Office of Internal Audits

Slides:



Advertisements
Similar presentations
Internal Control–Integrated Framework
Advertisements

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The CPA Profession Chapter 2.
Effective Internal Control, Establishing an Internal Audit Function, and Compliance Plans 2014 Governmental Accounting For Local Public Health September.
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
QUALITY ASSURANCE AND IMPROVEMENT PROGRAM (QAIP)
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
IS Audit Function Knowledge
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Professional Ethics. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 3-2 Steps in Resolving an Ethical Dilemma Identify.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Quality evaluation and improvement for Internal Audit
Office of Inspector General (OIG) Internal Audit
Internal Audits, Governmental Audits, and Fraud Examinations
The CPA Profession Chapter 2.
SAFA- IFAC Regional SMP Forum
Purpose of the Standards
Control environment and control activities. Day II Session III and IV.
Internal Auditing and Outsourcing
DAA and GEP Orlando Audit & Compliance or Audit vs. Compliance.
Central Piedmont Community College Internal Audit.
D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.
Internal Audit Role in Order to Develop an Ethical Corporate Culture as a Competitiveness Factor A.I.I.A. - Internal Auditing body Università degli Studi.
The CPA Profession Chapter 2 By Arens et. al. Learning Objective 1 Describe the nature of CPA firms, what they do, and their structure.
Transitioning to the COSO 2013 Update.  Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992.
UNM and Health System Internal Audit Departments Internal Audit Department Orientation Manu Patel, Internal Audit Director Purvi Mody, Executive Director,
Internal controls. Session objectives Define Internal Controls To understand components of Internal Controls, control environment and types of controls.
Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.
Introduction In 1992, the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) published Internal Control-Integrated Framework (1992.
Internal Control in a Financial Statement Audit
Introduction to Auditing. Introduction The role of audits is critical in the business environment of the early twenty-first century. Important decisions.
5-1 McGraw-Hill/Irwin ©2007 by the McGraw-Hill Companies, Inc. All rights reserved. Chapter 5 Internal Control Evaluation: Assessing Control Risk.
Practice Management Quality Control
Copyright © 2007 Pearson Education Canada 1 Chapter 1: The Demand for Auditing and Assurance Services.
1 Internal Audit. 2 Definition Is an independent activity established by management to examine and evaluate the organization’s risk management processes.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
S5: Internal controls. What is Internal Control Internal control is a process Internal control is a process Internal control is effected by people Internal.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
Internal Audit Quality Assessment Guide
Internal Audit FINANCE LEARNING FORUM ICF Diakonia Centre April 23, 2015.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
SOU Internal Auditing By Ryan Schnobrich, C. P. A
Office of Inspector General (OIG) Internal Audit
The CPA Profession Chapter 2.
Hans Nieuwlands CIA CGAP CCSA CEO IIA Netherlands
Getting to Know Internal Auditing
Internal Control in a Financial Statement Audit
How to Survive an External Quality Assessment
Getting to Know Internal Auditing
Understanding the Principles and Their Effect on the Audit
Getting to Know Internal Auditing
Internal and Governmental Financial Auditing and Operational Auditing
Service Organization Control (SOC)
PEM PAL IA COP Internal Control Working Group COSO Principles
A Framework for Control
. . . key messages for CAEs, Senior Management and the Board
Following Up on Internal Audit Reports Workshop on IIA Standard 2500
COSO Internal Control s Framework
Internal control - the IA perspective
Getting to Know Internal Auditing
2017 Administration and Finance Conference
SOU Internal Auditing By Ryan Schnobrich, C. P. A
Internal Controls Policies and Procedures
Internal Audit Ahmad Tariq Bhatti Dubai, United Arab Emirates
Taking the STANDARDS Seriously
An overview of Internal Controls Structure & Mechanism
SOU Internal Auditing By Ryan Schnobrich, CPA, CIA Slides available on
Presentation transcript:

Office of Internal Audits Khalil M. Abdullah CPA, CIA, CGAP, MACC

Office of Internal Audit Staff Mr. Khalil Abdullah Certified Internal Auditor (CIA); Certified Public Accountant (CPA); Certified Government Auditing Professional (CGAP) Mr. Jose Luis Silva Certified Government Auditing Professional (CGAP); Certified Fraud Examiner (CFE)

Why is it important to have an Internal Audit Function? Internal Audit functions are considered to be a valuable element of management control, which provides assurance to the audit committee and management. Medium and large companies, banks, and other financial institutions with major fiduciary responsibilities are required to have an internal audit function. As an organization grows it becomes more challenging to conduct frequent and economical first-hand monitoring of controls by management.

Benefits of Internal Audit Identifies redundancies in operational and control procedures and provides recommendations to improve the efficiency and effectiveness of procedures; Serves as an early warning system, enabling deficiencies to be identified and remediated on a timely basis (e.g. prior to external, regulatory or compliance audits); Internal audits make the organization process-dependent rather than person-dependent; Ultimately increases accountability within the organization

The International Professional Practices Framework (IPPF) Includes the following: Definition of Internal Auditing Code of Ethics International Standards for the profession Position Papers Practice Advisories Practice Guides Integrity – ensuring that as auditors we act with integrity which in turn will help build trust in the organization that we serve Objectivity – auditors should exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information and make a balance assessment of all relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments. Competency – auditors need to apply knowledge, skills, and experience needed in the performance of internal audit services; Confidentiality – respect the value and ownership of information and not disclose information without appropriate authorization (unless legally or professionally required)

The IIA definition of Internal Auditing Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Independence & Objectivity 1110 – Organizational Independence – the CAE must report to a level within the organization that allows the internal audit activity to fulfill its responsibilities. The CAE must confirm to the board, at least annually, the organizational independence of the internal audit activity. Interpretation: Organizational Independence is effectively achieved when the CAE reports functionally to the board. 1120 – Individual Objectivity – Internal auditors must have an impartial, unbiased attitude and avoid any conflicts of interest.

Internal Audit vs. External Audit IIA Standards Employed by the organization (though independent of the activities they audit). Diverse background and skill set. Test controls at a significantly lower level of materiality than do external auditors. Broad Focus Organizational efficiencies & effectiveness; Compliance with laws & policies; Organizational objectives; AICPA Standards Hired by the organization to provide a specific service. Primarily accounting background Narrow Focus (i.e. accurate financial statements)

Internal Audit vs. Compliance Compliance Function Independent of management Evaluates the control structure Evaluates the internal control environment as to its adequacy, efficiency, and effectiveness. A component of management Part of the control structure Ensures that the College complies with applicable laws, rule and regulations, as well as internal codes of conduct, policies and procedures.

What kind of work does Internal Audits do? Audits (Assurance Activities) – Examinations of audit evidence for the purpose of providing an independent assessment. Audit types include: Operational Audit – is a review of an organization’s usage of resources to ensure those resources are being utilized as efficiently and effectively as possible to accomplish a mission and goal. Compliance Audit – is performed to determine if an organization or program is operating in accordance with policies, procedures, laws & regulations. Financial Audit – Most commonly known form of audit and refers to the systematic review of a company’s financial reporting to ensure all information is valid and conforms to GAAP Standards. Investigative Audit – are typically asked for when there is an assumed violation of rules, regulations, or law. The overall goal of an audit is to evaluate the adequacy and effectiveness of the areas’ internal control environment and/or compliance with applicable polices, procedures, regulations. And also to make recommendations, if necessary to improve the effectiveness and efficiency of the areas internal controls.

What kind of work does Internal Audits do? Consulting (Advisory activities) – Are generally performed at the specific request of an engagement client. The nature and scope of the consulting engagement are subject to agreement with the engagement client. When performing consulting services, the internal auditor should maintain objectivity and NOT assume management responsibility. Assist on special projects; Provide feedback or advise on internal controls and risks; Investigate fraud or other allegations Management requests

COSO A voluntary private sector initiative dedicated to improving organizational performance and governance through effective internal control; enterprise risk management; and fraud deterrence. It is comprised of the following 5 sponsoring organizations: American Institute of Certified Public Accountants (AICPA); The Institute of Internal Auditors (IIA); American Accounting Association (AAA); Institute of Management Accountants (IMA); Financial Executives International (FEI) COSO is recognized as a leading framework for designing, implementing, and conducting internal control and assessing the effectiveness of internal control.

COSO definition of Internal Control Internal control - A process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance of the achievement of objectives in the following categories: Effectiveness and efficiency of operations; Reliability of financial reporting; Compliance with applicable laws and regulations” In an “effective” internal control system, there are 5 components working to support the achievement of an entity’s mission, strategies, and related business objectives. The Office of Internal Audits website has information on the mission of Internal Audits as well as additional information on the audit process. The easiest way to access the website is to click on the a-z index button at the top of the STC home page, find the “I” section and click on “Internal Audits.”

Components of Internal Control A direct relationship exists between objectives (e.g. operations, reporting, and compliance), which are what an organization strives to achieve, components, which represent what is required to achieve the objectives, and the organizational structure of the entity. Control Environment: 1) The organization demonstrates a commitment to integrity and ethical values; 2) The organization holds individuals accountable for their internal control responsibilities in the pursuit of objectives Risk Assessment: 3) The organization specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives; 4) The organization identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed Control Activities: 5) The organization deploys control activities through policies that establish what is expected and procedures that put policies into action Information & Communication: 6) The organization communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control 7) The organization communicates with external parties regarding matters affecting the functioning of internal control Monitoring: 8) The organization selects, develops, and performs ongoing and/or separare evaluations to ascertain whether the components of internal control are present and functioning 9) Deficiencies in internal control are communicated in a timely manner to those parties responsible for taking corrective action, including senior management and the board of trustees as appropriate.

Audit Plan Development Flowchart

Audit Project Cycle Flowchart

Three Lines of Defense 1st line of defense – Mgmt. controls and Internal control measures; 2nd line of defense – Financial Control, Security, Risk Management, Quality, Inspection, Compliance; 3rd line of defense – Internal Audit

Office of Internal Audits Website http://admin.southtexascollege.edu/audits/index.html

Works Cited IIA Position Paper: The Three Lines of Defense in Effective Risk Management and Control January 2013 p. 2 COSO 2013 Internal Control Framework International Professional Practices Framework (IPPF)