Professional Documents
Culture Documents
Internal Audit 101
Internal Audit 101
Our Vision
To be the lead advocate, trainer and practitioner in internal auditing in Africa by providing superior internal audit solutions to the private and public sectors as well as the third sector .
Our Mission
To engage internal audit leaders and their customers; government officials, corporate executives and senior management in a constant dialogue on the position, role and value of the internal audit activity.
Course Overview
Day One
Modern Internal Auditing The Audit Process Risk Management and Risk Assessment Audit Planning
Day Two
Process Documentation Audit Programs Audit Fieldwork Audit Reports Soft Skills
Module One
The how
Code of Ethics
Principles and Rules
Integrity Objectivity Confidentiality Competency
Integrity Rules
Shall perform their work with honesty, diligence, and responsibility Shall observe the law and make disclosures expected by the law and the profession Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization Shall respect and contribute to the legitimate and ethical objectives of the organization
Objectivity Rules
Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. Shall not accept anything that may impair or be presumed to impair their professional judgment. Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review.
Governance, Risk Management & Compliance
Confidentiality Rules
Shall be prudent in the use and protection of information acquired in the course of their duties. Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization.
Governance, Risk Management & Compliance
Competency Rules
Shall engage only in those services for which they have the necessary knowledge, skills, and experience. Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing. Shall continually improve their proficiency and the effectiveness and quality of their services
Governance, Risk Management & Compliance
Re- Corporate Governance Re- Risk Management Re- Fraud Re- Corporate Ethics Re- Internal Controls Re- Information Technology Re- Financial Reporting
Module Two
Planning
Governance, Risk Management & Compliance
Distribute Audit Notification Conduct Pre-Audit Meeting Interview Department Personnel Review Policies and Procedures Understand and Document the Business Processes Perform Risk Assessment Prepare a Detailed Audit Program Prepare audit budget (in hours) Select items to be Audited (samples, not 100%)
Fieldwork
Review Supporting Documentation Interview department personnel Perform analyses Identify Exceptions Identify Recommendations for Improvement Prepare Written Audit Comments (i.e., findings) Department Provides Written Response and Corrective Action Plan for findings
Governance, Risk Management & Compliance
Reporting
Issue a draft report Discuss draft report with unit management Issue final report Report is factual, clear, concise, with an appropriate tone
Module Three
Risk Management/Assessment
Module Four
Audit Planning
Audit Planning
Annual Audit Planning Components of the Audit Project Plan
Audit Objectives Audit Scope Audit Methodology Audit Program Audit Time Budget Audit milestone dates
Audit Objectives
General audit objectives Specific audit objectives
Audit Objectives
Select one functional area in your organisation and formulate a general audit objective and the appropriate specific objectives for that function
Module Five
Audit Programs
Audit Programs
Components of the Audit Program Audit Objectives and Lines of Enquiry
Components of the Audit Program the audit objective(s); the relevant line(s) of inquiry, criteria, and audit questions; the information to be requested from entities how the evidence will be analyzed;
Governance, Risk Management & Compliance
Module Six
Process Documentation
Process Documentation
Process Flow charts Tools for Process Mapping System Narratives Interviewing Skills
Module Seven
Audit Fieldwork
Audit Fieldwork
Testing Controls design and operating effectiveness Techniques for gathering audit evidence Working paper preparation
Module Eight
Audit Reporting
Why write internal audit reports? Required by Standards. Inform- (Tell what auditors found) Persuade (Convince management of worth and validity of findings) Get Results (Move management towards change and improvement.)
Audit Reports
From issues to findings The Five Cs Reporting Formats Other Reports
The 5 Cs
Cause
Criterion
Corrective action
condition
Consequence
Governance, Risk Management & Compliance
In a nutshell
What should be? What is? Why the deviation from the what should be occurred? What happened or could happen because the what is differed from the what should be? What is needed to correct the condition and improve operations?
Governance, Risk Management & Compliance
Soft Skills
Team work Communication Discussion with delegates
Importance of teamwork and communication Improving teamwork and comunication
Governance, Risk Management & Compliance
The End