charter should define both the mission and the purpose of the internal audit function. The mission should be to enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight. Internal audit’s independent and objective assurance and consulting services should be designed to add value and improve the organization’s operations. @seanpizzie 13 www.techembro.com @techembro
  • 14. Vital Components of an Audit Charter 2. Adherence to the International Standards for the Professional Practice of Internal Auditing The charter should include details about how the internal audit function governs itself and how it adheres to the IIA’s International Professional Practices Framework (IPPF), including:  Standards  Core principles for the professional practice of internal auditing  Definition of internal auditing  Code of ethics @seanpizzie 14 www.techembro.com @techembro
  • 15. Vital Components of an Audit Charter 3. Authority The charter should define the CAE’s functional and administrative reporting relationship in the organization as noted above. In addition, a statement should be included affirming that the governing body will establish, maintain, and assure that the internal audit function has sufficient authority to fulfill its duties. @seanpizzie 15 www.techembro.com @techembro
  • 16. Vital Components of an Audit Charter 4. Independence and Objectivity The charter should state that the CAE will ensure independence and objectivity of the internal audit function to carry out its duties in an unbiased manner. Furthermore, internal audit should have no direct operational responsibility or authority over any of the activities audited. @seanpizzie 16 www.techembro.com @techembro
  • 17. Vital Components of an Audit Charter 5. Scope of Internal Audit Activities The charter should define the scope of the internal audit function. The scope should include providing independent assessments of the adequacy and effectiveness of governance, risk management, and control processes. @seanpizzie 17 www.techembro.com @techembro
  • 18. Vital Components of an Audit Charter 6. Responsibility The responsibility of the internal audit function should also be described in the charter and the following should be performed at least annually:  Verification that the internal audit function is fulfilling its mandate  Assurance of compliance with IIA standards  Communication of the results of its work and follow up of agreed corrective actions @seanpizzie 18 www.techembro.com @techembro
  • 19. Vital Components of an Audit Charter 7. Quality Assurance and Improvement Program The charter should define the internal audit’s Quality Assurance and Improvement Program (QAIP), which covers all aspects of the internal audit function including:  Evaluation of conformance to IIA Standards and requirement to report the results of its QAIP periodically to senior management and the governing body  An external assessment of the activity at least once every five years @seanpizzie 19 www.techembro.com @techembro