Review of AUD1201 PART 1

Chapter 1

The Emergence in Global Profession of Internal Auditing

What is an Audit?

Audit is an independent examination of financial statements of an entity that enables an

auditor to express an opinion whether the financial statements are prepared (in all material
respects) in accordance with an identified and acceptable financial reporting framework (e.g.
international or local accounting standards and national legislations)

Key Points:

An auditor involves in examination of financial statements, the auditor is not responsible for
the preparation of the financial statements.

 The end result of an audit is an opinion to assist the user of the financial statements.
Auditing therefore relies heavily on professional judgment, not merely on the facts.
 The auditor’s opinion makes reference to “true and fair” or “fair presentations” but
“true and fair” is again a matter of judgment. It is not precisely defined for the auditor.
 In order to make the user of the auditor’s report able to feel confident in relying on
such report, the auditor should be independent of the entity.
o Independent essentially means that the auditor has no significant personal
interest in the entity. This allows an objective, professional view to be taken.

What are the different types of audit?

Three types of audits are discussed in general, i.e.,

1. Financial statement audits
2. Operational audits
3. Compliance audits

What is an Internal Auditing?

Internal auditing is an independent, objective assurance and consulting activity

designed to add value and improve an organization's operations. It helps an
organization accomplish its objectives by bringing a systematic, disciplined approach
to evaluate and improve the effectiveness of risk management, control, and
governance processes.

- International Professional Practices Framework (IPPF) of the IIA

Institute of Internal Auditors (IIA)

o A trustworthy, global, guidance-setting body, The IIA provides internal audit
professionals worldwide with authoritative guidance organized in the IPPF as
mandatory guidance and recommended guidance.
The IIA is the internal audit profession's global voice, recognized authority, acknowledged
leader, chief advocate, and principal educator.

The Mission of the Institute of Internal Auditors:

The mission of The Institute of Internal Auditors is to provide dynamic leadership for the
global profession of internal auditing. Activities in support of this mission will include, but will
not be limited to:

1. Advocating and promoting the value internal audit professionals add to their
organizations.
2. Providing comprehensive professional educational and development opportunities,
standards and other professional practice guidance, and certification programs.
3. Researching, disseminating, and promoting knowledge concerning internal auditing
and its appropriate role in control, risk management, and governance to practitioners
and stakeholders.
4. Educating practitioners and other relevant audiences on best practices in internal
auditing.
5. Bringing together internal auditors from all countries to share information and
experiences.

International Professional Practices Framework (IPPF)

- The Framework for Internal Audit Effectiveness

- Is the conceptual framework that organizes authoritative guidance promulgated by The
Institute of Internal Auditors (IIA)
- Last updated July 2015
 History

• Roots of internal auditing to centuries B.C., as merchants verified receipts for grain
brought to market
• Real growth of the profession occurred in the 19th and 20th centuries with the
expansion of corporate business; demand grew for systems of control in companies
conducting operations
• 1941 marked a major turning point. Victor Z. Brink, authored the first major book on
internal auditing
• John B. Thurston and Robert B. Milne agreed that further progress in bringing
internal auditing to its proper level of recognition would be best made possible by
forming an independent organization for internal auditors.
• When Brink’s book came to the attention of Thurston, the three men got together and
found they had a mutual interest in furthering the role of internal auditing
• Contacted a small group of internal audit practitioners throughout the United States
who expressed interest in forming a national
• The IIA’s certificate of incorporation was filed on November 17, 1941, and just prior to
the first annual meeting on December 9, 1941 at the Williams Club located at 24 East
39th Street in New York City, 24 charter members were accepted for membership
• It went from the original 24 members to 104 by the end of the first year, to 1,018 at the

end of five years.

Asian Confederation of Institute of Internal Auditors (ACIIA)

- Aims to provide dynamic leadership for the profession of internal auditing by coordinating
the development enhancement and promotion of the internal auditing profession in the
Asian Region.

Hierarchy of Internal Auditors in an organization

Who is the CAE?

1. The head of an internal audit function is generally known as the chief audit executive
(CAE
2. A key requirement for any effective organization is a strong leader; for internal audit,
that leader is a CAE who understands the needs of the overall organization and its
potential control risks as well as the potential contributions that internal audit can
make.

Let’s discuss further in the

subsequent chapters.

The Value of an IIA Global Certification

For an instance, passing the Certification of Internal Audit (CIA) would result in the following
advantages:

1. Distinguish you from your peers.

2. Demonstrate your proficiency with internal staff and external clients.
3. Develop your knowledge of best practices in the industry.
4. Demonstrate your proficiency and professionalism.
5. Lay a foundation for continued improvement and advancement.
6. Help you earn credibility and respect in your field.
7. Open more opportunities for advancement.
8. Increase your earning potential by as much as 51%.*
9. Prove your willingness to invest in your own development.
10. Demonstrate your commitment to your profession.
11. Improve your internal audit skills and knowledge.
12. Build confidence in your knowledge of the profession.

Reasons to make a career

move to internal auditing

Certifications
Certifications

 CRMA (Certified Risk Management Assurance) – introduced in 2013. To educate and

counsel management and audit committees on risk management concepts. (est 30k)

 QIAL (Qualification in Internal Audit Leadership) – developed by The IIA to

determine if aspiring, new, and experienced Audit Executives (AEs) are capable of
helping to lead, grow and change the internal audit profession.

o QIAL holders deliver value to their organization by consistently addressing

stakeholder needs, top-down risks, and expectations of an evolving marketplace.

 CISA (Certified Information Systems Auditor) – issued by ISACA

 ISACA (Information Systems Audit and Control Association) – is an international
professional association focused on IT governance.

 CEH (Certified Ethical Hacker) – issued by EC-Council (International Council of E-

Commerce Consultants) is a qualification obtained by demonstrating knowledge of
assessing the security of computer systems by looking for weaknesses and
vulnerabilities in target systems, using the same knowledge and tools as a malicious
hacker, but in a lawful and legitimate manner to assess the security posture of a target
system.

o Ethical hackers are employed by organizations to penetrate networks and

computer systems with the purpose of finding and fixing security vulnerabilities.

 CICA (Certified Internal Control Auditor) is administered by AAIFM (The American

Association for Investment and Financial Management) – one of the most renowned
associations for financial management, risk management, corporate control and
investment in United States.

Other Certifications

 CGAP (Certified Government Auditing Professional) – issued by IIA; certification

demonstrates the skills necessary for auditors working in the public sector at all levels –
federal/national, state/provincial, local, quasi-governmental, or crown authority.

 CCSA (Certification in Control Self-Assessment – credential demonstrates one’s

understanding of important CSA fundamentals, processes, and related topics such as
risk, controls, and business objectives.

 CFSA (Certified Financial Services Auditor – certification demonstrates the skills

necessary to work in banking institutions, thrift/savings and loan organizations, credit
unions, insurance companies, security and commodity services, holding and investment
companies, credit agencies, and other financial services.
Certified Internal Auditor® (CIA®)

As the only globally recognized internal audit certification, becoming a Certified Internal
Auditor® (CIA®) is the optimum way to communicate knowledge, skills, and competencies
to effectively carry out professional responsibilities for any internal audit, anywhere in the
world.

As a matter of fact, earning a professional internal audit credential is a critical step to being
distinguished from your peers and will:
1. Enhance credibility and respect.
2. Sharpen skills and proficiencies.
3. Increase advancement and earning potential.
4. Demonstrate understanding and commitment.

Facts about CIA Examination

1. The CIA examination covers a wide range of topics that are significant to the modern
internal auditor.
 2. The exam is updated periodically and reflects current topics of interest to internal
auditors.

Knowledge requirements are labeled P or A where: P = Candidates must exhibit

proficiency (thorough understanding and ability to apply concepts) in these topic
areas. A = Candidates must exhibit awareness (knowledge of terminology and
fundamentals) in these topic areas.

CIA Qualifications

 Education

- CIA candidates must hold a 3- or 4-year post-secondary degree (or higher).

- Two years post-secondary education and five years verified experience in internal
audit or its equivalent, OR
- Seven years verified experience in internal audit or its equivalent.

 Work Experience

- CIA candidates with a 4 year post-secondary degree must obtain a minimum of

24 months of internal auditing experience or its equivalent
- A Master’s degree can substitute for 12 of the required 24 months.

 Character Reference

- Candidates must exhibit high moral and professional character and must submit a
Character Reference Form signed by a CIA, CGAP, CCSA, CFSA, CRMA, or the
candidate's supervisor.

 Proof of Identification

- Candidates must provide proof of identification in the form of a copy of the

candidate’s official passport or national identity card.

 Eligibility Period

- If a candidate has not completed the certification process within three years, all
fees and exam parts will be forfeited.

Continuing Professional Education (CPE) Requirements

• 40 CPE hours for practicing, while 20 CPE hours for nonpracticing. The reporting
deadline is 31 December each year.

Exam Syllabus

Part 1:Essentials of Internal Auditing

• Foundation of Internal Auditing

 • Independence and Objectivity
• Proficiency and Due Professional Care
• Quality Assurance and Improvement Program
• Governance, Risk Management, and Control
• Fraud Risks

Part 2: Practice of Internal Auditing

• Managing the internal audit function

• Planning the Engagement
• Performing the Engagement
 • Communicating Engagement Results

and Monitoring Progress Part 3: Business

Knowledge for Internal Auditing

• Business Acumen
• Information Security
• Information Technology
• Financial Management