Quality Assurance in Internal Audit. Standard on Internal Audit (SIA) 7

Similar documents
Implementation Guide 1311

Quality Assurance and Improvement Program (QAIP)

External Quality Assessment Are You Ready? Institute of Internal Auditors

Lake County School District. Quality Assurance & Improvement Program. Internal Self-Assessment for. The Internal Audit Department

External Quality Assessment Review of University of Florida s Office of Internal Audit

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

Practice Advisory : Quality Assurance and Improvement Program

The Red (Book) Rocks The Latest and Greatest Audit Standards

Internal Audit Quality Policy

10/5/2016. Quality Assessment Review. Agenda. What s the purpose of a QAR? Internal Audit Manager Training October 3-4, 2016

Caribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function

STANDARD ON INTERNAL AUDIT (SIA) 7 QUALITY ASSURANCE IN INTERNAL AUDIT *

Internal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP

How can I be a more insightful Internal Auditor? This does not happen by accident. It takes deliberate action. Insight comes with experience. Action M

Tools & Techniques II: Lead Auditor

Report. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report

BUSINESS RISK MANAGEMENT LTD. Proposal for External Quality Assessment of the Internal Audit function against world class best practice

Changes in the IIA Standards: New Requirements for Internal Audit Functions

Implementation Guide 1300

External Quality Assessment Of The University Of Florida s Office Of Audit & Compliance Review May 2012

Implementation Guide 1312

Quality Assessments what you need to know

Practice Guide. Developing the Internal Audit Strategic Plan

Quality Assessment Review. Agenda. The Law Says 11/16/2015. Internal Audit Management November 19-20, 2015

International Standards for the Professional Practice of Internal Auditing (Standards)

Internal Audit Charter

Changes in the IIA Standards: New Requirements for Internal Audit Functions

Implementation Guide 1200

Independent Validation of the Internal Auditing Self-Assessment

S23 - Hallmarks of a Strong Audit Function Lilian Fong and Marta O'Shea

Internal Audit Vice Presidency (IADVP) FY11 First Quarter Activity Report

VIRGINIA POLYTECHNIC INSTITUTE AND STATE UNIVERSITY COMPLIANCE, AUDIT, AND RISK COMMITTEE OF THE BOARD OF VISITORS COMPLIANCE, AUDIT, AND RISK CHARTER

UNITED ISD INTERNAL AUDIT DEPARTMENT QUALITY ASSESSMENT SELF-ASSESSMENT WITH INDEPENDENT EXTERNAL VALIDATION

Planning Guides. Planning. IA Governance

Internal Audit Charter

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

CORPORATE GOVERNANCE King III - Compliance with Principles Assessment Year ending 31 December 2015

Implementation Guides

2012 IIA Standards Update

FLORIDA STATE UNIVERSITY Office of Inspector General Services Report #17-06

ENERGY QUEENSLAND LIMITED INTERNAL AUDIT CHARTER. [April 2017]

The University of Texas at San Antonio 2014 External Quality Assessment of the Auditing and Consulting Services Office

International Standards for the Professional Practice of Internal Auditing

Strate Compliance with King III. Prepared by: Company Secretary

Leading the Global. Next Decade Doing More with Less The Lean Internal Audit Model. Larry Rieger

CORPORATE GOVERNANCE King III - Compliance with Principles Assessment Year ending 31 December 2016

Changes to The IIA Standards: What Board Members and Executive Management Need to Know

International Standards for the Professional Practice of Internal Auditing (Standards)

External Quality Assessment of the Internal Audit Activity at the World Food Programme

Board Audit Committee Training Automation of Audit Function. Anthony Wanyoike TeamMate Consulting East, Central & West Africa

Changes To the Public Sector Internal Audit Standards April 2017

Kentucky State University Office of Internal Audit

External Quality Assessment of the Internal Audit Activity at. County of Orange. April County of Orange Final Report: June 13,

CONTENTS. Acknowledgments... iv. 1: Introduction : Why have organizations chosen to seek compliance with the Standards?...2

Value-Added Internal Audit: Myth or Reality?

Quality Assurance and Improvement Program

Periodic internal quality assessment Questions for discussion

SIAAB Guidance #05. Conforming with FCIAA and Standards in Small Audit Functions in the State of Illinois. Adopted December 8, 2015

Implementation Guide 2340

Implementation Guide 2000

Practice Advisory : Internal Audit Charter

External Quality Assurance Review of the Office of the Auditor General Proposed Statement of Work for the Audit Sub- Committee.

STANDARDS: QUALITY ASSURANCE

August 14, Dear Ms. Gula:

GoldSRD Audit 101 Table of Contents & Resource Listing

PRINCIPLES OF CORPORATE GOVERNANCE Novus Holdings Limited

Toyota Financial Services (South Africa) Limited: King III Principles

CORPORATE GOVERNANCE KING III COMPLIANCE REGISTER 2017

Audit Standards 6/23/2017. Outline. Let s Refresh. Changes to the IIA Standards

OVERVIEW OF KING III PRINCIPLES

KING III CHECKLIST. In accordance with the Board Charter the board is the guardian of the values and ethics of the group.

Canada. Internal Audit Charter 1+1. Canadian Nuclear Safety Commission. Office of Audit and Ethics. April 18, 2011

Guidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.

Explanation where the company has partially applied or not applied King III principles

(

3.6.2 Internal Audit Charter Adopted by the Board: November 12, 2013

Charter for Group Internal Audit. Approved by the Chairman on behalf of the Board of Directors on 18 January 2018.

Strathclyde Partnership for Transport

1. Ethical leadership and corporate citizenship. 2. Boards and directors. Role and function of the board

What We Will Cover Today

Internal Oversight Division. Internal Audit Strategy

Audit monitoring visits cycle 1 / cycle 2 BUSINESS WITH CONFIDENCE

Implementation Guide 2060

PKF Littlejohn LLP INTERNAL AUDIT EFFECTIVENESS REVIEW INSURANCE

Control Environment Toolkit: Internal Audit Function

Implementation Guide 2050

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2016

TOYOTA FINANCIAL SERVICES (SOUTH AFRICA) LIMITED

City of Edmonton EXTERNAL QUALITY ASSESSMENT OF THE OFFICE OF THE CITY AUDITOR. September 11, 2015

Corporate Governance Principles 2015

TEACHERS RETIREMENT BOARD. SUBJECT: Fiscal Year Audit Services External Quality Assessment Review CONSENT: ATTACHMENT(S): 1

Internal Audit Appendix: IIA Standards

BSI Steel Limited. King III Compliance

CITIBANK N.A JORDAN. Governance and Management of Information and Related Technologies Guide

Chapter 1 : Ethical leadership and corporate citizenship. Principle 1.1: The board should provide effective leadership based on an ethical foundation.

Building a Sustainable Quality Program

Session 6C Internal audit value Developing metrics to present IA value

The NYSE Internal Audit Requirement

Transcription:

Quality Assurance in Internal Audit Standard on Internal Audit (SIA) 7 1

Agenda Introduction Expectations from Internal Audit Quality Assurance Framework Internal Quality Review External Quality Review Key Statistics Comparison with IIA Recap

Introduction Given the different elements of Quality, the key steps are: Recognizing who the stakeholders are What are the expectations of these stakeholders

Is Internal Audit Addressing Stakeholders Needs? CEO/COO CFO What unforeseen events might disrupt our strategy and prevent achievement of our goals? What risks could materially impact our financial results? Board/Audit Committee How are we managing business risks? How are we assured they are being covered appropriately under Audit? General Counsel General Managers What could we do to further minimize our legal and regulatory liabilities? How much risk am I allowed to take? What is our corporate risk appetite? Risk Managers How efficient is our current risk financing strategy? Does the current risk management strategy adequately capture the key risks? How well does senior management understand risk? Regulators How great is management s risk awareness? What is their ability to manage compliance with the regulatory requirements?

Expectations from Internal Audit

Expectations from Internal Auditors SIA -2 Continuing responsibility to maintain professional knowledge and skills at a level required Ensure competent professional service based on latest developments in: Internal Audit Profession Economy Industry Legislation

Quality Assurance Framework Consider the following while establishing Quality assurance framework

Quality Assurance Framework Quality Assurance over entire Internal Audit Activity IA scope and objectives Define the Audit Universe Prepare the Risk Based Audit Plan Engagement Planning Reporting Allocation of Resources Proficiency and Due Professional care Review Fieldwork Independence & Objectivity

Elements of Internal Audit Activity

Objectives of Quality Assurance Program Quality Assurance program should perform evaluation of

Coverage of Quality assurance program Aspects of internal audit to be covered from the following perspectives

Internal Quality Assurance Reviews

Internal Quality Assurance Reviews Adequate supervision is the basis of a quality programme and also the foundation upon which internal and external assessments are conducted Effective supervision ensures compliance with Internal Audit Policy Internal Auditing Standards Internal Audit Programmes.

Internal Quality Assurance Reviews Methods/ Parameters for continuous monitoring of internal audit activity Ø Ongoing Monitoring (Engagement Manager) Ø Ongoing Review of workpapers and sign off Ø Feedback from auditee Units Ø Internal Audit Automation and checks Appropriate measure to ensure adequate time and resources are spent on high risk and complex areas Periodic Self Assessment (Other than engagement Manager) Ø Adherence to Internal polices and procedures Ø Review of work papers Ø Quality of supervision Ø Review of performance metrics

External Quality Assurance Reviews

Expectations from External Quality reviewer Independent review Grant assurance as to whether IA is acting in accordance with its mission and charter Provide feedback of how IA is received by the audit committee, senior management and internal clients (line management) Supply senior management with real-world recommendations for Internal Audit Leading Good Practices Identify whether IA meets or exceeds applicable standards

What The Reviewer Should Look For Independence / Objectivity Proactive Approach Risk Based Approach Alignment with Corporate Objectives Understanding of the Business Acts as a Catalyst for Change Innovative and Consultative Leveraging Technology and Leading Practices Effective Communication and Relationships Value Perception Dynamic and Flexible

Quality Assessment Approach Gather Information Opportunity Factors l Business risk focus l Meeting/ exceeding stakeholder expectations l Value-added recommendations l Efficiency and effectiveness of operations Focus is on effectiveness of operations, stakeholder perceptions, compliance to standards and internal audit practices Interviews with senior and line management Interviews with Audit Committee l Organization/People l Processes/Methodologies Staff and management questionnaires Review of IA resources and personnel Perform Analysis Key Focus Areas Review of internal audit work products for compliance to standards l Stakeholder Perceptions l Performance Bench-marking against Leading Practices Recommendations & Action Plans

Interview/ survey Conduct surveys/ interviews of: Audit Committee members Senior/executive management CAE Internal audit senior level members Internal Audit staff members

Key metrics for benchmarking Staff levels Staff knowledge and skills Training hours IA cost with component wise breakup Areas outsourced IA plan distribution

Conclusion and Reporting Discuss the gaps and recommendations with the CAE Contents of the QAR report typically includes: Executive summary Process Benchmarking Interviews conducted and interview results Survey results Compliance status with standards (IIA/ ICAI) Generally Compliance Partial Compliance Non compliance Suggestions of leading good practice opportunities for consideration by the internal audit team Results of the external quality assessment review should be communicated to the senior management and Board/ Audit Committee including the plan of action for implementation of recommendations.

The added Value of Quality Assessment A Quality Assessment should go above and beyond confirming compliance to the Standards. Key questions include: Is Internal Audit focused on the right things? Is Internal Audit properly equipped to contribute the appropriate value to the organization? Does Internal Audit play a key role in the corporate governance and risk management process? Does Internal Audit understand stakeholder needs and expectations? And are they meeting

Key Statistics Absence of formal policy and procedures for QAIP - 38% Organizations performing ongoing internal assessment reviews 76% Organizations performing periodic internal assessment reviews 56% Internal assessment review methods used: Ongoing review Statistics Periodic review Statistics Engagement Supervision 87% In-depth Interviews 38% Checklist 74% Self assessment 73% Feedback 81% Benchmarking 64% Budget and Timekeeping 65% Peer reviews 9% Audit plan completion 85% Combination 22%

Key Statistics Sharing of Internal assessment results: Senior management 61% Audit committee - 67% Board of Directors 16% No one 15% Types of external quality assessment review: Self assessment with independent external validation 19% Independent and external assessment 81% Frequency of external quality assessment review: 1 to 2 years 5% 3 to 4 years 29% 5 years 65% Others 1%.

Key Statistics Ares covered in an external assessment review: Compliance with professional standards 93% Review of Charter and IA policy manual 96% Legislation and Regulatory compliance 52% Management expectations 85% Integration with Governance process 67% Audit Process, tools and techniques used 90% Staff Mix, knowledge and expertise 93% Whether IA adds value 72%

Comparison with IIA IIA - 1300 SIA - 7 Develop and maintain a Quality Assurance and Improvement Program ( QAIP ) that covers all aspects of the internal audit activity and continuously monitors its effectiveness. Process to monitor and assess overall effectiveness of quality program. Include both internal and external assessments System of quality assurance should include policies and procedures addressing: Leadership responsibilities for quality in internal audit Ethical requirements Acceptance and continuance of client relationship or specific engagement Human Resources Engagement performance Monitoring.

Comparison with IIA Internal assessments include ongoing reviews and periodic reviews External assessments - Once every five years IIA - 1300 SIA - 7 The CAE should communicate the results of external assessments to the board The internal quality review To be done by person responsible for quality Assurance and/ or other experienced member(s) of the internal audit function External quality review - Once in three years Results of the internal and external quality reviews to be communicated to management and those charged with governance along with the action plan

Recap Applicable to In-house internal audit department and External firm of professional accountants. Provide reasonable assurance that the internal auditors comply with Professional standards, Regulatory and legal requirements and reports issued are appropriate System of Quality Assurance should cover polices and procedures covering: Leadership responsibility for quality Ethical requirements Human Resources Engagement Performance Monitoring

Recap Quality Assurance framework should cover all aspects of Internal Audit: Compliance with the Internal Audit Policies and procedures Budget monitoring Internal Audit Plan Risk Assessment Audit tools and Technology Coordination with external auditors Staffing aspects Training and Professional Development Performance Metrics Follow up for closure of audit findings.

Recap Quality Assurance framework should cover: Internal Audit Manual Covering all aspects of Internal Audit Staff Training and Supervision Feedback process Performance Criteria Benchmarking. Internal Quality Review: Ongoing and Continuous monitoring Done by person from Internal Audit function Results should be communicated to Management and ACB External Quality Review: Atleast once in 3 years as per SIA -7 Professionally qualified person having an in depth knowledge and experience Results should be communicated to Management and ACB.

Questions?

THANK YOU

Comparison with IIA SIA-7 does not cover the following: Qualifications of the internal assessors and external assessors No recommendations on the scope of internal and external assessment Self assessment Manner of reporting on the quality programme assessment Disclosures required if internal auditing standards are not met As per SIA external assessment is required to be carried out once in 3 years, however as per IIA it is once in 5 years.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback