Planning the audit scope The fundamentals

Similar documents
Collaborative development of evaluation capacity and tools for natural resource management

Workplace Diversity Program

Criteria for adopting International Standards and Risk Assessments

Air Traffic Management Services Plan

Digital Marketing Specialist

Introduction to TTC s Enterprise Risk Management (ERM) Program. TTC Audit and Risk Management Committee

Explanation where the company has partially applied or not applied King III principles

the role of the head of internal audit in public service organisations 2010

Audit Results by Transport Sector

Quality Assurance Checklist

Internal Audit Division

LSE Internal Audit procedures (to be read in conjunction with the attached flowchart)

Internal Audit Manual

Corporate objectives. Communications strategy. Digital marketing and inclusion strategy

Appendix 4 - Statutory Officers Protocol

MOS Part 143 Air Traffic Service Training Providers

GUIDELINES FOR THE CONDUCT OF PERFORMANCE AUDITS

About this RepoRt. Copyright. ISSn: ISBn:

Internal Audit Quality Assessment. Presented To: World Intellectual Property Organization

Performance Measures for Internal Auditing

Air Traffic Service Providers Entry Control Procedures Manual 2. Approval Procedures for ATS Providers

MID Safety Summit. Kuwait MAY General Authority of Civil Aviation 5/21/2015 GACA SSP 1

Performance Management Framework

How quality assurance reviews can strengthen the strategic value of internal auditing*

KING III COMPLIANCE REGISTER 2015

BIG DATA WHAT S THE BIG DEAL?

Overview of Future Purchasing s fundamental and advanced training workshops...

Internal Financial Controls

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Preparing yourself for ISO/IEC

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

CORPORATE GOVERNANCE STATEMENT

Cinda Daly. Who is the champion of knowledge sharing in your organization?

EXECUTIVE CENTRAL. Leader Sales Management

Leading Practices in Business Transformation

Major Project Governance Assessment Toolkit

Safety Management Systems (SMS) guidance for organisations

2.) Outline/flowchart the current process/situation. Problems with previous efforts: don t agree what we wanted it to do inclusion/process/costs

South East Water Corporation Finance Audit and Risk Management Committee Charter. October 2012

United Kingdom Competition Network (UKCN) Statement of Intent

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Planning requirements for heliports and helicopter landing sites

Better Practice Guide

august09 tpp Internal Audit and Risk Management Policy for the NSW Public Sector OFFICE OF FINANCIAL MANAGEMENT Policy & Guidelines Paper

THE ROAD SAFETY RISK MANAGER GAME, SET, MATCH FOR MANAGING YOUR ROAD SAFETY INTERVENTIONS

The Compliance Universe

Effective Process Improvement (PI) Teams

Australia leads water reporting initiative 1

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

Australian National Audit Office. Report on Results of a Performance Audit of Contract Management Arrangements within the ANAO

Aviation Safety: Making a safe system even safer. Nancy Graham Director, Air Navigation Bureau International Civil Aviation Organization

NSPCC JOB DESCRIPTION. Database Training and Support Manager. (Grade 5 - Senior Business Support Officer)

Regulatory Information and Data Quality Assurance Policy

BUSINESS CONTINUITY MANAGEMENT SINGAPORE SS540 BCM STANDARDS. LSA Consultants Pte Ltd

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

Subject: Review of Aviation Security in Australia

HR COMPETENCY DEVELOPMENT OFFERINGS

Internal Audit Framework

Developing a Project. Management System. Using Project Agency Template. Approach. - the Process and the Benefits

Communications Strategy

Implementation Plan: Development of an asset and financial planning management. Australian Capital Territory

Location of the job: CFO Revenue Assurance

Application of Systems Engineering to Enhance Safety and Risk Management in Railway Projects. R N Dumolo Mott MacDonald Limited

PLANNING FOR YOUR PROJECT

A Changing Commission: How it affects you - Issue 1

TERMS OF REFERENCE BOARD OF DIRECTORS

Corporate Profile. Does your integrated technologies solutions provider maximise your ROI? Partnering with VisionX will realise this requirement.

SEYMOUR SLOAN IDEAS THAT MATTER MOVING BEYOND CUSTOMER EXPERIENCE TOWARDS CUSTOMER ENGAGEMENT - A WINNING APPROACH

EXHIBIT A THE TIMKEN COMPANY BOARD OF DIRECTORS GENERAL POLICIES AND PROCEDURES

CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT

Communications Manager

Aviation Safety Policy. Aviation Safety (AVS) Safety Management System Requirements

Executive Summary. The functional groupings of LSD s operations are:

Programs Implementing Management System Elements AT&T Environment, Health and Safety Management System ISO EMS Element 4.1General 4.

Quality Governance Strategy

School Council Financial Audits Guidelines to Schools Division

13.0. Safety Management and Airspace Protection

Airspace Change Communications and Consultation Protocol Protocol

5/30/2012 PERFORMANCE MANAGEMENT GOING AGILE. Nicolle Strauss Director, People Services

INTERNAL AUDITING S ROLE IN SECTIONS 302 AND 404

ICAO Language Proficiency Requirements

OF CPAB INSPECTION FINDINGS

Australian College of Kuwait Aviation Department. Presented by Jamal Al-Foudari

The Role of Internal Audit in Risk Governance

APES 325 Risk Management for Firms

Transcription:

Concurrent Session 4A Planning the audit scope The fundamentals Tracey Lawrance MIIA(Aust) Chief Auditor, Airservices Australia Michael del Castillo CIA MIIA(Aust) Audit Manager, Airservices Australia

SCOPING RISK BASED AUDITS THE FUNDAMENTALS SOPAC 2012 Tracey Lawrance Chief Auditor Michael del Castillo Audit Manager

Purpose of Session To provide practical insights into how Airservices Internal Audit conducts risk based audits with focus on: effective planning effective scoping engaging the business adding value whilst maintaining independence

Who is Airservices? Commonwealth Authority established by the Airservices Act 1995 International civil aviation (ICAO) rules and Civil Aviation Safety Authority (CASA) regulations Provides: air traffic control services to 11 % of world s airspace aviation fire fighting services at major airports maintains technical airways systems infrastructure Corporate support business groups Annual revenue of $850 m 5 year capital expenditure plan of $1b

Internal Audit at Airservices Branch within the Safety & Assurance business group Reports to General Manager S&A Dotted line to CEO and Chair of Board Audit & Risk Committee Team of 14 based in Brisbane, Melbourne and Canberra Implemented electronic work papers in Nov 2009 the start of our risk based auditing journey Busy team 59 audits on 11/12 plan

Risk Based Auditing Annual risk based audit planning versus risk based audits 2010 Planning Annual The chief audit executive must establish risk-based plans to determine the priorities of the internal audit activity, consistent with the organization s goals. 2210 Engagement Objectives Individual Audits Objectives must be established for each engagement. 2210.A1 Internal auditors must conduct a preliminary assessment of the risks relevant to the activity under review. Engagement objectives must reflect the results of this assessment.

Risk Based Auditing Commenced journey late 2009 Three year audit strategic plan Risk assessment completed as part of planning for every audit Identify the business objective of the area being audited Identify the major processes Identify the risks for each major process Identify the KEY controls in place (confirmed during planning) or expected (to be confirmed during field work)

Risk Based Auditing - Tips Strategic view Why is the audit on the annual audit plan? Effective communication with Executive Manage and build relationships in the business Risk assessment is iterative build as you go Operational view Engage with line business to identify risks and controls Importance of good flowcharts White board / Brain storm risks as a team Don t test everything - work smart

Building the Succinct Audit Brief 2200 Engagement Planning Internal auditors must develop and document a plan for each engagement, including the engagement s objectives, scope, timing, and resource allocations. Planning is the key to a quality audit

Building the Succinct Audit Brief Tips Strategic view Audit Terms of Reference is a communication tool Don t reinvent the wheel direct link between risk assessment and TOR Key assurance mechanism provide feedback to risk owners Identify opportunities for efficient use of resources Operational view Understand the business environment Business objective Audit objective Scope Criteria

Major processes Key controls to be tested

Risks from Enterprise or group risk registers

Engaging with Stakeholders 2400 Communicating Results Internal auditors must communicate the results of engagements. 2410 Criteria for Communicating Communications must include the engagement s objectives and scope as well as applicable conclusions, recommendations, and action plans.

Engaging with Stakeholders - Tips Strategic view CAE needs to champion audits at the Executive table Agree timing of audits to maximise business engagement Regular meetings with Executive management Operational view Audit managers to attend key meetings with business Engagement model it s all about relationships! Focus on face to face meetings escalate issues to CAE Deliver on the TOR meet expectations

Adding Value vs Independence 1100 Independence and Objectivity The internal audit activity must be independent, and internal auditors must be objective in performing their work 2030 Resource Management The chief audit executive must ensure that internal audit resources are appropriate, sufficient, and effectively deployed to achieve the approved plan What is adding value? Auditing versus consultancy service

Adding Value vs Independence - Tips Strategic view Need right skills mix in Audit team Use of Subject Matter Experts (SMEs) Challenges of providing a consulting service Challenges of auditing our business group Operational view SME s are not auditors Need the right SME SME independence

.the benefits For the Business: Closes the ERM loop Strategic assurance Board confidence For Internal Audit: Credibility in the business Effective use of internal audit resources Logical and structured approach to audits

Contacts Tracey Tracey.lawrance@airservicesaustralia.com 0417 078842 Michael Michael.delcastillo@airservicesaustralia.com 0438 775158

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information