Corporate Responsibility and Internal Audit Programs

Similar documents
Meeting Stakeholder Expectations for Assurance: Internal Audit s Role in a Group Effort

Internal Audit & the Audit Committee

1. Definition & Mission

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

The University of Texas at San Antonio 2014 External Quality Assessment of the Auditing and Consulting Services Office

Internal Audit and corporate governance

REVISED AUDIT PLAN FOR FY 2016 TEXAS FACILITIES COMMISSION

3/4/2019 INTRO TO HIGHER EDUCATION AUDITING PRACTICALLY PERFECT PLANNING

INTERNAL AUDIT CHARTER SECURE TRUST BANK PLC

Certified Internal Auditor - Part 1, The Internal Audit Activity's Role in Governance, Risk, and Control

Why Internal Audit Matters

The University of Toledo Finance and Audit Committee Meeting Internal Audit Status Update

Research Compliance in The University of Texas System Charles G. Chaffin System-wide Compliance Officer The University of Texas System

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Financial CIA-I. Certified Internal Auditor (CIA) Download Full Version :

Texas Facilities Commission (TFC) Office of Internal Audit (OIA)

Analyzing and improving operational processes

Implementation Guides

August 14, Dear Ms. Gula:

The Red (Book) Rocks The Latest and Greatest Audit Standards

risk and compliance department business plan

Technical Director International Auditing and Assurance Standards Board 545 Fifth Avenue, 14 th Floor New York, New York USA

Group Internal Audit Charter

Policies, Procedures and Guidelines

The University of Texas at San Antonio. Internal Audit Annual Report For Fiscal Year As required by the Texas Internal Auditing Act

3.6.2 Internal Audit Charter Adopted by the Board: November 12, 2013

Changes in the IIA Standards: New Requirements for Internal Audit Functions

Internal Audit Appendix: IIA Standards

SERBA DINAMIK GROUP BERHAD INTERNAL AUDIT CHARTER

FLORIDA STATE UNIVERSITY Office of Inspector General Services Report #17-06

10/5/2016. Quality Assessment Review. Agenda. What s the purpose of a QAR? Internal Audit Manager Training October 3-4, 2016

THE UNIVERSITY OF TOLEDO AUDIT COMMITTEE MEETING. October 19, 2009

Strategies to Revise Quality Policy and Quality Objectives. Eileen Cortes February 22, 2017

Internal Audit Charter

The University of Texas MD Anderson Cancer Center Internal Audit Annual Report for FY 2017

The NYSE Internal Audit Requirement

External Quality Assessment of the Internal Audit Activity at the World Food Programme

GENERALI GROUP GROUP INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM VERSION 2.0

Natural Resources Canada

Finance & Audit Committee Meeting

Project Procedure 1.0 PURPOSE 2.0 SCOPE 3.0 REFERENCES 4.0 DEFINITIONS. No.: P /21/2012 PAGE 1 OF 8 INTERNAL QUALITY AUDITS

RREGULATION ON INTERNAL CONTROLS AND INTERNAL AUDIT FUNCTION IN MICROFINANCE INSTITUTIONS. Article 1 Scope and Purpose

Internal Audit Policy and Procedures Internal Audit Charter

Your committee: Evaluates the "tone at the top" and the company's culture, understanding their relevance to financial reporting and compliance

Quality Assurance and Improvement Program (QAIP)

Corporate Governance Framework

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

Implementation Guide 1000

Office of Audit Services Annual Audit Plan For the Year Ending August 31, 2018

Internal Audit Charter

International Standards for the Professional Practice of Internal Auditing (Standards)

EXTERNAL QUALITY ASSESSMENT OF ORANGE COUNTY S INTERNAL AUDIT DEPARTMENT

The University of Texas System Administration System Audit Office Annual Audit Report Fiscal Year 2013

Benchmarking Report Share, Compare, Validate SAMPLE. Year: 2017 Your Organization Date

Implementation Guide 2000

Internal Audit Mandate

Changes in the IIA Standards: New Requirements for Internal Audit Functions

INTERNAL AUDIT CHARTER

International Standards for the Professional Practice of Internal Auditing

Leveraging Internal Audit and Corporate Compliance for Effective Risk Management

INTERNAL CONTROLS AUDITOR JOHN BYRD, SENIOR AUDITOR TONYA CARRIGAN, SENIOR AUDITOR

Internal Oversight Division. Internal Audit Strategy

CITIBANK N.A JORDAN. Governance and Management of Information and Related Technologies Guide

Washington State University Office of Internal Audit FY 2015 Audit Plan

SUPPLIER SURVEY FORM Instructions

Certificate in Establishing an Internal Audit Function

S23 - Hallmarks of a Strong Audit Function Lilian Fong and Marta O'Shea

EY Center for Board Matters. Leading practices for audit committees

Caribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function

INTERNAL AUDIT CHARTER

Performance Auditing: What It Is, and Why It Is Important Presented by: Harriet Richardson, CPA, CIA, CGAP Audit Manager, City of Berkeley

Telemedicine. SCOPE PERIOD The scope period was all telemedicine initiatives and applications as of April 26, 2018.

AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

February 26-27, 2018 Meeting of the U. T. System Board of Regents - Audit, Compliance, and Risk Management Committee

Best Practices for Establishing a Cost-Effective Internal Audit Function. Article by Heidi Wier June 2016

2012 IIA Standards Update

City of Edmonton EXTERNAL QUALITY ASSESSMENT OF THE OFFICE OF THE CITY AUDITOR. September 11, 2015

PROMOTING A COLLABORATIVE ENVIRONMENT AMONG RISK MANAGEMENT, INTERNAL AUDIT, AND COMPLIANCE DEPARTMENTS. ANDREW SIMPSON, CISA COO CaseWare RCM Inc.

Athletics: Student Welfare And Employee Conduct

Quality Assessment Review. Agenda. The Law Says 11/16/2015. Internal Audit Management November 19-20, 2015

Quality Manual ISO 9001:2008 ISO 9001:2015

Audit-Risk Committee. Board Approval: August 2018

ARMICS Q&A with DOA Amanda Morris, CFE Assistant Director Finance and Administration

Companies should establish the functions reserved to the board and those delegated to senior executives and disclose those functions.

The IPPF in How changes to The IIA s guidance framework can benefit internal auditors and SAIs

CHARTER INTERNAL OVERSIGHT OFFICE (IOO)

VGFOA Fall Conference October 23, 2014 John Montoro, Presenter

ADVISORY CIRCULAR AC

Toyota Financial Services (South Africa) Limited: King III Principles

The University of Texas MD Anderson Cancer Center Internal Audit Annual Report for FY2016

INTERNAL AUDIT PLAN AND CHARTER 2018/19

Changes to The IIA Standards: What Board Members and Executive Management Need to Know

The Institute of Directors of South Africa ( IoDSA ) is the convener of the King Committee and the custodian of the King reports and practice notes.

Mandate of the Board of Directors

Strategic Plan f y f y

Internal Audit Charter

ALIGNING INTERNAL AUDIT WITH MANAGEMENT AND THE BOARD

identifying areas for improvement with respect to the Institute s research administration internal control structure.

The Institute of Internal Auditors Austin Chapter Research Project

CHARTER OF THE SONOMA COUNTY INTERNAL AUDIT FUNCTION JANUARY 15, 2013

Transcription:

Corporate Responsibility and Internal Audit Programs Urton Anderson, CIA, CGAP, CCSA

Objectives Learn how an effective IA function adds value to the organization Understand the three fundamental processes underlying corporate responsibility and IA s role in each Learn how to use IA effectively and efficiently in the design and oversight of compliance control systems

Session Plan What is IA? A New Definition Adding Value with IA The Role of IA in the Governance Process The Role of IA in the Risk Management Process The Role of IA in the Control Process The effective and efficient use of IA in compliance control systems

Definition of Internal Auditing Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Adding Value Who is IA s customers What does the customer want?

IA Customers Audit Committee Auditee External Auditors Financial Management Vendors Suppliers Regulators Senior Management

Add- Value Value is provided by improving opportunities to achieve organizational objectives, identifying operational improvement, and/or reducing risk exposure through both assurance and consulting services Glossary to IIA Standards

What does the customer want? Audit Committee/Board Safeguarding Assets Compliance with Laws and Regulations Reliability of Data QUALITY OF INFORMATION Operating Management Effectiveness and Efficiency of Operations Achievement of Organizational Objectives CHANGE AGENT

IA s Role in the Governance Process

Corporate Governance Problem Corporate form of business organization is very fragile Adam Smith very skeptical of corporate concept East India Company Never able to solve contracting problem Throughout its history shareholders never made money but agents made fortunes

What is corporate governance? The process through which (1) values and goals are established and communicated, (2) the accomplishment of goals is monitored, (3) accountability is ensured, and (4) values are preserved.

Parties in the Governance Process Oversight group board and committees of the board Stewardship group executive management Dual role of stewardship of resources allocated by board and accountability of results of operations Performance group operating and support management and staff Assurance group internal and external auditing functions.

NYSE Corporate Governance Rules 303A.07(d) (d) Each listed company must have an internal audit function. Commentary: Listed companies must maintain an internal audit function to provide management and the audit committee with ongoing assessments of the company s risk management processes and system of internal control. A company may choose to outsource this function to a third party service provider other than its independent auditor.

IA s Role The internal audit activity should assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives: Promoting appropriate ethics and values within the organization. Ensuring effective organizational performance management and accountability. Effectively communicating risk and control information to appropriate areas of the organization. Effectively coordinating the activities of and communicating information among the board, external and internal auditors and management. IIA 2130

The Role of IA in the Risk Management Process

IA s Role Two aspects: 1.Assistance in the risk assessment process 2.Evaluation of the risk management process

5 Key Objectives of Risk Management Process 1. Risks arising from business strategies and activities are identified and prioritized. 2. Management and the board have determined the level of risks acceptable to the organization, including the acceptance of risks designed to accomplish the organization s strategic plans. 3. Risk mitigation activities are designed and implemented to reduce, or otherwise manage, risk at levels that were determined to be acceptable to management and the board. 4. Ongoing monitoring activities are conducted to periodically reassess risk and the effectiveness of controls to manage risk. 5. The board and management receive periodic reports of the results of the risk management processes. The corporate governance processes of the organization should provide periodic communication of risks, risk strategies, and controls to stakeholders.

The Role of IA in the Control Process The effective and efficient use of IA in compliance control systems

Monitoring 1. The Role of Monitoring and Oversight Controls 2. Examples of Monitoring and Oversight Controls in Compliance Systems 3. Designing Monitoring/Oversight Controls for Effective and Efficient Assurance 4. Providing Assurance of Compliance

Monitoring in Internal Control Monitoring Function - Actions taken by management and others to assess the quality of internal control system performance over time

The Monitoring Function Monitoring Controls Investigation of unusual items Oversight Controls Customer surveys and complaint analysis Internal Auditing Controls Traditional internal audit

Compliance Examples Monitoring UT Southwestern Patient Satisfaction Survey reviewed daily and any potential issues distributed to appropriate parties for prompt attention Oversight - UT El Paso NCAA Eligibility faculty representatives have begun to spot-check individual records.

Compliance Examples Internal Auditing Control UT Tyler Peer review of health and safety program Internal Auditing Control UT Houston Office of Institutional Compliance conducted review of Medical School s monitoring plan for physician billing process. Review included verifying and validating chart abstraction process

Compliance Examples - UTH PATIENT DOS POS CPT PHYSICIAN COMMENTS AGREE WITH AUDITOR'S FINDINGS ICD.9 CODED TO HIGHEST LEVEL OF SPECIFICITY / SUPPORTED IN DOCUMENTATION MEDICAL NECESSITY DOCUMENTED PROCEDURES DOCUMENTED ACCORDINGLY RESIDENT NOTE IN CHART SUMMARY OF KEY COMPONENTS DOCUMENTED TP / ATTENDING PARTICIPATION DOCUMENTED IN CHART TP / ATTENDING SIGNATURE IN CHART TP/ ATTENDING NOTE IN CHART RECORD LEGIBLE

Designing Effective Monitoring Functions Monitoring is a way to evaluate effectiveness, efficiency and consistency of operational controls Benefits of monitoring is process improvement, identification of new risk, assurance Monitoring (especially internal audit control) should not be the operating control

Effective Monitoring

Providing Assurance Monitoring Controls need to be auditable Responsibility for monitoring assigned Plan in place verifiable (documented) Goal is to do internal audit of monitoring and oversight controls with little time on operational

Providing Assurance Audit Criteria Documented evidence of actions taken when monitoring controls identify failure Instances of non-compliance documented and dealt with appropriately Instances of non-compliance reported to Compliance committee or Chief Administrative Officer Documented training related to risk been provided to all employees Documented training provided in each case of failure of operating controls or non-compliance Periodic reporting to compliance officer and committee

Effective Assurance of Monitoring Plan Compliance Officer reviews monitoring plan External Review Peer Commercial IA performs inspection of monitoring plan (determines if it can be audited) IA performs audit of plan

Questions? Urton Anderson Red McCombs School of Business The University of Texas at Austin (512)471-9481 Urton@mail.utexas.edu

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback