central piedmont community college internal audit

Central Piedmont Community College Internal Audit

Definition of Internal Auditing

Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

The Institute of Internal Auditors 

Internal Audit MissionThe mission of Internal Audit is to assist all levels of administration in the achievement of the College goals and objectives by striving to provide both quality customer service and a positive impact on the efficiency and effectiveness of administrative functions. 

The Office achieves this impact by providing ongoing, objective, and independent reviews of internal controls and independent appraisals (i.e. audits), analyses, and counsel related to the assessment of business risk.

Services Provided

General Audits Financial Compliance Operational

Special Investigations

Consulting

Audit Activities (Selected) Determine the accuracy and validity of financial

transactions

Evaluate the financial and operational procedures for adequacy and effectiveness of internal controls

Verify the existence of College assets and ensure that assets are adequately safeguarded against loss

Evaluate the adequacy related to information relied on during management’s decision-making

Internal Control Components

Monitoring Control Environment Risk Assessment Control Activities Information & Communication

Monitoring includes the following:

Internal Control Components:Monitoring

Supervising

Observing

Testing

Reporting to Responsible Individuals

Internal Control Components:Monitoring Activities Include

Evaluation of Trends Reviews of Outstanding

Encumbrances Surprise Cash and Asset Counts Follow-up on complaints Review of Financial Reports Spot Checking of transactions to

ensure compliance with policies and procedures

Internal Control Components:Risk Assessment …

Is the identification and analysis of relevant risks associated with the achievement of objectives

Is an ongoing process that is a critical component of an effective internal control system

Economic changes

Changing student & community needs

New/changed legislation & regulations

Technological developments

Natural catastrophes

Competitive conditions

Risk Assessment External Risk Factors

New Personnel Low Morale Competency & Integrity of Personnel New or Revamped Information Systems Size of Organization Complexity & Volatility of Activities Geographical Dispersion of Operations Changes in Management Responsibilities

Risk Assessment Internal Risk Factors

After the risk factors have been identified, they must

be evaluated or analyzed in terms of risk and the

associated levels

Risk Assessment Risk Analysis

What can go wrong What areas have the most risk What assets are at risk Who is in a position of risk

Risk Assessment Risk Analysis

Administrators must determine …

Control activities are the policies and procedures that

help ensure that management directives are carried out

Addressing Identified Risk:Control Activities

Examples of Control Activities

Authorizations Segregation of Duties Recording Safeguarding Reconciliations

Internal Control As Defined by COSO Is …(Committee of Sponsoring Organizations)

A process, affected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: Reliability of financial reporting;

Effectiveness and efficiency of operations; and

Compliance with applicable laws and regulations

Internal Control Is …

A Process … Not Merely Policies, Procedures and Forms

Affected by People

Directed Toward the Achievement of Objectives

Internal Control Primary Objectives

Compliance Accomplishment of Goals & Objectives Reliability & Integrity of Information Economical & Efficient Use of Resources Safeguarding of Assets

Perfect Internal Control?

There is no such thing as a perfect internal control

system … there are inherent limitations,

which typically cannot be controlled

Perfect Internal Control? Inherent Limitations

Misunderstanding of Instructions Mistakes of Judgment Personal Carelessness Distraction Fatigue Management Override Staff Size Limitations Collusion Among Individuals

Everyone has a role in regard to internal controls

Internal ControlsResponsibility For …

Roles will vary depending on level of responsibility and the nature of involvement by the individual

Internal ControlsResponsibility For …

A weak link in the organizational structure can create a weakness in the control system

Internal Controls ResponsibilityAdministrator Level

Administrator is responsible for: Executing major institutional policies and

procedures Designing and implementing control

systems

Internal Controls ResponsibilityPresident’s Cabinet

The President’s Cabinet is responsible for: Providing leadership and guidance Providing direction and oversight to

senior administrators Establishing a presence of

Integrity Ethics Competence Positive Control Environment

Internal Controls Responsibility Individual

Each individual is responsible for being cognizant of proper internal control procedures related to their job.

Internal auditors are responsible for:

Examining the adequacy and effectiveness of the College’s internal controls,

Making recommendations where control improvements are needed

Contributing to the effectiveness of the control environment

Internal Controls ResponsibilityInternal Auditors

Internal auditors are a part of the internal control system, not the whole system

They are not responsible for establishing or maintaining them

Internal Controls …And Internal Auditors

Internal Controls …And Internal Auditing

Internal Auditing helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of …

Risk management

Control

Governance Processes

Benefits of Internal Audit

Pragmatic, business oriented advice Local knowledge of policies,

procedures, culture and environment Conduit to other resources

Any Questions

Prepared By: Brenda M. Leonard, C.B.M., Ed.D. (brenda.leonard@cpcc.edu)

Janice Hill (janice.hill@cpcc.edu)

For additional information visit the Internal Audit website @ http://inside.cpcc.edu/audit/default.htm