Download as pdf or txt
Download as pdf or txt
You are on page 1of 35

7

INTRODUCTION TO
INTERNAL AUDITING
Learning Outcomes

After studying this chapter, you should be able to:


 Describe the International Professional Practices
Framework
 Describe the development of internal audit
 Explain the changing roles and values brought about
by internal audit
 Explain the similarities and differences between
internal and external auditors
 Describe operational and compliance audit

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 3
Introduction

 Internal auditing is defined by The Institute of


Internal Auditors North America (IIA) as follows:
Internal auditing is an independent, objective
assurance and consulting activity designed to add
value and improve an organization’s operations. It
helps an organization accomplish its objectives by
bringing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk
management, control, and governance process.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 4
Introduction (cont.)

 Is an appraisal activity established within an entity


as a service to the entity
 It is expected to improve the effectiveness of
management in managing risk, and controlling and
monitoring the process of governance
 It helps to fulfill three main functions, which are:
– effectiveness
– efficiency and
– economy

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 5
International Professional
Practices Framework

 International Professional Practices Framework


(IPPF) is the conceptual framework that organizes
authoritative guidance promulgated by the IIA.
 The IPPF is divided into three main components:
the mission of internal audit, mandatory guidance
and recommended guidance

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 6
International Professional
Practices Framework (cont.)
(a)Mission of Internal Audit
(b)Mandatory Guidance:
i. Core Principles for the
Professional Practice of
Internal Auditing
ii. Definition of Internal
Auditing
iii. Code of Ethics
iv. International Standards for
the Processional Practice
of Internal Auditing
(c) Recommended Guidance:
i. Implementation Guidance
ii. Supplemental Guidance
FUNDAMENTALS OF AUDITING All Rights Reserved
© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 7
International Professional
Practices Framework (cont.)
Mission Enhance and protect organizational value by providing
risk-based and objective assurance, advice, and
insight.
Mandatory Comprise of 10 core principles as follows:
Guidance 1. Demonstrates integrity
2. Demonstrates competence and due professional care
3. Is objective and free from undue influence( independent)
4. Aligns with the strategies, objectives and risks of the
organization
5. Is appropriately positioned and adequately resourced
6. Demonstrates quality and continuous improvement
7. Communicates effectively
8. Provides risk-based assurance
9. Is insightful, proactive, and future-focused
10.Promotes organizational improvement
FUNDAMENTALS OF AUDITING All Rights Reserved
© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 8
International Professional
Practices Framework (cont.)

 Recommended guidance is endorsed by the IIA


through a formal approval process.
 It describes practices for effective implementation of
the IIA's core principles, definition of internal auditing,
code of ethics, and standards which comprise:
• The implementation guidance, which assists internal
auditors in applying the standards and the
• supplemental guidance (practice guides), which
provides detailed processes and procedures for
internal audit practitioners

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 9
Code of Ethics

 Aims to provide a statement of principles and


expectations governing the behaviour of individuals
and organizations in the conduct of internal auditing
and it describes the minimum requirements for
conduct and behavioural expectations rather than
specific activities.
 The four principles of the Code of Ethics are (a)
integrity; (b) objectivity; (c) confidentiality and (d)
competency

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 10
Code of Ethics (cont.)

Integrity

The IIA's
Competency Code Objectivity
Ethics

Confident
iality

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017
111– 11
Code of Ethics (cont.)

• The internal auditor should have knowledge of the


requirements for the Code of Ethics and perform
Integrity all activities according to the Code. Integrity
includes honesty, diligence and responsibility,

• The internal auditor should not perform audits


Objectivity where the assessment would be biased or
professional judgment may be impaired.

• Information obtained while performing an audit


Confidentially must be protected and used only as
appropriate in the engagement.

• The necessary knowledge, skills, and


Competency experience are important requirements for
providing internal auditing services.All Rights Reserved
FUNDAMENTALS OF AUDITING
© Oxford Fajar Sdn. Bhd. (008974-T), 2017
121– 12
International Standards for the
Professional Practice of
Internal Auditing (ISPPIA)

Three Categories of Standards:


 Attribute Standards
 Performance Standards
 Implementation Standards

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017
131– 13
Attribute Standards

Addresses the characteristics of organizations and


parties performing internal audit activities.
- Applies to all internal audit services and internal auditors
individually
- Example Standard 1000 – Purpose, Authority, and
Responsibility
“The purpose, authority and responsibility of the IA
activity must be formally defined in an IA charter,
consistent with the Definition of IA, the Code of Ethics,
and the Standards. The CAE must periodically review
the IA charter and present it to senior management
and the board for approval.”
FUNDAMENTALS OF AUDITING All Rights Reserved
© Oxford Fajar Sdn. Bhd. (008974-T), 2017
141– 14
Performance Standards

Describes the nature of internal audit activities


and provides criteria against which the
performance of these services can be evaluated.
– Applies to all audit services and internal auditors
– Example Standard 2000 – Managing the IA
Activity
“The CAE must effectively manage the IA
activity to ensure it adds value to the
organization”

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017
151– 15
Implementation Standards

Expounds the attributes and performance


standards and how they apply to specific types of
assurance or consulting engagements.
- Engagement refers to a specific internal audit
assignment, task or review activity, such as
internal audit, control self-assessment review,
fraud examination, or consultancy.
- An engagement may include multiple
tasks/activities designed to accomplish a
specific set of related objectives.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017
161– 16
Assurance Engagement

 Assurance engagement, another name for auditing,


is an objective examination of evidence to provide
an independent assessment on risk management,
control, or governance processes for the
organization.
 Examples of the types of engagements that would
be considered assurance engagements include
financial, performance, compliance, system
security, and due diligence audits.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 17
Assurance Engagement (cont.)

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 18
Assurance Engagement (cont.)

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 19
Assurance Engagement (cont.)

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 20
Evolution of Internal Audit

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 21
Institute of Internal Audit
Malaysia (IIAM)

 IIAM is a non-profit professional organization


established in 1977 as a chapter of the IIA in the US.
 In 1988, the IIA Malaysia became a National
Institute.
 The code of conduct and practices of the internal
audit profession in Malaysia is fully governed by the
IPPF

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 22
Objectives, Scope And
Responsibilities Of Internal
Auditors
 The function of the internal auditor is to provide an
independent, objective assurance and consulting
activity designed to add value and improve an
organization’s operations
 The internal auditor’s work scope can be
summarized as below:
(a) Ensuring an adequate internal control, reliable
accounting data and records, and
(b) Preventing and detecting errors and frauds.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 23
Objectives, Scope And
Responsibilities Of Internal
Auditors (cont.)
 The Malaysian Code of Corporate Governance,
2007 has mandated all public listed companies to
have an internal audit function.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 24
Objectives, Scope And
Responsibilities Of Internal
Auditors (cont.)

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 25
Objectives, Scope And
Responsibilities Of Internal
Auditors (cont.)

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 26
Objectives, Scope And
Responsibilities Of Internal
Auditors (cont.)
 The changing value of internal audit to an
organization can be seen in figure 20.6.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 27
Internal and External Audit

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 28
Internal and External Audit
(cont.)

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 29
Internal and External Audit (cont.)

Preliminary assessment of the internal audit function:


Organizational Status The internal auditor who reports to the audit
committee is seen to be more independent than
those reporting to the head of department

Scope of Function the nature and extent of internal auditing


assignments performed and whether
management acts on it

Technical Competence `whether internal auditing is performed by


persons having adequate technical training and
proficiency
Due Professional Care whether internal auditing is properly planned,
supervised, reviewed and documented.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 30
Internal and External Audit (cont.)

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 31
Operational Audit and
Compliance Audit
 Operational audit is a type of audit which refers to the
assessment of an operation of a branch, a department
or organization. Types include:
(a) Functional Audits –audit based on functions
(b) Organisational Audits- audit of the entire organisation
or department
(c) Special Assignments- audit based on request by
management
 Primary objective is to assess the quality of operations
and whether it is in line with the company’s prescribed
polices/plans and to identify areas for improvement.
FUNDAMENTALS OF AUDITING All Rights Reserved
© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 32
Operational Audit and
Compliance Audit (cont.)

Phases in operational audit


 Planning- agreed by all parties especially with
respect to criterias agreed upon
 Evidence accumulation and evaluation
 Reporting and follow up

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 33
Operational Audit and
Compliance Audit (cont.)
Compliance Audit
 Compliance audit focuses on the procedures used
by a branch or department
 Compliance audit also refers to a contract or an
agreement, in which the parties concerned must
comply with all the terms of the agreement.
 Compliance audits attest to the fairness of the
information versus given standards, example
financial statements with generally accepted
accounting principles.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 34
Operational Audit and
Compliance Audit (cont.)

 In compliance auditing the responsibility of the


auditor is to identify the elements of the audit,
assess whether a subject matter is compliant with
the established criteria and issue a compliance
audit report.

FUNDAMENTALS OF AUDITING All Rights Reserved


© Oxford Fajar Sdn. Bhd. (008974-T), 2017 1– 35

You might also like