Escolar Documentos
Profissional Documentos
Cultura Documentos
Lecture 15
Internal audit
Introduction
The field of internal auditing is a dynamic and
rapidly expanding one. It is a significant
component of the internal control system. Its
significance and expansion has been greatly
enhanced with the formation of the Institute
of Internal Auditors (IIA) in 1941 in the United
States of America, coupled with the growth in
size and complexity of many organizations in
recent years, and the need to institute proper
and efficient control systems.
Introduction
Internal
audit is generally a feature of
large companies. It is a function, provided
either by employees of the entity or
sourced from an external organization, to
assist management in achieving
corporate companys mission statement
and strategic plan.
Internal audit and
corporate governance
Established codes of corporate governance such as the UK
Corporate Governance Code highlight the need for
businesses to maintain good systems of internal control to
manage the risks the company faces. Internal audit can
play a key role in assessing and monitoring internal control
policies and procedures.
The board should establish formal and transparent
arrangement for considering how they should apply the
corporate reporting and risk management and internal
control principles, and maintaining an appropriate
relationship with the companys auditors.
The role of the internal auditor is anchored on three main
pillars: (i) Risk Management (ii) Internal Control and (iii)
Governance
Assessing the need for internal
audit
Internal audit can assist an entity in providing effective corporate
governance thus a corporate governance requirement.
The cost of setting up an internal audit department versus the
predicted benefit
Predicted savings in external fees where work carried out by
consultants will be carried out by the new internal audit
department
The complexity and scale of the organizations activities and the
systems supporting those activities.
The abilities of existing managers and employees to carry out
assignments that internal audit may be asked to carry out
Managements perceived need for assessing risk and internal
control
Whether it is more cost effective or desirable to outsource the work
The pressure from external stakeholders to establish an internal
audit department
Definition of internal audit
In the standard for the professional
practice of Internal Auditing, the Institute
of Internal Auditors, in 1978, defined
internal auditing as;
An independent appraisal function
established within an organisation to
examine and evaluate its activities as a
service to the organization.
Definition of internal audit
The 21st Century definition of internal auditing as
contained in the International Standards for the
Professional Practice of Internal Auditing issued in
January 2004 re-inforces the core role of the
internal auditor as:
An independent objective assurance and
consulting activity designed to add value and
improve an organisations operations. It helps an
organization accomplish its objectives by bringing
systematic disciplined approach to evaluate and
improve the effectiveness of risk management,
control, and governance process.
Definition of internal audit
Internalauditing is an appraisal or
monitoring activity established within an
entity as a service to the entity. It functions
by, amongst other things, examining,
evaluating and reporting and to
management and the directors on the
adequacy and effectiveness of
components of the accounting and
internal control systems.
The Changing Role of the
Internal Auditor
CHARACTERISTIC OLD PARADIGM NEW PARADIGM
S
i) Internal Audit Internal Control Business Risk
focus
ii) Internal audit Reactive, after-the- Proactive, real-
response fact, time
discontinuous, continuous,
observers participants in
of strategic planning strategic planning
initiatives initiatives
iii)Risk assessment Searching for risk Scenario planning
factors
iv)Internal audit Concerned with Concerned with
test important important
Controls business risk
The Changing Role of the
Internal Auditor
v)Internal audit Emphasis on the Emphasis on
methods Completeness of significance
detail, Of broad business
Controls testing risks covered
vi)Internal audit Internal control: Risk management:
recommendation -Strengthened -Avoid/diversity
-Cost-benefit risk
-Efficient/effective -Share/transfer risk
-Control/accept
risk
vii)Internal audit Addressing Addressing
reports functional controls process risk
5. Name five areal of the computer system which might benefit from an IT audit.
6.. There are formal statutory rules governing the format of internal audit reports.
True
False
It is possible to buy in an internal audit services from an external organization