SJ State Operational Auditing BT 852 October 12, 2006 Page 1 San Jose State University October 12, 2006 Internal Audit: A 2006 Perspective Lynn Falbo

Slides:



Advertisements
Similar presentations
COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)
Advertisements

Internal Control in a Financial Statement Audit
Getting to Know Internal Auditing
Lisanne Sison Director ERM Bickmore
Chapter 14 Fraud Risk Assessment.
Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems
Control and Accounting Information Systems
Information System Assurance Practices in China Key players doing IS Assurance In China Regulatory Regime and Professional Organizations -Regulatory AuthoritiesRegulatory.
Introduction to Enterprise Risk Management (ERM)
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
1 Continuous Auditing Implications: Rethinking the Roles of Systems of Internal Controls Presented by Rob Nehmer Berry College at the Fifth Continuous.
ProCognis SOX 404 & COSO Implementation Presentation
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Operational Auditing--Fall Operational Auditing Fall 2010 Professor Bill O’Brien.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
MIS350 Accounting Information Systems Course Context.
Operational Auditing--Spring Operational Auditing Spring 2010 Professor Bill O’Brien.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Quality evaluation and improvement for Internal Audit
Doğancan USTACAN Hasan KÜTÜKÜT Abdullah Cihan Küçük Sevil KUGU.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Euseden INTERNAL AUDIT & ASSURANCE SERVICES.
Central Piedmont Community College Internal Audit _____________________________ What to Expect When You Are Audited November 2014.
Lecture 8 Understanding entity and its environment
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
Information Systems Controls for System Reliability -Information Security-
Internal auditing for credit unions Nuala Comerford, Chair IIA Irish Region Committee Pamela McDonald Council Member IIA Credit Union Summer School Thursday,
Sapient Insurance Partners. Overview & Services We have almost four decades of combined experience in the property & casualty insurance and reinsurance.
SecureAware Building an Information Security Management System.
The Evergreen, Background, Methodology and IT Service Management Model
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.
GRC - Governance, Risk MANAGEMENT, and Compliance
INTERNAL CONTROL OVER FINANCIAL REPORTING
Chapter Three IT Risks and Controls.
Chapter 5 Internal Control over Financial Reporting
Page 1 Internal Audit Outsourcing The Moss Adams Approach to Internal Audit Outsourcing Proposed SOX 404 Changes.
CDS Operational Risk Management - October 28, 2005 Existing Methodologies for Operational Risk Mitigation - CDS’s ERM Program ACSDA Seminar - October 26.
Introduction In 1992, the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) published Internal Control-Integrated Framework (1992.
Internal Control in a Financial Statement Audit
© 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Differing Roles of Internal Auditor and Risk.
1 Efficient, Transparent and Strategic Management Presented by: Prof. Venansius Baryamureeba Acting Vice Chancellor, Makerere University, Kampala, UGANDA.
Risk Assessment in Estonia
The Connection between Risk Management and Internal Control in Organizations Mag. Norbert Wagner Budapest,
Chapter 6 Internal Control in a Financial Statement Audit Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution.
Banco Interamericano de Desarrollo The development of the Internal Auditing function to combat fraud and corruption Martin Guozden CP, CPA,
Chapter 9: Introduction to Internal Control Systems
Samantha Schreiner University of Illinois at Urbana- Champaign BA 559 – Professor Michael Shaw December 15 th, 2008 A Survey of IT Governance Through COBIT,
Developing a programme for the implementation of the 2008 SNA and supporting statistics Seminar on Developing a programme for the implementation of the.
Audit Evidence Process
Copyright © 2007 Pearson Education Canada 1 Chapter 11: Overall Audit Plan and Audit Program.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
Industrial safety 0. Highlights Communication Management Evaluation Investigation Practice/implementation Development 1.
Enterprise Risk Management in the Construction Industry
Internal Control. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition A process...designed.
Internal Audit Quality Assessment Auditoria de Calidad
Internal Control in a Financial Statement Audit
Alia Al-Nujaidi
Internal Audit & Enterprise Risk Management
Building the Foundation of Compliance
Building the Foundation of Compliance
COSO Internal Control s Framework
Adding Value Across the Board
USE OF PEMPAL KNOWLEDGE PRODUCTS
Presentation transcript:

SJ State Operational Auditing BT 852 October 12, 2006 Page 1 San Jose State University October 12, 2006 Internal Audit: A 2006 Perspective Lynn Falbo

SJ State Operational Auditing BT 852 October 12, 2006 Page 2 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

SJ State Operational Auditing BT 852 October 12, 2006 Page 3 “Audit” Evolution” “Audit Generations” 1.Control-Based Auditing 2.Process-Based Auditing 3.Risk-Based Auditing 4.Risk-Management Based Auditing Merging / integration of Financial, Operational, IT focus

SJ State Operational Auditing BT 852 October 12, 2006 Page 4 Audit "Generation": One TwoThreeFour Control-Based Process-BasedRisk-BasedRisk Mgmt-Based Objective: Compliance with underlying guidelines Effectiveness and efficiency of a process Effectiveness of controls and procedures to mitigate key risks Effectiveness of risk management activities to achieve objectives and optimize/mitigate risks Approach: Understand guidelines and audit for compliance Compare current process to best practices Identify key business risks and evaluate controls to mitigate the risks Understand objectives, identify related risks, understand tolerance levels, identify performance and risk measures, and assess risk management effectiveness Focus: Identify compliance exceptions and errors Identify gaps between the current process and best practices Identify controls and procedures that are not operating as needed to mitigate the key risks Identify gaps between current and desired risk management effectiveness Testing Approach: Statistical based predictive and substantive tests, with some compliance tests Consulting focused evaluation of current and best practices, with some compliance tests Combination of substantive and compliance tests, focusing only on key risks Combination of substantive and compliance tests, focusing only on key objectives and the related risks Recommendations: Relate exceptions or errors to the relevant guidelines Relate gaps to specific operational objectives Relate exceptions or errors to key risks Relate gaps in risk management effectiveness to underlying risks and key business objectives Audit Generations

SJ State Operational Auditing BT 852 October 12, 2006 Page 5 Knowledge about ideal situations Comparison Analysis of Documents Interviews Questionnaires Actual Key Data Structure Processes Interfaces etc. Recommendations constructive future-oriented feasible improving processes and profits Ideal (Better) Strategy Business Policy Law, guidelines State of the Art Customer Surveys etc. Audit Process Methodology are the keys for improvements Understanding the actual status Introduction

SJ State Operational Auditing BT 852 October 12, 2006 Page 6 “Audit” Evolution” – Questions Introduction What Generation is represented by previous slide “Audit Process Methodology” model? What Generation best represents the focus of SOX (COSO Internal Control Framework)? What Generation best describes the methodology you were taught? What Generation is predominant in industry today?

SJ State Operational Auditing BT 852 October 12, 2006 Page 7 COSO Internal Control Framework

SJ State Operational Auditing BT 852 October 12, 2006 Page 8 COSO / Cobit Internal Control Framework

SJ State Operational Auditing BT 852 October 12, 2006 Page 9 COSO ERM (Enterprise Risk Management) Framework

SJ State Operational Auditing BT 852 October 12, 2006 Page 10

SJ State Operational Auditing BT 852 October 12, 2006 Page 11 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

SJ State Operational Auditing BT 852 October 12, 2006 Page 12 Working for Multi-national companies Unique challenges Culture Management style Philosophy “Global” business model Diversity Organization

SJ State Operational Auditing BT 852 October 12, 2006 Page 13 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

SJ State Operational Auditing BT 852 October 12, 2006 Page 14 Career Opportunities Audit Accounting / Finance SOX Compliance Other…..

SJ State Operational Auditing BT 852 October 12, 2006 Page 15 Career Opportunities Auditor for a Day –Exposure to the audit profession –Site visit at local companies –Attendance at the IIA meeting

SJ State Operational Auditing BT 852 October 12, 2006 Page 16 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.