operational auditing--fall 2009 1 operational auditing fall 2009 professor bill o’brien
Post on 20-Dec-2015
215 views
TRANSCRIPT
Operational Auditing--Fall 2009 1
Operational Auditing
Fall 2009
Professor Bill O’Brien
Operational Auditing--Fall 20091-2
Definition of Internal/Operational
Auditing Formal:
“Internal auditing is an independent, objective, assurance and consulting activity designed to add value and improve an organization’s operations.”
Informal:“Internal auditing is an independent activity designed to help an organization stay under control and achieve its objectives.”
Operational Auditing--Fall 20091-3
An Organization Achieves Its
Objectives by: Staying under control as evidenced by
Safeguarding of assets Compliance with laws and regulations Organizational goal & obj. achievement Reliability & quality of information Effectiveness & efficiency of business
operations
Operational Auditing--Fall 20091-4
Roles of I/A in Relation to the Formal
Definition Helping the organization achieve
objectives Evaluating risk, control and governance Adding value and improving operations Remaining independent and objective Utilizing a systematic approach
Operational Auditing--Fall 20091-5
COSO
Committee of Sponsoring Organizations FEI, AICPA, IMA, IIA and AAA
Sponsored the Treadway Commission in 1987
Issued guidelines for Internal Control in 1992: COSO Cube
Issued guidelines for Enterprise Risk Management in 2004: COSO 2
Operational Auditing--Fall 20091-6
Relating COSO (2004) to SCORE
Strategic objectives Organizational goal & obj. achievement
Operations objectives Effectiveness & efficiency of business
operations Safeguarding of assets
Reporting objectives Reliability & quality of information
Compliance objectives Compliance with laws and regulations
Operational Auditing--Fall 20091-7
Independence: Organizational Relationship
Reporting responsibility As high as possible…the Audit
Committee Administrative responsibility
To a key interested party
Operational Auditing--Fall 20091-8
Systematic Approach
Planning: Selecting the BPO Pre-site planning
Evaluating: Conducting the preliminary survey Review internal controls Expanding tests as necessary Generating findings
Communicating: Reporting the results Conducting follow-up Assessing the process
Operational Auditing--Fall 20091-9
Dealing with the External Auditors
Different objectives Different accountability Different qualifications Different activities
Operational Auditing--Fall 20091-10
Cooperation
Economy Efficiency Effectiveness Advantages for the external auditor
Increases external auditor client insight Improves client relations Rotates emphasis
Advantages for the internal auditor Improves training Source of additional work Increases professional knowledge Independent appraisal source
Compliance with SAS 65 and SAS 99
Operational Auditing--Fall 20091-11
SAS 65
Defines roles Defines function Discusses competency & objectivity Considers nature of the work Discusses coordination Guidelines for evaluation Role of direct assistance
Operational Auditing--Fall 20091-12
SAS 99
Auditor’s responsibility to detect fraud
Operational Auditing--Fall 20091-13
Typical Int. Audit Assistance
Design of control systems Reduction of risk assessment Reduction of substantive testing
Operational Auditing--Fall 20091-14
Create a Cooperative Bridge
Coordination Risk assessment alert Control system disclosure Common sampling tools Pooled IT knowledge Different perspective Constant general communication
Operational Auditing--Fall 20091-15
Roles of Internal Auditing
Auditing or assurance System design & implementation Performance appraisals Consultations Strategic planning Merger & acquisition analysis Market appraisals Investment analysis
Operational Auditing--Fall 20091-16
The Institute of Internal Auditors
The professional organization of internal auditors
Established in 1941 Provides the following:
Professional guidance Professional certifications Research Educational products and services
Operational Auditing--Fall 20091-17
Competencies of Internal Auditors
Inherent qualities Integrity Passion Work ethic Curiosity Creativity Initiative Flexibility
Skills and credentials Technical expertise Software expertise Communication skills Analytical skills…connecting the dots
The “What” and the “How”
Operational Auditing--Fall 20091-18
General Business Skills: the “What”
Business perspective
Organizational focus
Bias for action
Communication excellence
People proficiency
Operational Auditing--Fall 20091-19
Implementation Styles: the “How”
Cc: communication versus control KTT: knowing the territory MBWA: managing by wandering around R ƒ R3”: respect is a function of
Responsiveness Reliability, and Relevancy
Operational Auditing--Fall 20091-20
Ops. Audit as a Profession
Transition from public accounting Career internal auditor Operational finance professional Operations professional Pathway to senior management
Operational Auditing--Fall 20091-21
Managing the Internal Audit Activity
Effective management Establish a risk-based plan Communicate the plan Ensure adequate resources Coordinate services Report on a regular basis Monitor implementation of recommendations