20
USAID Finance for Economic Development (FED) Program WORKSHOP: “IT GOVERNANCE IN BANKS” MAY 27, 2014
| Date post: | 18-Jul-2015 |
| Category: |
Economy & Finance |
| Upload: | armeniafed |
| View: | 269 times |
| Download: | 7 times |
USAID Finance for Economic Development (FED) Program
WORKSHOP: “IT GOVERNANCE IN BANKS”
MAY 27, 2014
The Role of Internal Audit
2
Komitas Stepanyan, CRISC, CRMA, CobIT Foundation Certificate
Image of auditors in organizations
?
Definition of Internal Auditing
“Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. ”
The Institute of Internal Auditors
4
Internal Audit VS External Audit
5
Internal audit is a function that, although operating independently from other departments and reports directly to the audit committee, resides within an organization (i.e. they are company employees).
It is responsible for performing audits (both financial and non-financial) within a wide range of areas within a business, as directed by the annual audit plan.
Internal audit look at risks facing the business and what is being done to manage those risks effectively, to help the organization achieve its objectives.
For example, they may look at risks to the company’s reputation such as the use of unsilenced software, or strategic risks such as producing too many products in comparison to resources available etc.
Internal Audit VS External Audit
6
External audit is an independent body which resides outside of the organization which it is auditing.
They are focused on the financial accounts or risks associated with finance and are appointed by the company shareholders.
The main responsibility of external audit is to perform the annual statutory audit of the financial accounts, providing an opinion on whether they are a true and fair reflection of the company’s financial position.
As part of this, external auditors often examine and evaluate internal controls put in place to manage the risks which could affect the financial accounts, to determine if they are working as intended.
Internal Audit Is Here to Help!
7
Identify Risks
Find Better Ways and Best Practices
Partner With You to Find Solutions
Prevent Problems
IA Report to the Audit Committee or Board
- Ensures independence
◦ Escalate issues to a level where they can be corrected
◦ Keeps board informed
◦ Meets quarterly
8
What is Risk Based Auditing?
There are many types of risk – fraud, improper reporting, ineffective or inefficient use of resources, credibility loss, etc.
9
Focus on risk of occurrences that could prevent the University from achieving its goals
Focus on areas with high risk and high probability that controls are not in place or are weak
IA have a plan!
Risk factors:◦ Impact
◦ Probability
◦ Controls
10
Risk based audit plan developed with input from across the organization
What Is the Plan?
Includes estimated budget hours and completion date
11
List of audits for fiscal year
Based on risk assessment and available man/hours
Approved by Audit Committee/Board
Audit Universe(Auditable units)
WE DO AUDIT
Operations and compliance
Financial
Departments
Processes
Projects
Information Technology
Integrated
12
Who Are We: Internal Auditors?
Internal group Outsourcing
13
Preventive Measures
Don’t give in to the temptation to skip controls because you are busy!
14
Make sure your controls are working
Review and reconcile
Check the work of your subordinates
What is included in the audit report?
• What was found?
• Why it happened?
• What is required?
• What effect it has?
• Recommendation for improvement
• Response – who, when and how
15
What happens after the audit?
16
Follow-up
Review corrective action
Report to Audit Committee and/or Board
Who Audits the Auditors?
Peer review at least once every five years
17
Standards are set by the Institute of Internal Auditors
We Want to Know How We Are Doing
• At the completion of each audit we will send an after-audit-survey
• We want you to rate our performance
• Were we professional, helpful, timely and did we add value?
• Please take the time to give us your feedback.
18
19
• We provide training
• Respond to policy and technical accounting questions
• Offer suggestions for improvement
• Advisory role
We are here to help
20
Roles of Internal Audit
Partner
Relationships
Policeman
Compliance Assurance ....... and Consulting
