Top Ten Issues facing Internal Auditing in the Future

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Top Ten Issues facing Internal Auditing in the Future"

Transcription

1 Top Ten Issues facing Internal Auditing in the Future The IIA Dallas Chapter April 6, 2006 Presented by: David A. Richards, CIA, CPA President The Institute of Internal Auditors 1

2 Agenda What should Internal Auditors do? Top Ten areas for internal auditors to focus on for the future How can The IIA help? 2

3 Definition of Internal Auditing: Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization s operations. It helps an organization accomplish its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the risk management, control and governance processes. (Approved by the Board of Directors 6/26/99) 3

4 What do Internal Auditors Do? Help solve problems Confirm accuracy of information Ensure assets are properly safeguarded Confirm compliance to laws & regulations Help improve the effectiveness and efficiency of processes Investigate fraud situations Provide a resource for skills 4

5 What are our Constituents saying about us? Communication needs improvement (AC, Mgt, EA) Focus needs better alignment Resources/skills need assessment Top areas for attention: control, risk, fraud, IT Assessment of results presentation 5

6 Where are we now??? What Image do we have? What type of Outputs do we produce? What Process do we follow? What ability do we have to control the future? What indicators do we have of how we are doing? 6

7 Where are we now??? Image Corporate cop Compliance focused Partner Source of value creation Involved in corporate initiatives Customer focused 7

8 Where are we now??? Outputs Findings / causes Recommendations Implementation help Post implementation verification / confirmation of results that resolve issues Anticipate customer needs 8

9 Where are we now??? Cycle Process Risk based Customer input Customer focused / driven Competitive (Bid) Proactive vs. reactive 9

10 Agenda What should Internal Auditors do? Top Ten areas for internal auditors to focus on for the future How can The IIA help? 10

11 #1:Fraud Audit Techniques 11

12 Fraud Responsibilities Internal Auditing Fraud risk identification & response Investigating Fraud cases Fraud consideration in each audit Support Hot Line Support Education & Training Help Ethics Officer Fraud Program Help establish Corporate Compliance Program 12

13 Fraud Aspects Awareness Training Identification Investigation 13

14 #2:Technology Expertise 14

15 Assessing IT Controls Understanding IT Controls Governance, Management, Technical General / Application Preventive, Detective, Corrective Information Security Importance of IT Controls Roles & Responsibilities for IT Controls Based on Risk Monitoring techniques Assessment Process 15

16 GAIT Scoping Example For financial reporting, the scope of IT control testing has three primary axes: What business processes are in scope? Which business processes are relevant to financial reporting (e.g., materiality)? How significant is the business process to the financial reporting objective? What other transactional controls exist that may create assurance of the business process integrity (e.g., manual settlement and balancing)? Example: 10 revenue generating systems; external auditors won t look at all 10, but will concentrate on the 3 that compose 85%. For those business processes in scope, what IT assets are considered relevant to financial reporting (e.g., distance and percentage of controls embedded in IT)? Example: 10 revenue generating systems; external auditors won t look at all 10, but will concentrate on the 3 that compose 85% of the overall revenues. What level of controls evaluation and testing is required to create sufficient assurance for management to make the assertions related to IT change and IT entitlements transactions (e.g., completeness, accuracy, etc.)? What are the types of controls in place? The level of assurance goes from highest to lowest, in the following order: automated and preventive automated and detective: manual and preventive manual and detective 16

17 #3:Governance Auditing 17

18 Governance Key Words Expectations What is needed for Success: Policies, procedures, guidance, organization, assignment of responsibilities Communications Informing & Training Accountability holding people accountable for meeting expectations 18

19 IIA Standards-Governance 2130-Governance The internal audit activity should contribute to the organization's governance process by evaluating and improving the process through which (1) values and goals are established and communicated, (2) the accomplishment of goals is monitored, (3) accountability is ensured, and (4) values are preserved 19

20 Allocation of IA Effort Best Practice reviews Perform audits of design & effectiveness of specific governance processes Audit Effort Provide advice with focus on Establishing Governance Structure Less Structured More Structured Governance Model 20

21 What Should IA Do? Setting Expectations: IA should: -- Help drafting of policies, procedures, processes, guidance to utilize their - knowledge -expertise -- Ensuring Controls are build into processes not added on 21

22 What Should IA Do? Communicate: IA should: -- Assist in training programs on - Ethics - Risk identification - Control options - Fraud awareness -- Design programs -- Participation in training sessions 22

23 What Should IA Do? Accountability: IA should: -- Perform objective assessments using systematic, disciplined approach that incorporates an evaluation of evidence -- Ensure compliance to management directives by comparison of actual to criteria -- Assist in evaluation of processes to ensure efficient operations and effective accomplishment of objectives 23

24 #4:Internal Control Assessment & Opinion 24

25 Control Defining Key Controls Assessing Control Effectiveness Opinion 25

26 Control A Process Effected by an Entity s Board of Directors, Management and Other Personnel, Designed to Provide Reasonable Assurance regarding the Achievement of Objectives in the following categories: --Effectiveness & Efficiency of Operations --Reliability of Financial Reporting --Compliance with Applicable Laws & Regulations --Safeguarding of Assets COSO Definition 26

27 Opinion on IC Evaluation criteria & structure Scope Who has responsibility for IC Type of opinion Positive assurance Binary Graded Directional Negative assurance Qualified 27

28 Issues Estimates Closing Process Journal Entries Reconciliations Assignment of Responsibilities Accountability Ethics Risk Assessment Governance (Principles) IT Controls Analysis & Monitoring 28

29 #5:Risk Assessment Approach 29

30 5. Risk Assessment Knowledge Use Reporting Audit Committee & Risk ERM & IA 30

31 Definition IIA Research Report A rigorous and coordinated approach to assessing and responding to all risks that affect the achievement of an organization s strategic and financial objectives. This includes both upside and downside risks. 31

32 Key Concepts Premises ERM enables management to effectively deal with uncertainty and associated risk and opportunity, enhancing the capacity to build value 32

33 Core Roles for IA on ERM Giving assurance on risk management processes. Giving assurance that risks are correctly evaluated. Evaluating risk management processes. Evaluating the reporting of key risks. Reviewing the management of key risks. 33

34 Roles IA Can Do Facilitating identification and evaluation of risks. Coaching management in responding to risks. Coordinating ERM activities. Consolidating the reporting on risks. Maintaining and developing the ERM framework. Championing establishment of ERM. Developing risk management strategy for board approval 34

35 Roles IA should NOT do Setting the risk appetite. Imposing risk management processes. Management assurance on risks. Taking decisions on risk responses. Implementing risk responses on management's behalf. Accountability for risk management. 35

36 ERM Framework What s New? STRATEGIC OPERATIONS REPORTING Internal Environment COMPLIANCE SUBSIDIARY Objective Setting BUSINESS UNIT Event Identification DIVISION ENTITY - LEVEL Risk Assessment Risk Response Control Activities Information and Communication Monitoring 36

37 M A R K E T / E X T E R N A L R I S K Competitor Sensitivity Investor Capital Availability Sovereign/Political Legal Regulatory Industry Financial Markets Business Interruption Collateral Catastrophic Loss Sourcing Interest Rate Currency Commodity Equity BUSINESS PROCESS RISK Cash Flow Concentration (Liquidity) Concentration (Credit) Efficiency Customer Satisfaction Performance Gap Cycle Time Dispatch Pension Fund Compliance Planning Product/Service Failure Opportunity Costs Environmental Scan Pricing Product Development Regulatory Reporting (Operating) Regulatory Reporting (Financial) Resource Allocation Taxation Collective Bargaining SYSTEM & TOOLS RISK Integrity Access Availability Infrastructure MANAGEMENT REPORTING O P E R A RISK T I O N A L R I S K Accounting Information Contract Commitment Financial Reporting Evaluation Relevance Treasury Reporting FACILITIES & EQUIPMENT RISK Capacity Environmental Health & Safety Obsolescence/Shrinkage MODEL & ASSUMPTION RISK Budget & Planning Financial Instrument Investment Evaluation Performance Measurement (Process) Valuation COUNTERPARTY RISK Default Outsourcing Settlement ORGANIZATION, MANAGEMENT & STRUCTURE RISK Authority/Limit Change Readiness Communications Employee Fraud Human Resources Illegal Acts Leadership Management Fraud Organization Structure Performance Incentives Unauthorized Use BUSINESS STRATEGY AND POLICY RISK Alignment Business Portfolio Credit Policy Life Cycle Performance Measurement 37 Reputation Trademark/Brand Name Erosion

38 Essential Process OBJECTIVES EVENTS INHERENT RISK RESPONSES RESIDUAL RISK 38

39 Essential The Big Picture High Impact/ Low Likelihood High Impact/ High Likelihood Low Impact/ Low Likelihood Low Impact/ High Likelihood 39

40 #6:Time Management 40

41 #7:Willingness to step up to the plate & be counted 41

42 #8:Observation Skills Application 42

43 #9:Consultancy / Process Analysis Skills 43

44 #10:Communication Skills 44

45 Agenda What should Internal Auditors do? Top Ten areas for internal auditors to focus on for the future How can The IIA help? 45

46 The IIA Vision The global voice of the internal auditing profession: advocating its value, promoting best practice, and providing exceptional service to its members. 46

47 The IIA Mission Statement The mission of The Institute of Internal Auditors is to provide dynamic leadership for the global profession of internal auditing. Activities in support of this mission will include but will not be limited to: 1. Advocating and promoting the value that internal audit professionals add to their organizations; 2. Providing comprehensive professional growth opportunities; standards and other professional practice guidance; and certification programs; 47

48 The IIA Mission Statement (Continued) 3. Researching, disseminating, and promoting to practitioners and stakeholders knowledge concerning internal auditing and its appropriate role in control, risk management, and governance; 4. Educating practitioners and other relevant audiences on best practices in internal auditing; and 5. Bringing together internal auditors from all countries to share information and experiences. 48

49 IIA Mission is to provide: Guidance & Standards Certification Program Research Promotion of the Profession Forum for interchange Training 49

50 IIA Top Needs Advocacy Globalization Service to Members 50

51 Advocacy Position papers Key Constituent Groups Link to IIA Advocate Advocacy Specific Plan for each Group Objective Approach Measures of success 51

52 Global Initiatives Guidance Planning Academic Relations Government Auditors SOA / Control Assessment Technology Based Learning Service Providers Knowledge Management Customer Service 52

53 Global Initiatives Branding Certification (CBT) Translations on Website Webcasts Bill Bishop Memorial Fund Project Global Seminars IT GTAG & GAIT 53

54 Global Initiatives International Conference Model GAIN Flash Surveys Capacity Development Website Redesign CIA Training Course Career Board 54

55 Operations - Service Website Information Affiliate Relations (restructure) Membership (growth & retention) New Computer Systems (Cust Serv) Bookstore global reach CIA (exam training, CAE testing, Support) Quality Assessment (SAWIV, tools, QA Manual) Publications On line delivery 55

56 The Internal Auditing Activity is a key element in an On-going Monitoring and Oversight Program within an Organization. It demonstrates Management & Board commitment to ensuring accuracy, efficiency, and effectiveness of operations & reporting. 56

ERM in Insurance (Solvency II) Special Interest Group

ERM in Insurance (Solvency II) Special Interest Group ERM in Insurance (Solvency II) Special Interest Group Linking ORSA and business planning Embedding risk management in decision making Jacqueline Fenech, Director 29 May 2013 Agenda The ugly truth The not

More information

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide RISK BASED AUDITING: A VALUE ADD PROPOSITION Participant Guide About This Course About This Course Adding Value for Risk-based Auditing Seminar Description In this seminar, we will focus on: The foundation

More information

Enterprise-Wide Risk Assessment

Enterprise-Wide Risk Assessment Enterprise-Wide Risk Assessment Agenda 1. Definition of risk. 2. Risk drivers in higher education today. 3. Implementing an enterprise-wide risk management (ERM) program to effectively assess, manage,

More information

Matthew E. Breecher Breecher & Company PC November 12, 2008

Matthew E. Breecher Breecher & Company PC November 12, 2008 Applying COSO s Enterprise Risk Management Integrated Framework Matthew E. Breecher Breecher & Company PC November 12, 2008 The basic outline for this presentation was provided by: Objectives for the session:

More information

Integration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand

Integration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand Integration of Risk Management and Internal Audit Chartered Institute of Management Accountants, New Zealand Contents Understanding the three lines of defense governance model What is Risk? Risk Management

More information

International Professional Practices F. Framework. Daniela Danescu CIA, CGAP member of The IIA Public Sector Committee Yerevan, October 21, 2009

International Professional Practices F. Framework. Daniela Danescu CIA, CGAP member of The IIA Public Sector Committee Yerevan, October 21, 2009 International Professional Practices F Framework Daniela Danescu CIA, CGAP member of The IIA Public Sector Committee Yerevan, October 21, 2009 Agenda Mandatory Guidance Strongly Recommended Guidance Differences

More information

IFAD Policy on Enterprise Risk Management

IFAD Policy on Enterprise Risk Management Document: EB 2008/94/R.4 Agenda: 5 Date: 6 August 2008 Distribution: Public Original: English E IFAD Policy on Enterprise Risk Management Executive Board Ninety-fourth Session Rome, 10-11 September 2008

More information

Understanding SAS 70 Reports on Internal Control

Understanding SAS 70 Reports on Internal Control Understanding SAS 70 Reports on Internal Control PwC Agenda Internal Control Reporting: A Focus on SAS 70 Trends affecting internal control reporting Discussion points for Mutual Fund Directors with management

More information

Enterprise Risk Management Program at HCA. ERM Roundtable. February 25, 2005 HCA. David Hughes, CPA, CIA AVP, ERM Office

Enterprise Risk Management Program at HCA. ERM Roundtable. February 25, 2005 HCA. David Hughes, CPA, CIA AVP, ERM Office Enterprise Risk Management Program at ERM Roundtable February 25, 2005 David Hughes, CPA, CIA AVP, ERM Office Agenda 1. 1. Overview of of 2. 2. Evolution of of our ERM Program 3. 3. Risk Identification

More information

2015-2020. IIA Global Strategic Plan 2015-2020

2015-2020. IIA Global Strategic Plan 2015-2020 2015-2020 IIA Global Strategic Plan 2015-2020 IIA Global Strategic Plan 2015 2020 As used in this document, The IIA Global Strategic Plan, The IIA refers to and is representative and inclusive of the global

More information

and Risk Tolerance in an Effective ERM Program

and Risk Tolerance in an Effective ERM Program The Roles of Risk Appetite and Risk Tolerance in an Effective ERM Program Eric Gerner, Risk Advisory Services Director Tuesday, July 10, 2012 General Information Share the webinar Ask a question Votes

More information

The Essentials of Enterprise Risk Management. Steven C. Tourek, Senior Vice President, General Counsel & Secretary, The Marvin Companies

The Essentials of Enterprise Risk Management. Steven C. Tourek, Senior Vice President, General Counsel & Secretary, The Marvin Companies The Essentials of Enterprise Risk Management Steven C. Tourek, Senior Vice President, General Counsel & Secretary, The Marvin Companies Introduction How should an organization think about the management

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page

More information

Developing Effective Internal Controls Using the COSO Model

Developing Effective Internal Controls Using the COSO Model Developing Effective Internal Controls Using the COSO Model Office of State Controller Internal Controls in a COSO Environment Seminar Raleigh, North Carolina March 2007 Mark S. Beasley Director, ERM Initiative

More information

Board Risk & Compliance Committee Charter

Board Risk & Compliance Committee Charter Board Risk & Compliance Charter 10 December 2015 PURPOSE 1) The purpose of the Westpac Banking Corporation (Westpac) Board Risk & Compliance () is to assist the Board of Westpac (Board) as the Board oversees

More information

Internal Auditing Guidelines

Internal Auditing Guidelines Internal Auditing Guidelines Recommendations on Internal Auditing for Lottery Operators Issued by the WLA Security and Risk Management Committee V1.0, March 2007 The WLA Internal Auditing Guidelines may

More information

Get More Out of Your Risk Assessment. Austin Chapter of the IIA

Get More Out of Your Risk Assessment. Austin Chapter of the IIA Get More Out of Your Risk Assessment Austin Chapter of the IIA Speakers Alyssa G. Martin, CPA Dallas Executive Partner, Advisory Services 25 years of public accounting experience, with a practice emphasis

More information

INTERNAL AUDIT FRAMEWORK

INTERNAL AUDIT FRAMEWORK INTERNAL AUDIT FRAMEWORK April 2007 Contents 1. Introduction... 3 2. Internal Audit Definition... 4 3. Structure... 5 3.1. Roles, Responsibilities and Accountabilities... 5 3.2. Authority... 11 3.3. Composition...

More information

INTERNAL CONTROLS EVALUATION

INTERNAL CONTROLS EVALUATION INTERNAL CONTROLS EVALUATION Planning an Internal Controls Evaluation Project Internal Control Documentation Internal Control Testing Evaluation of Internal Control Deficiency Reporting Internal Control

More information

INTERNAL AUDIT SERVICES CHARTER

INTERNAL AUDIT SERVICES CHARTER INTERNAL AUDIT SERVICES CHARTER www.afrimat.co.za F2016 MISSION AND SCOPE OF WORK The mission of the Internal Audit Service ( IAS ) is to provide independent, risk based internal auditing and consulting

More information

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement Understanding the Entity and Its Environment 1667 AU Section 314 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement (Supersedes SAS No. 55.) Source: SAS No. 109.

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT POLICY TITLE OF POLICY POLICY OWNER POLICY CHAMPION DOCUMENT HISTORY: Policy Title Status Enterprise Risk Management Policy (current, revised, no change, redundant) Approving

More information

Part A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...

Part A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES... Part A OVERVIEW...1 1. Introduction...1 2. Applicability...2 3. Legal Provision...2 Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...3 4. Guiding Principles...3 Part C IMPLEMENTATION...13 5. Implementation

More information

Internal Auditing: Assurance, Insight, and Objectivity

Internal Auditing: Assurance, Insight, and Objectivity Internal Auditing: Assurance, Insight, and Objectivity WHAT IS INTERNAL AUDITING? INTERNAL AUDITING business people all around the world are familiar with the term. But do they understand the value it

More information

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date

More information

Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus

Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus QIAL SYLLABUS MARCH 2015 Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus The QIAL assessment comprises five sections: Case study 1*: Internal Audit Leadership (3 hours and 45 minutes)

More information

Standards for the Professional Practice of Internal Auditing

Standards for the Professional Practice of Internal Auditing Standards for the Professional Practice of Internal Auditing THE INSTITUTE OF INTERNAL AUDITORS 247 Maitland Avenue Altamonte Springs, Florida 32701-4201 Copyright c 2001 by The Institute of Internal Auditors,

More information

WHAT IS INTERNAL AUDIT?

WHAT IS INTERNAL AUDIT? WHAT IS INTERNAL AUDIT? Information to help you understand the role and value of internal audit What is internal audit? As organisations and the world they operate in become more complex, so internal audit

More information

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE March 2012 Table of Contents Executive Summary... 1 Introduction... 1 Risk Management and Assurance (Assurance Services)... 1 Assurance Framework...

More information

Risk, Risk Assessments and Risk Management. Christopher Bowler CPA, CISA August 10, 2015

Risk, Risk Assessments and Risk Management. Christopher Bowler CPA, CISA August 10, 2015 + Risk, Risk Assessments and Risk Management Christopher Bowler CPA, CISA August 10, 2015 + Agenda A Few Thoughts Fundamentals of Risk Assessments Fundamentals of Risk Management Assessments vs. Management

More information

Achieving Our Potential Key challenges and trends Adapting the internal audit organization & plan. Final thoughts on Achieving Our Potential

Achieving Our Potential Key challenges and trends Adapting the internal audit organization & plan. Final thoughts on Achieving Our Potential 2 Achieving Our Potential Key challenges and trends Adapting the internal audit organization & plan Strategies for success Final thoughts on Achieving Our Potential 3 As individual practitioners Be all

More information

Developing an Effective Enterprise Risk Management Program

Developing an Effective Enterprise Risk Management Program Developing an Effective Enterprise Risk Management Program Jay Brietz, CPA and CIA Senior Manager This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record

More information

Internal Audit Charters

Internal Audit Charters Internal Audit Charters Part of a series of notes to help Centers review their own internal management processes from the point of view of managing risks and promoting good governance and value for money,

More information

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES

GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES 20 th February, 2013 To Insurance Companies Reinsurance Companies GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES These guidelines on Risk Management and Internal

More information

Effective Internal Audit in the Financial Services Sector

Effective Internal Audit in the Financial Services Sector Effective Internal Audit in the Financial Services Sector Recommendations from the Committee on Internal Audit Guidance for Financial Services: How They Relate to the Global Institute of Internal Auditors

More information

Credit Unions RISK ADVISORY SERVICES. Enterprise Risk Management, Internal Audit and Complex Accounting Services

Credit Unions RISK ADVISORY SERVICES. Enterprise Risk Management, Internal Audit and Complex Accounting Services Credit Unions RISK ADVISORY SERVICES Enterprise Risk Management, Internal Audit and Complex Accounting Services Credit unions care about personal service. So do we. How BDO works with credit unions Credit

More information

SAI GLOBAL LIMITED Risk Management Policy

SAI GLOBAL LIMITED Risk Management Policy SAI GLOBAL LIMITED Risk Management Policy SAI Global Ltd ABN 67050611642 Last Updated: February 2012 Contents 1. Risk Management... 3 2. Policy... 3 3. Risk Management Philosophy... 3 4. Risk Appetite...

More information

Competency Requirements for Executive Director Candidates

Competency Requirements for Executive Director Candidates Competency Requirements for Executive Director Candidates There are nine (9) domains of competency for association executives, based on research conducted by the American Society for Association Executives

More information

Stepping Through the Business Continuity Plan Audit

Stepping Through the Business Continuity Plan Audit Stepping Through the Business Continuity Plan Audit Doug Menendez Graybar Electric Company Presentation to MidAmerica Contingency Planning Forum February 16, 2012 Introduction Whether it is from internal

More information

Auditing Treasury Activities. Devina Rankin Assistant Treasurer

Auditing Treasury Activities. Devina Rankin Assistant Treasurer Auditing Treasury Activities Devina Rankin Assistant Treasurer Overview of the Treasury Function Making sure the right amount of cash is in the right accounts on a daily basis Day-to-day cash management

More information

T The Revised COSO ERM Framework. Robert Hirth Chairman, COSO

T The Revised COSO ERM Framework. Robert Hirth Chairman, COSO T The Revised COSO ERM Framework Robert Hirth Chairman, COSO COSO: Thought Leadership to Improve Your Organization What the Heck is COSO?... Originally formed in 1985, COSO is a joint initiative of five

More information

Internal Audit and Advisory Services DRAFT

Internal Audit and Advisory Services DRAFT Internal Audit and Advisory Services DRAFT PAGE(S) Message from the Internal Audit and Advisory Services...1-2 Internal Audit and Advisory Services Plan...3-5 Objectives...6-7 Risk Assessment Process...8

More information

Administrative Guidelines on the Internal Control Framework and Internal Audit Standards

Administrative Guidelines on the Internal Control Framework and Internal Audit Standards Administrative Guidelines on the Internal Control Framework and Internal Audit Standards GCF/B.09/18 18 February 2015 Meeting of the Board 24 26 March 2015 Songdo, Republic of Korea Agenda item 24 Page

More information

Practice guide. quality assurance and IMProVeMeNt PrograM

Practice guide. quality assurance and IMProVeMeNt PrograM Practice guide quality assurance and IMProVeMeNt PrograM MarCh 2012 Table of Contents Executive Summary... 1 Introduction... 2 What is Quality?... 2 Quality in Internal Audit... 2 Conformance or Compliance?...

More information

Enterprise Risk Management

Enterprise Risk Management Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's

More information

The IIA Standards: The IPPF Framework

The IIA Standards: The IPPF Framework The IIA Standards: The IPPF Framework S P E A K E R : D O T T. R O B E R TO R O S ATO C O U R S E O F B U S I N E S S A U D I T I N G U N I V E R S I T Y O F R O M E T O R V E R G A T A D E C E M B E R

More information

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma Governance, Risk, Compliance (GRC) Automation Siamak Razmazma Siamak.razmazma@protiviti.com September 2009 Agenda Introduction to

More information

International Standards for the Professional Practice of Internal Auditing INTRODUCTION ATTRIBUTE STANDARDS

International Standards for the Professional Practice of Internal Auditing INTRODUCTION ATTRIBUTE STANDARDS INTRODUCTION Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps an organisation accomplish its objectives

More information

Export Development Canada

Export Development Canada Export Development Canada Special Examination Report 2009 Office of the Auditor General of Canada Bureau du vérificateur général du Canada Ce document est également publié en français. Office of the Auditor

More information

Internal Audit Manual

Internal Audit Manual COMPTROLLER OF ACCOUNTS Ministry of Finance Government of the Republic of Trinidad Tobago Internal Audit Manual Prepared by the Financial Management Branch, Treasury Division, Ministry of Finance TABLE

More information

Enterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM

Enterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM Enterprise Risk Management: COSO, New COSO, Dr. Hugh Van Seaton, Ed. D., CSSGB, CGMA, CPA Review of ERM COSO a process, effected by an entity's board of directors, management and other personnel, applied

More information

THE BOARD S ROLE AND RESPONSIBILITIES OVER THE CONTROL ENVIRONMENT. Session 4

THE BOARD S ROLE AND RESPONSIBILITIES OVER THE CONTROL ENVIRONMENT. Session 4 THE BOARD S ROLE AND RESPONSIBILITIES OVER THE CONTROL ENVIRONMENT Session 4 Road Map of Presentation Review of the key responsibilities of the Board - the direct links to the IC System & IA function Analyze

More information

Internal Audit & the Audit Committee

Internal Audit & the Audit Committee HCCA Audit & Compliance Committee Conference October 2007 Internal Audit & the Audit Committee Glen C. Mueller, CPA, CIA, CISA, CISM Scripps Health, San Diego, CA VP-Chief Audit & Compliance Executive

More information

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus

More information

Advisory Services. Financial. Business Risk. Administration. Understanding Creating Implementing

Advisory Services. Financial. Business Risk. Administration. Understanding Creating Implementing Advisory Services Financial. Business Risk. Administration. Understanding Creating Implementing Our Firm... Grant Thornton Advisory Services Al-Aiban & Al-Qatami Co. is a member firm incorporated with

More information

University Audit and Compliance

University Audit and Compliance Risk Assessment Process Enterprise-Wide Risk Assessment Risk Assessment Process Risk Assessment: A disciplined, documented, and ongoing process of identifying and analyzing the effect of relevant risks

More information

The Role of Internal Audit in Risk Governance

The Role of Internal Audit in Risk Governance The Role of Internal Audit in Risk Governance How Organizations Are Positioning the Internal Audit Function to Support Their Approach to Risk Management Executive summary Risk is inherent in running any

More information

BOARD OF EDUCATION OF BALTIMORE COUNTY OFFICE OF INTERNAL AUDIT - OPERATIONS MANUAL INTERNAL AUDIT OPERATIONS MANUAL

BOARD OF EDUCATION OF BALTIMORE COUNTY OFFICE OF INTERNAL AUDIT - OPERATIONS MANUAL INTERNAL AUDIT OPERATIONS MANUAL BOARD OF EDUCATION OF BALTIMORE COUNTY INTERNAL AUDIT OPERATIONS MANUAL BACKGROUND The Office of Internal Audit Operations Manual was developed to be used as a guide and resource for the Office of Internal

More information

ASAE s Job Task Analysis Strategic Level Competencies

ASAE s Job Task Analysis Strategic Level Competencies ASAE s Job Task Analysis Strategic Level Competencies During 2013, ASAE funded an extensive, psychometrically valid study to document the competencies essential to the practice of association management

More information

Audit Committee. Directors Report. Gary Hughes Chairman, Audit Committee. Gary Hughes Chairman, Audit Committee

Audit Committee. Directors Report. Gary Hughes Chairman, Audit Committee. Gary Hughes Chairman, Audit Committee Audit Committee Dear Shareholder, We are satisfied that the business has maintained robust risk management and internal controls, supported by strong overall governance processes, and that management have

More information

Internal Audit Framework

Internal Audit Framework Internal Audit Framework Internal Audit Framework National Treasury Republic of South Africa March 2009 (2 nd Edition) The Internal Audit Framework is being provided as a service to the Public Service.

More information

University Audit and Compliance. Internal Controls Enterprise-Wide Risk Assessment

University Audit and Compliance. Internal Controls Enterprise-Wide Risk Assessment Internal Controls Enterprise-Wide Risk Assessment Balancing Risk and Controls In order to achieve goals and objectives, management needs to effectively balance risks and controls. Control procedures need

More information

QA Work Paper Analysis

QA Work Paper Analysis QA Work Paper Analysis Part 1 Summary Audit No. 1 Audit No. 2 Audit No. 3 Audit No. 4 Audit No. 5

More information

ISACA and IIA of Orange County

ISACA and IIA of Orange County ISACA and IIA of Orange County Present The Balanced Scorecard December 3 rd, 2013 Objectives By the end of today s training you will be able to answer the following questions: Where is my department based

More information

A Practical Approach to Implementing the COSO Internal Control Integrated Framework

A Practical Approach to Implementing the COSO Internal Control Integrated Framework A Practical Approach to Implementing the COSO Internal Control Integrated Framework Dr. Sandra B. Richtermeyer, CPA, CMA IMA s COSO Board Member Professor of Accountancy & Associate Dean Xavier University

More information

XX Bank. Enterprise Risk Management. Policy. Date

XX Bank. Enterprise Risk Management. Policy. Date XX Bank Enterprise Risk Management Policy Date 1 TABLE OF CONTENTS PURPOSE OF ENTERPRISE RISK MANAGEMENT PROGRAM... 3 PROGRAM OVERVIEW... 3 ERM FUNCTIONAL ALIGNMENT... 5 Defined Positions... 5 Defined

More information

Table of Contents: Chapter 2 Internal Control

Table of Contents: Chapter 2 Internal Control Table of Contents: Chapter 2 Chapter 2... 2 2.1 Establishing an Effective System... 2 2.1.1 Sample Plan Elements... 5 2.1.2 Limitations of... 7 2.2 Approvals... 7 2.3 PCard... 7 2.4 Payroll... 7 2.5 Reconciliation

More information

Association for Project Management Business Management System

Association for Project Management Business Management System Association for Project Management Business Management System December 2012 2 Association for Project Management About APM Formed in 1972, the Association for Project Management (APM) is committed to developing

More information

Professionalism does not occur overnight. Rather, it is a process that evolves out of focused commitment and dedication, ongoing study and

Professionalism does not occur overnight. Rather, it is a process that evolves out of focused commitment and dedication, ongoing study and What does it take......to be a professional? Professionalism does not occur overnight. Rather, it is a process that evolves out of focused commitment and dedication, ongoing study and professional growth,

More information

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Linking Risk Management to Business Strategy, Processes, Operations and Reporting Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles

More information

Cyber Security Auditing for Credit Unions. ACUIA Fall Meeting October 7-9, 2015

Cyber Security Auditing for Credit Unions. ACUIA Fall Meeting October 7-9, 2015 Cyber Security Auditing for Credit Unions ACUIA Fall Meeting October 7-9, 2015 Topics Introduction Cyber Security Auditing Program Discuss an effective and compliant Cyber Security Auditing Program from

More information

Independent auditors report to the members of Aviva plc

Independent auditors report to the members of Aviva plc 112 Aviva plc Annual report and accounts 2014 Independent auditors report to the members of Aviva plc Report on the financial statements Our opinion In our opinion, Aviva plc s Consolidated financial statements

More information

The Virginia Society of Certified Public Accountants and The Virginia Society of Certified Public Accountants Political Action Committee

The Virginia Society of Certified Public Accountants and The Virginia Society of Certified Public Accountants Political Action Committee The Virginia Society of Certified Public Accountants and The Virginia Society of Certified Public Accountants Political Action Committee Consolidated Financial Statements Years Ended April 30, 2014 and

More information

High Value Audits: An Update on Information Technology Auditing. Robert B. Hirth Jr., Managing Director

High Value Audits: An Update on Information Technology Auditing. Robert B. Hirth Jr., Managing Director High Value Audits: An Update on Information Technology Auditing Robert B. Hirth Jr., Managing Director The technology landscape and its impact on internal audit Technology is playing an ever-growing role

More information

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,

More information

Risk Management Policy Adopted by:

Risk Management Policy Adopted by: Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009

More information

THE IIA S GLOBAL INTERNAL AUDIT COMPETENCY FRAMEWORK Career Map Alignment

THE IIA S GLOBAL INTERNAL AUDIT COMPETENCY FRAMEWORK Career Map Alignment THE IIA S GLOBAL INTERNAL AUDIT COMPETENCY FRAMEWORK Career Map Alignment Copyright 2014 by The Institute of Internal Auditors, Inc., ( The IIA ) strictly reserved. Any reproduction of The IIA name or

More information

INTERNAL AUDIT FOR FINANCIAL INVESTMENT COMPANIES ASSURANCE FOR ADEQUATE SUPERVISING OF CORPORATE GOVERNENCE PRINCIPLES

INTERNAL AUDIT FOR FINANCIAL INVESTMENT COMPANIES ASSURANCE FOR ADEQUATE SUPERVISING OF CORPORATE GOVERNENCE PRINCIPLES INTERNAL AUDIT FOR FINANCIAL INVESTMENT COMPANIES ASSURANCE FOR ADEQUATE SUPERVISING OF CORPORATE GOVERNENCE PRINCIPLES Professor PhD Tatiana Dănescu, Petru Maior University of Târgu Mureş, e-mail: tatiana_danescu@yahoo.com

More information

Treasury Advisory Services Stability through effective financial risk and liquidity management. Audit. Tax. Consulting. Financial Advisory.

Treasury Advisory Services Stability through effective financial risk and liquidity management. Audit. Tax. Consulting. Financial Advisory. Treasury Advisory Services Stability through effective financial risk and liquidity management Audit. Tax. Consulting. Financial Advisory. Treasury Health Check Identify gaps and benchmark to make informed

More information

INTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE CONTENTS

INTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE CONTENTS INTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction Scope of this ISA...

More information

RULEBOOK ON THE MANNER OF PERFORMING INTERNAL AUDIT OPERATIONS 3

RULEBOOK ON THE MANNER OF PERFORMING INTERNAL AUDIT OPERATIONS 3 Official Gazette of Republic of Macedonia, no. 72/03. RULEBOOK ON THE MANNER OF PERFORMING INTERNAL AUDIT OPERATIONS 3 Article 1 This Rulebook shall regulate the manner of performing internal audit operations

More information

A Look at the Varied Responsibilities of Internal Auditors. internal auditing: All in a days work

A Look at the Varied Responsibilities of Internal Auditors. internal auditing: All in a days work ALL IN A DAY S WORK A Look at the Varied Responsibilities of Internal Auditors internal auditing: All in a days work The Institute of Internal Auditors Achieving Objectives For the most part, companies

More information

School of Accountancy

School of Accountancy University of Denver 1 School of Accountancy Office: Daniels College of Business, Rooms 355-379 Mail Code: 2101 S. University Blvd., Suite 355, Denver, CO 80208 Phone: 303-871-2032 Web Site: http://daniels.du.edu/faculty-research/accountancy/

More information

International Federation of Accountants IFAC s Role and Major Initiatives John Kellas, IAASB Chairman. FCM Seminar Cairo, September 2005

International Federation of Accountants IFAC s Role and Major Initiatives John Kellas, IAASB Chairman. FCM Seminar Cairo, September 2005 International Federation of Accountants IFAC s Role and Major Initiatives John Kellas, IAASB Chairman FCM Seminar Cairo, September 2005 IFAC Today Expanding organization of 163 member bodies in 119 countries

More information

OAC Presentation to UNESCO Member States

OAC Presentation to UNESCO Member States OAC Presentation to UNESCO Member States Scope and Purpose of Audit and Risk Committees 29 June 2016 1 Content: 1. Context 2. Audit and Risk Management in UNESCO today 3. Relationship between Entreprise

More information

Presentation Objectives Why is Internal Audit here? Concepts (Enterprise Risk Management, Strategic Risk, Strategic Risk Management, etc.

Presentation Objectives Why is Internal Audit here? Concepts (Enterprise Risk Management, Strategic Risk, Strategic Risk Management, etc. Internal Audit 1 January 13, 2012 Presentation Objectives Why is Internal Audit here? Concepts (Enterprise Risk Management, Strategic Risk, Strategic Risk Management, etc.) Summary Internal Audit 2 January

More information

Compliance Risk Management IT Governance Assurance

Compliance Risk Management IT Governance Assurance Compliance Risk Management IT Governance Assurance Sigma Technology Partners offers its clients number of assurance services including SAS 70 Type I and SAS 70 Type II audits. Our team of CPA s, CISA s

More information

Statement of Guidance

Statement of Guidance Statement of Guidance Asset Management & Investment Strategy For Insurance Companies 1. Statement of Objectives To ensure that assets are managed in a sound and prudent manner that is consistent with the

More information

A Risk-Based Audit Strategy November 2006 Internal Audit Department

A Risk-Based Audit Strategy November 2006 Internal Audit Department Mental Health Mental Retardation Authority of Harris County ENTERPRISE RISK MANAGEMENT A Framework For Assessing, Evaluating And Measuring Our Agency s Risk A Risk-Based Audit Strategy November 2006 Internal

More information

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Introduction to the Standards Internal auditing is conducted in diverse legal and cultural environments; for organizations

More information

Practice Guide. Developing the Internal Audit Strategic Plan

Practice Guide. Developing the Internal Audit Strategic Plan Practice Guide Developing the Internal Audit Strategic Plan JUly 2012 Table of Contents Executive Summary... 1 Introduction... 2 Strategic Plan Definition and Development... 2 Review of Strategic Plan...

More information

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Introduction to the International Standards Internal auditing is conducted in diverse legal and cultural environments;

More information

The members of the Executive Risk Management Committee ( ERMC ) reviewed the proposed Policy and Charter and recommend their approval.

The members of the Executive Risk Management Committee ( ERMC ) reviewed the proposed Policy and Charter and recommend their approval. Memorandum Date: March 29, 2016 To: From: Subject: Audit Committee Soubhagya Parija Senior Vice President and Chief Risk Officer Company Policy - Risk Management and SUMMARY The Audit Committee of the

More information

HYDRO ONE GOVERNANCE AND CONTROL FRAMEWORK

HYDRO ONE GOVERNANCE AND CONTROL FRAMEWORK Filed: 0-- EB-0-0 Tab Page of HYDRO ONE GOVERNANCE AND CONTROL FRAMEWORK.0 OVERVIEW The Corporate Governance structure and Internal Control Framework of Hydro One Inc. provide assurance regarding Hydro

More information

Board Governance Principles Amended September 29, 2012 Tyco International Ltd.

Board Governance Principles Amended September 29, 2012 Tyco International Ltd. BOD Approved 9/13/12 Board Governance Principles Amended September 29, 2012 Tyco International Ltd. 2012 Tyco International, Ltd. - Board Governance Principles 1 TABLE OF CONTENTS TYCO VISION AND VALUES...

More information

Appendix A - Charter of the Academic and Student Affairs Committee

Appendix A - Charter of the Academic and Student Affairs Committee ATTACHMENT 2 Appendix A - Charter of the Academic and Student Affairs Committee A. Purpose. The Academic and Student Affairs Committee shall be well informed about, provide strategic direction and oversight,

More information

Audit, Risk and Compliance Committee Charter

Audit, Risk and Compliance Committee Charter 1. Background Audit, Risk and Compliance Committee Charter The Audit, Risk and Compliance Committee is a Committee of the Board of Directors ( Board ) of Syrah Resources Limited (ACN 125 242 284) ( Syrah

More information

CGMA COMPETENCY FRAMEWORK

CGMA COMPETENCY FRAMEWORK CGMA COMPETENCY FRAMEWORK THE CGMA COMPETENCY FRAMEWORK IS COMPRISED OF FOUR KNOWLEDGE AREAS Technical Skills, Business Skills, People Skills and Leadership Skills. These knowledge areas are underpinned

More information

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012 The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why

More information

New Risk Management Paradigms for Asset Managers

New Risk Management Paradigms for Asset Managers April 2014 Asset Management New Management Paradigms for Asset Managers Point of view The financial crisis has caused deep reflection by regulators, asset managers and investors as to the effectiveness

More information