Quality Assessments what you need to know
|
|
- Hugo Hamilton
- 6 years ago
- Views:
Transcription
1 Quality Assessments what you need to know Patty Miller, Partner Deloitte & Touche LLP Cavell Alexander, VP-Internal Audit Intermountain Healthcare
2 Overview of requirements Scope of assessment Approaches to achieving compliance Getting started and being prepared Benefits Challenges Examples Agenda 2
3 Institute of Internal Auditors (IIA) Quality Standards (1300 Series) Quality Assurance and Improvement Program The chief audit executive (CAE) must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit (IA) activity Requirements of the Quality Assurance and Improvement Program 1311 Internal Assessments 1312 External Assessments 1320 Reporting on the Quality Assurance and Improvement Program 1321 Use of Conforms with the International Standards for the Professional Practice of Internal Auditing 1322 Disclosure of Nonconformance Overview of requirements 3
4 Standard 1312 External Assessments External assessments must be conducted at least once every five years by qualified, independent reviewer or review team from outside. CAE must discuss with the board: need for more frequent external assessments; and qualifications and independence of external reviewer, including potential conflict of interest. Interpretation Qualified reviewer or team demonstrates competence in two areas: professional practice of internal auditing and external assessment process. Competence can be demonstrated through mixture of experience and theoretical learning. Experience gained in organizations of similar size, complexity, sector or industry, and technical issues more valuable than less relevant experience. Not all members of team need to have all competencies; it is the team as a whole that is qualified. Independent reviewer or review team means not having either real or apparent conflict of interest and not being a part of, or under control of, the organization to which the internal audit activity belongs. Overview of requirements 4
5 Standard 1320 Reporting on the Quality Assurance and Improvement Program The chief audit executive must communicate the results of quality assurance and improvement program to senior management and the board. Interpretation The form, content, and frequency of communicating the results of quality assurance and improvement program is established through discussions with senior management and board and considers responsibilities of the internal audit activity and chief audit executive as contained in the internal audit charter. To demonstrate conformance with the Definition of Internal Auditing, the Code of Ethics, and the Standards, the results of external and periodic internal assessments are communicated upon completion of such assessments and results of ongoing monitoring are communicated at least annually. The results include reviewer s or review team s assessment with respect to degree of conformance. Overview of requirements 5
6 Standard 1321 Use of Conforms with the International Standards for the Professional Practice of Internal Auditing The chief audit executive may state that internal audit activity conforms with International Standards for the Professional Practice of Internal Auditing only if results of quality assurance and improvement program support this statement. Interpretation The internal audit activity conforms with the Standards when it achieves the outcomes described in the Definition of Internal Auditing, Code of Ethics, and Standards. The results of the quality assurance and improvement program include the results of both internal and external assessments. All internal audit activities will have the results of internal assessments. Internal audit activities in existence for at least five years will also have the results of external assessments. Standard 1322 Disclosure of Nonconformance When nonconformance with the Definition of Internal Auditing, Code of Ethics, or Standards impacts the overall scope or operation of internal audit activity, the chief audit executive must disclose the nonconformance and the impact to senior management and the board. Overview of requirements 6
7 International Standards for the Professional Practice of Internal Auditing Attribute Standards Purpose, Authority, and Responsibility Independence and Objectivity Proficiency and Due Professional Care Quality Assurance and Compliance Performance Standards Manage the IA Activity Nature of Work Engagement Planning Perform Engagement Communicate Results Monitor Progress Report Conclusion as to whether the activity: Generally conforms Partially conforms Does not conform Scope of assessment 7
8 Key Inputs Interviews, Org. Structure, Charter Enterprise Objectives for Audit and Risks Leading Practices State of the Art International Standards Interviews and survey Process Review of process, reports, risk assessment Conduct Interviews Independence Professional Proficiency Complete Surveys Document Examination Perform Analysis Scope of Work Performance Management Review of Work Papers and Technology Plan Review Reports Objectivity Status Available Resources Structure Budgets Skills Specialists Depth Training Supervision Risk Focus Financial Operational Compliance Response To Change Tools Techniques Reports Work Papers Technology Contribution Productivity Charter Plans Policies Personnel Administration Interfaces Quality Assurance Reporting/Communications Document observations and analysis Conclusion as to compliance to IIA standards Deliver observations External assessment approach 8
9 Key Focus Areas Organization & People Processes / Methodologies Stakeholder Perceptions Performance Organization size and structure Reporting relationships Strategies and scope of work (IA Charter) Leadership and staff competency and qualifications Diversity of skills Organization funding and cost management Human resource strategies Risk assessment methodology Audit planning process Audit execution methodologies Communication and reporting strategies Coordination with Sarbanes-Oxley activities Coordination and synergy with external auditors and other risk management functions Quality of service Business perspective Focused on right areas Competency of people Adding value and providing insight Use of technology Coverage of risks and control environment Adequacy of performance metrics Stakeholder feedback process Compliance with professional standards External assessment approach 9
10 Illustrative Project phases Planning Interviews/ Surveys Field work Report preparation Primary tasks Identify interview and survey participants and schedule Conduct project kick-off and entrance conference Modify and finalize draft workplan Create survey template Conduct internal audit interviews and surveys Conduct interviews and surveys with audit committee, external auditors, senior management, and business unit management Review charter, mission statements, organizational structure, span of controls, personnel credentials and education levels, training policies, performance appraisal process, and recruiting policies Comparisons/benchmarking with other companies and leading practices Analyze risk assessment, quality control, self auditing, and follow-up activities Review management and coverage of internal audit, policies, and compliance Review reporting and communication protocols, format, frequency, and tracking procedures Review use, effectiveness, and efficiency of technology used in performing audit work Identify successful practices Assess compliance to IIA standards Develop executive summary and report of observations, recommendations, identify areas of superior performance, and areas for improvement, if any Prepare draft report Participate in meetings, exit conference, and presentations as necessary Final report preparation and delivery Project week External assessment approach 10
11 Do you agree with the quality Standards and the requirement for an external assessment? Are your audit committee and senior management aware of the requirement? What are their views? Discussion point 11
12 External assessment IIA Service providers Self assessment with independent validation IIA Service providers Peer review At least three organizations Approaches 12
13 Approach Less Expense Less Time Commitment More Insight External Assessment P P Self Assessment with Independent Validation P P Peer Review P P Best option varies based on objectives and priorities to achieve compliance at lowest cost, with least time required, or to obtain more suggestions and leading practices Approaches 13
14 Most organizations use an external assessor or team. Has anyone here considered or used the other two approaches? What do you see as the relative benefits? Discussion point 14
15 Choosing an approach Key objective of assessment Developing a request for proposal Competence/knowledge Independence/objectivity Experience/ability to provide insights Desired focus areas Cost Selecting a provider Decision criteria Selection committee; role of board and senior executives Getting started 15
16 Performing self assessment Identifying key contact for coordination Collecting and organizing documentation Company s organization chart Organization chart of the Internal Audit department and geographic coverage Audit Committee charter and Internal Audit charter List of departmental professional personnel Number of professionals Current number and level distribution Skill complement List of Audit Committee members Copy of risk assessment and audit plan for the current period and prior period Being prepared 16
17 IIA Standards require external quality assessment every five years, effective since January 2002 Increased attention to controls Increased responsibility of, and focus on, Audit Committees Audit Committee / CxOs increasing their reliance on IA for regulatory requirements, risk management, and Sarbanes-Oxley program administration Increased focus on corporate governance and fraud prevention Attest auditors reliance on IA work Internal Audit increasingly called upon by executive management to be value-adding in meeting challenges of operating in today s complex business environment Changes in leadership: Audit Committee, CAE Desire to role model continuous improvement Why consider a quality assessment? 17
18 Affirmation of quality focus External validation of quality for key stakeholders Receipt of objective feedback from key stakeholders and customers New ideas to enhance value delivery External support, if needed, for CAEs pushing the envelope Realignment of mission and objectives Respect of key stakeholders and customers Benefits 18
19 Having support of audit committee and senior management Being audited! Time commitment Disruption to work activities Setting expectations Challenges and lessons learned 19
20 What benefits do you see? What challenges have you experienced and how did you overcome them? If your senior leadership was not supportive of getting an external assessment, what would you suggest to convince them it was worthwhile? Discussion point 20
21 Limited strategic/operational scope due to focus on financial/compliance objectives Limited technology focus or integrated audit approaches due to lack of IT specialist skillsets Misalignment of objectives between audit committee, senior management and CAE Limited use of tools/technology to enhance effectiveness and efficiency of audit process and to facilitate insight delivery Limited career advancement/development for internal auditors Lack of awareness of ongoing changes in Standards Focus on reporting test results vs. business issues, root cause, and collaborative solutions Missed opportunity to collaborate with other risk management functions and develop holistic risk assessment process Lack of explicit audit committee involvement in selection, evaluation and compensation of CAE Typical observations 21
22 Engagement Scope and Objectives Company A requested Deloitte & Touche LLP ( Deloitte & Touche ) to perform a Quality Assessment of the Internal Audit (IA) Department at Company A. The key objectives of the Assessment were to: Assess Internal Audit's compliance with the Institute of Internal Audit (IIA) International Standards for the Professional Practice of Internal Auditing ( Standards ). Determine whether the Internal Audit Department is effective in carrying out its mission, as set forth in the Internal Audit Charter, and whether it is meeting expectations of the Audit Committee and management. Compare to leading practices in the profession and in the industry to identify opportunities to enhance Internal Audit's work processes and products, as well as its value to the Company. The Assessment focused on evaluating Internal Audit's risk assessment and audit planning processes, audit tools and methodologies, audit and staff management processes, and on reviewing a sample of working papers and reports. Interviews were conducted with the Chair of the Audit Committee, members of the senior management team, the Internal Audit Manager (the Chief Audit Executive (CAE)), and members of the Internal Audit team. 1 This report is intended solely for the information and internal use of Company A, and should not be used or relied upon by any other person or entity. Report examples 22
23 Standards Compliance - Overview Standards Groupings Results Attribute Standards 1000 Purpose, Authority & Responsibility 1100 Objectivity and Independence 1200 Proficiency and Due Professional Care 1300 Quality Assurance and Improvement Program Performance Standards 2000 Managing the Internal Audit Activity 2100 Nature of Work 2200 Engagement Planning Attribute Standards Standards Summary Comments on Compliance and Recommendations 2300 Performing the Engagement 2400 Communicating Results 2500 Monitoring Progress 2600 Resolution of Senior Management s Acceptance of Risks 13 This report is intended solely for the information and internal use of Company A, and should not be used or relied upon by any other person or entity Proficiency and due professional care Internal auditors must possess the knowledge, skills and other competencies needed to perform their individual responsibilities, and the IA activity must collectively possess or obtain the knowledge, skills and other competencies to perform its responsibilities. The CAE must obtain competent advice and assistance if the auditors lack the knowledge, skills or other competencies needed. Auditors must have sufficient knowledge to evaluate the risk of fraud, but are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud. Auditors must have sufficient knowledge of key information technology risks and controls. Auditors must apply the care and skill expected of a reasonably prudent and competent auditor; due professional care does not imply infallibility. Auditors must enhance their knowledge, skills and competencies through continuing professional development. The IA group collectively maintains skills and competencies to implement the SOX program, and supplements its IT knowledge via a cosourcing arrangement. For the current scope of work, the IA Department seems to have the requisite knowledge and skills and performs its activities with due care. The IA group has installed the Approva tool which is used for testing of the segregation of duties, access rights and monitoring for compliance with approval procedures in selected areas (e.g., Journal Entry posting). Recommendations As the IA Department broadens its responsibilities beyond SOX, the CAE should assess the knowledge, skills and other new competencies required and develop a plan to obtain those skills such as through selective hiring, cosourcing or the use of guest auditors. The CAE should consider enhancing the current department policies to 1) specify the amount and nature of training, with a priority on training to support IA responsibilities in areas such as fraud and information technology controls; and 2) to specify the expectations for certification of staff. Many IA departments require a professional certification to be promoted into a senior or leadership role in the department. The IA department should consider expanding the use of technology-based data analysis and audit techniques beyond the current use of Approva noted above. The use of transactional data analysis tools can enhance the coverage of the audit population and provide for more targeted sample selection. For example, an analysis of the entire population of Accounts Payable transactions for a selected period against employee records and the vendor master file can assist in identifying potential fictitious vendors, duplicate vendors, unauthorized or duplicate payments, and other discrepancies which might not have been detected otherwise. The use of these tools is highly recommended to improve the effectiveness as well as efficiency of the IA team. 15 This report is intended solely for the information and internal use of Company A, and should not be used or relied upon by any other person or entity. Report examples 23
24 Benchmark Data: Selected Metrics Benchmark Data: Company A vs. Industry & Total Universe Similar size Benchmark Description Company A Industry Universe (IA function) Revenue per Auditor (000s) $120 M $264 M $356 M $329 M Employees per Auditor IT Audit Staff (cosourced) (% of Total Staff) 16.5% 15% 16% 17% Training Costs per Auditor $2,500 $2,608 $2,732 $2,464 Total Costs per Auditor (w/benefits) $250,000 $162,209 $160,478 $159,546 Total Costs per Auditor (w/o benefits) $143,000 $130,000 $130,500 $129,546 Percentage Staff with Professional Designations 50% 75% 74% 68% Staff Turnover 25% 22% 14% 20% Average Training Hours per Auditor Internal Audit SOX Role - Utilities Responsible for the testing of controls only 54% Responsibility over all aspects of SOX 8% Audit SOX process only 23% Acts in a consultative manner assisting management only 15% Internal Audit SOX Role - All Industries Responsibility over all aspects of SOX 23% Responsible for the testing of controls only 37% Audit SOX process only 27% Acts in a consultative manner assisting management only 13% Benchmarking indicates that the size of the IA function appears relatively larger than average based on Revenues and Number of Employees per Auditor. However, as noted below, the majority of benchmarked functions do not have full responsibility for the SOX program, suggesting there are relatively more resources in the benchmarked organizations applied to non-sox activities. Although management is responsible for executing the controls and maintaining the documentation, Company A s internal audit department is involved in all aspects of SOX and has taken a leadership role in designing the program, testing controls and assessing results. This broad responsibility for the SOX program is unusual, as compared to the industry, as well as against general practice across all industries. The Cost/Auditor is higher than industry benchmarks. This is attributable to higher wages in California and above average benefits at Company A Company A s certifications rate is lower than industry, which might be partially due to the small size of the department. 23 This report is intended solely for the information and internal use of Company A, and should not be used or relied upon by any other person or entity. Company A Internal Audit Report examples 24
25 Process/Methodologies Reporting IA should consider modifying its reporting process to report on all significant issues identified and associated management action plans. A risk reporting matrix could be used for consistent categorization, prioritization and reporting of all types of issues and risks under evaluation. Such a matrix is often used to provide the Audit Committee with a broader understanding of corporate governance and risk management activities related to financial, operational and compliance objectives. IA should consider an executive summary presentation, to aid the reader in focusing on the more significant areas. Such summaries often use color coding or key phrases to quickly communicate the significance of the issues, and would require IA to exercise judgment in prioritizing and summarizing issues. A leading practice of IA departments is to enhance the visual impact of internal audit reports by the thoughtful use of formats, charts, graphs, colors, etc. IA should consider increasing the visual formatting with charts, graphs and colors to more quickly attract the reader to the report, while helping him focus on key areas and discern important information quickly. PowerPoint presentations can effectively serve as a final report format, as well as support meeting presentations. This is typically a less formal approach, but is often a more economical approach, while still providing an effective reporting format. To reinforce the use and value of the COSO framework, a leading practice is to incorporate it into the Illustrative Roadmap standard report format. An example is provided to the right. Timing Action Step Key Activities IA should also consider including more prominent positive comments regarding operating strengths identified, to provide a balanced assessment with the issues identified presented in a clear context. 30 This report is intended solely for the information and internal use of Company A, and should not be used or relied upon by any other person or entity. 1Q CY11 1Q 2Q CY11 Evaluate and Prioritize Activities for Standards Compliance Conduct Comprehensive Enterprise Risk Assessment and Discuss Potential Audit Topics with Audit Committee and Management Consider compliance recommendations and prioritize action steps Develop plan to update current IA policies and procedures as compliance activities impact current department processes Review ERM assessment and consider risk factors; select risk factors (impact and vulnerability factors) and criteria to use in IA risk assessment Consider risks within business processes via interviews, document reviews, and knowledge of business Prioritize the identified risks for discussion with Audit Committee and management 2Q CY11 Define Overall Audit Scope and Audit Plan Develop a proposed internal audit plan that addresses the higher relative (unmitigated) risk areas, using either a consultative or assurance approach based on degree of vulnerability and existing mitigation Summarize proposed audits and develop audit budgets 2Q CY11 3Q CY11 4Q CY11 1Q CY12 2Q 4Q CY12 Assess Organizational Structure, Resources, Skills, Competency Requirements and Sourcing Options Present Recommended Plan, Structure/Staffing, and Charter to Audit Committee and Management for Approval Develop/Enhance Audit Execution and Reporting Processes and Associated Policies Execute New Plan and Report Progress and Results Develop Action Plans to Address Other Improvement Opportunities Identify skills required to complete proposed plan and assess requirements against department resources; identify skill gaps Consider alternative resource sourcing (in house guest auditor or cosourced) Consider longer term organizational structure and sourcing approaches to achieve risk-based audit coverage Communicate proposed IA Plan, budget, and updated IA Charter, as required Communicate higher relative risk projects that will not be addressed by Plan and budget Obtain respective approvals from Audit Committee and management Design a new IA reporting approach to communicate the results and insights from broader risk-based reviews; consider the use of ratings to prioritize findings Consider other leading practice recommendations and prioritize action plan Develop plan to update IA policies and procedures as changes in activities impact department processes Develop a risk based audit program for each project in scope Coordinate the project schedule with the auditees Design a formal approach to monitor the resolution of the action plans based on significance of finding 9 This report is intended solely for the information and internal use of Company A, and should not be used or relied upon by any other person or entity. Report examples 25
26 Open discussion Discussion point 26
27 We appreciate your participation Thank you! 27
28 This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte, its affiliates, and related entities shall not be responsible for any loss sustained by any person who relies on this presentation. Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Certain services may not be available to attest clients under the rules and regulations of public accounting. 28
29 Save the Date: August 26-29, st Annual Conference in Philadelphia Pennsylvania 29
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING Attribute Standards 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the internal audit
More informationImplementation Guide 1312
Implementation Guide 1312 Standard 1312 External Assessments External assessments must be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the
More informationPractice Advisory : Quality Assurance and Improvement Program
Practice Advisory 1300-1: Quality Assurance and Improvement Program Primary Related Standard 1300: Quality Assurance and Improvement Program The chief audit executive must develop and maintain a quality
More informationReport. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report
Report Quality Assessment of Internal Audit at Draft Report / Final Report Quality Self-Assessment by Independent Validation by Table of Contents 1.
More informationExternal Quality Assessment Review of University of Florida s Office of Internal Audit
External Quality Assessment Review of University of Florida s Office of Internal Audit May 30, 2017 TABLE OF CONTENTS Executive Summary... 1 Objectives, Scope and Methodology... 2 Summary of Results...
More informationInternal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)
Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017) Assessor 1: Assessor 2: Date: Date: Legend: Generally
More informationInternational Standards for the Professional Practice of Internal Auditing (Standards)
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Attribute Standards 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the
More informationInternational Standards for the Professional Practice of Internal Auditing (Standards)
Attribute Standards 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the internal audit activity must be formally defined in an internal audit charter, consistent
More informationLake County School District. Quality Assurance & Improvement Program. Internal Self-Assessment for. The Internal Audit Department
Lake County School District Quality Assurance & Improvement Program Internal Self-Assessment for The Internal Audit Department Fiscal Year 2017 2018 Completed By: Thomas A. Mock, CIA Date: January 31,
More informationInternational Standards for the Professional Practice of Internal Auditing
Internal Audit Quality: Developing a Quality Assurance and Improvement Program, First Edition. Sally-Anne Pitt. 2014 by John Wiley & Sons, Inc. Published 2014 by John Wiley & Sons, Inc. APPENDIX A International
More informationInternal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP
Internal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP March 28, 2012-1 - Speaker Introduction Laurie Shen is a Director at Grant Thornton's Northeast Internal Audit
More informationQuality Assurance in Internal Audit. Standard on Internal Audit (SIA) 7
Quality Assurance in Internal Audit Standard on Internal Audit (SIA) 7 1 Agenda Introduction Expectations from Internal Audit Quality Assurance Framework Internal Quality Review External Quality Review
More informationGoldSRD Audit 101 Table of Contents & Resource Listing
Au GoldSRD Audit 101 Table of Contents & Resource Listing I. IIA Standards II. GTAG I (Example Copy of the Contents of the GTAG Series) III. Example Audit Workprogram IV. Audit Test Workpaper Example V.
More informationPractice Advisory : Internal Audit Charter
Combined PAs Page 1 of 63 Practice Advisory 1000-1: Internal Audit Charter 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the internal audit activity must be
More informationINTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) ATTRIBUTE STANDARDS 1000 Purpose, Authority and Responsibility The purpose, authority, and responsibility of the internal
More information3.6.2 Internal Audit Charter Adopted by the Board: November 12, 2013
3.6.2 Internal Audit Charter Adopted by the Board: November 12, 2013 I. PURPOSE The purpose of this Charter is to formally define LACERS internal audit function s purpose, authority, and responsibility.
More informationInternal Audit Charter
Internal Audit Charter Authority Source: Endorsed by the Audit and Risk Management Committee and approved by the Vice- Chancellor Approval Date: 20/10/2017 Publication Date: 24/10/2017 Review Date: 20/10/2018
More informationImplementation Guides
Implementation Guides Implementation Guides assist internal auditors in applying the Definition of Internal Auditing, the Code of Ethics, and the Standards and promoting good practices. Implementation
More informationPlanning tool: Audit committee calendar of activities
Planning tool: Audit committee calendar of activities April 2018 Center for Board Effectiveness Planning tool: Audit committee calendar of activities Audit committees can use this tool to help plan their
More informationImplementation Guide 2060
Implementation Guide 2060 Standard 2060 Reporting to Senior Management and the Board The chief audit executive must report periodically to senior management and the board on the internal audit activity
More informationInternal Audit Services. March 2017
An Introduction to Internal Audit Services March 2017 Internal Audit is a professional, independent assurance and advisory function designed to add value and improve the City of London s operations and
More informationEY Center for Board Matters. Leading practices for audit committees
EY Center for Board Matters for audit committees As an audit committee member, your role is increasingly complex and demanding. Regulators, standard-setters and investors are pressing for more transparency
More informationaudit typology 115 audit universe 101 data and information pool 103 definition 101 structure and content 101
F Subject Index A ABAP 411 ABAP report for IT audit 412 ABAP workbench 417 accruals 319 for contingent losses 323 for legal and consulting costs 324 accrued liabilities audit 318 accruals for contingent
More informationImplementing Analytics in Internal Audit. Jordan Lloyd Senior Manager Ravindra Singh Manager
Implementing Analytics in Internal Audit Jordan Lloyd Senior Manager Ravindra Singh Manager What does Success Look Like To deliver successful analytical insight as an everyday part of the audit process
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationExternal Quality Assessment Are You Ready? Institute of Internal Auditors
External Quality Assessment Are You Ready? Institute of Internal Auditors Objectives Describe frameworks used to assess the quality of an IA activity Discuss benefits, challenges, and success factors related
More informationGuidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note )
More informationTools & Techniques II: Lead Auditor
About This Course Tools & Techniques II: Lead Auditor Course Description Learn the skills necessary to lead an audit team with confidence. This course provides an overview of the life cycle of an audit
More informationGuidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note
More informationSIAAB Guidance #02 Internal Audit Independence- Interaction with Agency Head, Senior Staff and Placement Within the Organizational Structure
SIAAB Guidance #02 Internal Audit Independence- Interaction with Agency Head, Senior Staff and Placement Within the Organizational Structure SIAAB Interpretation Adopted July 9, 2013 Revised In Accordance
More informationCaribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function
www.pwc.com/bb Caribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function Strengthening the Performance and Influence of the Audit Committee
More informationBUSINESS RISK MANAGEMENT LTD. Proposal for External Quality Assessment of the Internal Audit function against world class best practice
BUSINESS RISK MANAGEMENT LTD Proposal for External Quality Assessment of the Internal Audit function against world class best practice 1. Summary The following proposal outlines the suggested approach
More informationImplementation Guide 2050
Implementation Guide 2050 Standard 2050 Coordination and Reliance The chief audit executive should share information, coordinate activities, and consider relying upon the work of other internal and external
More informationPOLARIS INDUSTRIES INC. BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER Revised January 26, 2017
POLARIS INDUSTRIES INC. BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER Revised January 26, 2017 I. INTRODUCTION AND PURPOSE The primary function of the Audit Committee (the Committee ) is to assist the Board
More informationInternal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR)
Internal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR) Origin of IFC The first significant focus on internal control certification related to financial reporting
More informationInternational Finance Corporation
International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader
More informationCABOT OIL & GAS CORPORATION AUDIT COMMITTEE CHARTER
CABOT OIL & GAS CORPORATION AUDIT COMMITTEE CHARTER The Audit Committee is appointed by the Board of Directors to assist the Board of Directors in overseeing (1) the integrity of the financial statements
More informationImplementation Guide 1200
Implementation Guide 1200 Standard 1200 Proficiency and Due Professional Care Engagements must be performed with proficiency and due professional care. Revised Standards Effective 1 January 2017 Getting
More informationQuality Assurance and Improvement Program
Internal Audit Foundations Standards 1000, 1010, 1100, 1110, 1111, 1120, 1130, 1300, 1310, 1320, 1321, 1322, 2000, 2040 There is an Internal Audit Charter in place Internal Audit Charter is in place The
More informationThe University of Texas at San Antonio 2014 External Quality Assessment of the Auditing and Consulting Services Office
www.pwc.com The University of Texas at San Antonio 2014 External Quality Assessment of the Auditing and Consulting Services Office July 9, 2014 Mr. Dick Dawson Chief Audit Executive The University of Texas
More informationCanada. Internal Audit Charter 1+1. Canadian Nuclear Safety Commission. Office of Audit and Ethics. April 18, 2011
1+1 Commission canadienne de sorete nucleaire Canadian Nuclear Safety Commission Internal Audit Charter Canadian Nuclear Safety Commission Office of Audit and Ethics April 18, 2011 E-DOCS-#371 0602 v2
More informationFIRST SOLAR, INC. CORPORATE GOVERNANCE GUIDELINES. A. The Roles of the Board of Directors and Management
FIRST SOLAR, INC. CORPORATE GOVERNANCE GUIDELINES A. The Roles of the Board of Directors and Management 1. The Board of Directors - The business of First Solar, Inc. (the Company ) shall be conducted under
More informationPractical Suggestions/Tips for an Effective BSA/AML Compliance Function
Practical Suggestions/Tips for an Effective BSA/AML Compliance Function Governance and Structure; Policies, Procedures and Internal Controls; Training; and Testing Peter C. Fitzgerald Principal May 20,
More informationThe Red (Book) Rocks The Latest and Greatest Audit Standards
The Red (Book) Rocks The Latest and Greatest Audit Standards Presenter Toni Stephens Chief Audit Executive The University of Texas at Dallas Insert Logo Here Course Objectives Explain the development of
More information9. Internal control Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization's objectives in
9. Internal control Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization's objectives in operational effectiveness and efficiency, reliable
More informationEFFECTIVE STRATEGIES IN PLANNING AND EXECUTING A SUCCESSFUL INTERNAL AUDIT
EFFECTIVE STRATEGIES IN PLANNING AND EXECUTING A SUCCESSFUL INTERNAL AUDIT 1 CHRISTY DECKER DIRECTOR OF INTERNAL AUDIT SHARP HEALTHCARE RUSSELL HARDER INTERNAL AUDIT SENIOR MANAGER DELOITTE & TOUCHE LLP
More informationLya Villasuso OECD Corporate Affairs Division Response ed to: RE: Corporate Governance and the Financial Crises
Richard F. Chambers Certified Internal Auditor Certification in Control Self-Assessment Certified Government Auditing Professional President April 16, 2009 Lya Villasuso OECD Corporate Affairs Division
More informationAudit committee performance evaluation
Audit committee performance evaluation 1 Next The following questionnaire is based on emerging and leading practices to assist in the self-assessment of an audit committee s performance. It is not intended
More informationBeyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404
Beyond Compliance Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404 Note to Readers Regarding This First Edition April 2003: This document was published
More informationAudit Committee Charter
Audit Committee Charter Purpose The purpose of the Audit Committee (the "Committee") shall be as follows: 1. To oversee the accounting and financial reporting processes of the Company and audits of the
More informationChanges to The IIA Standards: What Board Members and Executive Management Need to Know
Changes to The IIA Standards: What Board Members and Executive Management Need to Know Introduction The Institute of Internal Auditors (IIA) is the leading standard- and guidance-setting body for the global
More informationBIO-RAD LABORATORIES, INC. (the Company ) Audit Committee Charter
BIO-RAD LABORATORIES, INC. (the Company ) Audit Committee Requirements and Structure Audit Committee Charter The board of directors of the Company (the Board ) shall appoint an audit committee (the Audit
More informationProposed Attestation Requirements for FR Y-14A/Q/M reports. Overview and Implications for Banking Institutions
Proposed Attestation Requirements for FR Y-14A/Q/M reports Overview and Implications for Banking Institutions O Background n September 16, 2015, the Board of Governors of the Federal Reserve System ( Federal
More informationA-9: Audit Committee Effectiveness
A-9: Audit Committee Effectiveness Renée W. Jaenicke, CPA, CIA Renown Health 2011 AHIA Annual Conference www.ahia.org Renown Health and Internal Audit Our Journey Sources and Presentations Please ask questions
More informationQuality Assurance and Improvement Program (QAIP)
Quality Assurance and Improvement Program (QAIP) Presenters: Lori Carmichael, CPA Rafael Guijarro, CPA Florida Michigan North Carolina Texas Insight. Oversight. Foresight. Class Overview Overview- QAIP
More informationAudit quality Independent Audit
Audit quality Independent Audit Contents Acceptance Independence Risk assessment Learning & resources Ethics & compliance Audit methodology Quality assurance Peer review Audit quality framework Specific
More informationTable of Contents. 2 Introduction: Planning an Audit? Start Here. 4 Starting From Scratch. 6 COSO s 2013 Internal Control Integrated Framework
Table of Contents 2 Introduction: Planning an Audit? Start Here 4 Starting From Scratch 6 COSO s 2013 Internal Control Integrated Framework 8 Preparing for a Planning Meeting 10 Preparing the Audit Program
More informationImplementation Guide 1300
Implementation Guide 1300 Standard 1300 Quality Assurance and Improvement Program The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects
More informationInternal Audit Charter
Internal Audit Charter 1. Introduction (QLD) Financial and Performance Management Standard 2009, the Subordinate Legislation made under the Financial Accountability Act 2009, requires that: The internal
More informationThe Future of Internal Auditing:
Internal Audit The Future of Internal Auditing: Changing Internal Audit s Value Proposition October 12, 2010 Istanbul, Turkey Presented by: Naman Parekh Partner, Agenda Background of the 2012 Study Key
More informationS23 - Hallmarks of a Strong Audit Function Lilian Fong and Marta O'Shea
S23 - Hallmarks of a Strong Audit Function Lilian Fong and Marta O'Shea Hallmarks of a Strong Audit Function Agenda I. Internal Audit s Role, Mission and Charter II. III. IV. Internal Audit Reporting Structure
More informationBIOSCRIP, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS
BIOSCRIP, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS Statement of Purpose 1. Oversight Responsibility. The purpose of the Audit Committee of the Board of Directors of BioScrip, Inc.,
More informationAUDIT COMMITTEE CHARTER
PURPOSE AUDIT COMMITTEE CHARTER (Adopted as of March 28, 2014 and effective as of the closing of the Company s initial public offering, amended as of February 12, 2018) The purpose of the Audit Committee
More informationGuidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationAppointing, Assessing, and Compensating the Independent Auditor The Role of the Audit Committee
Appointing, Assessing, and Compensating the Independent Auditor The Role of the Audit Committee Under the Sarbanes-Oxley Act of 2002, the audit committee is directly responsible for overseeing the work
More informationCHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF ISRAMCO, INC.
CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF ISRAMCO, INC. I. AUDIT COMMITTEE PURPOSE The Audit Committee of the Board of Directors of Isramco, Inc. (the Corporation ) is appointed by the
More informationThe NYSE Internal Audit Requirement
The NYSE Internal Audit Requirement 70. What companies are impacted by the SEC s approval of the NYSE rules? Only NYSE-listed firms are affected. While the SEC also approved new listing standards for the
More informationTHE BACKGROUND OF AUDIT QUALITY ASSURANCE (AQA) Presentation by: CPA Anne Muraya Audit & Assurance Leader, Deloitte East Africa Tuesday, 1 August
THE BACKGROUND OF AUDIT QUALITY ASSURANCE (AQA) Presentation by: CPA Anne Muraya Audit & Assurance Leader, Deloitte East Africa Tuesday, 1 August 2017 Contents Why quality assurance Objective Key definitions
More informationNEWMARK GROUP, INC. AUDIT COMMITTEE CHARTER. (as of December 2017)
NEWMARK GROUP, INC. AUDIT COMMITTEE CHARTER (as of December 2017) Purpose The Audit Committee of Newmark Group, Inc. (the Company ) is appointed by the Board of Directors of the Company (the Board ) to
More informationCOSO Updates and Expectations. IIA San Diego Chapter January 8, 2014
COSO Updates and Expectations IIA San Diego Chapter January 8, 2014 Agenda Overview of 2013 Internal Control-Integrated Framework and Companion Guidance 2013 Framework General Enhancements by Component
More informationSUNEDISON, INC. AUDIT COMMITTEE CHARTER (Adopted October 29, 2008)
SUNEDISON, INC. AUDIT COMMITTEE CHARTER (Adopted October 29, 2008) I. Purpose The primary purpose of the Audit Committee of the Board of Directors (the Committee ) is to assist the Board of Directors in
More informationProcure to Pay (P2P) Risk Analytics. Risk Advisory
Procure to Pay (P2P) Risk Analytics Risk Advisory Content Overview 4 Procure to Pay Issues and Challenges 6 Risk Analytics Approach 8 Reporting Dashboard 10 Contact 14 3 Overview The Procure to Pay process
More informationCORPORATE GOVERNANCE GUIDELINES OF LIQUIDMETAL TECHNOLOGIES, INC.
CORPORATE GOVERNANCE GUIDELINES OF LIQUIDMETAL TECHNOLOGIES, INC. Adopted on May 8, 2013 The Board of Directors (the Board ) of Liquidmetal Technologies, Inc. (the Company ), acting on the recommendation
More informationSTARWOOD HOTELS & RESORTS WORLDWIDE, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS
STARWOOD HOTELS & RESORTS WORLDWIDE, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS Starwood Hotels & Resorts Worldwide, Inc. (the Company ) has determined that it is of the utmost importance
More informationBIG LOTS, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER
May 2010 BIG LOTS, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER The Audit Committee (the Committee ) is appointed by the Board of Directors (the Board ) of Big Lots, Inc. (the Company ) to assist
More informationAUDIT COMMITTEE CHARTER
AUDIT COMMITTEE CHARTER A. Purpose The purpose of the Audit Committee is to assist the Board of Directors (the Board ) oversight of: the quality and integrity of the Company s financial statements, financial
More informationCATERPILLAR INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS (adopted by the Board of Directors on February 11, 2015)
CATERPILLAR INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS (adopted by the Board of Directors on February 11, 2015) I. PURPOSE AND AUTHORITY The purpose of the Caterpillar Inc. ( Caterpillar
More informationAUDIT COMMITTEE CHARTER. Specifically, the Audit Committee is responsible for overseeing that:
AUDIT COMMITTEE CHARTER PREFACE The Audit Committee of the Board of Directors shall assist the Board in fulfilling its responsibilities with respect to (1) the integrity of the financial statements of
More informationCity of Edmonton EXTERNAL QUALITY ASSESSMENT OF THE OFFICE OF THE CITY AUDITOR. September 11, 2015
City of Edmonton EXTERNAL QUALITY ASSESSMENT OF THE OFFICE OF THE CITY AUDITOR September 11, 2015 PREPARED BY: MNP LLP 1500 640 5 th Ave SW Calgary, AB, T2P 3G4 MNP CONTACT: Maggie Kiel, CIA, MBA, ABCP,
More informationAUDIT COMMITTEE CHARTER
KELLOGG COMPANY BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER February 17, 2017 Purpose As more specifically described in this Charter, the Audit Committee shall assist the Board in monitoring (1) the integrity
More informationEXTERNAL QUALITY ASSESSMENT OF ORANGE COUNTY S INTERNAL AUDIT DEPARTMENT
EXTERNAL QUALITY ASSESSMENT OF ORANGE COUNTY S INTERNAL AUDIT DEPARTMENT August 27, 2007 Office of Robert E. Byrd, CGFM County Auditor-Controller 4080 Lemon Street P.O. Box 1326 Riverside, CA 92502-1326
More informationDeloitte Governance Framework and Maturity Model
Deloitte Governance Framework and Maturity Model Deloitte Governance Framework The Deloitte Governance Framework was developed to help boards and executive management assess the effectiveness of the organization
More informationSee your auditor clearly. Transparency report: How we perform quality audit engagements
See your auditor clearly. Transparency report: How we perform quality audit engagements February 2014 Table of contents 1) A message from the CEO and Managing Partner Assurance 2 2) Quality control policies
More informationBioAmber Inc. Audit Committee Charter
BioAmber Inc. I. General Statement of Purpose Audit Committee Charter The purposes of the Audit Committee of the Board of Directors (the Audit Committee ) of BioAmber Inc. (the Company ) are to: assist
More informationValue-Added Internal Audit: Myth or Reality?
Value-Added Internal Audit: Myth or Reality? Istanbul 12 November 2013 Jean-Pierre Garitte, CIA, CCSA, CISA, CFE, RFA Past Chairman of the Board IIA Past President ECIIA Polling question #1 For how long
More informationCreating Effective Public Sector Audit Committees
Creating Effective Public Sector Audit Committees Jack Armitage University of Nebraska, Omaha Even though not required by law, many governments have created audit committees. Compared to the private sector
More informationAugust 14, Dear Ms. Gula:
Department of Internal Audit North End Center, Suite 3200, Virginia Tech 300 Turner Street NW Blacksburg, Virginia 24061 Campus Mail Code: 0328 540-231-5883 Fax: 540-231-4681 www.ia.vt.edu August 14, 2013
More informationAudit committee performance evaluation
Audit committee performance evaluation April 2018 Center for Board Effectiveness Audit committee performance evaluation The following questionnaire is based on emerging and leading practices to assist
More informationAudit Standards 6/23/2017. Outline. Let s Refresh. Changes to the IIA Standards
Audit Standards Let s Refresh Outline Changes in the Standards Changes in the Yellowbook Standards Attribute/General Standards Performance/Fieldwork Standards Reporting Standards Key Differences Changes
More informationGROUP 1 AUTOMOTIVE, INC. AUDIT COMMITTEE CHARTER
GROUP 1 AUTOMOTIVE, INC. AUDIT COMMITTEE CHARTER The Board of Directors (the Board ) of Group 1 Automotive Inc. (the Company ) has heretofore constituted and established an Audit Committee (the Committee
More informationGTT COMMUNICATIONS, INC. AUDIT COMMITTEE CHARTER
GTT COMMUNICATIONS, INC. AUDIT COMMITTEE CHARTER This Audit Committee Charter (this Charter ) was adopted by the Board of Directors (the Board ) of GTT Communications, Inc., a Delaware corporation (the
More informationStrathclyde Partnership for Transport
Agenda item 5 Strathclyde Partnership for Transport Independent Examination of Internal Audit February 2017 Contents Page Executive summary 1 Section 1 Public sector internal audit standards 2 Section
More informationFARMER BROS. CO. CORPORATE GOVERNANCE GUIDELINES (Adopted February 1, 2017)
FARMER BROS. CO. CORPORATE GOVERNANCE GUIDELINES (Adopted February 1, 2017) The Board of Directors (the Board ) of Farmer Bros. Co. (the Company ) has adopted these Corporate Governance Guidelines (these
More informationUNIVERSAL BUSINESS PAYMENT SOLUTIONS ACQUISITION CORPORATION CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS
UNIVERSAL BUSINESS PAYMENT SOLUTIONS ACQUISITION CORPORATION I. Audit Committee Purpose CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS The Audit Committee of the Board of Directors (the Audit
More informationAUDIT COMMITTEE CHARTER AS AMENDED AS OF MAY 6, 2015
AUDIT COMMITTEE CHARTER AS AMENDED AS OF MAY 6, 2015 This Audit Committee Charter ("Charter") was originally adopted by the Board of Directors (the "Board") of Kate Spade & Company (the "Company") at its
More informationCDK GLOBAL, INC. AUDIT COMMITTEE CHARTER Effective January 20, 2016
CDK GLOBAL, INC. AUDIT COMMITTEE CHARTER Effective January 20, 2016 I. Purpose The Audit Committee (the Committee ) of the Board of Directors (the Board ) of CDK Global, Inc., a Delaware corporation (the
More informationKentucky State University Office of Internal Audit
Draft for Discussion Only P&P Manual Section - Policy# I. Function and Responsibilities MISSION Mission Statement Definition of Internal Auditing PURPOSE, AUTHORITY, RESPONSIBILITY Audit Charter STANDARDS
More informationAUDIT COMMITTEE CHARTER
AUDIT COMMITTEE CHARTER ORGANIZATION AND PURPOSE The Board of Directors (the Board ) of Nabors Industries Ltd. (the Company ) has established the Audit Committee of the Board to carry out the duties and
More informationINTERNAL AUDIT POLICIES AND PROCEDURES OPERATING MANUAL
INTERNAL AUDIT POLICIES AND PROCEDURES OPERATING MANUAL CCCD Internal Audit Manual February 2017 8. QUALITY ASSURANCE AND ADMINISTRATION... 17 i CCCD Internal Audit Manual February 2017 TABLE OF CONTENTS
More informationSample audit committee charter
Sample audit committee charter April 208 Center for Board Effectiveness Sample audit committee charter This sample audit committee charter is based on observations of selected companies and the requirements
More information