Professional Documents
Culture Documents
Aud679 Tutorial 2
Aud679 Tutorial 2
Answer:
QUESTION 1
iii. Differentiate the internal auditor’s and external auditor’s responsibilities in terms of
their roles in detecting fraud in the organization.
- The external auditor is responsible for obtaining reasonable assurance that the financial
statements, taken as a whole, are free from material misstatement, whether caused by
fraud or error. Therefore, the external auditor has some responsibility for considering the
risk of material misstatement due to fraud. If the auditor identifies a fraud they should
communicate the matter on a timely basis to the appropriate level of management. If the
suspected fraud involves management the auditor shall communicate such matters to
those charged with governance. If the auditor has doubts about the integrity of those
charged with governance they should seek legal advice regarding an appropriate course
of action.
- The internal auditor is responsible to support management's efforts to establish a culture
that embraces ethics, honesty, and integrity. They assist management with the
evaluation of internal controls used to detect or mitigate fraud, evaluate the
organization's assessment of fraud risk, and are involved in any fraud investigations. As
a part of their assurance activities, internal auditors watch for potential fraud risks,
assess the adequacy of related controls, and make recommendations for improvement.
This is because the internal auditors are exposed to key processes throughout the
organization and have open lines of communication with the executive board and staff,
they are able to play an important role in fraud detection.
iv. Elaborate three (3) benefits of establishing internal audit functions in the organization.
- Helping maintain organisational focus on achieving objectives - internal auditor function
will ensure its work is risk-based and aligned to its organisation’s strategic objectives.
- Minimise the risk of fraud - internal auditors have to make sure controls designed to
control fraud and risk are in place and operating effectively.
- Efficiency - internal audits spot redundancies in the organization practice and procedure
and governance process and come with recommendations.
QUESTION 2
i. Briefly explain the roles that should be played by the four (4) governance players in
Armada Bhd in upholding the company’s good corporate governance.
- External audit - the external auditors will promote corporate governance by making sure
the subject company's reports are accurate, true and an appropriately fair reflection of
the company's status. In the process, if anything is discovered that looks fraudulent, then
it is directed to management
- Internal audit - the internal auditor can ensure the internal audit charter, role and
activities are clearly understood and responsive to the needs of the board of directors.
- Board - the board of directors must ensure that the internal audit function is adequately
resourced and enjoys appropriate standing within the organisation.
- Management - Management develops and implements corporate strategy and operates
the company's business under the board's oversight, with the goal of producing
sustainable long-term value creation.
ii. Describe three (3) importance for the Chief Audit Executive(internal audit) to report
functionally to the audit committee.
- When the internal audit function reports to the audit committee, it allows the internal
auditors to remain structurally separate from management and enhances objectivity.
- Members of the audit committee should engage with the CAE regularly to maintain a
reporting relationship that is both substantive and communicative.
- The audit committee should understand and approve the annual internal audit plan and
determine if the CAE has a sufficient budget and resources to execute against it.
iii. Explain three (3) governance reforms as advocated by the Malaysian Code of
Corporate Governance.
- Fair treatment of all shareholders, particularly minority shareholders - All shareholders
should have the opportunity to obtain effective redress for violation of their rights.
- Accountability and independence of Board of Directors - Oversight the corporate
governance conducts of the Board and institute accountable attitudes towards their
performance and the performance of the Companies. For example, performance is
assessed objectively and appraised in accordance to benchmark.
- Promoting training and education to all levels - Minority shareholders must be educated
and well-informed on their rights for them to be heard and exert influence.
QUESTION 3
A.
ii. Discuss two (2) roles that internal auditor could play in supporting an organization’s
risk management process.
- Evaluate the efficacy of risk management procedures that are currently in place and
provide recommendations.
- Providing assurance that the risk management and internal control framework is
operating effectively.
iii. Explain two (2) roles that internal auditor should not undertake in respect of risk
management.
- Management assurance on risk that is being the sole source management’s assurance
that risk are effectively managed, this would be considered performing a management
function
- The internal auditor should impose a risk management process because it empowers a
business with the necessary tools so that it can adequately identify and deal with
potential risk.
B.
i. Explain the relationship between ‘risk’ and ‘control’ by referring to the COSO
Framework.
According to the COSO, the risk is the possibility that events will occur and affect the
achievement of a strategy and objectives. While, the control is defined as a process, affected by
an entity’s board of directors, management, and other personnel, designed to provide a
reasonable assurance regarding the achievement of the objectives relating to operations,
reporting and compliance.
The relationship between risk and control can be defined as a risk is an effect of
uncertainty on an objective with the effect having a positive or negative deviation from what is
expected. A control is a set of measures or actions taken to manage risk and increase the
likelihood that established objectives will be achieved.
ii. Discuss three (3) roles that internal auditor could undertake in strengthening control of
an organization.
- Internal auditor can provide an objective evaluation of the existing risk and internal
control framework.
- Internal auditors can provide feedback on adherence to the organization’s values and
code of conduct / code of ethics.
- Internal auditor can help keep the board of directors informed on any matters related to
the company’s interest.