Premium Essay

Internal Audit Principles

In: Other Topics

Submitted By ssithole
Words 36187
Pages 145
INTERNAL AUDIT PRINCIPLES

The main and ancillary objectives of an internal audit

The main objective of internal auditing is to assist members of executive and senior management in the effective discharge of their duties and responsibilities with regard to risk management, control and governance processes. To this end, the internal auditor furnishes them with analyses, appraisals, recommendations, counsel and information concerning the activities reviewed.

The discovery of errors and fraud is the ancillary objective of internal auditing.

The internal auditor as an adviser to members of the organization

As an adviser, the internal auditor examines and reviews the activities of the organization in order to evaluate them with a view to furnishing members of the organization with advice, information and recommendations that will enable them to discharge their duties effectively.

As an adviser, the internal auditor merely offers advice, gives information or makes recommendations. The ultimate decision whether or not to accept this advice or information or to implement these recommendations, therefore always rests with executive management. The internal audit activity should never possess the organizational power to force top executive management to accept the audit results.

Management may decide to:

1. accept the auditor’s recommendations, in which case the internal auditor must ascertain that the corrective action taken is achieving the desired results, or
2. reject the internal auditor’s recommendations, in which case the internal auditor should ascertain that top executive management has assumed the risk of failing to take corrective action on reported findings.

The internal audit activity as a control function

The internal audit activity serves as a detective control in the system of internal control – in other words, it functions as a…...

Similar Documents

Premium Essay

Internal Audit

...Internal Audit Chapter 5 Review 1. A business process is the set of connected activities linked with each other for the purpose of achieving an objective or goal. 2. Two general types of business processes are present in most organizations that deliver goods and services: the operating processes and the management and support processes. The operating processes include strategic planning, product and service design and development, marketing, production/delivery, invoicing, and collection. The management and support processes include obtaining and managing the organization’s human resources (this could include hiring, training, benefits), managing financial resources (including budgeting, financial accounting, treasury), managing the information technology resources, managing physical resources (facilities management, security, maintenance, etc.), the organization’s compliance and governance systems, and the process for managing the organization’s external stakeholders (government relations, public relations, etc.). 5. A top-down approach begins at the entity level with the organization’s objectives, and then identifies the key processes critical to the success of each of the organization’s objectives. A bottom-up approach begins by looking at all processes directly at the activity level, and then aggregates the identified processes across the organization. 7. The two common methods used to document processes are process maps and process write-ups. Process...

Words: 4393 - Pages: 18

Premium Essay

Internal Audit

...Internal Audit Internal auditing is a self-governing, objective assurance and consulting movement designed to add value and advance an organization's operations. The main objective of the internal audit activity is to determine whether the organization/company’s network of risk management, control, and governance processes, as designed and represented by the management, is adequate and functioning in a manner to ensure: risks are identified and managed, objectives are achieved, and compliance with policies are met. Along with internal auditing come developments, including standards and risk assessments for accounting and reporting practices. Sarbanes-Oxley Act The Sarbanes Oxley Act (the “Act”) of 2002 is a federal law passed in response to major corporate and accounting scandals including those of Enron, Tyco International, and Worldcom. These accounting scandals gave pause to the accounting world because of how complex and encompassing they were. They resulted in a decline of public trust in both accounting and reporting practices. It was then when the government realized that major reform was needed. This Act is now mandatory in the accounting world. All companies, whether small or large, must comply with the act. The corporate responsibility section of the Act calls for the establishment of an audit committee. The Act requires that all members of the audit committee be independent. Companies must disclose whether or not the audit committee includes at least one......

Words: 527 - Pages: 3

Premium Essay

The Role of Internal Audit in Erm

...29, 2004 The Role of Internal Auditing in Enterprise-wide Risk Management In conjunction with the newly released Committee of Sponsoring Organizations of the Treadway Commission (COSO) Enterprise Risk Management - Integrated Framework, The Institute of Internal Auditors (IIA), in coordination with its IIAUK and Ireland affiliate, has issued a position paper on The Role of Internal Audit in Enterprise-wide Risk Management. The paper's purpose is to assist chief audit executives (CAEs) in responding to enterprise risk management (ERM) issues in their organizations. The paper suggests ways for internal auditors to maintain the objectivity and independence required by The IIA's International Standards for the Professional Practice of Internal Auditing (Standards) when providing assurance and consulting services. Internal auditing's core role with regard to ERM is to provide objective assurance to the board on the effectiveness of an organization's ERM activities to help ensure key business risks are being managed appropriately and that the system of internal control is operating effectively Recommended Roles The main factors CAEs should take into account when determining internal auditing's role are whether the activity raises any threats to the internal auditors' independence and objectivity, and whether it is likely to improve the organization's risk management, control, and governance processes. The IIA's position paper indicates which roles internal auditing should and......

Words: 3877 - Pages: 16

Premium Essay

Reccomendation Brief for an Internal Audit

...Recommendation Brief for an Internal Auditor Jennifer Perkins December 9, 2013 ACC 544 Tracie Youngblood An internal auditor certifies a company’s financial statements are timely, relevant, and reliable. According to the American Accounting Association (1973), “Auditing is a systematic process of objectivity obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between the assertions and established criteria and communicating the results to interested users.” Internal auditing assists a company minimize business risks by satisfying the demand of timely, relevant, and reliable information. The following are four environmental conditions that increase user demand for relevant and reliable information: (1) Complexity, (2) Remoteness, (3) Time sensitivity, and (4) Consequences. Complexity Currently, transactions and events are far more complex, in a way that decision makers and investors do not have the expertise to handle them. However, a professional such as an internal auditor is trained to accumulate, gather, and sum up the crucial operating information on his or her own. An internal auditor has the expertise to break down the complex transactions and events while making that information more understandable for the decision making process. Remoteness Decision makers and potential partners are often separated by distance, time, and a lack of expertise. Depending on the......

Words: 626 - Pages: 3

Premium Essay

Internal Audit

...The Art Of Auditing Internal Auditor, August, 2000 by Lawrence Metzger "Creativity" and "auditor" are not contradictory terms. In fact, creative thinking is the linchpin of effective internal auditing--and it's a skill you can learn and polish. The work of internal auditors is as much an art as it is a science or technique. The internal audit process encompasses far more than a series of rote checklists; it is much more akin to an archeological dig, where layers of information are methodically uncovered. To connect and understand the layers of organizations, the internal auditor must be able to think creatively. Not only is creativity an inherent aspect of successful internal auditing, but it has become a hot, sought-after commodity in all fields. In his book Jamming, John Kao observes that we are living in an age of creativity. He argues, for example, that global competition is increasingly about a company's ability to mobilize its ideas, talents, and creative abilities. Kao maintains, along with other observers, that companies will increasingly be measured by their knowledge, and he emphasizes that creativity is the crucial variable in the process of turning knowledge into value. Knowledge is more than mastery of facts and data; it is also insight-the ability to see into a situation and make connections. Ideas are interconnected insights that we can grab and run with. And it is creativity that enables the transformation of one form of knowledge to the next. Kao states that...

Words: 2783 - Pages: 12

Premium Essay

Internal Audit

...AUD 610 TUTORIAL 1 (Professional conduct and ethics) Question 1 For each of the following situations, discuss whether there has been any violation of ethical conduct. Support your answers by reference to the relevant professional code and ethics. I. Wani is a CPA, a partner with Joe and Wani, a CPA firm. Her husband owns 30 percent of shares in an audit client of the firm, but she does not take part in the audit of the client and the value of her shares is not material in relation to her husband’s wealth. a) Yes this is violation. b) Under MIA By-Laws ; Professional Independence means unbiased viewpoint in the performance of audit test, evaluation of result and issuance of audit report. c) The reason is husband Wani holds 30 percent of shares in and audit client of her firm. Stated that in Section 290 MIA By-Laws, auditor are not considered to be independent if he or is spouse, or dependent son or daughter or any son or daughter holds directly or indirectly any interest in shares of the company. II. Fahmi is an audit partner of Amin & Ahmad. He is assigned to an audit engagement for Idaman Bhd. Fahmi’s son is working as an engineering in Idaman Bhd. a) No this is not violation. b) Under MIA By-Laws ; Professional Independence which is financial interest treats. If a member or immediate family has any financial interest directly or indirectly in the entity, then the said member is prohibited from accepting appointment as an auditor of the company. However the......

Words: 673 - Pages: 3

Premium Essay

Internal Control in Audit

...Internal Control Understanding and Documentation Project- EICO Iman H. Al Shawab Table of Contents Part I - Understanding of Entity and Business Environment: 3 Business Overview: 3 Suppliers: 3 Operations: 4 a. Suppliers 4 b. Customers: 5 Part II- Understanding of the Entity’s Internal Control Design and Implementations: 6 Part III: Audit EICO 11 Accepting the Audit and Perform Initial Audit Planning 11 Part I - Understanding of Entity and Business Environment: Business Overview: Emirates Industrial Converting Factory (abbreviated EICO) which is divided into three separate divisions, carton, plastic and tissue. EICO is a manufacturing company which is owned by a local investor Mr. Bader Fares, hence it is a sole proprietorship. It is located in Industrial Area # 15 – Sharjah, UAE. As the other companies in the region, the main contacting channels of this company are through phone +97165344122, fax +97165344133, P.O Box 27074 and email eico@emirates.net.ae. In order to get the information needed to analyze the internal control procedures of this company we needed to carry out interviews with the responsible manager at the carton division at EICO. Specifically, we interviewed the Administration manager at EICO Mr Amer Al Meslat. As stated above, EICO is divided into three divisions and this paper will be concentrating on the carton division. This division operates in the carton industry, specifically in the packaging part of the industry.......

Words: 4063 - Pages: 17

Premium Essay

Principles of Ethics for Internal Auditors

...Journal Article Review Kas Internal Auditing (ACC 4012) Article: Code of Ethics for Internal Auditors Harmonized with the International Standards for Internal Audit Summary In the article titled “Code of ethics for internal auditors harmonized with the international standards for internal audit” by George Calota was published in 2008. The article was written to explain how Code of Ethics influences the roles of internal auditors when unified with the International Standards for Internal Audit. This study was carried out to allow both internal and external auditors, private and public business owners with an audit board, within their working environment to be aware of how an internal auditor is supposed to carry out their job and the polices which they should follow. The author’s main focus was on The Josephson American Ethics Institute ethical principles, Romania’s personal ethical principles and its similarities to the fundamental principles of the code of ethics and most of all, how the fundament principles of ethics and professional behaviors for internal auditors are harmonized with the international standards for auditing (Integrity, objectivity, confidentiality and competence). The author seemed to be highly qualified to tackle this particular issue. He is an experienced internal auditor, who has worked with the Ministry of Economy and Finance and also The Central unit for harmonizing the internal audit from Romania. Issues In the article, the author made......

Words: 762 - Pages: 4

Premium Essay

Internal Audit Paper

...Internal Audit – IT Audit Intern We are a specialty retailer offering the very best of what’s next in fashion for men, women and children since 1901. JOIN US WHERE IT ALL BEGAN. Whether you design clothes or business strategies, crunch numbers, lead projects or write code, we have a place for you at our Seattle headquarters. And we think Seattle is a pretty great place to live. More than just rainy days and coffee, Seattle has it all — mountains and beaches, arts and parks, music and film. It's made up of quirky neighborhoods, award-winning restaurants, and thriving industry. Come see for yourself! A day in the life… The ideal internal audit principal is motivated, results-oriented and committed to providing outstanding customer service every day. Responsibilities * Assist the lead auditor with documenting and testing various IT General, Security, Operational and Change Management Controls for Sarbanes-Oxley compliance. * Identify, develop, and document detailed audit observations and recommendations for improvement using independent judgment concerning the control being reviewed * Communicate with control owners across the IT groups to accomplish testing You own this if you have… * Current graduate student or Bachelor of an accredited degree program with concentration in Accounting and/or Management Information Systems/ Information Security * Working knowledge or course work covering the proper application of internal auditing,......

Words: 375 - Pages: 2

Premium Essay

Internal Audit

...Internal Audit Guidebook Providing a framework for understanding and delivering Grant Thornton’s Internal Audit Services in a consistent, high-quality way 2012 Internal audit guidebook 1 Contents Page Introduction 2 Common service delivery methodology 6 Determine client needs 8 Scope and arrange work 10 Plan 13 Analyze and assess 20 Report and recommend 28 Implement 32 Evaluate 33 Determine business and technology context 36 Manage engagement performance, quality and risk 38 Communicate and enable change 40 Appendix 42 Internal audit engagement checklist 43 © Grant Thornton LLP. All rights reserved. Updated August 1, 2012 Internal audit guidebook 2 Introduction What is internal audit? The Institute of Internal Auditors (IIA) defines internal auditing as: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. (1010) An internal audit objectively assesses the management of risks that a company faces. (2100 series) The aim is to • understand the current state, • assess the current state using appropriate standards and criteria, and • develop findings and......

Words: 15851 - Pages: 64

Premium Essay

Internal Audit

...Chapter 1 Internal audit is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It help an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management control, and government processes. Objective- what an organization wants to achieve. Strategy- how management plans to achieve to organization’s objective. 4 types of objectives -Strategic objectives: value creation choices management makes on behalf of the organization’s stakeholders. -Operations objectives: effectiveness of and efficiency of the organization’s operations. -Reporting objectives: reliability of internal and external reporting of financial and nonfinancial information -Compliance objectives: adherence to applicable laws and regulations Governance is the process conducted by the board of directors to authorize, direct, and oversee management toward the achievement of the organization’s objectives. Risk management is the process conducted by management to understand and deal with uncertainties that could affect the organization’s ability to achieve its objectives. Control is the process conducted by management to mitigate risks to acceptable levels. Independence is the freedom from conditions that threaten objectivity or the appearance of objectivity. Objectivity is an unbiased mental attitude that allows internal auditors to......

Words: 989 - Pages: 4

Premium Essay

Internal Audit

...attracting and retaining skilled employees. Internal audit is no different. The numerous career options available to new entrants and the seasoned audit practitioner make it imperative for audit managers to continually re-evaluate their approaches to ensure that the internal audit department is adequately staffed both in terms of numbers as well as skill sets to discharge its functions effectively. The IIA Attribute Standards / and Performance Standards are very clear and definitive on this: i) Attribute Standard 1210 - Proficiency Internal auditors should possess the knowledge, skills and other competencies needed to perform their individual responsibilities. The internal audit activity collectively should possess or obtain the knowledge, skills and other competencies needed to perform its responsibilities. ii) Performance Standard 2030 - Resource Management The Chief Audit Executive should ensure that internal audit resources are appropriate, sufficient and effectively deployed to achieve the approved plan. Professionalism Internal auditing is grounded in professionalism and efficiency. Today's internal auditors are a far cry from the 'fault finders' or 'policeman' role that the profession has long been associated with. Modern day internal auditors are routinely consulted on all aspects of the organisation's activities from strategic planning issues to the standard day-to-day operational issues relating to the risk environment and internal control framework. They are......

Words: 2392 - Pages: 10

Premium Essay

Internal Audit

...Internal Control Topic List 1. What is internal control? 2. Components of internal control 3. Information about controls Learning outcomes On completion of this section you should be able to: • State the reasons for organisations having effective systems of controls • Identify factors which contribute to an effective control environment • Identify the components of internal control in both manual and IT environments • Identify types of control activity • Distinguish between general controls and application controls • Identify inherent limitations of a system of internal controls • Specify the composition of an audit committee Internal Control [pic] Internal control: ‘The process designed, implemented and maintained by those charged with governance*, management, and other personnel to provide reasonable assurance about the achievement of an entity’s objectives with regard to:- • Effectiveness and efficiency of operations • Reliability of financial reporting, • Compliance with applicable laws and regulations. The term “controls” refers to any aspects of one or more of the components of internal control. A key audit question is: “How does management control the business?” *Usually directors - remember the difference between exec and non-exec Company Objectives • To ensure it correctly reports its financial position to shareholders • To ensure it operates effectively......

Words: 2434 - Pages: 10

Premium Essay

Internal Audit

...questions of immediate concern to all those who have a stake in enterprise success. Executive Summary Sound business decisions are based on timely, relevant and concise information. Specifically designed for time-pressed senior executives and managers, the COBIT Executive Summary explains COBIT’s key concepts and principles. Framework A successful organization is built on a solid framework of data and information. The Framework explains how IT processes deliver the information that the business needs to achieve its objectives. This delivery is controlled through 34 high-level control objectives, one for each IT process, contained in the four domains. The Framework identifies which of the seven information criteria (effectiveness, efficiency, confidentiality, integrity, availability, compliance and reliability), as well as which IT resources (people, applications, technology, facilities and data) are important for the IT processes to fully support the business objective. Audit Guidelines Analyze, assess, interpret, react, implement. To achieve your desired goals and objectives you must constantly and consistently audit your procedures. Audit Guidelines outlines and suggests actual activities to be performed corresponding to each of the 34 high-level IT control objectives, while substantiating the risk of control objectives not being met. Control Objectives The key to maintaining profitability in a technologically changing environment is how well you......

Words: 666 - Pages: 3

Premium Essay

Internal Audit Role

...Internal audit’s role in modern corporate governance Thought leadership series Risk and Advisory Services Internal audit’s role in modern corporate governance Recent events have highlighted the critical role of boards of directors in promoting good corporate governance. In particular, boards are being charged with ultimate responsibility for the effectiveness of their organisations’ internal control systems. An effective internal audit function plays a key role in assisting the board to discharge its governance responsibilities. Yet how does the board – and its audit committee – satisfy itself that internal audit is functioning effectively and efficiently? The board’s responsibility for internal controls Through working with a broad range of organisations in Hong Kong and internationally, KPMG has identified a number of best practices in relation to the role played by the board audit and/or risk management committees. s Recent events have highlighted the critical role of boards of directors in s s s s s s s Assessing the scope and effectiveness of the systems established by management to identify, assess, manage and monitor the various risks arising from the organisation’s activities. Ensuring senior management establishes and maintains adequate and effective internal controls. Satisfying itself that appropriate controls are in place for monitoring compliance with laws, regulations, supervisory requirements and relevant internal policies....

Words: 2896 - Pages: 12