SlideShare une entreprise Scribd logo

Internal Audit Methodology

Télécharger en tant que PPTX, PDF
Manoj Agarwal
Manoj Agarwal

Internal Audit Methodology, How to use Risk Based Audit methodology

FormationBusinessTechnologie
1  sur  12
Internal Audit Methodology Presented by CA Manoj Agarwal May 10, 2014, Mumbai, ICAI
Disclaimer All the contents of the presentation constitute the opinion of the speaker, and the speaker alone; they do not represent the views and opinions of the speaker’s employers, supervisors, nor do they represent the view of organizations, businesses or institutions the speaker is, or has been a part of. 2
Agenda • Definition of Internal Audit • Types of Audit • Internal Audit Methodology • Tools 3
Definition 4 “Internal audit is an independent management function, which involves a continuous and critical appraisal of the functioning of an entity with a view to suggest improvements thereto and add value to and strengthen the overall governance mechanism of the entity, including the entity’s strategic risk management and internal control system. Internal audit, therefore, provides assurance that there is transparency in reporting, as a part of good governance.” -The Internal Audit Standards Board of the ICAI “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes” -Definition of Internal Auditing by Institute of Internal Auditors (IIA)
Types of Audits 5 Compliance Audit A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines. http://searchcompliance.techtarget.com/definition/compliance-audit Operational Audit Operational Audit is a systematic review of effectiveness, efficiency and economy of operation. http://en.wikipedia.org/wiki/Operational_audit Quality Audit Quality audit is the process of systematic examination of a quality system carried out by an internal or external quality auditor or an audit team. It is an important part of organization's quality management system and is a key element in the ISO quality system standard, ISO 9001. http://en.wikipedia.org/wiki/Compliance_Audit Functional Audit An audit that is held prior to software delivery in order to verify that all requirements specified in the software requirements document have been met. ICAI : A Functional Audit deals with one or more functions in an organization. It could concern, for example, the payroll function for a division or for the company as a whole. (Para 19.8.4 of chapter 19 of Advanced auditing and professional ethics - CA Final (3))
Types of Audits 6 Financial Audit or a Typical Internal Audit A financial audit, or more accurately, an audit of financial statements, is the verification of the financial statements of a legal entity, with a view to express an audit opinion. http://en.wikipedia.org/wiki/Financial_audit Risk Based Audit Risk based Internal Audit (RBIA) is an internal methodology which is primarily focused on the inherent risk involved in the activities or system and provide assurance that risk is being managed by the management within the defined risk appetite level.[1] It is the risk management framework of the management and seeks at every stage to reinforce the responsibility of management and BOD (Board of Directors) for managing risk http://en.wikipedia.org/wiki/Risk_based_audit Control Based Audit Audit of Controls Internal control is a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance. -COSO
Auditor’s Dilemma 7 Cost Dilemma Giving a level of confidence that IA has captured and assessed ‘all’ material risk that threaten the company
Risk Based Audit 8 Type Stage 1 Stage 2 Stage 3 Stage 4 Stage 5 Stage 6 Stage 7 Stage 8 RBIA Framework Defining Scope Mapping Risk Registration/ Identificatio n Control Identifica tion Control Investigation Audit Test Audit Report Risk profiling Risk taxonomies Business unit mapping Risk register Risk evaluation Control owner Volume Value Complexity Cost SOP SOD Past losses IT Risk definition card: Description Includes Excludes Driver Impact Processes Systems KPIs Function boundaries Transactions All risks Risk type Risk levels Risk Sizes Statistical tools Material and potential loss from control weakness Criteria to assess whether the control has been operated effectively or compromised by staff What to sample? How much to sample?
My Risk Based Audit 9 Type Stage 1 Stage 2 Stage 3 Stage 4 Stage 5 Stage 6 Stage 7 Stage 8 RBIA Framework Defining Scope Mapping Risk Registration/ Identificatio n Control Identificatio n Control Investigati on Audit Test Audit Report My IA Financial Scoping Mapping Top 3 Risks Control identificatio n Checkpoin ts Testing Audit report Trial balance Common size statement Identificatio n of major items groups Identifica tion of Major Items with in group Compliance, FA, Bank Tools Pareto Rule Audit Tracker, Excel (Pivot, Sort, Index, vlookup), Benford Law, Pareto Rule (80:20) Audit Report
Tools Audit Tracker 1. Contacts (of auditee/ audit team) 2. Status Tracker (Scope, Start Date, Completion date, Reason for Pending, responsibility, Population, Sample, Sample methodology, remarks) 3. Review Notes 4. Requirement Tracker (Requirement, Area, Responsibility, Request Date, Received date, Time Lag in receipt of data, days lapsed) 5. Checklist (Scope, Sub scope, Risk, Control, Checkpoints, Population, Sample, Exceptions, Observations, Backup paper) 6. Query Sheet (Query, Financial Impact, Risk, recommendations, Area, Annexure, Resolved, Response, Responsibility, Reportable/ Dropped, Backup paper) 7. Audit Completion Checklist 10 Control Failure Vs. impact of business control failure Traffic Light vs. specific financial amounts
Tools Audit Report 1. Cover letter, 2. Background and Objective of audit 3. Scope and approach 4. Detailed Observation (High, Medium, Low) 5. Other Points for Management Attention 6. Positive assurance Audit Presentation 1. Audit Summary (Area, Location, Audit Period, Audit Team, Function Head, Scope, Field audit dates/ period) 2. Scope, Sampling and Limitation to scope 3. Positive Assurance 4. Key Observations 5. Other observations 11
Resources • Risk Based Audit: https://drive.google.com/file/d/0B9LJxar8oKPmQ0JxaEpJRmxMaVU/edit? usp=sharing • Risk Template: https://app.box.com/s/p7tns5kbrliny06mnouu 12

Recommandé

Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit pptLetzconsult.com
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEbbongio
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
Internal Audit effectiveness
Internal Audit effectivenessInternal Audit effectiveness
Internal Audit effectivenessKaran Puri
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditinggrifff
 

Recommandé

Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit pptLetzconsult.com
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEbbongio
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
Internal Audit effectiveness
Internal Audit effectivenessInternal Audit effectiveness
Internal Audit effectivenessKaran Puri
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditinggrifff
 
Internal auditing
Internal auditingInternal auditing
Internal auditingShach Faisal
 
Internal audit
Internal auditInternal audit
Internal auditiPleaders - Re-engineering Legal education, New Delhi
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing functionDebashis Gupta
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditingFrederick Altum Pokoo-Aikins
 
Internal audit
Internal auditInternal audit
Internal auditRahul Mithia
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor RolesIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Internal Audit
Internal AuditInternal Audit
Internal AuditAhmad Tariq Bhatti
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writingNeha Kothari
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit pptIbrahim Jimalle
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkBlackLine
 
Internal Audit
Internal AuditInternal Audit
Internal AuditJami Martin
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Utf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeUtf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeAbuallia
 
Internal Audit Strategic Framework
Internal Audit Strategic FrameworkInternal Audit Strategic Framework
Internal Audit Strategic FrameworkJeremy Cheng
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid themSurajit Datta
 
Internal audit
Internal auditInternal audit
Internal auditShoab Malek (Certified Quality Auditor)
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO FrameworkJesús Gándara
 
Coso illustrative tool
Coso illustrative toolCoso illustrative tool
Coso illustrative toolSARVJEET KAUSHAL
 
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKPOSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKHaresh Lalwani
 
Governance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge ElementsGovernance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge ElementsIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Fice Of Internal Audit
Fice Of Internal AuditFice Of Internal Audit
Fice Of Internal AuditChristina Berger
 

Contenu connexe

Tendances

Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing functionDebashis Gupta
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writingNeha Kothari
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkBlackLine
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Utf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeUtf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeAbuallia
 
Internal Audit Strategic Framework
Internal Audit Strategic FrameworkInternal Audit Strategic Framework
Internal Audit Strategic FrameworkJeremy Cheng
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid themSurajit Datta
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO FrameworkJesús Gándara
 
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKPOSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKHaresh Lalwani
 

Tendances (20)

Internal auditing
Internal auditingInternal auditing
Internal auditing
 
Internal audit
Internal auditInternal audit
Internal audit
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditing
 
Internal audit
Internal auditInternal audit
Internal audit
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor Roles
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writing
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling Techniques
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls Framework
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
 
Utf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committeeUtf8''internal audit plan presentation to the audit committee
Utf8''internal audit plan presentation to the audit committee
 
Internal Audit Strategic Framework
Internal Audit Strategic FrameworkInternal Audit Strategic Framework
Internal Audit Strategic Framework
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid them
 
Internal audit
Internal auditInternal audit
Internal audit
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO Framework
 
Coso illustrative tool
Coso illustrative toolCoso illustrative tool
Coso illustrative tool
 
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKPOSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
 

Similaire à Internal Audit Methodology

Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit complianceonline123
 
Process Audit and ISO
Process Audit and ISOProcess Audit and ISO
Process Audit and ISOSadafhazel
 
Internal Audit Preseasdasdasantation20131.ppt
Internal Audit Preseasdasdasantation20131.pptInternal Audit Preseasdasdasantation20131.ppt
Internal Audit Preseasdasdasantation20131.pptboygarfan
 
Internal Audit Presentation20131.ppt
Internal Audit Presentation20131.pptInternal Audit Presentation20131.ppt
Internal Audit Presentation20131.pptArveeCDelSocorro
 
Performance audit adding value
Performance audit adding valuePerformance audit adding value
Performance audit adding valueicgfmconference
 
Internal-Audit-Methodology-VV.pdf
Internal-Audit-Methodology-VV.pdfInternal-Audit-Methodology-VV.pdf
Internal-Audit-Methodology-VV.pdfrobinverma31
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
24201843 studdy-note-8
24201843 studdy-note-824201843 studdy-note-8
24201843 studdy-note-8Akash Saxena
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self AssessmentManoj Agarwal
 
Process Level Auditing Presentation
Process Level Auditing PresentationProcess Level Auditing Presentation
Process Level Auditing PresentationVernon Benjamin
 
Implementing Internal Audit Governance
Implementing Internal Audit GovernanceImplementing Internal Audit Governance
Implementing Internal Audit GovernanceAswin Kumar
 
Most common questions about internal audit
Most common questions about internal auditMost common questions about internal audit
Most common questions about internal auditahmedhassan1979
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Issharing notes123
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsSharing Slides Training
 
Eeoqms internal auditing
Eeoqms internal auditingEeoqms internal auditing
Eeoqms internal auditinghardeep singh
 

Similaire à Internal Audit Methodology (20)

Governance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge ElementsGovernance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge Elements
 
Fice Of Internal Audit
Fice Of Internal AuditFice Of Internal Audit
Fice Of Internal Audit
 
Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit
 
Process Audit and ISO
Process Audit and ISOProcess Audit and ISO
Process Audit and ISO
 
Internal Audit Preseasdasdasantation20131.ppt
Internal Audit Preseasdasdasantation20131.pptInternal Audit Preseasdasdasantation20131.ppt
Internal Audit Preseasdasdasantation20131.ppt
 
Internal Audit Presentation20131.ppt
Internal Audit Presentation20131.pptInternal Audit Presentation20131.ppt
Internal Audit Presentation20131.ppt
 
Performance audit adding value
Performance audit adding valuePerformance audit adding value
Performance audit adding value
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
 
Internal-Audit-Methodology-VV.pdf
Internal-Audit-Methodology-VV.pdfInternal-Audit-Methodology-VV.pdf
Internal-Audit-Methodology-VV.pdf
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal Audit
 
24201843 studdy-note-8
24201843 studdy-note-824201843 studdy-note-8
24201843 studdy-note-8
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self Assessment
 
Process Level Auditing Presentation
Process Level Auditing PresentationProcess Level Auditing Presentation
Process Level Auditing Presentation
 
Implementing Internal Audit Governance
Implementing Internal Audit GovernanceImplementing Internal Audit Governance
Implementing Internal Audit Governance
 
Most common questions about internal audit
Most common questions about internal auditMost common questions about internal audit
Most common questions about internal audit
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Is
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Is
 
Risk based auditing
Risk based auditingRisk based auditing
Risk based auditing
 
Eeoqms internal auditing
Eeoqms internal auditingEeoqms internal auditing
Eeoqms internal auditing
 
Basics of internal audit
Basics of internal auditBasics of internal audit
Basics of internal audit
 

Plus de Manoj Agarwal

Reporting to Management and Audit Committee
Reporting to Management and Audit CommitteeReporting to Management and Audit Committee
Reporting to Management and Audit CommitteeManoj Agarwal
 
Turning risk into opportunities
Turning risk into opportunitiesTurning risk into opportunities
Turning risk into opportunitiesManoj Agarwal
 
The state of ia pandemic plan
The state of ia pandemic planThe state of ia pandemic plan
The state of ia pandemic planManoj Agarwal
 
Role and responsibility of Internal Audit under new Companies Act 2013
Role and responsibility of Internal Audit under new Companies Act 2013Role and responsibility of Internal Audit under new Companies Act 2013
Role and responsibility of Internal Audit under new Companies Act 2013Manoj Agarwal
 
Compliance framework
Compliance frameworkCompliance framework
Compliance frameworkManoj Agarwal
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessmentManoj Agarwal
 
Use Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal AuditUse Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal AuditManoj Agarwal
 
Professional opportunities in Internal Audit
Professional opportunities in Internal AuditProfessional opportunities in Internal Audit
Professional opportunities in Internal AuditManoj Agarwal
 
Audit Audit Commite And Risk Management
Audit Audit Commite And Risk ManagementAudit Audit Commite And Risk Management
Audit Audit Commite And Risk ManagementManoj Agarwal
 
Control Self Assessment
Control Self AssessmentControl Self Assessment
Control Self AssessmentManoj Agarwal
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalManoj Agarwal
 
IIA Report Writing 10 Oct 09
IIA Report Writing 10 Oct 09IIA Report Writing 10 Oct 09
IIA Report Writing 10 Oct 09Manoj Agarwal
 

Plus de Manoj Agarwal (13)

Reporting to Management and Audit Committee
Reporting to Management and Audit CommitteeReporting to Management and Audit Committee
Reporting to Management and Audit Committee
 
Turning risk into opportunities
Turning risk into opportunitiesTurning risk into opportunities
Turning risk into opportunities
 
The state of ia pandemic plan
The state of ia pandemic planThe state of ia pandemic plan
The state of ia pandemic plan
 
Role and responsibility of Internal Audit under new Companies Act 2013
Role and responsibility of Internal Audit under new Companies Act 2013Role and responsibility of Internal Audit under new Companies Act 2013
Role and responsibility of Internal Audit under new Companies Act 2013
 
Functional Audit
Functional AuditFunctional Audit
Functional Audit
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessment
 
Use Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal AuditUse Of Techniques And Technology In Internal Audit
Use Of Techniques And Technology In Internal Audit
 
Professional opportunities in Internal Audit
Professional opportunities in Internal AuditProfessional opportunities in Internal Audit
Professional opportunities in Internal Audit
 
Audit Audit Commite And Risk Management
Audit Audit Commite And Risk ManagementAudit Audit Commite And Risk Management
Audit Audit Commite And Risk Management
 
Control Self Assessment
Control Self AssessmentControl Self Assessment
Control Self Assessment
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 Final
 
IIA Report Writing 10 Oct 09
IIA Report Writing 10 Oct 09IIA Report Writing 10 Oct 09
IIA Report Writing 10 Oct 09
 

Dernier

Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 

Dernier (20)

Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 

Internal Audit Methodology

  • 1. Internal Audit Methodology Presented by CA Manoj Agarwal May 10, 2014, Mumbai, ICAI
  • 2. Disclaimer All the contents of the presentation constitute the opinion of the speaker, and the speaker alone; they do not represent the views and opinions of the speaker’s employers, supervisors, nor do they represent the view of organizations, businesses or institutions the speaker is, or has been a part of. 2
  • 3. Agenda • Definition of Internal Audit • Types of Audit • Internal Audit Methodology • Tools 3
  • 4. Definition 4 “Internal audit is an independent management function, which involves a continuous and critical appraisal of the functioning of an entity with a view to suggest improvements thereto and add value to and strengthen the overall governance mechanism of the entity, including the entity’s strategic risk management and internal control system. Internal audit, therefore, provides assurance that there is transparency in reporting, as a part of good governance.” -The Internal Audit Standards Board of the ICAI “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes” -Definition of Internal Auditing by Institute of Internal Auditors (IIA)
  • 5. Types of Audits 5 Compliance Audit A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines. http://searchcompliance.techtarget.com/definition/compliance-audit Operational Audit Operational Audit is a systematic review of effectiveness, efficiency and economy of operation. http://en.wikipedia.org/wiki/Operational_audit Quality Audit Quality audit is the process of systematic examination of a quality system carried out by an internal or external quality auditor or an audit team. It is an important part of organization's quality management system and is a key element in the ISO quality system standard, ISO 9001. http://en.wikipedia.org/wiki/Compliance_Audit Functional Audit An audit that is held prior to software delivery in order to verify that all requirements specified in the software requirements document have been met. ICAI : A Functional Audit deals with one or more functions in an organization. It could concern, for example, the payroll function for a division or for the company as a whole. (Para 19.8.4 of chapter 19 of Advanced auditing and professional ethics - CA Final (3))
  • 6. Types of Audits 6 Financial Audit or a Typical Internal Audit A financial audit, or more accurately, an audit of financial statements, is the verification of the financial statements of a legal entity, with a view to express an audit opinion. http://en.wikipedia.org/wiki/Financial_audit Risk Based Audit Risk based Internal Audit (RBIA) is an internal methodology which is primarily focused on the inherent risk involved in the activities or system and provide assurance that risk is being managed by the management within the defined risk appetite level.[1] It is the risk management framework of the management and seeks at every stage to reinforce the responsibility of management and BOD (Board of Directors) for managing risk http://en.wikipedia.org/wiki/Risk_based_audit Control Based Audit Audit of Controls Internal control is a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance. -COSO
  • 7. Auditor’s Dilemma 7 Cost Dilemma Giving a level of confidence that IA has captured and assessed ‘all’ material risk that threaten the company
  • 8. Risk Based Audit 8 Type Stage 1 Stage 2 Stage 3 Stage 4 Stage 5 Stage 6 Stage 7 Stage 8 RBIA Framework Defining Scope Mapping Risk Registration/ Identificatio n Control Identifica tion Control Investigation Audit Test Audit Report Risk profiling Risk taxonomies Business unit mapping Risk register Risk evaluation Control owner Volume Value Complexity Cost SOP SOD Past losses IT Risk definition card: Description Includes Excludes Driver Impact Processes Systems KPIs Function boundaries Transactions All risks Risk type Risk levels Risk Sizes Statistical tools Material and potential loss from control weakness Criteria to assess whether the control has been operated effectively or compromised by staff What to sample? How much to sample?
  • 9. My Risk Based Audit 9 Type Stage 1 Stage 2 Stage 3 Stage 4 Stage 5 Stage 6 Stage 7 Stage 8 RBIA Framework Defining Scope Mapping Risk Registration/ Identificatio n Control Identificatio n Control Investigati on Audit Test Audit Report My IA Financial Scoping Mapping Top 3 Risks Control identificatio n Checkpoin ts Testing Audit report Trial balance Common size statement Identificatio n of major items groups Identifica tion of Major Items with in group Compliance, FA, Bank Tools Pareto Rule Audit Tracker, Excel (Pivot, Sort, Index, vlookup), Benford Law, Pareto Rule (80:20) Audit Report
  • 10. Tools Audit Tracker 1. Contacts (of auditee/ audit team) 2. Status Tracker (Scope, Start Date, Completion date, Reason for Pending, responsibility, Population, Sample, Sample methodology, remarks) 3. Review Notes 4. Requirement Tracker (Requirement, Area, Responsibility, Request Date, Received date, Time Lag in receipt of data, days lapsed) 5. Checklist (Scope, Sub scope, Risk, Control, Checkpoints, Population, Sample, Exceptions, Observations, Backup paper) 6. Query Sheet (Query, Financial Impact, Risk, recommendations, Area, Annexure, Resolved, Response, Responsibility, Reportable/ Dropped, Backup paper) 7. Audit Completion Checklist 10 Control Failure Vs. impact of business control failure Traffic Light vs. specific financial amounts
  • 11. Tools Audit Report 1. Cover letter, 2. Background and Objective of audit 3. Scope and approach 4. Detailed Observation (High, Medium, Low) 5. Other Points for Management Attention 6. Positive assurance Audit Presentation 1. Audit Summary (Area, Location, Audit Period, Audit Team, Function Head, Scope, Field audit dates/ period) 2. Scope, Sampling and Limitation to scope 3. Positive Assurance 4. Key Observations 5. Other observations 11
  • 12. Resources • Risk Based Audit: https://drive.google.com/file/d/0B9LJxar8oKPmQ0JxaEpJRmxMaVU/edit? usp=sharing • Risk Template: https://app.box.com/s/p7tns5kbrliny06mnouu 12