Presentation is loading. Please wait.

Presentation is loading. Please wait.

Office of Internal Audits

Published byGlenna Hadiman Modified over 6 years ago

Similar presentations

Presentation on theme: "Office of Internal Audits"— Presentation transcript:

1 Office of Internal Audits
Khalil M. Abdullah CPA, CIA, CGAP, MACC

2 Office of Internal Audit Staff
Mr. Khalil Abdullah Certified Internal Auditor (CIA); Certified Public Accountant (CPA); Certified Government Auditing Professional (CGAP) Mr. Jose Luis Silva Certified Government Auditing Professional (CGAP); Certified Fraud Examiner (CFE)

3 Why is it important to have an Internal Audit Function?
Internal Audit functions are considered to be a valuable element of management control, which provides assurance to the audit committee and management. Medium and large companies, banks, and other financial institutions with major fiduciary responsibilities are required to have an internal audit function. As an organization grows it becomes more challenging to conduct frequent and economical first-hand monitoring of controls by management.

4 Benefits of Internal Audit
Identifies redundancies in operational and control procedures and provides recommendations to improve the efficiency and effectiveness of procedures; Serves as an early warning system, enabling deficiencies to be identified and remediated on a timely basis (e.g. prior to external, regulatory or compliance audits); Internal audits make the organization process-dependent rather than person-dependent; Ultimately increases accountability within the organization

5 The International Professional Practices Framework (IPPF)
Includes the following: Definition of Internal Auditing Code of Ethics International Standards for the profession Position Papers Practice Advisories Practice Guides Integrity – ensuring that as auditors we act with integrity which in turn will help build trust in the organization that we serve Objectivity – auditors should exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information and make a balance assessment of all relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments. Competency – auditors need to apply knowledge, skills, and experience needed in the performance of internal audit services; Confidentiality – respect the value and ownership of information and not disclose information without appropriate authorization (unless legally or professionally required)

6 The IIA definition of Internal Auditing
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

7 Independence & Objectivity
1110 – Organizational Independence – the CAE must report to a level within the organization that allows the internal audit activity to fulfill its responsibilities. The CAE must confirm to the board, at least annually, the organizational independence of the internal audit activity. Interpretation: Organizational Independence is effectively achieved when the CAE reports functionally to the board. 1120 – Individual Objectivity – Internal auditors must have an impartial, unbiased attitude and avoid any conflicts of interest.

8 Internal Audit vs. External Audit
IIA Standards Employed by the organization (though independent of the activities they audit). Diverse background and skill set. Test controls at a significantly lower level of materiality than do external auditors. Broad Focus Organizational efficiencies & effectiveness; Compliance with laws & policies; Organizational objectives; AICPA Standards Hired by the organization to provide a specific service. Primarily accounting background Narrow Focus (i.e. accurate financial statements)

9 Internal Audit vs. Compliance
Compliance Function Independent of management Evaluates the control structure Evaluates the internal control environment as to its adequacy, efficiency, and effectiveness. A component of management Part of the control structure Ensures that the College complies with applicable laws, rule and regulations, as well as internal codes of conduct, policies and procedures.

10 What kind of work does Internal Audits do?
Audits (Assurance Activities) – Examinations of audit evidence for the purpose of providing an independent assessment. Audit types include: Operational Audit – is a review of an organization’s usage of resources to ensure those resources are being utilized as efficiently and effectively as possible to accomplish a mission and goal. Compliance Audit – is performed to determine if an organization or program is operating in accordance with policies, procedures, laws & regulations. Financial Audit – Most commonly known form of audit and refers to the systematic review of a company’s financial reporting to ensure all information is valid and conforms to GAAP Standards. Investigative Audit – are typically asked for when there is an assumed violation of rules, regulations, or law. The overall goal of an audit is to evaluate the adequacy and effectiveness of the areas’ internal control environment and/or compliance with applicable polices, procedures, regulations. And also to make recommendations, if necessary to improve the effectiveness and efficiency of the areas internal controls.

11 What kind of work does Internal Audits do?
Consulting (Advisory activities) – Are generally performed at the specific request of an engagement client. The nature and scope of the consulting engagement are subject to agreement with the engagement client. When performing consulting services, the internal auditor should maintain objectivity and NOT assume management responsibility. Assist on special projects; Provide feedback or advise on internal controls and risks; Investigate fraud or other allegations Management requests

12 COSO A voluntary private sector initiative dedicated to improving organizational performance and governance through effective internal control; enterprise risk management; and fraud deterrence. It is comprised of the following 5 sponsoring organizations: American Institute of Certified Public Accountants (AICPA); The Institute of Internal Auditors (IIA); American Accounting Association (AAA); Institute of Management Accountants (IMA); Financial Executives International (FEI) COSO is recognized as a leading framework for designing, implementing, and conducting internal control and assessing the effectiveness of internal control.

13 COSO definition of Internal Control
Internal control - A process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance of the achievement of objectives in the following categories: Effectiveness and efficiency of operations; Reliability of financial reporting; Compliance with applicable laws and regulations” In an “effective” internal control system, there are 5 components working to support the achievement of an entity’s mission, strategies, and related business objectives. The Office of Internal Audits website has information on the mission of Internal Audits as well as additional information on the audit process. The easiest way to access the website is to click on the a-z index button at the top of the STC home page, find the “I” section and click on “Internal Audits.”

14 Components of Internal Control
A direct relationship exists between objectives (e.g. operations, reporting, and compliance), which are what an organization strives to achieve, components, which represent what is required to achieve the objectives, and the organizational structure of the entity. Control Environment: 1) The organization demonstrates a commitment to integrity and ethical values; 2) The organization holds individuals accountable for their internal control responsibilities in the pursuit of objectives Risk Assessment: 3) The organization specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives; 4) The organization identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed Control Activities: 5) The organization deploys control activities through policies that establish what is expected and procedures that put policies into action Information & Communication: 6) The organization communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control 7) The organization communicates with external parties regarding matters affecting the functioning of internal control Monitoring: 8) The organization selects, develops, and performs ongoing and/or separare evaluations to ascertain whether the components of internal control are present and functioning 9) Deficiencies in internal control are communicated in a timely manner to those parties responsible for taking corrective action, including senior management and the board of trustees as appropriate.

15 Audit Plan Development Flowchart

16 Audit Project Cycle Flowchart

17 Three Lines of Defense 1st line of defense – Mgmt. controls and Internal control measures; 2nd line of defense – Financial Control, Security, Risk Management, Quality, Inspection, Compliance; 3rd line of defense – Internal Audit

18 Office of Internal Audits Website

19 Works Cited IIA Position Paper: The Three Lines of Defense in Effective Risk Management and Control January 2013 p. 2 COSO 2013 Internal Control Framework International Professional Practices Framework (IPPF)

Download ppt "Office of Internal Audits"

Similar presentations

Internal Control–Integrated Framework

Internal Control–Integrated Framework
PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 2 - 1 The CPA Profession Chapter 2.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The CPA Profession Chapter 2.
Effective Internal Control, Establishing an Internal Audit Function, and Compliance Plans 2014 Governmental Accounting For Local Public Health September.

Effective Internal Control, Establishing an Internal Audit Function, and Compliance Plans 2014 Governmental Accounting For Local Public Health September.
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
QUALITY ASSURANCE AND IMPROVEMENT PROGRAM (QAIP)

QUALITY ASSURANCE AND IMPROVEMENT PROGRAM (QAIP)
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.

Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
IS Audit Function Knowledge

IS Audit Function Knowledge
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Professional Ethics. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 3-2 Steps in Resolving an Ethical Dilemma Identify.

Professional Ethics. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 3-2 Steps in Resolving an Ethical Dilemma Identify.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Internal Audits, Governmental Audits, and Fraud Examinations

Internal Audits, Governmental Audits, and Fraud Examinations
The CPA Profession Chapter 2.

The CPA Profession Chapter 2.
SAFA- IFAC Regional SMP Forum

SAFA- IFAC Regional SMP Forum
Purpose of the Standards

Purpose of the Standards
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
DAA and GEP Orlando 20081 Audit & Compliance or Audit vs. Compliance.

DAA and GEP Orlando Audit & Compliance or Audit vs. Compliance.

Similar presentations

Ads by Google