Meeting Stakeholder Expectations for Assurance: Internal Audit s Role in a Group Effort

Similar documents
2012 IIA Standards Update

The Red (Book) Rocks The Latest and Greatest Audit Standards

Changes To the Public Sector Internal Audit Standards April 2017

CHARTER OF THE SONOMA COUNTY INTERNAL AUDIT FUNCTION JANUARY 15, 2013

What We Will Cover Today

Implementation Guide 1000

IT Audit at Brown. A collaboration between the Information Technology and Internal Audit Teams

Implementation Guide 1200

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

The IPPF in How changes to The IIA s guidance framework can benefit internal auditors and SAIs

Implementation Guide 1312

Implementation Guide 2000

Report. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report

Tools & Techniques II: Lead Auditor

Audit Standards 6/23/2017. Outline. Let s Refresh. Changes to the IIA Standards

PART 6 - INTERNAL CONTROL

AUDITING. Auditing PAGE 1

MISSISSIPPI STATE UNIVERSITY INTERNAL AUDIT CHARTER

Quality Assurance and Improvement Program (QAIP)

COMPLIANCE AT LARGER INSTITUTIONS. November 11 13, Robert F. Roach Chief Compliance Officer New York University

Quality Assessments what you need to know

Value-Added Internal Audit: Myth or Reality?

Policies, Procedures and Guidelines

August 14, Dear Ms. Gula:

Internal Oversight Division. Internal Audit Strategy

Implementation Guide 2050

IT Audit Process. Michael Romeu-Lugo MBA, CISA March 27, IT Audit Process. Prof. Mike Romeu

Advisory Services Governance, Risk & Compliance

Practice Advisory : Quality Assurance and Improvement Program

International Finance Corporation

INTERNATIONAL ORGANIZATION FOR MIGRATION. Keywords: internal audit, evaluation, investigation, inspection, monitoring, internal oversight

Session 7: Corporate Governance

King lll Principle Comments on application in 2016 Reference Chapter 1: Ethical leadership and corporate citizenship Principle 1.

INTERNAL AUDIT CHARTER

External Quality Assessment Are You Ready? Institute of Internal Auditors

CHARTER OF THE AUDIT COMMITTEE NATIONWIDE MUTUAL INSURANCE COMPANY NATIONWIDE MUTUAL FIRE INSURANCE COMPANY NATIONWIDE CORPORATION

Internal Audit Policy and Procedures Internal Audit Charter

CHIEF EXECUTIVE OFFICER TERMS OF REFERENCE

External Quality Assessment of the Internal Audit Activity at. County of Orange. April County of Orange Final Report: June 13,

LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE

Implementation Guides

Internal Audit Appendix: IIA Standards

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

King lll Principle Comments on application in 2013 Reference in 2013 Integrated Report

Bank of Botswana Internal Audit Charter March 18, 2013 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

METUCHEN CAPACITORS INCORPORATED. Quality Manual P.O. BOX HIGHWAY 35, SUITE 2 HOLMDEL NJ USA

GoldSRD Audit 101 Table of Contents & Resource Listing

CORPORATE GOVERNANCE THEORY, SCOPE AND IMPORTANCE

LeiningerCPA, Ltd. RISK MANAGEMENT POLICY STATEMENT

Audit and Risk Committee Charter

University Students Council of the University of Western Ontario BY-LAW #4. AUTHORITY: Council RATIFIED BY: Council DAY MONTH YEAR BY-LAW #4

Practice Guide ASSESSING ORGANIZATIONAL GOVERNANCE IN THE PUBLIC SECTOR

Technical Services Document #: TS-0007 Internal Audit Procedure Version #: 01

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

IBL LTD AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

Compliance and the Board of Directors

CHARTER INTERNAL OVERSIGHT OFFICE (IOO)

How to plan an audit engagement

Corporate Governance and Financial Markets

Implementation Guide 1300

INTERNATIONAL STANDARD

RISK AND AUDIT COMMITTEE TERMS OF REFERENCE

The Three Lines of Defense Model: A framework for risk management and internal control. Office of the Inspector General Internal Audit services

External Quality Assessment of the Internal Audit Activity at the World Food Programme

UNITED ISD INTERNAL AUDIT DEPARTMENT QUALITY ASSESSMENT SELF-ASSESSMENT WITH INDEPENDENT EXTERNAL VALIDATION

RISK COMMITTEE BYLAW OF THE SUPERVISORY BOARD OF ING BANK ŚLĄSKI S.A.

Dexia Group Audit Charter

PRACTICE GUIDE. Formulating and Expressing Internal Audit Opinions

THE BOARD S ROLE IN AUDIT, CONTROL, & RISK OVERSIGHT

GOVERNANCE GUIDELINE DRAFT. Initial publication: April 2009 Updated: July Ligne directrice sur la conformité

Audit Project Process Overview 1/18/ Compliance and Audit Symposium. Agenda. How to Kick-start your. Audit Planning and Risk Assessment

Internal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP

Assessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive

1. INTERNAL AUDIT CHARTER (PDF)

Internal Audit Performance

Accountability Framework

Chair all meetings of the Board of Directors and shareholders;

GRIFOLS STATUTES OF THE AUDIT COMMITTEE

SEMPRA ENERGY. Corporate Governance Guidelines. As adopted by the Board of Directors of Sempra Energy and amended through December 15, 2017

(Adopted by the Board of Directors on 13 May 2009 and amended on 24 September 2009, 13 September 2012 and 27 November 2013)

4. Organic documents. Please provide an English translation of the company s charter, by-laws and other organic documents.

BOARD CHARTER TOURISM HOLDINGS LIMITED

OFFICE OF INTERNAL AUDITS APPALACHIAN STATE UNIVERSITY AUDIT MANUAL

Audit Committee Charter ISSUE DATE: 22 JUNE 2017 AUDIT COMMITTEE CHARTER. ISSUE DATE: 22 JUNE 2017 PAGE 01 OF 07

See your auditor clearly. Transparency report: How we perform quality audit engagements

NYSE: Corporate Governance Guide

Ethical leadership and corporate citizenship. Applied. Applied. Applied. Company s ethics are managed effectively.

1.1 Scope and purpose of the Manual Introduction Purpose Authority and responsibility... 2

KING III CHECKLIST. We do it better

IMMUNOGEN, INC. CORPORATE GOVERNANCE GUIDELINES OF THE BOARD OF DIRECTORS

IMPARTIALITY. Impartiality and objectivity of auditors are basic prerequisites for an effective and consistent audit.

DIAMOND OFFSHORE DRILLING, INC. Corporate Governance Guidelines

EUROPEAN CONFEDERATION OF INSTITUTES OF INTERNAL AUDITING (IVZW)

Strengthening Control and integrity: A Checklist for government Managers

CITIZENS BANCORP CITIZENS BANK BOARD AUDIT COMMITTEE CHARTER

NEWMARK GROUP, INC. AUDIT COMMITTEE CHARTER. (as of December 2017)

The City of Kawartha Lakes Public Library

Self Assessment Workbook

REPORT 2016/033 INTERNAL AUDIT DIVISION

2013 COSO Internal Control Framework Update. September 5, 2013

Transcription:

Meeting Stakeholder Expectations for Assurance: Internal Audit s Role in a Group Effort Urton Anderson The University of Texas at Austin 1

2

Agenda The IA Value Proposition The Demand for Assurance Assurance Mapping The Combined Assurance Approach Summary 3

The IA Value Proposition Thesis The fundamental value proposition for internal auditing is the role it plays in maintaining a system of effective organizational governance 4

What is organizational governance? The process through which (1) values and goals are established and communicated, (2) the accomplishment of goals is monitored, (3) accountability is ensured, and (4) values are preserved. 5

The Two Basic Responsibilities of the Governance Body of an Organization Governance Umbrella Board of Directors Strategic Direction Governance Oversight 6 Values Objectives Boundaries Accountability Values preservation

Key Components of Governance Oversight 7

Governance Strategic Direction Set boundaries Set objectives Establish values Determine risk appetite Oversight Risk management Assurance 8

Depiction of Key Governance Elements 9

Internal Audit helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. 10

IA Customers Auditee Audit Committee Senior Management Financial Management Vendors Regulators Suppliers External Auditors 11

What does the customer want? Audit Committee/Board Safeguarding Assets Compliance with Laws and Regulations Reliability of Data QUALITY OF INFORMATION Operating Management Effectiveness and Efficiency of Operations Achievement of Organizational Objectives CHANGE AGENT 12

The IA Value Proposition 13

ASSURANCE = Governance, Risk & Control Internal auditing provides assurance on the organization s governance, risk management, and control processes to help the organization achieve its strategic, operational, financial and compliance objectives. 14

OBJECTIVITY = Integrity, Accountability, & Independence With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. 15

VALUE PROPOSITION OF INTERNAL AUDITING What STAKEHOLDERS should expect from your internal auditors 16

The Demand for Assurance Board Executive Management 17

Objectives Effectiveness and Efficiency of Operations Reliability of Financial Reporting and Safeguarding of Assets Compliance with Laws and Regulations 18

Responsibilities Effectiveness & Efficiency? Board s Executive Management 19

Responsibilities Effectiveness & Efficiency? Board s Reviewing and guiding corporate strategy, major plans of action, risk policy, annual budgets and business plans; setting performance objectives; monitoring implementation and corporate performance; and overseeing major capital expenditures, acquisitions and divestitures. OECD Principles of Corporate Governance, 2004 Executive Management (#1 of 8 responsibilities) 20

Responsibilities Reliability of Financial Reporting and Safeguarding of Assets? Board s Executive Management 21

Responsibilities Reliability of Financial Reporting and Safeguarding of Assets? Board s Ensuring the integrity of the corporation s accounting and financial reporting systems, including the independent audit OECD Principles of Corporate Governance, 2004 (#1 of 8 responsibilities) Executive Management SOX 302 22

Sky-rocketing Demand for Compliance Assurance Factors Increasing Complexity of the Legal and Regulatory Environment Technological Advancements Globalization Increased Interdependency of Organizations Demand for Accountability 23

The Board s Role in Compliance 24

Board s Role 2) (A) The organization s governing authority shall be knowledgeable about the content and operation of the compliance and ethics program and shall exercise reasonable oversight with respect to the implementation and effectiveness of the compliance and ethics program. Fed. Sent. Guidelines Chapter 8 25

Reasonable Oversight A director has a duty to attempt in good faith to assure that (1) a corporate information and reporting system exists, and (2) this reporting system is adequate to assure the board that appropriate information as to compliance with applicable laws will come to its attention in a timely manner as a matter of ordinary operations. In re Caremark International Inc. Derivative Litigation, 698 A.2d 959 (Del. Ch. 1996). 26

The Executive Management s Role in Compliance 27

Management s Responsibility To ensure that all operations are conducted in accordance with applicable law, regulations and policies, including internal policies. Compliance Programs are designed to establish a culture within a organization that promotes prevention, detection and resolution of instances of conduct that do not conform to federal and state law, as well as the organization s ethical and operations policies. 28

Assurance Mapping Web of Assurance 29

Practice Advisory 2050-2 - Assurance Maps One of the key responsibilities of the board is to gain assurance that processes are operating within the parameters it has established to achieve the defined objectives. It is necessary to determine whether risk management processes are working effectively and whether key or businesscritical risks are being managed to an acceptable level. 30

Sources of Assurance Line management and employees (management provides assurance as a first line of defense over the risks and controls for which they are responsible.) Senior management Internal and external auditors Compliance Quality assurance Risk management Environmental auditors Workplace health and safety auditors Government performance auditors Financial reporting review teams External financial statement auditors Other external assurance providers, including surveys, specialist reviews (health and safety), etc. 31

Assurance Net (PWC) 32

3 Fundamental Classes of Assurance Providers 1. Those who report to management and/or are part of management (management assurance), including individuals who perform control self-assessments, quality auditors, environmental auditors, and other management- designated assurance personnel. 2. Those who report to the board, including internal audit, some cases compliance. 3. Those who report to external stakeholders (external audit assurance), which is a role traditionally fulfilled by the independent/statutory auditor. 33

Management Based Assurance Monitoring Function - Actions taken by management and others to assess the quality of internal control system performance over time 34

Assurance Continuum (Levels of Control in COSO) 35

Effective Monitoring 36

The Monitoring Function Supervisory Controls Investigation of unusual items Oversight Controls Customer surveys and complaint analysis Auditing Controls Traditional internal audit 37

Assurance Map 38

3 Lines of Defense Basel II - Basel Committee on Banking Supervision, UK, ECIIA Line 1 Line 2 Management oversight - management review, control selfassessment, and continuous monitoring mechanisms Staff functions Risk management, SOX review, compliance Line 3 Independent and objective assurance IA, EA, ISO, regulatory audits and other impendent reviews 39

Lines of Defense 40

How is assurance provided 41

COMBINED ASSURANCE King III Principle 3.5 The audit committee should ensure that a combined assurance model is applied to provide a coordinated approach to all assurance activities. 42

Combined Assurance Benefits Provides Board/Governance Body and senior management with assurance needed to carry out their responsibilities Reduce assurance fatigue 43

Implementing Step 1: Establishing the business case Step 2: Assurance reality check what risk, source of assurance, how Step 3: Risk mapping Step 4: Combined assurance design Step 5: Implement 44

Assurance Map (PWC) 45

Summary New approach to assurance required Increased demand for assurance Assurance fatigue Map of the organization s network of assurance Combined assurance approach New challenge for IA 46

CaE to CAE Responsibility of the CAE to understand the independent assurance requirements of the board and the organization, to clarify the role the internal audit activity fills and the level of assurance it provides. 47

Thank you! Contact Information: Urton Anderson McCombs School of Business The University of Texas at Austin (512)471-5339 (messages until 8/1/12) (202)551-5308 (until 7/31/12) urton@mail.utexas.edu 48

Agenda IPPF Code of Ethics Standards 49

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback