PEM PAL IA COP Audit in Practice Working Group Human Capital Case

Slides:



Advertisements
Similar presentations
Progress on Risk Assessment......continued Ms. Albana Gjinopulli, MPA Mr. Stanislav Buchkov.
Advertisements

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
QUALITY ASSURANCE AND IMPROVEMENT PROGRAM (QAIP)
Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.
Auditor Performance Framework Peter Crookes, Scheme Audit and Assurance.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Quality evaluation and improvement for Internal Audit
The Information Systems Audit Process
Planning the Audit EPA Regions 9 & 10 and The Federal Network for Sustainability 2005.
Systemise your compliance management Peter Scott Consulting
Audit Programme. Audit Assertions  As part of the planning stage, auditors need to prepare audit tests to test the account areas.  To assist the auditors.
Control environment and control activities. Day II Session III and IV.
INTERNAL AUDIT IN UKRAINE State Financial Inspection of Ukraine
Improving Corporate Governance in Malaysian Capital Markets – The Role of the Audit Committee Role of the Audit Committee in Assessing Audit Quality.
1 INTERNAL AUDIT MANUAL Doroteya Manolova Head of CHUIA Ministry of Finance Republic of Bulgaria PEM-PAL IA COP IA Manual Working Session June,
ໂດຍ: ວິສອນ ໄຊສົງຄາມ ກົມຄຸ້ມຄອງສະຖາບັນການເງິນ, ທະນາຄານແຫ່ງ ສປປ ລາວ
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Acquisition and Assistance Management Review Entrance Briefing Name of office reviewed Date of Review.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Section 404 Audits of Internal Control and Control Risk Chapter.
Working Group on Quality Assurance Plans for the future Bucharest, 1 December 2014.
Steps in the Transition to an Impact- Focused Audit Function Modifying Procedures, Audit Practices, and Reports to Address Risk Gert van der Linde, World.
PIC EU-28 Conference Paris, 26 – 27 November 2015 PIC An EU Approach Assurance Maps An Introductory workshop Nathan Paget United Kingdom.
F8: Audit and Assurance. 2 Audit and Assurance Designed to give you knowledge and application of: Section A: Audit Framework and Regulation Section B:
©©2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley Considering Internal Control Chapter 10.
Collaboration Process 1. IC Objectives and Risk Tolerances Define, document, and implement top-down internal control objectives and risk tolerances: 
Developing an Audit Program By Rodney Kocot President Systems Control and Security Incorporated Copyright © 2005 Rodney Kocot.
Working Group on Quality Assurance Short overview of the results achieved so far and introduction to the objectives of the workshop Bucharest, 30 November.
Outcomes of the FMC review Vania Tomeva, PIFC consultant July 2013, Tbilisi 1.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Module 6: Business Application Software Audit Chapter 1: Business Application Software Audit 1.
Governance, Risk and Ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
Audit Committee 1 June 2005 Overview of the Audit Function in the Council and Role of Audit Committee.
Jean-Pierre Garitte Budapest 29 March 2017
Accountability & Structured Privacy Management
Internal Control in a Financial Statement Audit
Identity and Access Management
ISO/IEC
How to Survive an External Quality Assessment
Understanding the Principles and Their Effect on the Audit
Jean-Pierre Garitte Moscow 18 October 2016
The following training presentation is for all employees and is taken upon joining the company team. Quality Management System (QMS) Training Proprietary.
Professional Standards
Self Identified Issues
PEM PAL IA COP Internal Control Working Group COSO Principles
Internal Control Integrated Framework
DNV experiences and viewpoints
A Framework for Control
Building the Foundation of Compliance
PEM PAL IA COP AiP Working Group Guidance to Audit Engagement Planning
Building the Foundation of Compliance
Internal control - the IA perspective
Survey Readiness RIDEOUT HEALTH Kimberly Black
PEM PAL IA COP AiP Working Group The ISPPIA on Planning
WHAT TO EXPECT: A CROWN CORPORATION’S GUIDE TO A SPECIAL EXAMINATION
PEM PAL IA COP AiP Working Group Hospital Audit Planning
Taking the STANDARDS Seriously
Internal Audit Who? What? When? How? Why? In brief . . .
“GOVERNMENTAL EXTERNAL TAX AUDIT”
INTERNAL CONTROLS AND THE ASSESSMENT OF CONTROL RISK
An overview of Internal Controls Structure & Mechanism
Jean-Pierre Garitte Skopje 8 April 2019
REPUBLIC OF SOUTH AFRICA (RSA) APPROACH TO THE COSO COMPONENTS 2 & 3 AND THE 3 LINES OF DEFENCE (COMBINED ASSURANCE) Presenter: Pulane Mkhize | National.
Costanza Schivi - 9 April 2019
PEM PAL IA COP Audit in Practice Working Group Hospital Case
Good practices for risk assessment and control activities
Definition IPPF Audit Standard 2120 – Risk Management
Presentation transcript:

PEM PAL IA COP Audit in Practice Working Group Human Capital Case Jean-Pierre Garitte Skopje 8 April 2019

Human Capital case From the scenario provided we have identified a number of business objectives: Obtain the best resources in an as short as possible timeframe (government perspective) Run the recruitment process in an efficient, cost-effective, correct and transparent way (provider perspective) Based on the business objectives internal audit can define his/her audit objectives.

Audit objectives (1) From the business objective: Run the recruitment process in an efficient, cost-effective, correct and transparent way We define our audit objectives: To assure that the recruitment occurs in an efficient, cost-effective, correct and transparent way

Audit objectives (2) Audit objective: To assure that the recruitment occurs in an efficient, cost-effective, correct and transparent way. This audit objective can be broken down in several sub-objectives: To assure that the needs of the ministries are well captured and translated into correct recruitment criteria. To assure that the laws and regulations on privacy are respected. To assure that applicants are notified in a timely manner about the status of their application. To achieve the various audit objectives the auditor needs to assess the controls in the processes involved.

Processes in scope for audit Development of vacancy notice Handling of incoming mails Handling of incoming applications Procedure of exam test Interview process

Reference frameworks COSO internal control framework Internal procedures (government) Internal procedures (provider) Privacy regulations Quality handbook

Skills and expertise needed Data analytics

Inherent risks to the various processes Incorrect understanding of ministries’ needs No timely feedback to declined candidates Applications lost in mail Good candidates found already a job Leakage of tests Bad publicity in press Incorrect documents submitted remain undetected Interviews not objective Ranking of candidates is ‘arranged’ No respect of privacy

Expected mitigating controls (1) Incorrect understanding of ministries’ needs Standard template for identification of needs Feedback from ministry once template has been completed

Expected mitigating controls (2) No timely feedback to declined candidates Approved deadlines for providing feedback Tracking system for status of application Automatic flagging of overdues Proper supervision

Expected mitigating controls (3) Applications lost in mail Registration of all incoming mails Applications coded according to vacancy Only applications to dedicated email address

Expected mitigating controls (4) Good candidates found already a job Approved deadlines for providing feedback Tracking system for status of application Automatic flagging of overdues Proper supervision

Expected mitigating controls (5) Leakage of tests Tests are developed and kept in a secure environment Tests can only be accessed on a need-to-know basis Compilation of tests can be done at the very last moment

Expected mitigating controls (6) Bad publicity in press This risk can only be managed by mitigating the other risks that may lead to bad publicity.

Expected mitigating controls (7) Incorrect documents submitted remain undetected Have a system in place that easily compares standard documents Have a black list of earlier falsified documents

Expected mitigating controls (8) Interviews not objective Members of the interview team should be selected on the basis of specific knowledge and skills Usage of a standard script for interviews Scoring mechanism to be applied by the interview team Having an independent observer attending the interview

Expected mitigating controls (9) Ranking of candidates is ‘arranged’ Ranking of candidates occurs according to their results Having an independent observer monitor the ranking of candidates

Expected mitigating controls (10) No respect of privacy Privacy regulations have been integrated into internal procedures and into the entire recruitment process An individual has been identified to oversee compliance with regulations

Risk / control matrix

Questions & Answers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.