Presentation is loading. Please wait.

Presentation is loading. Please wait.

Day in the life of an Internal Auditor

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Day in the life of an Internal Auditor"— Presentation transcript:

1 Day in the life of an Internal Auditor
Alka Abbi Tomar

2 Agenda My journey… Internal Audit Sarbanes Oxley

3 Journey thus far… On-site Audits Remote Audits

4 My role INDEPENDENT FUNCTION Responsibilities include
Assist management with SOX 404 compliance Conduct Internal Audits Investigations Audit Committee (BoD) VP Finance, Corporate Controller Director Internal Audit/SOX

5 COSO Framework (New) Source: sox-online.com

6 COSO Framework (old) Internal Audit SOX Span of Internal Control
Oversight of Entity / Process Policies and Procedures Components of Internal Control Identification and Analysis of Risks Foundation - Discipline and Structure SOX

7 Internal Audit

8 Thoughts about IA profession
Not the police Based on LOGIC and COMMON SENSE Global profession Foundation is Ethics & Integrity Duty to the Company & its stake holders Part of an Organization Partnership - No longer the ‘gottcha approach’ but still INDEPENDENT Spans all areas of the organization Finance & Accounting Operations HR Sales and Marketing Compliance IT

9 What is Internal Audit Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

10 Internal Audit Functioning
Internal Audit Department Charter Approved by Audit Committee Annual Process Internal Audit Risk Assessment Selection of Audits Conduct Audits Conduct investigations Assist with compliance efforts such as SOX

11 Internal Audit Risk Assessment
Assess Business Get inputs key members of the management team Review financial results, business and process documentation, corporate strategic initiatives during current and prior years Consider industry best practices Inherent risk of business activity Current and anticipated business changes Financial/transaction significance and trends Current control environment: staffing, policies, culture, changes Degree of legal/regulatory compliance requirements Consider Risks Develop Plan Summarize results of business activity risk assessments based on Significance and Likelihood Test conclusions with the Audit Committee Finalize internal audit plan for the year

12 Audit Methodology Planning Fieldwork Reporting Objective Background
Scope Design Audit Plan Resources & timing Fieldwork Execute Audit Plan Discuss findings with process owner Obtain management remediation action Reporting Top Management Audit Committee

13 Examples of audits Finance and Accounting Operations
Expense Audits Revenue Recognition Vendor Audit Operations Inventory Reverse Logistics Sales and Marketing Channel Partner Audit Marketing Fund Audit Compliance Audit Environment Audits Country Audit IT Security Audit   Human Resources Overtime laws Health Committee Free medical check-ups

14 Audit Techniques Interviews Analytical
reviews / other forensic tools Substantive sample testing Continuous monitoring

15 Example 1: Country Audit
Audit Objective: Based on understanding of the location’s business activities, the country Audit will include the following areas: Revenue Ensure orders were supported and booked properly, and revenue was recognized appropriately Operating Expenses and Expense Reimbursement To ensure company expenditures incurred were legitimate expenses, and were processed according to company policies and appropriate documentation maintained. Accounts Payable Vendors Payroll Balance Sheet Accounts and Reconciliations To ensure that balance sheet accounts have been properly reconciled with adequate supports and to search for unrecorded liabilities Cash Accounts Receivable Fixed Assets Liabilities Segregation of Duties Channel Sales Review Compliance Review

16 Example 2: Country Audit
Key Audit Steps taken: Interviewed key process owners to understand the processes Obtain process documents and policies Data Analytics to identify areas of focus Sample testing of areas identified Separate steps for each area

17 Example 2: Country Audits
Revenue Objective Ensure orders were supported and booked properly, and revenue was recognized appropriately Audit Procedures Review P&L and customer reports Revenue composition Major customers Unusual fluctuations Local Order to collection process Detailed sample testing for Supporting documents (customer PO, shipping docs, etc) – booking accuracy Proper cut-off Shipping terms Compliance with revenue recognition criteria – Based on Corporate (US) Fees are fixed and determinable Persuasive evidence of agreement Delivery of goods Collectability reasonably assured

18 Example 2: Country Audit
Channel Partner Review Objective Channel stuffing Related party transactions FCPA compliance Sales Returns Audit Procedures Review list of channel partners and sales reports Volume Discount Growth Rebates Sales returns Review agreements with Channel Partners Interview with Channel partners

19 Example 2: Country Audit
Key Findings: Revenue Cut-off evidence of shipment not available; revenue recognized in the wrong period Segregation of duties: AR Accountant – applies cash; credits; collection calls Channel Partner Related party transactions Channel stuffing Operating Expenses and Expense Reimbursement Accounts Payable Potential misappropriation funds -petrol cards Non compliance with Spending policy Leased property was subleased – not properly accounted for Payroll Terminated employees were paid Segregation of duties Payroll vs GL reconciliation not performed Payroll consultant handled competitor payroll Balance Sheet Accounts and Reconciliations Bank: Segregation of duties Fixed Assets: No confirmation of offsite assets No confirmations of demos, etc

20 Example 2: Reverse Logistics Audit
In simple language…goods returned Audit Objective: To verify that goods returned are accounted for appropriately Key Audit Steps taken: Interviewed key process owners to understand the process Where are returns received? Who receives them? How is it supposed to be captured in the system Are items scrapped or refurbished? How are both scrap and refurbished items documented and traced Are there any known issues or areas of improvement Obtained list of assets returned in the books of accounts Surprise visit of the warehouse for physical count Compared actual inventory with books of accounts Observe security of warehouse

21 Example 2: Reverse Logistics Audit
Key Findings Management had a project team to reconcile differences between goods that were scheduled to be received/ received and goods actually received – had been in place for a few years Physical count of goods returned was never conducted Access to goods returned area was not restricted Physical count observations Goods indicated as received were not in the warehouse Goods not on the list were in the warehouse Goods of a different Company were mistakenly received by the Company Items which were scrapped in the books were still in warehouse Items sent for internal use (for R&D) could not be traced to location Goods received had not been entered in the system for upto a week as research was ongoing on the order, etc

22 Example 2: Reverse Logistics Audit
Management Remediation Warehouse area was redesigned Full physical count of goods returned was conducted and differences written off Access to goods returned area was restricted to responsible personnel Formal process was established to track Scrap Items circulated internally Items received were recorded in the system the date of receipt Goods received but not identified were recorded in the system Once identified to a specific sales order, it was transacted out of this ‘suspense’ account Bar coding/ scan was being established

23 Fraud

24 Fraud Not a part of an Internal Audit Helps with prevention
Sometime with detection Investigations Revenue Recognition Check fraud Related party transactions Petrol card fraud FCPA (foreign corrupt practices act)

25 Fraud Triangle Pressure/Incentive Opportunity Rationalization

26 Sarbanes Oxley Compliance

27 What is Sarbanes-Oxley or SOX?
Sarbanes-Oxley Act was passed in 2002 Section 301: Whistleblower policy Section 302: Quarterly Disclosure of control effectiveness Section 404: Annual Internal Control over Financial reporting (ICFR) report Section 906: Criminal penalties

28 Reliability on Financial Reporting (10-K)
SOX 404 Objective Reliability on Financial Reporting (10-K) Improve Corporate Governance Increase Transparency Enhance Internal control over financial reporting (ICFR) Management requirement Document processes and controls Evaluate design and operation of controls Report on the effectiveness of its ICFR

29 How does SOX404 impact a Company?
Management Reporting Annual 10-K SOX 404 Compliance Share Price SEC Reporting External Audit External Audit

30 Internal Control over Financial Reporting Assessment
SOX 404 Methodology Planning Internal Control over Financial Reporting Assessment Reporting Risk Assessment Significant Accounts Scoping (identify processes in scope) Location Scoping Materiality Assess current state Evaluate design of controls Validate and update critical process documentation Narratives Risk and Control Matrices Test Plans Walkthroughs Tests of key controls Design solutions for control gaps Implementation of solutions for control gaps by management Retesting of remediated controls Self Assessment Assessment of deficiencies SOX Management Certification Jan-Mar 2011 Apr- June 2011 June – Oct 2011 July – Dec 2011 Jan – Feb 2012

31 Questions?

Download ppt "Day in the life of an Internal Auditor"

Similar presentations

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.

Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, 2002. Established.

Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
1 Sarbanes-Oxley Section 404 June 29, 2005. 2  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Purchases & Cash Disbursements Transactions By David N. Ricchiute

Purchases & Cash Disbursements Transactions By David N. Ricchiute
Audit Planning and Analytical Procedures Chapter 8.

Audit Planning and Analytical Procedures Chapter 8.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Audit Procedures for Misappropriation of Assets Pertemuan XXIV Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.

Audit Procedures for Misappropriation of Assets Pertemuan XXIV Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
Accounts Receivable, Notes Receivable and Revenue

Accounts Receivable, Notes Receivable and Revenue
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Sales & Cash Receipts Transactions By David N. Ricchiute

Sales & Cash Receipts Transactions By David N. Ricchiute
Chapter 11 Auditing the Purchasing Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Chapter 11 Auditing the Purchasing Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Cash and Financial Investments. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 10-2 Internal Control Over --Cash Receipts.

Cash and Financial Investments. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved Internal Control Over --Cash Receipts.
Chapter 7 Revenue and Collection Cycle “What at first was plunder assumed the softer name of revenue.” Thomas Paine McGraw-Hill/IrwinCopyright © 2008 by.

Chapter 7 Revenue and Collection Cycle “What at first was plunder assumed the softer name of revenue.” Thomas Paine McGraw-Hill/IrwinCopyright © 2008 by.
Nature of an Integrated Audit

Nature of an Integrated Audit
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.

Similar presentations

Ads by Google