TIAPS Module 1 Audit and Assurance workbook

More documents

Recommendations

Info

C.1: Reflection Approximately what percentages of the internal audit plan are committed to assurance and consulting engagements? Is the balance appropriate for organizational needs, priorities, and expectations? What allowance is made in internal audit planning for ad hoc engagements made at the request of management? Is this sufficient? How often are consulting engagements proposed by the head of the internal audit function rather than by management? How much of the content of the audit plan is truly risk-based as opposed to completing a list of expected audits that are repeated annually? Are blended engagements considered as an option for increasing efficiency and effectiveness? Do you agree with the analysis of the different competencies needed for assurance and advisory engagements? Is this considered when auditors are assigned to engagements? 54
C.2 Auditing Governance The IIA Supplement Guidance: The Role of Auditing in Public Sector Governance emphasizing the essential characteristics of the internal audit function for providing valuable assurance insight: • Organizational independence. • A formal mandate (in “the public sector’s constitution, charter, or other basic legal document.”) • Unrestricted access “to employees, property, and records.” • Sufficient funding. • Competent leadership. • Objective staff. • Competent staff. • Stakeholder support. • Professional audit standards. 50 In respect of governance, internal audit may contribute in various ways: • Oversight: Internal audit can extend the reach of senior management and the governing body to observe organizational activities and circumstances and determine whether policy is being implemented as intended with appropriate assessment of risks and implementation of controls. Auditing provides transparency through verification of performance, position, and prospects, and by sharing it with stakeholders. • Detection: Audits reveal “inappropriate, inefficient, illegal, fraudulent, or abusive acts that have already transpired.” Such information can be used to strengthen controls, initiate training, and pursue disciplinary or legal proceedings. Detection can occur as part of an investigation of potential conflicts of interest or suspected wasteful, abusive, or fraudulent activities. Alternatively, detection also occurs when red flags are identified during a routine engagement involving the identification of risks and testing of controls. • Deterrence: Anticipated audit work as well as the exposure of detected weaknesses can deter other lapses in proper oversight and management. • Insight: Auditors can share their expertise and understanding and make recommendations in terms of potential improvements with reference to best practices. • Foresight: Auditors can also anticipate future risks by considering trends as well as changes in legislation and regulation. 51 Organizational governance may be audited in an individual engagement. Alternatively, an opinion on governance may be derived from multiple engagements (see C.1.5). Assurance and advisory engagements may be used. Any engagement that considers risk management and internal control contributes to an auditor’s understanding of governance. 50 Supplemental Guidance: The Role of Auditing in Public Sector Governance, The IIA, 2012. 51 Supplemental Guidance: The Role of Auditing in Public Sector Governance, The IIA, 2012. 55
Page 1 and 2:
Module 1: Audit and Assurance TIAPS
Page 3 and 4: Table of Contents Module 1: Audit a
Page 5 and 6: Relevant Standards Reference is mad
Page 7 and 8: • Close scrutiny. The activities
Page 9 and 10: A.2 Public Sector Governance IIA In
Page 11 and 12: The need for governance arises for
Page 13 and 14: Although developed for government a
Page 15 and 16: A.3 Governance Models When evaluati
Page 17 and 18: defensive aspects to minimize negat
Page 19 and 20: A.3.3 CIPFA International Framework
Page 21 and 22: 8. Ensure that its arrangements for
Page 23 and 24: • Consideration of overlapping in
Page 25 and 26: A.3: Reflection Which model or mod
Page 27 and 28: Although they are related, the prin
Page 29 and 30: B.1.1 Independence, Objectivity, an
Page 31 and 32: B.1: Reflection Is it possible to
Page 33 and 34: According to The IIA Position Paper
Page 35 and 36: B.2: Reflection When was the last t
Page 37 and 38: When independence or objectivity ar
Page 39 and 40: B.4 Safeguards for Independence and
Page 41 and 42: In other cases, there is no audit c
Page 43 and 44: C. Assurance and Advisory Engagemen
Page 45 and 46: It is common to build an allowance
Page 47 and 48: The following list is taken from Sa
Page 49 and 50: helping managers developing control
Page 51 and 52: C.1.5 Internal Audit Opinions Audit
Page 53: Leadership and Communication Intern
Page 57 and 58: C.2: Reflection How does your inter
Page 59 and 60: Fraud may be perpetrated via measur
Page 61 and 62: circumstances (unethical and often
Page 63 and 64: Management Issues • Lack of area
Page 65 and 66: Risk management techniques can be a
Page 67 and 68: IT controls may be manual, automate
Page 69 and 70: The IIA’s Cybersecurity Toolkit d
Page 71 and 72: C.3: Reflection Fraud: How are susp
Page 73 and 74: Global Perspectives and Insights -
Page 75: CIPFA: 77 Mansell Street, London E1
show all

TIAPS Module 1 Audit and Assurance workbook

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?