TIAPS Module 1 Audit and Assurance workbook
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
8. Ensure that its arrangements for delegation within its own structures promote<br />
independent judgement, <strong>and</strong> assist with the balance of power <strong>and</strong> the effective<br />
discharge of its duties.<br />
9. Ensure that the evaluation of its own performance <strong>and</strong> that of its committees, its<br />
chair, <strong>and</strong> its individual members support continued improvement in its performance<br />
<strong>and</strong> effectiveness.<br />
10. Ensure that the appointment of, <strong>and</strong> delegation to, management contribute to role<br />
clarity <strong>and</strong> the effective exercise of authority <strong>and</strong> responsibilities.<br />
11. Govern risk in a way that supports the organization in setting <strong>and</strong> achieving its<br />
strategic objectives.<br />
12. Govern technology <strong>and</strong> information in a way that supports the organization setting<br />
<strong>and</strong> achieving its strategic objectives.<br />
13. Govern compliance with applicable laws <strong>and</strong> adopted, non-binding rules, codes, <strong>and</strong><br />
st<strong>and</strong>ards in a way that supports the organization being ethical <strong>and</strong> a good corporate<br />
citizen.<br />
14. Ensure that the organization remunerates fairly, responsibly, <strong>and</strong> transparently so as<br />
to promote the achievement of strategic objectives <strong>and</strong> positive outcomes in the<br />
short, medium, <strong>and</strong> long term.<br />
15. Ensure that assurance services <strong>and</strong> functions enable an effective control<br />
environment, <strong>and</strong> that these support the integrity of information for internal decisionmaking<br />
<strong>and</strong> of the organization’s external reports.<br />
16. Adopt a stakeholder-inclusive approach that balances the needs, interests, <strong>and</strong><br />
expectations of material stakeholders over time.<br />
17. [For institutional investor organizations] Ensure that responsible investment is<br />
practiced by the organization <strong>and</strong> the creation of value by the companies in which it<br />
invests. 13<br />
In addition to these principles, the report includes recommended practices. For principle 15,<br />
this includes a role for the audit committee <strong>and</strong> a separation of roles consistent with the<br />
Three Lines Model (although King IV advocates for five lines of assurance, adding external<br />
audit <strong>and</strong> the board as lines four <strong>and</strong> five respectively). Additionally, the report recommends<br />
internal audit makes an annual statement on the effectiveness of governance <strong>and</strong> risk<br />
management processes. This reflects the requirements of the IPPF (St<strong>and</strong>ard 2100 – Nature<br />
of Work):<br />
The internal audit activity must evaluate <strong>and</strong> contribute to the improvement of the<br />
organization’s governance, risk management, <strong>and</strong> control processes using a systematic,<br />
disciplined, <strong>and</strong> risk-based approach. Internal audit credibility <strong>and</strong> value are enhanced<br />
when auditors are proactive <strong>and</strong> their evaluations offer new insights <strong>and</strong> consider future<br />
impact. 14<br />
However, the requirement for annual reporting goes beyond St<strong>and</strong>ard 2060 – Reporting to<br />
Senior Management <strong>and</strong> the Board by which the CAE must report “periodically.” (Internal<br />
audit opinions are discussed in more detail in C.1.5)<br />
13<br />
“Report on Corporate Governance for South Africa,” King IV, 2016.<br />
14<br />
The International Professional Practice Framework, The Institute of Internal <strong>Audit</strong>ors, 2016<br />
21