Transcript: INTERNAL AUDIT GOVERNANCE International Standards for the Professional Practice of Internal Auditing Reporting Structure President of the University Personalities Audit Manager Year of Experience Audit Manager Audit Manager Audit Manager Attribute Standards Charter Required Independent & Objective Proficient External Assessment Performance Standards Must add value to the organization Risk based audit planning Evaluate and contribute to the improvement of governance, risk management, and controls Use a systematic and disciplined approach University of Colorado Internal Audit Audit Manager A Few Standards INTERNAL AUDIT CERTIFICATIONS auditors IT Audit Manager Audit Senior 18 professional certifications PROCESS Audit Manager Transitions Audit Manager Program Assistant IT Audit Manager IT Audit Manager Board of Regents Internal Audit IT Audit Manager Audit Manager Audit Director Total Years of Audit Experience in the Department 172 years Audit Manager Audit Manager 6 Certified Internal Auditors 6 Certified Public Accountants 3 Certified Fraud Examiners 2 Certified Information System Auditors 1 Certified Information System Manager Audit Senior Program Assistant
Transcript: By: NURUL FAIRUS BARIAH BINTI YAHYA FARAHAYU BINTI MUHAMMAD NASIR MOHD NAZMI HAFIZ BIN MOHD RAFFI CHAPTER 4: THE INTERNAL AUDIT internal audit is the examination, monitoring and analysis of activities related to a company's operations, including its business structure, employee behavior and information systems What is Internal Audit What is Internal Audit Distinctive competencies is a firm's strengths that cannot be easily matched or imitated by competitors Building competitive advantages involves taking advantage of distinctive competencies Key Internal forces Key Internal forces Internal audit requires gathering,assimilating and prioritizing information about firm’s Management marketing Financing/accounting Production/operations Research and development Management information system operations Provides more opportunity for employee to understand how their job and departments fit into whole firm Process of performing an internal audit Process of performing an internal audit The resource-based view[RBV] The resource-based view[RBV] Internal resources are important than external factor for firm in achieving and sustaining competitive advantage RBV theory help firm exploit opportunity and neutralize threats Physical resources Physical resources Plant and equipment,location, technology,raw material,machines. Human resources Human resources Employee,training,experience, intelligence, knowledge, skill,abilities Organizational resources Organizational resources Firm structure,planning process,information systems,patents,trademarks,copyrights,databases Empirical Indicators Empirical Indicators The more a resources is rare,nonimitable and nonsubstitutable, the stronger a firm’s competitive advantage and longer it will last Rare resources are the resources that other firms do not possess or own In order to obtain competitive advantage, it is more advantageous if the resources are rare Rare Rare Difficult to copy the product or resourse that company own Hard to imitate Hard to imitate When there are no viable are no substitutes, a firm will be able to sustain its competitive advantage If the competitors cannot perfectly imitate the firm resources,it can obtain a sustainable competitive resources subtitutes Not easily substitutable Not easily substitutable Integrating strategy and culture Integrating strategy and culture Organizational culture defined as a pattern of behavior that has been developed by organization as it learn to cope with problem of external adaptation and internal integration Organizational culture that shape a workplace because culture can represent a major strength or weakness for the firm Cultural Products Cultural Products Values Beliefs Rites Rituals Ceremonies Myths Stories Legends Sagas Language Metaphors Symbols Folktales Heroes and heroines Aspects of Organizational Culture Aspects of Organizational Culture Management Management The functions of management consist of five basic activities staffing motivating planning organizing controlling Planning Planning Planning consists of all those managerial activities related to preparing for the future. Task like forecasting, establishing objectives, devising strategies, and developing policies Organizing Organizing Organizing includes all those managerial activities that result in a structure of task and authority relationships specific area include organizational design, job specialization, job descriptions, span of control, coordination, job design, and job analysis Motivating Motivating Motivating involves efforts directed toward shaping human behavior. Specific topics include leadership, communication, work groups, behavior modification, delegation of authority, job enrichment, job satisfaction, needs fulfillment, organizational change, employee morale, and managerial morale Staffing refers to human resource (HR) activities al so include wage and salary administration, employee benefits, interviewing, hiring, firing, training, management development, employee safety, equal employment opportunity, and union relations Staffing Staffing Controlling refers to all those managerial activities directed toward ensuring that actual results are consistent with planned results. Key areas of concern include quality control, financial control, sales control, inventory control, expense control, analysis of variances, rewards, and sanctions Controlling Controlling Management Audit Checklist of Questions Management Audit Checklist of Questions The process of defining, anticipating, creating, and fulfilling customers’ needs and wants for products and services Marketing Marketing the examination and evaluation of consumer needs, desires, and wants involves administering customer surveys, analyzing consumer information, evaluating market positioning strategies, developing customer profiles, and determining optimal market segmentation strategies Customer analysis Customer analysis includes many marketing activities, such as advertising, sales promotion, publicity,
Transcript: We meet with the department heads & key personnel to interview them. Now we go deeper and understand more about the process and outline an Audit Plan AUDIT PLAN (Scope + Policies + Minutes of Meeting with Dept. Heads and Key Personnel) Let us Start Why Internal Audit? Teddy George & Sandeep Anand Questions CASE STUDY It is a systematic and disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. What is Internal Audit? Why IA of Payroll & HR? The payroll is the largest expense area for many organisations, and one which should be controlled carefully It is estimated that payroll fraud accounts for 17% of all fraudulent disbursements suffered by organisations. A generic process End Scope Methodology Samples Observations Risks Recommendation Management Response Validation Internal Audit Payroll & HR Some more questions Request for Proposal - (or Initiate Interest in the prospect) Meeting > Discussion > Agreement :) We will request the Organizational Structure + Existing Policies & Procedures to read through and understand Also, the last year Financial Statement / Budget etc. Then we appoint point of contacts - Final contact (Big Guy) & Other contacts (Department Heads) Employee File Management Master data Probation Period Leave Policies Overtime Rates Job Cost Allocation Performance of Time Capturing Productivity Damn .. no space and then... To evaluate the effectiveness of the managements internal controls To assess any risks and to help devise a plan to mitigate the risks To detect/prevent fraud To ensure that the respective department is operating in compliance with the local laws of the country. Hiring Process Requisition Process Roles & Responsibilities Competencies & Experience Recruitment Strategy Visa Process PRO Service - Advance etc.
Transcript: 1. get to know your company your dealing with and scope it out 2. take note about objectives, measurements, and key transaction types and review documents and interviews 3. review key risk factors with that make sure they are controlled an monitored (helpful tool to identify common risks and desired controls in the specific process or industry being audited) 4. Develop and execute a risk-based sampling and testing approach to determine whether the most important management controls are operating as intended 5. Develop and execute a risk-based sampling and testing approach to determine whether the most important management controls are operating as intended Report issues and challenges identified and negotiate action plans with management to address the problems 6. follow up annually when the internal audit examines a company's systems and transactions to spot weakness, fraud, waste, and mismangment steps to prevent fraud how to catch people committing fraud auditors gather information on how an organization or company is operating, and uses that information to show the organization where it is doing well and where it can improve Internal Audit what is it : 1. scope and emphasis: addressing risks related to financial reporting, operations, legal and regulatory compliance, and the company strategy. There may also be special topics of interest to stakeholders that change considerably year-to-year 2. Portfolio of services: support in a variety of areas such as project management, data analysis, and monitoring of major company initiatives 3. Competency development: The stakeholder expectations around scope and service portfolio determine what competencies the function needs, which drives decisions regarding hiring of specific skills and training programs. The internal audit function is often used as a "management training ground" to provide employees with a deeper knowledge of the company's operations before they are rotated into a management position 4. Technology: use a variety of technology tools/software to support audit process workflow, statistical analysis, and obtaining data from systems compared revenue growth with a variety of nonfinancial measurements depending on industry type like customer satisfaction, production capacity, retail outlets available, distributors, dealers, and number of costumers looks at a whole range of accounting and corporate governance risk measures to come up with ratings on companies that try to predict company troubles search and extract a suite of nonfinancial metrics and compares them over time Monitoring, analyzing, and assessing the risks and controls of the organization Reviewing information on the organization’s compliance with state and federal policies and laws, then confirming that information Making reassurances and recommendations to the organization or company’s owners or governing boards How they do it Duties and responsibilities what is the main job we do strategy Do our very best to prevent fraud fraud- wrongful or criminal deception intended to result in financial or personal gain
Transcript: Alignment to business objectives and risks 3 lines of Defense Value of Internal Audit Ensure adequate time has been invested into planning, particularly the audit scope and program. Ensure workpapers (including minutes and walkthroughs) each contain a summary or conclusion. Develop a SOF and Issues Paper. What is Internal Audit? "concerned with evaluating and improving the effectiveness of risk management, control and governance processes in an organisation" Internal Audit Khoa Duong Internal Audit Engagements Assurance Assurance: E.g. fraud, risk and control self-assessment, contract, quality audits, due diligence, security, privacy, performance, operational, financial, IT/ICT and compliance. Consulting: E.g. internal control training, process review, benchmarking, IT and systems development, performance measurement. Objectivity Insight Annual Plan Familiarisation APs, TPs Evaluation Includes testing, walkthroughs SOF, IssP Reporting Types of Internal Audit Engagements Internal Audit Delivery INTERNAL AUDIT
Transcript: Internal audit Description What is internal audit? Role in internal control Effectiveness and efficiency of operations. Reliability of financial and management reporting. Compliance with laws and regulations. Safeguarding of Assets Role in risk management Internal auditor assess: the quality of risk management processes systems of internal control corporate governance processes The difference between internal and external audit
Transcript: INTERNAL AUDIT INTERNAL AUDIT & CORPORATE GOVERNANCE INTERNAL AUDIT Internal audit is a function established by management to assist in corporate governance by assessing internal controls and helping in risk management. INTERNAL AUDIT & CORPORATE GOVERNANCE Internal auditing is an appraisal or monitoring activity established within an entity as a service to the entity. It functions by: examining evaluating reporting to management and the directors. Internal audit can play a role in assessing and monitoring internal control policies and procedures: By acting as auditors for board reports not audited by the external auditors By being the experts in fields such as auditing and accounting standards in the company By liaising with external auditors Assessing the need for internal audit The cost of setting up an internal audit department vs. the predicted benefit Predicted savings in external fees The ability of existing managers and employees to carry out assignments The pressure from external stakeholders Factors an entity might consider when assessing the need for an internal audit function: It may be more cost effective to ask an external accounting firm to carry out just those projects that may be of most benefit, rather than setting up an internal audit function. The company will need to consider whether there are longer-term benefits, such as: Establishing an internal audit department will help maintain a group of highly skilled people Working in internal audit can be a route to providing training for future senior executives INTERNAL VS EXTERNAL is focused on the financial statements is focused on the operations of the entire business DISTINCTION BETWEEN INTERNAL & EXTERNAL AUDIT Objective Internal audit Designed to add value to and improve an organization’s operations. External audit An exercise to enable auditors to express an opinion on the financial statements. Reporting Internal audit Reports to the board of directors, or other people charged with governance. Reports are private and for the directors and management of the company. External audit Reports to the shareholders or members of a company on the truth and fairness of the accounts. Audit report is publicly available to the shareholders and other interested parties. Planning & collection of evidence Internal audit Strategic long-term planning carried out to achieve objective of assignments, with no materiality level being set. Some audits may be procedural, rather than risk-based. Evidence mainly from interviewing staff and inspecting documents. External audit Planning carried out to achieve objective regarding truth and fairness of financial statements. Materiality level is set during planning. Work is risk-based. Evidence collected using a variety of procedures. Regulation of internal auditors There are no legal requirements associated with becoming an internal auditor. Internal auditors are not required to be members of a professional body such as the ACCA. There is also a global Institute of Internal Auditors (IIA) which internal auditors may become members of. SCOPE OF INTERNAL AUDIT FUNCTION Internal audit has two key roles to play in relation to organizational risk management: • Ensuring the company's risk management system operates effectively • Ensuring that strategies implemented in respect of business risks operate effectively Scope of the Internal audit Business risk is a risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect an entity's ability to achieve its objectives and execute its strategies, or from the setting of inappropriate objectives and strategies. Business risk The internal audit department has a twofold role in relation to risk management. • It monitors the company's overall risk management policy to ensure it operates effectively. • It monitors the strategies implemented to ensure that they continue to operate effectively. The role of internal audit It is the responsibility of management and those charged with governance to prevent and detect fraud, and, in this respect, internal auditors may have a role to play. Responsibility for fraud and error The presence of an internal audit department within an organisation is indicative of good internal control, by its very nature, there are some limitations of the internal audit function. Limitations of the internal audit function INTERNAL AUDIT ASSIGNMENTS Internal audit can be involved in many different assignments as directed by management. These can range from value for money projects to operational assignments looking at specific parts of the business. Value for money audits Value for money (VFM) audits examine the economy, efficiency and effectiveness of activities and processes. These are known as the three Es of VFM audits. Measuring outputs Defining objectives Sacrifice of quality Measuring effectiveness Over-emphasis on cost control Measuring efficiency Problems of VFM An information technology (IT) audit
Transcript: Deficiencies noted Comments/Observations Complaints Statement on the actions subsequently taken should be recorded. Do not place patience at risk due to inadequate safety quality or efficacy. Production Recalls Internal Audit Horizontal Inspection Must undergone Appropriate training in the procedures & technique of GMP inspections. Independent and with integrity Must have complete working knowledge with GMP guidelines, Company's Systems and Procedures Forming an Audit Team Assume responsibility for the quality of the pharmaceutical products to ensure that they are fit for intended use Classification of Findings How To Carryout Internal Audit ? Internal Auditors Qualification Why Conduct Internal Audit? Principle Reports should contain all the observation made during the inspection Internal audit Premises Room to Room Approach Assign Roles and Responsibility Records Documentation Equipment Internal Audit Preparation Phase Personnel Who will check? Designate a Leader Vertical Inspection Comply with the requirements of the marketing authorizations GMP Implementation Determine Traceability Closing Morale Boosters Positive Findings Internal Audit Negative Findings All internal audit should be recorded Decide on the Scope Corrective Action Quality Control What to check during Internal Audit? Audit Plan It is a mechanism through which the operation of the Quality Management System is formally monitored and conformance with the documented Quality System is assured. Internal Audit should be conducted in order to monitor the implementation and compliance with Good Manufacturing Practice principles and to propose necessary corrective measures. Audit Results Opportunities for Improvements Inspection Proper Pharmaceutical manufactures must:
Description: The sky’s the limit. Boost your new sales initiative into orbit with an engaging and compelling SKO presentation. This template features a effective sales kickoff theme that makes it easy to be engaging. Like all Prezi SKO templates, it’s fully customizable with your own information.
Description: Add some color to your quarterly business review with this vibrant business presentation template. The bold visuals in this business template will make your next QBR a memorable one.
Description: Catch the eye and engage the imagination with this cool-looking Prezi proposal template. The bold, bright design and highly dynamic theme all but guarantee success for your next sales or marketing proposal. All Prezi presentation templates are easily customized.
Now you can make any subject more engaging and memorable