Risk & Assurance. Tailored to your needs. Internal audit solutions



Similar documents
MAGENTA KEYLINE IS A CUTTER GUIDE, DO NOT PRINT. PLEASE SET TRAPPING THROUGHOUT

Effective Internal Audit in the Financial Services Sector

Effective Internal Audit in the Financial. Services Sector. Non Executive Directors (NEDs) and the Management of Risk

Internal Audit Quality Assessment Framework

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers

Internal Audit - progress report and plan

Following up recommendations/management actions

OUTSOURCING AND SERVICE AUDITOR S REPORTS

Best Value toolkit: Performance management

Delivering Excellence in Insurance Claims Handling

Service Management Simplified

MOBIUS LIFE. Providing solutions for institutional pension schemes and asset managers

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

What Every Director. How to get the most from your internal audit. Endorsed by

Report of the Audit and Risk Committee

NHS Commissioning Board: Information governance policy

IT Charter and IT Governance Framework

How to gather and evaluate information

INTERNAL AUDIT FRAMEWORK

ICT Strategy

Audit Quality Thematic Review

Considerations for firms thinking of using third-party technology (off-the-shelf) banking solutions

FCA Thematic Review Delegated Authority: Outsourcing in the General Insurance Market

Lessons learned from creating a change management framework

Third party assurance services

trust When you choose an accountant, you need someone you can trust. This trust does not come from a job title - it needs to be earned.

UK Stewardship Code. Response by Generation Investment Management LLP. London / 31 March, Generation Investment Management Page 1

Sarbanes-Oxley Section 404 Implementation Practices of Leading Companies

PROTEUS Enterprise - IT Governance, Risk and Compliance Management Solution

An Introduction to Continuous Controls Monitoring

Medical Sales In-Vitro Diagnostics

Overview Pricing & Features Summary

Integrated Stress Testing

Asset4000. Real Asset. Transforming assets into business advantage. Management

EXTERNAL AUDIT PLAN FOR

TRANSPORT FOR LONDON AUDIT COMMITTEE STRATEGIC RISK MANAGEMENT PROGRESS REPORT

<workers> Online Claims and Injury Management

HR Enabling Strategy

Internal Audit at the University of Cambridge.

Quality Assurance of Medical Appraisers

QUALITY MANAGEMENT POLICY & PROCEDURES

This report outlines the business case for the purchase of an integrated HR & Payroll system.

Setting Standards Achieving Success

Fundamentals Level Skills Module, F8 (IRL)

Credit where credit s due. UK theatre tax relief

Delivering peace of mind in outsourcing

HKCAS Supplementary Criteria No. 8

Human Resources Report 2014 and People Strategy

Programme Specification May 2012

Information security controls. Briefing for clients on Experian information security controls

Solutions overview. Inspiring talent management. Solutions insight. Inspiring talent management

Information Commissioner's Office

Best Value toolkit: Information management

Employment & HR Support Package

Business Intelligence

HR, talent management and payroll

A Guide to the Cyber Essentials Scheme

A world of HR at your fingertips

How To Write A Risk Management Policy For The University Of Kerry

Navigate the regulatory maze

Cloud Security checklist Are you really ready for Cloud

Insurance Industry Expertise

Digital Industries Apprenticeship: Assessment Plan. Cyber Security Technologist. April 2016

Corporate Governance and Shareholder Engagement

Intelligent HR and payroll solutions. Making complex things simple

NOS. Supply Chain Management Occupational Standards

Fraud Prevention and Deterrence

ACCA is the global body for professional accountants with 428,000 trainees and 162,000 qualified members in 170 countries.

property owners Property insurance and rental protection

Risk Management Strategy & Implementation Plan

Strategy & Planning Manager Executive Office Location: London Closing date: 27 September 2015

HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO AUDITS, CERTIFICATION AND TRAINING

PRCA Communications Management Standard (CMS) for In-House Teams

Merrycon s Approach to Business Continuity Management

WEALTH MANAGEMENT SOLUTIONS

Audit Committee. Directors Report. Gary Hughes Chairman, Audit Committee. Gary Hughes Chairman, Audit Committee

Awarding body monitoring report for: English Speaking Board (International) Ltd (ESB) May Ofqual/09/4637

Rolls Royce s Corporate Governance ADOPTED BY RESOLUTION OF THE BOARD OF ROLLS ROYCE HOLDINGS PLC ON 16 JANUARY 2015

Corporate Governance Report

Information governance strategy

Auditing Standard 5- Effective and Efficient SOX Compliance

ehealth Architecture Principles

Close Brothers Graduate Programme

Procuring Penetration Testing Services

Transcription:

Risk & Assurance Tailored to your needs Internal audit solutions

Internal audit solutions The need for internal audit has never been as urgent as it is today. Unmanaged risks can literally cause the demise of a business. Dealing with such problems diverts managers from developing the business and driving it forward. Boards and audit committees need to ensure that their internal audit is up to the challenge. A complete range of internal audit services, advice and software for business. A successful audit service will give management an objective assessment of the risks facing the organisation and how well they are being managed. It will receive recognition for the value it adds by constructive, timely advice to management as well as positive assurances on control. Horwath Clark Whitehill, the UK member of Horwath International, offers a complete range of risk and audit solutions for all organisations, tailored to their size, business sector, geographical spread and regulatory requirements. Our audit service focuses on delivering the assurances you need in a way that fits in with your organisational culture and finding ways in which your business can become more efficient. Whether you have an established internal audit department or are looking for a bought-in solution, the experience of our Risk & Assurance specialists in risk management, audit strategy, audit delivery and the provision of software can help you enhance the effectiveness of your control systems, allowing you to concentrate on the main objectives of your business.

Audit Experienced auditors to provide the assurances that you need about the effectiveness of your controls Advice In-depth knowledge of methodologies, tools and audit standards based on best practice in a wide range of sectors Automation The market-leading integrated system of risk and audit management tools, combined with computer assisted audit techniques

Value adding Process Our audit methodology brings together the streams of Risk Based Internal Audit, Key Controls testing and Thematic Reviews. These three approaches to audit testing ensure that the review programme is always relevant to management concerns. With quality assurance built in to every stage of the process you can be confident in the reliability of the audit. Knowledge The effectiveness and efficiency of individuals is enhanced by access to the knowledge base contained in our extensive Audit Resource Management System. This contains sample audit procedures for a wide range of environments and enables our staff to focus quickly on the procedures that need to be present in a well controlled business.

elements of audit People The Horwath service is built upon the quality of the individuals involved in its delivery. We recruit audit staff with an impressive blend of technical and personal skills and invest in their continuing training and development. Our risk management consultants are specialists in their fields, dedicated to excellence in the advice they provide. Technology Our market-leading risk and audit management software is used by major commercial, government and financial institutions both within the UK and across the world. We will use the Galileo audit system to manage and document all of our audit work. We can also design an integrated service that gives you access to the Magique system for recording and managing your risks.

Risk Based Internal Auditing For organisations that believe taking calculated risks is an essential part of success in business, a risk-based approach to internal control makes good sense. This involves embedding risk management at the heart of every activity. Such organisations need to establish a record of how business units deal with their most important risks and establish a method of confirming that the related controls are operating as intended. Risk assessment Our Risk & Assurance group can analyse your requirements and provide a tailored version of the Magique software to manage your risks. The system is available to authorised users over the internet, using conventional browser software. The principal features of the risk management system include: organisation of risks following corporate structure identification and assessment of risks according to an agreed methodology tracking of required actions where risks are not acceptable full accountability through allocation of ownership of risks and controls review intervals to allow regular updating of risks at manageable volumes comprehensive reporting facilities, including key item reports, heat-maps and trend monitoring. Assessments are made of the risks facing the business before and after taking account of the controls that are in place. Actions are agreed for unacceptable residual risks, responsibilities are allocated for those actions and a monitoring process is put in place to ensure that the actions are followed through. Gaining assurance about controls The effectiveness of internal controls is regularly reviewed, in part by reports submitted through the risk management system and in part by internal audits. Audit reviews are scheduled to achieve the most efficient coverage of key risks and the related controls. This may be by business unit, department or any other convenient category. Audits focus on: controls that contribute most towards risk reduction controls that have been identified as essential for every business unit specific areas of interest to management where risk indicators show that more controls may be required or that expected controls may not be working effectively. After each audit reports are produced highlighting recommendations for improvement in control and summarising those controls that appear to working effectively.

At the end of the year, the Head of Internal Audit or our internal audit partner will give an opinion on the robustness of the risk management process and summarise the results of audits carried out during the year. This report supports the Audit Committee s report to the Board on Internal Control, which in turn informs the statement made in the annual report. Benefits of Risk Based Internal Auditing When a risk management system and an internal audit programme is established as part of the management processes within an organisation: information about risks and controls is immediately available to managers throughout the group actions required to improve controls are linked to individuals and target dates, enabling them to be tracked through to implementation representations by control owners about their effectiveness introduces a new level of accountability relevance of internal audits is improved as they are planned in advance, based on the criticality of controls, suspected problems or organisation-wide themes information about the structure of controls is available to external auditors, giving greater efficiency in planning, auditing and reporting.

Effective Internal Audit Process Audit Committee approved Outcome oriented Risk aligned Geared to positive reporting Aligned with recognised standards Knowledge Audit Resources Management System Sector knowledge bases Updating procedures Audit Committee briefings Knowledge transfer

People Specialist internal auditors Motivated professionals Client focused Ongoing training Sector specialisms Technology Market leading software Integrated risk and audit Planning flexibility Real-time review Online access to key issues

Specialist services In addition to the core internal audit services, we provide a range of specialist services which are relevant to internal audit departments and to organisations without an established internal audit function. Our services are supported by the market-leading Magique and Galileo software. Governance reviews Risk management, internal control and internal audit are integral elements of a sound system of corporate governance. A review of corporate governance is useful as a precursor to making decisions about the detailed arrangements for risk management and audit. We are familiar with the governance requirements of the major regulators in the UK and overseas. Internal Audit establishment Our experience in helping many organisations develop and update their audit methodologies, combined with our own practical experience of internal audit, makes us an ideal choice to assist in setting up internal audit departments, or to advise on restructuring. We undertake audit needs assessments, initial staff interviews, preparation of audit documentation standards, methodology guides and interim audit management.

Outsourced service reviews Organisations that provide an outsourced service, such as payment systems, accounting services or pensions administration often need to satisfy their customers and their auditors that effective controls are in place. We undertake reviews of such services to satisfy the requirements of ISA 402, SAS 70 and AAF 1/06. IT Audit IT specialists are available to carry out IT audit procedures as part of a fully outsourced internal audit programme or as a resource to in-house internal audit departments that do not have their own IT audit resource. Typical areas for review include IT strategic planning, complex application control frameworks, information security, data management, IT project management, operational integrity, disaster recovery and IT governance. Business data analysis Auditors frequently find instances of transactions that are invalid, but may not have the necessary resources to be able to determine how many similar instances are present in the audit population. Our specialists use advanced data interrogation tools to review total audit populations for potentially invalid transactions, such as duplicate payments or invalid salary payments. External Quality Assessments To comply with s 1312 of the IIA standards each internal audit function is required to have an external quality assessment performed by an independent assessor at least once every five years. Horwath Clark Whitehill have experienced assessors with the objectivity to appraise the function and provide value adding suggestions relating to effectiveness and efficiency. Sarbanes Oxley reviews Horwath International member firms have frequently assisted US listed companies to meet the compliance requirements of the Sarbanes-Oxley Act as they relate to financial accounting. Similar requirements apply in other jurisdictions. Business Continuity Planning Business continuity is high on many of our clients priority lists. As such, it is a frequent audit topic. Additionally, we offer specific consulting assistance to develop and implement Business Continuity Plans, with the emphasis on controlled continuing operations during the recovery period.

Risk Management Software Magique is a flexible, integrated web-based system to assist organisations to record, quantify, assess and control risks. It has an extensive range of functionality to grow and evolve with your users and requirements. In addition to the register, the software includes a questionnaire system for Control Self Assessment, a Loss Events and Incident Management system and an Action Tracking system for recording and tracking additional remedial actions. The system supports a wide range of standard and custom reporting options to ensure your exact reporting requirements are met. Heat-maps by Business Unit, Category, Objective, Process and other key areas help manage risks within your appetite and provide drill-down functionality to investigate areas of concern. Exports to MS Word and MS Excel are available throughout the system. The powerful and easy-to-use Magique/Galileo Flex-Reporting tool is also available for end-user reporting. The system helps create a framework within which to achieve business objectives, ensures compliance with laws and regulations and reduces the overall cost of risk in the organisation. When integrated with the Galileo Audit Management System, it provides a full risk-based auditing methodology. Audit Management System Galileo is a fully integrated audit management, documentation and reporting system which can be tailored to suit the precise needs of an internal audit, investigations, compliance or other project oriented department. It covers: strategic and annual planning which ensures targeting of high risk areas whilst maintaining coverage activity monitoring and tracking ensuring problems and delays are identified and attended at the earliest time resource management, scheduling and time recording to ensure effective use of resources a working papers system with an extensive range of working paper types, review processes and automatic report production an issues tracking system which is optionally shared by the business users post audit surveys to gain feedback on the audit process. The OffLine Galileo module supports mobile auditors where connectivity is not available. The system provides a wide range of standard and custom multi-dimensional reporting options to ensure your exact needs are met.

Internal audit solutions Risk & Assurance Horwath Clark Whitehill LLP St Bride s House 10 Salisbury Square London EC4Y 8EH www.horwathrisk.co.uk

Contact details For more information about Internal audit solutions, please contact: Risk & Assurance Horwath Clark Whitehill LLP Tel +44 (0)20 7842 7123 Email risk@horwath.co.uk www.horwathrisk.co.uk

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information