This document provides an introduction to internal auditing. It defines internal auditing as an independent, objective assurance and consulting activity designed to add value to an organization. The document explains key terms in the definition such as independence, objectivity, assurance, and consulting. It also describes the scope of internal auditing and compares the roles of internal and external auditors. Finally, it discusses the types of audits internal auditors perform and how internal auditing relates to performance measurement and ethics.
This document provides an introduction to internal auditing. It defines internal auditing as an independent, objective assurance and consulting activity designed to add value to an organization. The document explains key terms in the definition such as independence, objectivity, assurance, and consulting. It also describes the scope of internal auditing and compares the roles of internal and external auditors. Finally, it discusses the types of audits internal auditors perform and how internal auditing relates to performance measurement and ethics.
This document provides an introduction to internal auditing. It defines internal auditing as an independent, objective assurance and consulting activity designed to add value to an organization. The document explains key terms in the definition such as independence, objectivity, assurance, and consulting. It also describes the scope of internal auditing and compares the roles of internal and external auditors. Finally, it discusses the types of audits internal auditors perform and how internal auditing relates to performance measurement and ethics.
IIA’s Definition of Internal Auditing Define internal auditing. • Internal auditing is defined by the Institute of Internal Auditors as “an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” Explain the key terms used in the definition of internal auditing. • Independence is freedom from conditions that threaten the ability of the internal audit activity to carry out internal audit responsibilities in an unbiased manner. • Objectivity is an unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others. • Assurance is a service that provides an objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes. Explain the key terms used in the definition of internal auditing. • Consulting refers to services that are advisory and are intended to add value and improve an organization’s governance, risk management, and control processes. • Adding value to the organization (and its stakeholders) is when the audit provides objective and relevant assurance and contributes to the effectiveness and efficiency of governance, risk management, and control processes. • Risk management processes identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization’s objectives Explain the key terms used in the definition of internal auditing. • Control processes are the policies, procedures, and activities that are part of a control framework, designed to ensure that risks are contained within the risk tolerances established by the risk management process. • Governance consists of the combination of processes and structures implemented by the board to inform, direct, manage, and monitor the activities of the organization toward the achievement of its objectives Describe the factors that determine the scope of internal auditing. • Risk management: Identify and evaluate significant exposures to risk and contribute to the improvement of risk management and control systems. • Control: Maintain effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement. • Governance: Assess and make appropriate recommendations for improving the governance process in the accomplishment of the organization’s objectives. Explain the main functions of management and how they relate to achieving control. • Planning is the development of a clear purpose, long-term objectives, and short-term goals of an organization. • Organizing entails establishing a rule structure to help achieve the goals of the organization. • Directing is the process of inducing members of an organization to perform their roles successfully. • Controlling is the comparison of actual performance with pre- determined standards, plans, or objectives. Explain the main functions of management and how they relate to achieving control • The main purpose of control is to ensure that the enterprise’s objectives are met effectively, efficiently, and economically. • The basic requirements for achieving adequate controls are as follows: 1. Controls must fit the needs of the managers and reflect the organization pattern. 2. Controls must focus on exceptions and critical points. 3. Controls must be flexible to accommodate change. 4. Controls must be economical and cost-effective. Define risk and enterprise risk, and explain how they are related to the concept of control. • Risk is the possibility of an event occurring that will have an impact on the achievement of objectives. Enterprise risk, therefore, is the possibility of an event occurring that may reduce the likelihood of an organization achieving its objectives. • Effective control provides reasonable assurance that the organization will achieve its objectives reliably (by reducing uncontrolled risk to an acceptable level) and therefore includes the identification and mitigation of risk. Explain the role of internal auditors in their organization. • The role of internal auditors is to act as consultants to both the board of directors and management in assessing and improving the effectiveness and efficiency of the organization’s risk management, control, and governance processes. • Internal auditing aids the organization by helping the board and management better fulfil their responsibilities. Explain the role of internal auditors in their organization. • The internal auditor must cooperate closely with the management of the activities being audited, but must maintain independence and objectivity while carrying out audit activities. In performing consulting activities, the internal auditor will report directly to the management of the unit or activity being reviewed. • The internal auditor must have a direct reporting relationship to the board or its audit committee in order to perform assurance functions. Compare the role of internal auditors with that of external auditors. • Internal auditors are responsible to the board and management of the organization; external auditors are responsible to the shareholders. • Internal auditors are independent of the functions that they audit, but are not independent of the organization itself; external auditors must be independent of the organizations that they audit. • The purpose of internal auditing is to improve organizational performance; the purpose of external auditing is to express an opinion on the financial statements. Compare the role of internal auditors with that of external auditors • The scope of internal auditing extends to all activities of the organization; the scope of external auditing is limited to financial areas impacting the financial statements. • Internal auditing focuses on the appropriate design and effective implementation of management processes; external auditing focuses on balances at a point in time. Describe the types of audits carried out by internal auditors. • Compliance audits focus on reviewing compliance with established policies, procedures, laws, and so on. • Internal financial audits focus on the reliability and integrity of the accounting system and its output. • Operational audits review an organization’s effectiveness, efficiency, and economy of operations, and recommend improvements. • Comprehensive audits (mainly in the public sector) focus on financial verification, compliance, and performance assessments Describe the types of audits carried out by internal auditors. • Information technology (IT) audits focus on the controls in computerized environments. • Integrated audits are conducted when IT auditing is included with other types of internal auditing. • Fraud audits can be carried out by internal auditors when management or auditors detect or suspect the existence of a fraud. • Environmental audits assess the extent to which the organization is in compliance with regulatory requirements on environmental matters Compare internal auditing and performance measurement • Internal auditing evaluates and reports on the degree of correspondence between performance and appropriate agreed-on criteria. • Performance measurement is based on identifying those measures critical to an organization’s success and setting specific, measurable targets for them. Performance is compared with these targets in order to assess organizational performance Compare internal auditing and performance measurement. • . Internal auditing increasingly focuses on the evaluation of organizational effectiveness and efficiency, and requires that measurable criteria be established against which to assess performance. • Performance measurement has the advantage of being a continuous process; internal auditing of particular activities is usually intermittent. Outline the role of the internal auditor in promoting ethical culture and standards in an organization. • Internal auditors should use their position of trust and integrity to be advocates of ethical conduct. They should work towards increased compliance with legal, ethical, and societal responsibilities. • Internal auditors should periodically assess the state of the ethical climate and evaluate the extent to which the organization fulfils its ethical responsibilities. Apply ethical judgments in the context of the internal auditor’s work. • Adherence to an ethical code increases the reputation and effectiveness of the work of the internal auditor. • Internal auditors are responsible for assessing compliance with policies including those related to the company’s code of ethics. • Unethical actions can pose a significant risk to an organization and should be reported to the board and senior management. • Internal auditors have access to confidential and sensitive information and must respect the principle of confidentiality Apply ethical judgments in the context of the internal auditor’s work. • Internal auditors may become involved in fraud investigations, which directly relate to illegal and/or unethical actions. • Internal auditors must comply with the ethical standards of the professional organizations of which they are members • The IIA Code of Ethics is based on the principles of integrity, objectivity, confidentiality, and competency, and consists of Rules of Conduct describing expected behavioural norms for its members.
Example - 10 THESES ON THE SUCCESSFUL MANAGEMENT OF INTERNATIONAL JOINT VENTURES An Empirical Study With Austrian-Brazilian Joint Ventures by JOCHEN PENKER