TIAPS Module 1 Audit and Assurance workbook

More documents

Recommendations

Info

When asked to provide an opinion, the head of the audit function should be clear of the intended purpose and audience, the scope and time period covered by the opinion, and the criteria and rating process to be used. When applying criteria – for example, the COSO Internal Control Integrated Framework – there is still a need to convert the evaluation into a suitable rating by considering what degree of conformance is acceptable or satisfactory. This is likely to involve a consideration of materiality and impact. C.1.6 Competencies Needed for Assurance and Advisory Engagements The IIA Competency Framework defines the knowledge, skills, and abilities needed by internal auditors, managers, and heads of internal audit to deliver internal audit services in accordance with the requirements of the IPPF. They are organized under four domains and defined at three competency level (general awareness, applied knowledge, and expert). The domains are as follows: Domain Professionalism Performance Environment Leadership and Communication Description Competencies required to demonstrate the authority, credibility, and ethical conduct essential for a valuable internal audit activity. Competencies required to plan and perform internal audit engagements in conformance with the Standards. Competencies required to identify and address the risks specific to the industry and environment in which the organization operates. Competencies required to provide strategic direction, communicate effectively, maintain relationships, and manage internal audit personnel and processes. When applying these to assurance and advisory engagements, there are many commonalities, as described below. Domain Professionalism Performance Environment Competencies for Assurance and Advisory Engagements All aspects of professionalism are relevant for all internal audit work, including ethical conduct, conformance with the standards, and maintaining objectivity. In general, the knowledge base required for assurance and advisory engagements is largely identical, but the skills and abilities needed for these two types of engagement place different requirements on the internal auditor. The standards relating to performing audits identify some specific differences for assurance and consulting engagements. However, knowledge and understanding of governance, risk management, and internal control are essential for all engagements. Likewise, the techniques for conducting fieldwork are also very similar although the contexts may differ. Regardless of the type of engagement, internal auditors must understand the internal and external environments of their organization including the strategic priorities, resources, risks, legal and regulatory requirements, and other factors impacting the attainment of goals. 52
Leadership and Communication Internal audit supervisors, managers, and leaders have their respective roles and delegated authorities for ensuring the efficient and effective operation of the internal audit function for all services provided. Communication skills are of paramount importance for all internal audit work. This includes developing relationships and adopting styles of communication appropriate for the intended audience. Consulting engagements have a greater degree of flexibility in approach and reporting compared with the testing and recoding of findings needed for assurance engagements. However, the same requirements for accuracy, timeliness, and relevance apply. There are also competencies that have greater relevance for each of the two types of engagements. Competencies of greater relevance for assurance engagements include: • Adherence to process and methodology. • Engagement planning. • Due care and attention for detail. • Systematic testing, analysis, and data processing. • Root cause analysis. • Critical thinking. • Drawing significant findings and conclusions from large volumes of information. • Effective reporting. • Moral courage to ask difficult questions and tenacity to seek out the truth. In comparison, advisory engagements can require a lot more versality and flexibility from the auditor. There is a greater variety of activities that fall within the broad class of missions. The objectives and scope more be more open-ended. Skills like process design and engineering, facilitation, strategic thinking, root cause analysis, building a consensus, and creative problem solving are likely to be more to the fore. 49 Competencies of greater relevance for advisory engagements include: • Creativity and originality. • Collaboration, teamwork, and relationship management. • Deep expertise in specific processes or activities. • Rapid assimilation of complex data. • Operating under pressure in a dynamic environment. • Unstructured problem-solving. • Providing continuous feedback and offering insights during the engagement. 49 See Anderson, et al, Internal Auditing: Assurance and Advisory Services, fourth edition, The IIA, 2017. 53
Page 1 and 2: Module 1: Audit and Assurance TIAPS
Page 3 and 4: Table of Contents Module 1: Audit a
Page 5 and 6: Relevant Standards Reference is mad
Page 7 and 8: • Close scrutiny. The activities
Page 9 and 10: A.2 Public Sector Governance IIA In
Page 11 and 12: The need for governance arises for
Page 13 and 14: Although developed for government a
Page 15 and 16: A.3 Governance Models When evaluati
Page 17 and 18: defensive aspects to minimize negat
Page 19 and 20: A.3.3 CIPFA International Framework
Page 21 and 22: 8. Ensure that its arrangements for
Page 23 and 24: • Consideration of overlapping in
Page 25 and 26: A.3: Reflection Which model or mod
Page 27 and 28: Although they are related, the prin
Page 29 and 30: B.1.1 Independence, Objectivity, an
Page 31 and 32: B.1: Reflection Is it possible to
Page 33 and 34: According to The IIA Position Paper
Page 35 and 36: B.2: Reflection When was the last t
Page 37 and 38: When independence or objectivity ar
Page 39 and 40: B.4 Safeguards for Independence and
Page 41 and 42: In other cases, there is no audit c
Page 43 and 44: C. Assurance and Advisory Engagemen
Page 45 and 46: It is common to build an allowance
Page 47 and 48: The following list is taken from Sa
Page 49 and 50: helping managers developing control
Page 51: C.1.5 Internal Audit Opinions Audit
Page 55 and 56: C.2 Auditing Governance The IIA Sup
Page 57 and 58: C.2: Reflection How does your inter
Page 59 and 60: Fraud may be perpetrated via measur
Page 61 and 62: circumstances (unethical and often
Page 63 and 64: Management Issues • Lack of area
Page 65 and 66: Risk management techniques can be a
Page 67 and 68: IT controls may be manual, automate
Page 69 and 70: The IIA’s Cybersecurity Toolkit d
Page 71 and 72: C.3: Reflection Fraud: How are susp
Page 73 and 74: Global Perspectives and Insights -
Page 75: CIPFA: 77 Mansell Street, London E1

TIAPS Module 1 Audit and Assurance workbook

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?