Operational Auditing--Fall 20095-1 Today’s Session n BPO selection n Engagement planning n Emphasis on risk related testing.

Slides:



Advertisements
Similar presentations
Copyright The Info-Tech Research Group Inc. All Rights Reserved. D1-1 by James M. Dutcher Strategic IT Planning & Governance Creation H I G H.
Advertisements

Program Management Office (PMO) Design
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
Planning the Audit/Assessing Risks and Response to Risks 2222 Presented by s Mrs Marie Louise Teng Hing Voon, FCA Partner BDO Mauritius Member of Audit.
Operational Auditing--Fall Audit Preparation n Establish obj. & scope n KTT--Gather background info n Select resources n Contact auditee n Prepare.
Operational Auditing--Fall Audit Priority Factors 4 Last audit 4 $ exposure 4 Risk 4 Management requests 4 Operational changes 4 Opportunity for.
Operational Auditing--Spring Audit Preparation n Establish obj. & scope n KTT--Gather background info n Select resources n Contact auditee n Prepare.
Operational Auditing--Fall Establishing an I/A Function 4 Reporting structure 4 Mission statement 4 Objectives 4 Methodology & Operations.
Operational Auditing--Fall Audit Preparation 4 Establish obj. & scope 4 KTT--Gather background info 4 Select resources 4 Contact auditee 4 Prepare.
Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
Operational Auditing--Spring Operational Auditing Spring 2011 Professor Bill O’Brien.
Operational Auditing--Spring Operational Auditing Spring 2010 Professor Bill O’Brien.
Risk-Focused Examinations David Vacca, Assistant Director – Insurance Analysis & Information Services, NAIC Welcome to the © 2009 The National Association.
Operational Auditing--Fall Preliminary Survey n Opening conference n Agenda n Tone & teamwork n On-site tour--MBWA n Document study n BPO analysis—O’Brien.
The Information Systems Audit Process
Operational Auditing--Spring 2000 (3/2) 1 Audit Priority Factors 4 Last audit 4 $ exposure 4 Risk 4 Management requests 4 Operational changes 4 Opportunity.
Operational Auditing--Fall Audit Preparation 4 Establish obj. & scope 4 KTT--Gather background info 4 Select resources 4 Contact auditee 4 Prepare.
Operational Auditing--Fall Audit Finding Components n Condition n Criteria/Standard n Effect: Relate to 5 Control Objs. n Cause n Recommendation.
BIT-224 Audit Muhammad Khurshid Khan THE DEMAND FOR AUDITING Why do organizations request an audit? –Agency relationship Evidence supporting a demand.
Operational Auditing--Spring Audit Preparation  Establish obj. & scope  KTT--Gather background info  Select resources  Contact auditee  Prepare.
Purpose of the Standards
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session Internal Control and Risk Assessment.
Top Tactics for Maximizing GMP Compliance in Blue Mountain RAM Jake Jacanin, Regional Sales Manager September 18, 2013.
Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.
Conducting the IT Audit
Information Technology Audit
Internal Auditing and Outsourcing
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.
D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.
Audit objectives, Planning The Audit
Planning an Audit The Audit Process consists of the following phases:
From risk to planning Making the bridge from risks to audit plans Richard Maggs Astana September 2014.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Materiality and Risk Chapter 9.
Internal controls. Session objectives Define Internal Controls To understand components of Internal Controls, control environment and types of controls.
Internal Control in a Financial Statement Audit
Understanding Audit Risk Assessment
NO FRAUD LEFT BEHIND The Effect of New Risk Assessment Auditing Standards on Schools Runyon Kersteen Ouellette.
Audit Risk. "Audit risk" means the risk that the auditor gives an inappropriate audit opinion when the financial statements are materially misstated Audit.
Internal Control in a Financial Statement Audit
SAS Update GFOA Western Pa – January 2008 Presented by Rob Lent, CPA, CGFM.
Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.
The views expressed in this presentation do not necessarily reflect those of the Federal Reserve Bank of New York or the Federal Reserve System Association.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Audit Planning and Types of Audit Tests Chapter Five.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 5-1 Chapter Five Audit Planning and Types of Audit Tests Chapter.
The Audit as a Management Tool Vermont State Auditor’s Office – April 2009.
Audit Planning Process
©2000 Bank for International Settlements 1 F I N A N C I A L S T A B I L I T Y I N S T I T U T E BANK FOR INTERNATIONAL SETTLEMENTS On-site Examination.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
IT Risks and Controls Revised on Content Internal Control  What is internal control?  Objectives of internal controls  Types of internal controls.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Statement of Auditing Standard No. 94 The Effect of Information Technology on the Auditor’s Consideration of Internal Control in a Financial Statement.
Project Management Processes for a Project Chapter 3 PMBOK® Fourth Edition.
Internal Controls For Municipalities Vermont State Auditor’s Office – August 2008.
ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.
Belgian Technical Cooperation Internal audit presentation.
Developing an Audit Program By Rodney Kocot President Systems Control and Security Incorporated Copyright © 2005 Rodney Kocot.
Governance, risk and ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
ACCA/PAB/ICAJ/ICAC Practice Monitoring Reviews OVERVIEW OF FINDINGS 19 July 2014.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
International Safety Rating System
and Types of Audit Tests
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Strategic Information Initiatives
Question 4-1 Which of the following statements concerning noncompliance by clients is correct?    A.  An auditor's responsibility to detect noncompliance.
Understanding the Principles and Their Effect on the Audit
Planning for IT Audit Session 4.
Project Management Group
Presentation transcript:

Operational Auditing--Fall Today’s Session n BPO selection n Engagement planning n Emphasis on risk related testing

Operational Auditing--Fall BPO Selection n 6 R’s n General methodology n Resource planning

Operational Auditing--Fall Selecting an Auditee “The 6 R’s” n Risk n Resources n Reward n Requests n Requirements n Revisions in operations or mgt.

Operational Auditing--Fall Method of Selection n Set selection strategy n Identify potential BPOs n Rank by risk n Choose entities

Operational Auditing--Fall Sample Selection Strategies n Location n Financial exposure n Operational complexity n Staffing n Mgt. Interest n Functional type n Process type n Decision center

Operational Auditing--Fall Risk Factors n Quality of control system n Mgt. Competence n Mgt. Integrity n Size & liquidity of assets n System changes n Complexity n Personnel changes n Economic performance n Growth rate n Systems use A bit of chicken and the egg, here!

Operational Auditing--Fall Risk Factors, cont. n Time since last audit n Performance pressure n Government regulation n Employee morale n Politics & publicity n Geographic location n External audit plans

Operational Auditing--Fall Risk Analysis Methodology n Select top 5 risk factors n ID risk on scale of 1 to 5 n Total the risk score n Rank in order of risk

Operational Auditing--Fall Project Prioritization & Selection n Rank by risk n Rank by hours n Compare to resources n Re-prioritize as necessary

Operational Auditing--Fall Audit Planning n Establish purpose, objective & scope n KTT--Gather background info n Understand the BPO n Assess risk and related control n Identify and assess potential risks n Identify key controls n Prepare preliminary program that addresses risks and controls n Select resources n Report planning n Contact BPO n Logistics approval

Operational Auditing--Fall Type of Engagement n Financial n Control n Information technology n Compliance n Operations n All or any of the above

Operational Auditing--Fall Nature of Objectives n Purpose of the engagement n Recall the 6 R’s

Operational Auditing--Fall Scope n Degree of coverage n Scope can be based on: n Adequacy of controls n Effectiveness of controls n Quality of performance

Operational Auditing--Fall Understanding the BPO n Know the BPO’s processes n Flow charting n Review routine reports n Identify relevant metrics n Potential for fraud n Quickly analyze the processes before assessing risk n Consider the “O’Brien 7”

Operational Auditing--Fall BPO Analysis—the O’Brien 7 n Mission statement n Objectives and goals n Organization chart n Management recap n Major processes n Resources n Constraints

Operational Auditing--Fall BPO Process Review n Identify the processes n Identify the process objectives or desired outcomes n Identify the related risks n Identify the controls mitigating the risks* n Identify the exception reporting process* n Ensure that overall monitoring of the process exists* *Test these items!

Operational Auditing--Fall Risk and Related Controls n Brainstorm nature and nature of risk n Risk = anything that gets in the way of the BPO’s objectives n Risk of likelihood: RL n Risk of impact: RI n Ascertain any related controls n Design testing based on the results n See pps thru Low, medium or high

Operational Auditing--Fall Resources n Business skills n Assurance skills n Language/cultural skills n Technical skills n Consider SME’s and virtual BPP’s

Operational Auditing--Fall Program Preparation n General segments—see sample workpapers on web site n Audit preparation n Initial survey n Systems review n Detailed operations review (TBD) n Reporting issues n Wrap-up procedures n Use Risk  Control  Testing approach

Operational Auditing--Fall Expected Outcomes and Reporting n Anticipate findings n Financial misstatements n Control weaknesses n BPO objective issues n Inefficiencies n Compliance failure n Type of report n Report distribution