Download presentation
Presentation is loading. Please wait.
Published byRandolph Floyd Modified over 8 years ago
1
the UNIVERSITY of GREENWICH 1 October 2009 L8a Audit and assurance J. E. Spencer-Wood Auditing and assurance Lecture 8a Internal audit
2
the UNIVERSITY of GREENWICH 2 October 2009 L8a Audit and assurance J. E. Spencer-Wood Internal Audit External audit RA's - Statutory duty FS's Opinion Owners Internal audit Management’s terms of reference Corporate governance work Other assurance work Report Audit Committee Management
3
the UNIVERSITY of GREENWICH 3 October 2009 L8a Audit and assurance J. E. Spencer-Wood ‘Internal’ Employees IA department Outsourcing External ‘audit’ firms working to management’s terms of reference ‘Audit’ Management's terms of reference Internal Audit
4
the UNIVERSITY of GREENWICH 4 October 2009 L8a Audit and assurance J. E. Spencer-Wood ‘A source of advice and guidance that assists executives in their responsibilities for the management of business risk’ David Brilliant – ICAEW, 1996 IA’s primary role: Now recognised as a key contributor to strong governance - ‘assurance over the risk management process and CG’ ‘True and Fair’ - ICAEW, 2003 Definitions and objectives
5
the UNIVERSITY of GREENWICH 5 October 2009 L8a Audit and assurance J. E. Spencer-Wood ‘an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes’ IIA, 2009 Definitions and objectives (cont.)
6
the UNIVERSITY of GREENWICH 6 October 2009 L8a Audit and assurance J. E. Spencer-Wood ‘working with managers to improve and optimise their… 1.internal control, 2.risk management and 3.corporate governance process’ Andy Wynne - ACCA Public Sector Technical Issues 2002 Definitions and objectives (cont.)
7
the UNIVERSITY of GREENWICH 7 October 2009 L8a Audit and assurance J. E. Spencer-Wood Modern Internal Audit Corporate Governance Combined Code COSO (Treadway) Corporate threats (business risks) Traditional bases Operational audit Management audit Financial audit
8
the UNIVERSITY of GREENWICH 8 October 2009 L8a Audit and assurance J. E. Spencer-Wood Corporate governance codes Late 1980’s Concern over failures and lack of constraints on boards of directors (especially remuneration), led to… UK The Cadbury Report Canada The Dey Report USA The General Motors Guidelines Board
9
the UNIVERSITY of GREENWICH 9 October 2009 L8a Audit and assurance J. E. Spencer-Wood UK - The Cadbury Committee report (December, 1991) The Cadbury committee Included a ‘Code of Best Practice’ to ensure: a measure of independence and objectivity at board level Directors’ responsibility for, and reporting to, shareholders upon IC. and GC.
10
the UNIVERSITY of GREENWICH 10 October 2009 L8a Audit and assurance J. E. Spencer-Wood …and subsequent associated reports… The Cadbury ‘Code of Best Practice’ Adopted by LSE as part of its Listing Rules To indicate whether the Code had been complied with Replaced by - Combined Code on CG June 1998 The Hampel Committee Turnbull Guidelines
11
the UNIVERSITY of GREENWICH 11 October 2009 L8a Audit and assurance J. E. Spencer-Wood …and subsequent associated reports… Replaced by - The Combined Code on CG July 2003 The Higgs and the Smith Reports Replaced by - The Combined Code on CG June 2006 Replaced by - The Combined Code on CG June 2008
12
the UNIVERSITY of GREENWICH 12 October 2009 L8a Audit and assurance J. E. Spencer-Wood The Combined Code on Corporate Governance June, 2008 IA bears a major role in the effectiveness of ‘the code’ (Although scarcely referred to in the Code) The Combined Code on CG June 2008 Requires companies to review the need for IA ‘A guide to good practice (for IA and their customers) ’ CCAB, IIA, APB - Feb. 1999 All (not just financial) IC’s Audit committees
13
the UNIVERSITY of GREENWICH 13 October 2009 L8a Audit and assurance J. E. Spencer-Wood The Audit Committee IA should report to an audit committee Formed mainly from non-executive directors Non-executive directors Not ‘interested’ parties Can resist board pressure and maintain auditor independence The audit committee helps to minimise conflict between directors and internal (and external) auditors
14
the UNIVERSITY of GREENWICH 14 October 2009 L8a Audit and assurance J. E. Spencer-Wood Management’s responsibility Risk management staff IA role Assurance Risk management IC's Advice on the processes of risk identification Advice on systems IA and risk management
15
the UNIVERSITY of GREENWICH 15 October 2009 L8a Audit and assurance J. E. Spencer-Wood Matters that may prevent the attainment of corporate objectives Component parts ‘Business risks’ (external) Financial risks Compliance risks Operational risks (internal) (Business) Risk
16
the UNIVERSITY of GREENWICH 16 October 2009 L8a Audit and assurance J. E. Spencer-Wood Identifying business risks Assessing risk Probabilities Potential effect Prioritising risks Taking action Monitoring Risk management
17
the UNIVERSITY of GREENWICH 17 October 2009 L8a Audit and assurance J. E. Spencer-Wood Accept risk if low likelihood, low impact Reduce risk better IC's Avoid risk change activity Transfer risk insurance Risk management techniques
18
the UNIVERSITY of GREENWICH 18 October 2009 L8a Audit and assurance J. E. Spencer-Wood Assure and advise ERM Enterprise risk management services Risk – IA’s role
19
the UNIVERSITY of GREENWICH 19 October 2009 L8a Audit and assurance J. E. Spencer-Wood However, IA has traditionally played many and various roles… Operations & business processes - 30% Financial audit - 24% IT systems’ reviews - 13% Fraud & special investigation - 10% Regulatory compliance work - 7% Other - 6% ICAEW, 1996 ‘Traditional’ IA
20
the UNIVERSITY of GREENWICH 20 October 2009 L8a Audit and assurance J. E. Spencer-Wood ‘Traditional’ divisions of IA Operational audit ‘EEE’ type of audit approach Management audit Corporate strategy, planning and control audit Financial audit Similar to statutory audit
21
the UNIVERSITY of GREENWICH 21 October 2009 L8a Audit and assurance J. E. Spencer-Wood IA Planning - General outlines IA Corporate role Audit charter Knowledge Corporate background Legislation, regulation, policies and changes therein Systems, structure, operations Business risks
22
the UNIVERSITY of GREENWICH 22 October 2009 L8a Audit and assurance J. E. Spencer-Wood IA Planning (cont.) Independence Specific objective Results of previous work Management’s concerns and expectations Statutory audit support work…
23
the UNIVERSITY of GREENWICH 23 October 2009 L8a Audit and assurance J. E. Spencer-Wood IA Planning (cont.) Type of audit IC regular reviews – Corporate governance focus Including ERM Other ‘one-off’ assignments – CG and, or other ‘traditional’ focus Financial Operational Environmental VFM...
24
the UNIVERSITY of GREENWICH 24 October 2009 L8a Audit and assurance J. E. Spencer-Wood IA Planning (cont.) Staffing considerations Audit programme Audit recording Similar to external audit Audit testing Reporting As management’s terms of reference
25
the UNIVERSITY of GREENWICH 25 October 2009 L8a Audit and assurance J. E. Spencer-Wood Reports must be clear to readers Often non-accountant NED’s IC regular review (CG) ‘Regular periodic reports’ ‘ One-off’ assignments (CG and, or ‘traditional’) ‘Individual assignment’ reports Reporting
26
the UNIVERSITY of GREENWICH 26 October 2009 L8a Audit and assurance J. E. Spencer-Wood 1.Scope, purpose, extent of work, conclusion (including an ‘opinion’ on IC’s) 2.‘Appropriate and relevant’ recommendations to address weaknesses or improve efficiency 3.Acknowledge action taken or proposed by management Structure: Individual assignment report
27
the UNIVERSITY of GREENWICH 27 October 2009 L8a Audit and assurance J. E. Spencer-Wood 1.Similar, but more specific than IAR’s 2.Gives the Audit Committee ‘assurance’ that IC exists and is correctly functioning. 3.Gives details of past IC improvements 4.Identifies new IC issues 5.Similarities to the external auditors’ report, giving ‘an opinion’ of the state of IC Structure: Regular periodic report
28
the UNIVERSITY of GREENWICH 28 October 2009 L8a Audit and assurance J. E. Spencer-Wood IA - Independence Possible problem areas Staff are employees Who arranges IA activities? What access is there to records, assets, personnel? Is there freedom to report? Are there conflicts of interest Career path Line or work responsibilities (especially with new systems)
29
the UNIVERSITY of GREENWICH 29 October 2009 L8a Audit and assurance J. E. Spencer-Wood The Institute of Internal Auditors www.iia.org.uk www.theiia.org The Combined Code (UK) www.frc.org.uk COSO www.coso.org References
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.