Approach Towards Audit
- The scope of internal auditing should encompass the examination of the adequacy and effectiveness of the organization’s system of internal control and the quality of performance in carrying out assigned responsibilities.
- Assessment (adequacy and effectiveness).
- Enhancement (measuring performance quality Improvement
- The organization in the effective discharge of their responsibilities.
- The audit objective includes promoting control at Internal auditing is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization.
- The objective of internal auditing is to assist members of reasonable cost.
Designing Audit Tests
- Evidence is created from tests or questions.
- The creation of the right test or question to ask is a process of working backwards from the audit objective.
Effective statements of corrective action include:
- The specific steps to be taken,
- The completion date and
- The person responsible for completion.
- Test description or question.
- Results (clearly stated).
Documentation of test results and conclusions.
Automated Work Papers provide
- A framework to guide the audit process.
- Support for the conclusions reached by the audit.
- A record of the audit process and its conformance to standards.
Discussion of draft report with managemaent
- To avoid misunderstandings.
- To give management a ‘heads-up’ about issues.
- To encourage corrective action as soon as possible.
- Cross-reference the audit point sheets to the conclusions in the audit work papers (and backreference the conclusions to the report).
- Contacts (of auditee/ audit team)
- Status Tracker (Scope, Start Date, Completion date, Reason for Pending, responsibility, Population, Sample, Sample methodology, remarks)
- Review Notes
- Requirement Tracker (Requirement, Area, Responsibility, Request Date, Received date, Time Lag in receipt of data, days lapsed)
- Checklist (Scope, Sub scope, Risk, Control, Checkpoints, Population, Sample, Exceptions, Observations, Backup paper)
- Query Sheet (Query, Financial Impact, Risk, recommendations, Area, Annexure, Resolved, Response, Responsibility,Reportable/Dropped, Backup paper)
- Audit Completion Checklist.
- Cover letter,
- Background and Objective of audit
- Scope and approach
- Detailed Observation (High, Medium, Low)
- Other Points for Management Attention
- Positive assurance
- Audit Summary (Area, Location, Audit Period, Audit Team,Function Head, Scope, Field audit dates/ period)
- Scope, Sampling and Limitation to scope
- Positive Assurance
- Key Observations
- Other observations
- Identification of Audit Universe
- Breaking up into Processes
- Risk Identification
- Risk Assessment and Evaluation
- Risk Scoring and Heat Map
- RBIA Plan
- Execution of RBIA Plan
Analysis of processes:Will facilitate identification of the operational risk
Brainstorming: A group of employees put forward their ideas or sensations of risk
Interview: Interview with various management level members in order to elicit their concerns
Workshops: Meeting the employees in order to identify the risks and assess impact
Comparison with other organisations: Benchmarking is the technique used for comparing one’s own organization with competitors
After identifying and analyzing the risk, next step is the evaluate the risk.
1.What is the likelihood of the risk event occurring?
- Almost certain
What is the consequence if the risk event occurs?
- Very High
Components of Risk Evaluation
- Financial Risk
- Industry Trends
- Credit risk
- Market risk
- Forex risk
- Settlement risk
- Reputation Risk
- Impact of Process
- Extent of customer interaction
- Effect on Future Business Plans
- Reputation risk wrt operations outsourcing
- Information Technology Risk
- Dependence on IT systems
- Scalability / Up gradation
- Confidentiality of the data
- Number of interfaces
- Vendor support
- Skills / Training
- External agencies involvement
- Regulatory Risk
- Number of Regulators and Acts
- Complexity of Acts
- Applicability of international Laws
- Operational Risk
- Process complexity
- Importance of MIS & safe-keeping
- Fraud control
- Auditors’ findings
- Budget variations
- Legal Risk
- Legal Action by Counter –party
- Non enforcement of the Legal rights
Professional Approach Of The Main Partner
- Ensure a positive link between the audit objective and the entity’s goals.
- Ensure the audit program will produce the evidence as required.
- Ensure that each test will provide the evidence required by the audit program.
Commitment To Excellence
- Ensures all aspects of problems (findings) are captured.
- To provide time bound services with total client solutions.
- To develop dedicated industry practice driven by industry experts.
- To create an organisation in which team feels proud to work & client feels prestigious to be associated with.