Int Aud Chapter 1 PDF

Overview of lnternal Auditing After going through this chapter, you should be able to:. Provide a professional overview of internal auditing.. Differentiate internal auditors and external auditors.. Learn the different types of internal audits.. Describe the evolution and development ofinternal audit practices.. Understand the roles of the Institute of Internal Auditors of Malaysia (IIAM). lntroduction Previously, internal auditing was accounting-oriented and focused more on accuracy and reliability of financial statements as well as historical performance reporting. To date, an internal auditor has an enhanced and complex role, with a wider scope and a greater expectation from stakeholders. Modern internal auditors provide services that include examination and appraisal of controls, performance, risk and gover- nance for public and private entities. The new roles also encompass suggestions to improve performance, generate new ideas or proposals for new corporate direction towards achieving organizational objectives. An internal auditor acts as management control and performs independent checks on the control systems in an organization. The recent global financial crisis demands more competent internal auditors to deal with dynamic yet complicated changes in the industry. Several guidelines are available for internal auditors to fulfil their responsibility. Primarily, internal auditors are required to adhere to the IIA Code of Ethics and International Professional Practices Framework. Currently, it is a requirement for public listed companies to have an internal audit function. This requirement has also extended to regulatory bodies and gov- ernment agencies. The internal audit function has become the 'in-thing' in orga- nizations, and by having one, stakeholders can rest assured that an independent mechanism is in place to control and monitor how the organization operates. I Definition of Internal Auditing Traditionally, internal auditing is defined as: An independent appraisal activity established within an organization as a service to the organization. It is a control which functions by examining and evaluating the adequacy and effectiveness of other controls. The objective of internal auditing is to assist members of the organization in the effective discharge of their responsibilities. Part One Introduction to Internal Auditing To this end, internal auditing furnishes them with analyses, appraisals, recommenda- tions, counsel, and information concerning the activities reviewed. The audit objec- tive includes promoting effective control at reasonable cost. The IIA Board of Directors has redefined internal auditing as: An independent, objective assurance and consultiag activity designed to add value and improve an organizationt operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness ofrisk management, control, and governance processes. I ndepe ndence qnd ohjectivity Independence is the freedom from conditions that threaten the ability ofthe internal audit activity to carry out internal audit responsibilities in an unbiased manner. To achieve the degree ofindependence necessary to effectively carry out the responsi- bilities of the internal audit activity, the chief audit executive has direct and unre- stricted access to senior management and the board. This can be achieved through a dual-reporting relationship. Threats to independence must be managed at the indi- vidual auditor, engagement, functional, and organizational levels. Objectivity is an unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others. Threats to objectivity must be managed at the individual auditor, engagement, functional, and organiza- tional levels. Assuronce ond consulting octivity The primary purpose of an assurance activity is to assess evidence relevant to the subject matter of interest and provide conclusions regarding the said matter. A con- sulting activity, on the other hand, provides advice and other assistance relating to the subject matter of interest under the capacity of the work that internal auditors are involved in. Internal auditors should provide recommendations for improve- ments in areas of deficiencies in order to add value and improve an organization's risk management, control and governance processes. Systematic and disciplined opproach Internal auditing is a systematic and guided process. The internal audit function should establish its own policies and procedures to guide any internal audit activity to ensure that the audit service provided is of good quality. Add vqlue The assurance and consulting activity allows improvements in an organization's operational activities to achieve its objectives and to ensure effective risk manage- ment, control and governance processes. Risk monogement Risk management is the process conducted by the management of an organization to understand and deal with risks (uncertainties) that could negatively affect the organization's ability to achieve its objectives. At the same time, risk could also lead to opportunities when an event occurs and positively affects the achievement of an organization's obj ectives. Chapter I Oterview oflnternal Auditing Control An organization needs to have in place effective internal control that reasonably assures the safeguarding of an organization's assets against loss. Hence, internal auditors are responsible for ensuring that such controls are well established by the management of an organization. Governance Governance is the act of managing an organization. It relates to decisions that define expectations, grant power or verif, performance. It consists of either a separate pro- cessor part of the management or leadership processes. Hence, internal auditors should assess the corporate governance process and provide recommendations to achieve effective governance. In )anuary 2004, the IIA modified and expanded the definition of the internal audit activity to include the following additional activities and services: Internal auditing is conducted in diverse legal and cultural environments; within organizations that vary in purpose, size, complexity, and structure; and by persons within or outside the organization. While differences may affect the practice of internal auditing in each environment, conformance with The IIAs International Standards for the Professional Practice of Internal Auditing (Standards) is essential in meeting the responsibilities of internal auditors and the internal audit actMfy. If internal auditors or the internal audit activity is prohibited by law or regulation from conformance with certain parts of the Standards, conformance with all other parts ofthe Standards and appropriate disclosures are needed. Assurance services involve the internal auditor's objective assessment of evidence to provide an independent opinion or conclusions regarding an entity, operation, function, process, system, or other subject matter. The nafure and scope of the assur- ance engagement are determined by the internal auditor. There are generally three parties involved in assurance services: (1) the person or group directly involved with the entiry operation, function, process, system, or other subject matter-the process owner, (2) the person or group making the assessment-the internal auditor, and (3) the person or group using the assessment-the user. Consulting services are advisory in nature, and are generally performed at the specific request of an engagement client. The nature and scope of the consulting engagement are subject to agreement with the engagement client. Consulting ser- vices generally involve two parties: (1) the person or group offering the advice-the internal auditor, and (2) the person or group seeking and receiving the advice- the engagement client. When performing consulting senrices the internal auditor should maintain objectivity and not assume management responsibility. Development of lnternal Auditing Practice The internal audit function is not a profession that rose overnight. It has been in our history since 3500 sc with the use of tick marks as a form of verification during the Mesopotamian civilization. The evolution of internal auditing practice is shown in Table 1.1.. The rise of audit during the Industrial Revolution in England.. The Foreign Corrupt Practices Act 1977 demands for IA to assist management in complying with the act. Part One lntroduction to Internal Auditing TABLE 1.1 | Evolution of lnternal Audit Profession Provi d es appraisal of control and Perfor organ zation Functionsas junior sibling to independent Establishes itself as a distinctive discipline' accounting profession. lq to. Treadway Commission - In 1987, recommended the need to establish an effective and objective internal audit function and to coordinate internal auditing with external auditing..Inlgg2,producedarePortonlnternalControl-IntegratedFrameworkthat emphasizes the importance of internal control in organizations. In Malaysia, the evolution of the internal audit function started in the 1970s with the establishment of an internal audit unit in the Ministry of Defence'. In 1970, the Ministry of Defense set up its internal audit unit'. ln t979,the Federal Government issued a circular expanding the establishment audit. of lA to other ministries with a broader role that included operational. In 1993, the Ministry of Finance requested all government-owned organizations to set up an audit committee: - To protect government interest as a shareholder' - To oversee the internal audit function in these organiz2tions'. Internal auditing in private sector: / - Mainly focuses on evaluating the efficiency and /fectjness of the internal control systems and compliance. I I it for all public listed orlanizations to establish - Since 1993, is mandatory independence their audit committees to monitor accountability, governance, and objectivity of their internal audit department' - Bursa Malaysia Listing Requirements, amended in 2008' has mandated publiclistedorganizationstosetuPaninternalauditfunction. Roles and Responsibilities of lnternal Auditors areas in an The roles and responsibilities of internal auditors cover three broad organization-risk^ management, control and governance' Internal auditors shall management in terms of not assume management'i responsibilities, but support the reliability of financial and man- ensuring efficienJy and effectiveness of operations, may ug.r.r.rri r.porting and compliance with laws and regulations. Internal auditors uiro b" involved in fraud urrditr to identif,i potentially fraudulent acts, participating in fraud investigations under the direction of fraud investigation professionals and conducting post-investigation fraud audits to identify control breakdowns and establish fiirancial loss. Internal auditors are not responsible for the execution of company activities; however, they may advise management and the board of Chapter L Owrriew of Internal Auditing directors on how to better execute their responsibilities. Internal auditors can have access to every part of an organization's operations, and have unlimited access to the company's personnel, records and physical properties. iid The roles and responsibilities of internal auditors with respect to risk manage- ment, control and governance include: Risk monagement. Test-check the adequacy of risk management processes, models and systems. Educate and create awareness among the management and staff concerning the risk issues. Assist the management in developing risk management framework and its implementation. Provide feedback on the appropriateness of risk management infrastructure ctive ernal Control r that. Assess the effectiveness of the organization's internal control system, including the adequacy ofcontrol model or design h the. Monitor management's compliance with the organization's code of conduct and ethical policies. Review corporate policies relating to compliance with laws and regulations, conflict ofinterests ment. Analyze the controls for critical accounting and management functions L. Provide feedback and reporting on control deficiencies tions Governonce. Advise on the adequacy and appropriateness of the composition of the board of directors. Assess the effectiveness of the board of directors in discharging their duties ternal. Ensure that internal audit chartet role and actirrities are clearly understood and responsive to the needs of the audit committee and the board of directors rblish ilence. Help keep the board informed on any matters related to the companyt interest dated Differences between lnternal Auditor and ExternalAuditor Internal auditors may at times be perceived as redundant when compared to exter- nal auditors. Their functions are in fact different in several aspects, and are summa- ln an rized in Table 1.2: i shall ms of TABTE 1.2 | Different Features of lnternal Auditor and External Auditor man- INTERNAL AUDITOR EXTERNAL AUDITOR s may Reporting responsibility Reports to audit committee/ Reports to shareholders Pating' board of directors ionals lowns Status Ir: generai part of an o!'qaniza ls an independent aontiaclot a ;ution tron s etrlployees iat times. tt third partv ud of can be o,rtsourcedl (Continued) TABLE 1.2 | (Continued) INTERNAL AUDITOR EXTERNAL AUDITOR Stakeholder Serves third party needing reliable fi nancial performance report &i &it{iW.{. ,Jeilt :,cieni (}f rhe.liiiv;- Sird.pend"r,t g :. - , r'jr., "*""age- rfleflt and the board ofditE€- '. :a;r!;:il i l,1i: t-.-,, i,,j iii ii,a r:r,+il1 "1:1j @s' both in fa€t and rAental.-;. : ri,:. ,i ail ,:ip,rc,nI_r ll ettifl.tr&, ,:::.i.:lt,iP(iPl-11 Responsibility towards fraud ls incidentally concerned with the prevention and detec- tion of fraud in general, but is directly concerned when financial statements may be materially affected. Scope of work ! 11,..11... !l(.t!a-f jrjiri,.:,-t rnlrili. Revievus the ffnamial stfie- dilir ri!{ ilanJopll)eal ill,-l- ,&& , I ),!r': Ia ell:rrlra l l'le ar-aiJl rnen$ are free frsn.materb I ' ; l.-! r;:; rni sstaternents ard expr$ses opinbn whether the fnrarrid. ,!.1i@1t6ry :9l,rysryr fdr view. Timing and frequency of audit Reviews records supporting financial statements periodi- cally (usually once a year) and focuses on the accuracy and understandability of historical events as expressed in financia statements. Professional qualification Not necessary, but may acquire -Pgrg 69 3 rnember of a Certifieci lnternal Auditor Malaysian krstirute of Accodn- (ciA). tans ffiA) and beffanted audit liqence by ttre mnistry of Frnance (MoF) before b,eirq oesogrilzed at a Chanered Ac

Int Aud Chapter 1 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue