TIAPS Module 1 Audit and Assurance workbook

More documents

Recommendations

Info

B.2 Internal Audit Mandate IIA Internal Audit Competency Framework Mission of Internal Auditing General Awareness: Describe the purpose, authority, and responsibility of the internal audit activity; distinguish between assurance and consulting services. Applied Knowledge: Demonstrate ability to conduct both assurance and consulting engagements in conformance with the Standards. Expert: Review the internal audit activity’s ability to conduct both assurance and consulting activities to add value and improve the organization’s operations. 26 Internal Audit Charter General Awareness: Describe the purpose of an internal audit charter; identify the required elements of an internal audit charter, according to the Standards. Applied Knowledge: Prepare an internal audit charter in conformance with the Standards, and receive approval from the board. Expert: Evaluate and revise an internal audit charter to achieve conformance with the Standards and promote world- class performance. 27 Reference has already been made to an internal audit charter and mandate. In the IPPF, Standard 1000 – Purpose, Authority, and Responsibility states: The purpose, authority, and responsibility of the internal audit activity must be formally defined in an internal audit charter, consistent with the Mission of Internal Audit and the mandatory elements of the International Professional Practices Framework. 28 The Mission of Internal Audit referred to is: To enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight. 29 The IPPF does not refer to the mandate of internal audit. The authority and powers of the internal audit function, especially for public entities, may be derived from legislation. In principle, in accordance with the IPPF, the authority comes from the governing body. The internal audit charter is a formal document approved by the governing body in which the mandate is defined and should be reviewed and updated on a regular basis. 26 Internal Audit Competency Framework, The IIA, 2022. 27 Internal Audit Competency Framework, The IIA, 2022. 28 The International Professional Practice Framework, The Institute of Internal Auditors, 2016 29 The International Professional Practice Framework, The Institute of Internal Auditors, 2016 32
According to The IIA Position Paper: The Internal Audit Charter, the document should contain the following: • Internal audit mission and purpose. • Reference to or inclusion of the mandatory elements of the IPPF by which the internal audit function will be governed. (Recognizing the mandatory elements of the IPPF in the charter is a requirement of Standard 1010 – Recognizing Mandatory Guidance in the Internal Audit Charter.) • Authority, clarifying the functional and administrative reporting relationships and the role of the governing body in upholding the authority of the internal audit function. • Independence and objectivity, ensuring the head of internal audit will safeguard the independence of the function and the objectivity of auditors, applying safeguards when required, and reporting threats and limits to independence and objectivity to the governing when they arise. • Scope to confirm the internal audit’s responsibility for providing assurance and advice on the adequacy and effectiveness of governance, risk management, and internal control. • Responsibilities of the head of internal audit. • Requirements for a quality assurance and improvement program, including an external quality review at least once every five years. 30 Without sufficient authority, the internal audit function is unable to fulfil its mandate. Its work may be obstructed by managers who are not interested or who would prefer to avoid scrutiny for whatever reason. Internal audit may also be constrained by limited resources or by being denied access to information it needs to complete its work. There is a close link between authority and independence. The pronouncements of the internal audit function are more likely to be considered authoritative if it operates independently but it is only able to do that if it has sufficient force behind it, whether by legislation or the endorsement of the governing body (ideally both). According to the IIA, to ensure the internal audit function has sufficient authority, the governing body (or audit committee) is expected to: • Approve the internal audit charter. • Approve the internal audit plan. • Approve the internal audit budget and resource plan. • Receive timely communications on performance relative to the internal audit plan. • Approve the appointment and removal of the head of internal audit (typically in response to discussions with and recommendations from senior management). • Approve the remuneration of the head of internal audit (typically in response to discussions with and recommendations from senior management). • Make appropriate inquiries of management and the head of internal audit to determine if there are any inappropriate scope or resource limitations. • Ensure the head of internal audit has unrestricted access to, and can communicate and interact directly with, the governing body without management present. 30 IIA Position Paper: The Internal Audit Charter, The Institute of Internal Auditors, 2019 33
Page 1 and 2: Module 1: Audit and Assurance TIAPS
Page 3 and 4: Table of Contents Module 1: Audit a
Page 5 and 6: Relevant Standards Reference is mad
Page 7 and 8: • Close scrutiny. The activities
Page 9 and 10: A.2 Public Sector Governance IIA In
Page 11 and 12: The need for governance arises for
Page 13 and 14: Although developed for government a
Page 15 and 16: A.3 Governance Models When evaluati
Page 17 and 18: defensive aspects to minimize negat
Page 19 and 20: A.3.3 CIPFA International Framework
Page 21 and 22: 8. Ensure that its arrangements for
Page 23 and 24: • Consideration of overlapping in
Page 25 and 26: A.3: Reflection Which model or mod
Page 27 and 28: Although they are related, the prin
Page 29 and 30: B.1.1 Independence, Objectivity, an
Page 31: B.1: Reflection Is it possible to
Page 35 and 36: B.2: Reflection When was the last t
Page 37 and 38: When independence or objectivity ar
Page 39 and 40: B.4 Safeguards for Independence and
Page 41 and 42: In other cases, there is no audit c
Page 43 and 44: C. Assurance and Advisory Engagemen
Page 45 and 46: It is common to build an allowance
Page 47 and 48: The following list is taken from Sa
Page 49 and 50: helping managers developing control
Page 51 and 52: C.1.5 Internal Audit Opinions Audit
Page 53 and 54: Leadership and Communication Intern
Page 55 and 56: C.2 Auditing Governance The IIA Sup
Page 57 and 58: C.2: Reflection How does your inter
Page 59 and 60: Fraud may be perpetrated via measur
Page 61 and 62: circumstances (unethical and often
Page 63 and 64: Management Issues • Lack of area
Page 65 and 66: Risk management techniques can be a
Page 67 and 68: IT controls may be manual, automate
Page 69 and 70: The IIA’s Cybersecurity Toolkit d
Page 71 and 72: C.3: Reflection Fraud: How are susp
Page 73 and 74: Global Perspectives and Insights -
Page 75: CIPFA: 77 Mansell Street, London E1

TIAPS Module 1 Audit and Assurance workbook

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?