The Internal Auditor s Duties Outside of Auditing

Similar documents
Implementation Guides

International Standards for the Professional Practice of Internal Auditing (Standards)

Quality Assurance and Improvement Program (QAIP)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

GoldSRD Audit 101 Table of Contents & Resource Listing

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING

Report. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report

International Standards for the Professional Practice of Internal Auditing (Standards)

IPPF Practice Guide. Interaction with the Board

SIAAB Guidance #02 Internal Audit Independence- Interaction with Agency Head, Senior Staff and Placement Within the Organizational Structure

Glossary. Chartered Institute of Internal Auditors. 26 July Add value. Adequate control. Assurance services. Board. Charter

Implementation Guide 2060

Internal Audit Charter

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

2012 IIA Standards Update

INTERNAL AUDIT PLAN AND CHARTER 2018/19

Implementation Guide 1200

Internal Audit Standards Board Disposition on the 2010 Standards Exposure Results/Comments. Introduction

Implementation Guide 2340

3.6.2 Internal Audit Charter Adopted by the Board: November 12, 2013

Lake County School District. Quality Assurance & Improvement Program. Internal Self-Assessment for. The Internal Audit Department

FEDERAL HOME LOAN BANK OF INDIANAPOLIS CHARTER FOR THE AUDIT COMMITTEE

International Standards for the Professional Practice of Internal Auditing

Practice Advisory : Internal Audit Charter

10/5/2016. Quality Assessment Review. Agenda. What s the purpose of a QAR? Internal Audit Manager Training October 3-4, 2016

Implementation Guide 2050

SIAAB Guidance #05. Conforming with FCIAA and Standards in Small Audit Functions in the State of Illinois. Adopted December 8, 2015

Implementation Guide 1311

BARBADOS DAIRY INDUSTRIES LIMITED AUDIT COMMITTEE CHARTER

Conducting an Audit Committee Self-Evaluation: Guidelines and Questions

Dexia Group Audit Charter

Implementation Guide 2000

Corporate Governance Principles

SUNEDISON, INC. AUDIT COMMITTEE CHARTER (Adopted October 29, 2008)

Implementation Guide 1000

PPG INDUSTRIES, INC. AUDIT COMMITTEE CHARTER

AUDIT COMMITTEE REPORTING: TRENDS & BEST PRACTICES Timothy Etoori Head of Internal Audit UGAFODE Microfinance

BROWN-FORMAN CORPORATION CORPORATE GOVERNANCE GUIDELINES

2014 BOARD OF DIRECTORS SELF-ASSESSMENT MIDCONTINENT INDEPENDENT SYSTEM OPERATOR, INC.

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

GOVERNANCE POLICY. Adopted January 4, 2018

Guidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.

Audit Committee Charter

OFFICE OF INTERNAL AUDITS APPALACHIAN STATE UNIVERSITY AUDIT MANUAL

THE PARADOX OF DUAL REPORTING AND INTERNAL AUDITORS INDEPENDENCE

ABCANN GLOBAL CORPORATION CORPORATE GOVERNANCE POLICIES AND PROCEDURES

Audit Committee Charter Matrix

The Paradox of Dual Reporting and Internal Auditor s Independence

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF ISRAMCO, INC.

NANTKWEST, INC. CORPORATE GOVERNANCE GUIDELINES

NEVRO CORP. CORPORATE GOVERNANCE GUIDELINES. (Adopted October 9, 2014)

W. R. GRACE & CO. CORPORATE GOVERNANCE PRINCIPLES

FIRST SOLAR, INC. CORPORATE GOVERNANCE GUIDELINES. A. The Roles of the Board of Directors and Management

External Quality Assessment Are You Ready? Institute of Internal Auditors

GREEN BRICK PARTNERS. Board of Directors Corporate Governance Guidelines

Hiring and Staff: An Effective Internal Department

Practice Guide. Developing the Internal Audit Strategic Plan

CIRCOR International, Inc. Principles of Corporate Governance

Western Rockies Federal Credit Union POSITION DESCRIPTION

Bank of Botswana Internal Audit Charter March 18, 2013 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

A-9: Audit Committee Effectiveness

Toyota Financial Services (South Africa) Limited: King III Principles

Internal Audit Mandate

The University of Texas at San Antonio 2014 External Quality Assessment of the Auditing and Consulting Services Office

EATON CORPORATION plc Board of Directors Governance Policies Last Revised: October 24, 2017 Last Reviewed: October 24, 2017

FLORIDA STATE UNIVERSITY Office of Inspector General Services Report #17-06

Periodic internal quality assessment Questions for discussion

Internal Auditing 101

Kentucky State University Office of Internal Audit

GTT COMMUNICATIONS, INC. AUDIT COMMITTEE CHARTER

AUDIT COMMITTEE CHARTER

Guidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.

Internal Audit Charter. Aviva plc

Practice Advisory : Quality Assurance and Improvement Program

F5 NETWORKS, INC. AUDIT COMMITTEE CHARTER AS AMENDED AND RESTATED BY THE BOARD OF DIRECTORS OF F5 NETWORKS, INC. APRIL 21, 2017

Control Environment Toolkit: Internal Audit Function

Quality Assurance and Improvement Program

What is in Your Supervisory/Audit Committee Packet ASSOCIATION OF CREDIT UNION INTERNAL AUDITORS MEETING APRIL 28, 2017

FRONTERA ENERGY CORPORATION CORPORATE GOVERNANCE POLICY

CPI CARD GROUP INC. CORPORATE GOVERNANCE GUIDELINES

BancorpSouth Bank Audit Committee Charter

ROYAL DUTCH SHELL PLC AUDIT COMMITTEE TERMS OF REFERENCE

Internal Audit Charter

GOVERNMENT OF YUKON POLICY 1.13 GENERAL ADMINISTRATION MANUAL

Policy and Procedures Date: November 5, 2017

August 14, Dear Ms. Gula:

Changes to The IIA Standards: What Board Members and Executive Management Need to Know

Penumbra, Inc. Corporate Governance Guidelines Adopted August 18, 2015 As amended April 17, 2017

TWITTER, INC. CORPORATE GOVERNANCE GUIDELINES. (Amended and Restated on April 4, 2017)

INFRAREIT, INC. Corporate Governance Guidelines

Internal Audit & the Audit Committee

CORPORATE GOVERNANCE GUIDELINES

TRA Internal Audit Fiscal Year 2019 Audit Plan

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

BIOSCRIP, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Energy Trust Board of Directors Corporate Governance Guidelines

Strathclyde Partnership for Transport

MALIBU BOATS, INC. CORPORATE GOVERNANCE PRINCIPLES

CODEXIS, INC. CORPORATE GOVERNANCE GUID ELIN ES

FITBIT, INC. CORPORATE GOVERNANCE GUIDELINES. As adopted on February 17, 2015 and amended on October 26, 2016

Transcription:

The Internal Auditor s Duties Outside of Auditing Dean Rohne, CPA, CIA dean.rohne@claconnect.com 1 1

Session Objectives Discuss the internal auditor s interaction with the supervisory committee and management Review the role of quality assurance reviews Discuss training for internal auditors Review the requirements for due care 2

Resources ACUIA www.acuia.org Institute of Internal Auditors (IIA) www.theiia.org American Institute of Certified Public Accountants (AICPA) - http://www.aicpa.org Audit committee effectiveness center 3

The Basics Does everybody have the following? Internal audit charter Dual reporting relationship Supervisory committee CEO How many follow IIA standards in completing audits? How many have had a quality assurance review? 4

Reporting Relationship IIA Standard 1100 Independence Freedom from conditions that threaten the ability for internal audit to carry out their responsibilities in an unbiased manner Direct and unrestricted access to senior management and the supervisory committee Report to a level within the organization that allows internal audit to fulfill responsibilities Objective Unbiased mental attitude that results in no quality compromises Auditors do not subordinate their judgment to audit related items to others 5

Working with the Supervisory Committee To have an effective relationship the following are key considerations: Communicating openly and candidly with the supervisory committee Reporting regularly and timely, which can be both formal and informal Follow the audit plan that was approved 6

Working with the Supervisory Committee To have an effective relationship the following are key considerations: Ensure internal audit s role and activities are clearly understood by the committee Internal audit function is responsive to the needs of the committee Keep the committee informed 7

Working with the Supervisory Committee Communicating Openly and Candidly Gather, evaluate, and summarize data and evidence with care and precision Identify and express observations, conclusions, and recommendations without prejudice, partisanship, personal interests, and the undue influence of others Improve clarity by avoiding unnecessary technical language and providing all significant and relevant information in context 8

Working with the Supervisory Committee Reporting Regularly and Timely Have an agenda prepared prior to a meeting with the supervisory committee, whether a formal or informal meeting Depending on the circumstances going on at the credit union you may have additional communication with the supervisory committee chair or individual members of the supervisory committee Periodic emails or other communication might be beneficial to committee members between regularly scheduled meetings. 9

Working with the Supervisory Committee Reporting Regularly and Timely Benefits Builds a relationship with the committee members Maintains awareness of the activities of internal audit and the credit union 10

Working with the Supervisory Committee Reporting Regularly and Timely Use the following guidelines Timely Relevant Fact based Balanced Objective Complete 11

Working with the Supervisory Committee Reporting Regularly and Timely Use the following guidelines Consider tone and formality Avoid making presumptuous comments without sufficient facts Consider the consequences that editorial comments on control weaknesses and other management failures can create 12

Working with the Supervisory Committee Reporting Regularly and Timely Use the following guidelines Document communications if required for professional or business reasons Do not wait until there is a need to build a strong relationship with the committee Address potential conflicts with the committee and management based on the internal audit charter 13

Case Study 1 The Credit Union has a business credit card policy that is vague in a number areas related to travel expenses. During an audit of business credit cards you identify the CEO has a number of questionable expenses over the course of the last six months. These expenses include first class flight upgrades, clothing purchases at a local golf club where the credit union has a membership, and suite upgrades for hotel stays. The expense reports have all been approved by the board chair. You also determine the CEO has made a number of questionable business decisions such as leasing an offsite office space close to his residence and obtaining board approval for unlimited paid time off while selling back six weeks of his earned PTO in exchange for cash. What course of action should you pursue? 14

Working with the Supervisory Committee Communicating Sensitive Matters Consider need to consult with key members of management, including legal counsel Facts and details are available and documented Findings can be verified and any opinions and conjecture are clearly articulated as such Communication is timely and urgent 15

Working with the Supervisory Committee Communicating Sensitive Matters Internal auditor might see management attempts to delay or omit certain information Consider reporting obligations in accordance with professional standards or policies IIA AICPA Internal audit charter Credit union code of conduct 16

Working with the Supervisory Committee Following the audit plan that was approved Provide regular status updates to the plan Be forthcoming if you will not be able to complete plan as originally intended Can be modified to address changes in risk Regulatory changes Product changes Service changes 17

Working with the Supervisory Committee Ensure internal audit s role and activities are clearly understood by the committee Review frequently Consider providing status updates in between regularly scheduled meetings Depending on experience of the committee consider need to periodically review detail procedures for certain areas 18

Working with the Supervisory Committee Internal audit function is responsive to the needs of the committee Solicit feedback on concerns of committee members Keep the Committee Informed Status updates Industry information Regulatory information Consider use of a supervisory committee packet 19

Case Study 2 You are currently completing an audit of accrued expenses. You recalculate the amount of accrued payroll and determine the credit union is short in their accrual by approximately $100,000. The Credit Union has an incentive policy that if the Credit Union has a one percent return on average assets all employees receive a bonus of two percent of their compensation. You determine this shortage in the accrued payroll allows the Credit Union to meet the incentive. What course of action should you pursue? 20

Working with Management Communicate frequently Solicit feedback with audit plan development Initiate communication at the start of an audit with appropriate management groups Identify scope Use of a planning letter Provide status update throughout the scope of the audit Schedule an exit meeting Incorporate management response into reporting process 21

Working with Management Stay informed Attend management team meetings Attend board meetings or read board minutes Attend strategic planning meetings Maintain independence Refrain from making management decisions 22

Quality Assurance and Improvement Program IIA Standard 1300/1310 Documented quality assurance and improvement program Quality procedures in place Performance indicators for the internal audit function Results of assessments performed Use of surveys Activity reports Designed to be an evaluation of internal audit s activity in conformance with IIA Standards. 23

Quality Assurance and Improvement Program IIA Standard 1300/1310 Internal assessments Ongoing monitoring of the internal audit activity Client surveys Workpaper reviews Assessment of internal audit staff Periodic self-assessment or assessment by another person within the organization with adequate knowledge Key part of day to day supervision, review and measurement 24

Quality Assurance Program IIA Standard 1300/1310 External assessments Must be conducted at least once every five years by a qualified, independent assessor Can be one of the following Full assessment Self assessment with independent validation Communicate results to supervisory committee 25

Quality Communications Gather, evaluate, and summarize data and evidence with care and precision Identify and express observations, conclusions, and recommendations without prejudice, partisanship, personal interests, and the undue influence of others Improve clarity by avoiding unnecessary technical language and providing all significant and relevant information in context 26

Quality Communications Develop communications with the objective of making each element meaningful but succinct Adopt a positive, well-meaning content and tone that focuses on the credit union s objectives Ensure communication is consistent with the credit union s style and culture Plan the timing of presenting the results of the engagement to avoid unnecessary delay 27

Case Study 3 During an audit of payroll you determine the payroll accountant has created a fictitious employee and embezzled $5,000 over the last three months. What is your response in reporting this finding? Does your response change if the amount is $500,000? 28

Professional Development IIA Standard 1230 Internal auditors must enhance their knowledge, skills, and other competencies through continuing professional development Many resources available Can include all of the following: Audit proficiency Technical skills Industry knowledge Communication and leadership skills 29

Professional Development Consider also including the following: Maintain an inventory of the department Expertise Certifications Organizations Prepare an annual and long range professional development plan for the department Identify current and future needs including long term training needs Identify areas where specialists are needed 30

Planning Annual audit plan Three to five year plan with annual updates Utilize a risk assessment Provides a link to the operational and strategic risks of the credit union Management input to the plan Provides an opportunity for management to address risks they have identified Should be completed after credit union s strategic planning session has occurred 31

Planning Individual audit plans Include audit objectives, activity s risk, controls Could include use of audit engagement letter Should include consideration of fraud in every engagement Include use of specialists 32

Management Acceptance of Risk IIA Standard 2600 Communicating the acceptance of risk If CAE determines that management has accepted a level of risk that may be unacceptable the CAE must discuss the matter with senior management. If the CAE determines the matter has not been resolved, the CAE must communicate the matter to the supervisory committee. 33

Use of Technology Use of purchased audit programs Use of audit software Paper workpapers vs paperless Use of data extraction 34

Consulting Engagements Can provide added value to the credit union If identified ahead of time include them in the annual audit plan Should have an engagement letter in place Defines scope of the project Maintains independence 35

Case Study 4 You as chief audit executive (CAE) just received news you were approved to add another staff member to your department. The person that is hired comes from the credit union s operations department and was responsible for processing ACH returns within the credit union. Management has asked your department to assist in providing an assessment and recommendations for improving the operational efficiency of the ACH department when you complete the annual ACH audit. Given your new staff member s experience what role do you have them play in completing the tasks described above for ACH? 36

Contact Us Dean Rohne, CPA, CIA dean.rohne@ claconnet.com 800-657-4477 Follow our blog for current discussions on credit unions. www.larsonallen.com/blog www.twitter.com/cliftonlarsonallen www.claconnect.com www.facebook.com/cliftonlarsonallen www.linkedin.com/companies/ cliftonlarsonallen 37

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback