Summary AUI3702_Study_Notes.

AUI3702_Study_Notes. A framework is a basic skeletal structure for classifying and organizing concepts or various elements.  The IPPF provides a structure for the internal audit profession’s technical guidance [Type here] © 2017 Together We Pass. All rights reserved. The IPPF Ensures:  Clarity-What is authoritative, mandatory or vice-versa.  Transparency  Timeliness-Defined processes [Type here] © 2017 Together We Pass. All rights reserved. Definition Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Code of Ethics Principles Internal auditors are expected to apply and uphold the following principles: 1. Integrity The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. 2. Objectivity Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments. 3. Confidentiality Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. 4. Competency Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services. Rules of Conduct 1. Integrity Internal auditors:  Shall perform their work with honesty, diligence, and responsibility.  Shall observe the law and make disclosures expected by the law and the profession. [Type here] © 2017 Together We Pass. All rights reserved.  Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization.  Shall respect and contribute to the legitimate and ethical objectives of the organization. 2. Objectivity Internal auditors:  Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization.  Shall not accept anything that may impair or be presumed to impair their professional judgment.  Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review. 3. Confidentiality Internal auditors:  Shall be prudent in the use and protection of information acquired in the course of their duties.  Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization. 4. Competency Internal auditors:  Shall engage only in those services for which they have the necessary knowledge, skills, and experience.  Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing.  Shall continually improve their proficiency and the effectiveness and quality of their services. STANDARDS Mandatory requirements consisting of:  Statements of basic requirements for professional practice of internal auditing  Interpretations which clarify terms or concepts within the Statements. ATTRUBUTES STANDARD PERFORMANCE STANDARDS Purpose, Authority, and Responsibility(1000) Managing the Internal Audit Activity(2000) [Type here] © 2017 Together We Pass. All rights reserved. Independence and Objectivity(1100) Nature of Work (2100) Proficiency and Due Professional Care(1200) Engagement Planning(2200) Quality Assurance(1300) Performing the Engagement(2300) Communicating Results(2400) Monitoring Progress(2500) Management’s Acceptance of Risk(2600) ATTRIBUTES STANDARDS 1000. Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the internal audit activity must be formally defined in an internal audit charter, consistent with the Definition of Internal Auditing, the Code of Ethics, and the Standards. The chief audit executive must periodically review the internal audit charter and present it to senior management and the board for approval. Interpretation The internal audit charter is a formal document that defines the internal audit activity's purpose, authority, and responsibility. The internal audit charter establishes the internal audit activity's position within the organization, including the nature of the chief audit executive's functional reporting relationship with the board; authorizes access to records, personnel, and physical properties relevant to the performance of engagements; and defines the scope of internal audit activities. Final approval of the internal audit charter resides with the board. 1100.Independence and Objectivity The internal audit activity must be independent, and internal auditors must be objective in performing their work. Interpretation Independence is the freedom from conditions that threaten the ability of the internal audit activity to carry out internal audit responsibilities in an unbiased manner. To achieve the degree of independence necessary to effectively carry out the responsibilities of the internal audit activity, the chief audit executive has direct and unrestricted access to senior management and the board. This can be achieved through a dual-reporting relationship. Threats to independence must be managed at the individual auditor, engagement, functional, and organizational levels. Objectivity is an unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others. Threats to objectivity must be managed at the individual auditor, engagement, functional, and organizational levels. [Type here] © 2017 Together We Pass. All rights reserved. 1200. Proficiency and Due Professional Care Engagements must be performed with proficiency and due professional care 1300 – Quality Assurance and Improvement Program The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. Interpretation A quality assurance and improvement program is designed to enable an evaluation of the internal audit activity's conformance with the Definition of Internal Auditing and the Standards and an evaluation of whether internal auditors apply the Code of Ethics. The program also assesses the efficiency and effectiveness of the internal audit activity and identifies opportunities for improvement. PERFORMANCE STANDARDS 2000 . Managing the Internal Audit Activity The chief audit executive must effectively manage the internal audit activity to ensure it adds value to the organization. Interpretation The internal audit activity is effectively managed when:  The results of the internal audit activity's work achieve the purpose and responsibility included in the internal audit charter;  The internal audit activity conforms with the Definition of Internal Auditing and the Standards; and  The individuals who are part of the internal audit activity demonstrate conformance with the Code of Ethics and the Standards.  The internal audit activity adds value to the organization (and its stakeholders) when it provides objective and relevant assurance, and contributes to the effectiveness and efficiency of governance, risk management, and control processes. 2100 .Nature of Work The internal audit activity must evaluate and contribute to the improvement of governance, risk management, and control processes using a systematic and disciplined approach. [Type here] © 2017 Together We Pass. All rights reserved. 2200. Engagement Planning Internal auditors must develop and document a plan for each engagement, including the engagement's objectives, scope, timing, and resource allocations. 2300. Performing the Engagement Internal auditors must identify, analyze, evaluate, and document sufficient information to achieve the engagement's objectives. 2400 .Communicating Results Internal auditors must communicate the results of engagements. 2500. Monitoring Progress The chief audit executive must establish and maintain a system to monitor the disposition of results communicated to management. 2500.A1 . The chief audit executive must establish a follow-up process to monitor and ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action. 2500.C1 . The internal audit activity must monitor the disposition of results of consulting engagements to the extent agreed upon with the client. 2600 : Communicating the Acceptance of Risks When the chief audit executive concludes that management has accepted a level of risk that may be unacceptable to the organization, the chief audit executive must discuss the matter with senior management. If the chief audit executive determines that the matter has not been resolved, the chief audit executive must communicate the matter to the board. Interpretation The identification of risk accepted by management may be observed through an assurance or consulting engagement, monitoring progress on actions taken by management as a result of prior engagements, or other means. It is not the responsibility of the chief audit executive to resolve the ris Some of the roles of internal auditors  Offer Insight and Advice  Evaluate Risks  Assess Controls  Ensure Accuracy  Improve Operations [Type here] © 2017 Together We Pass. All rights reserved.  Promote Ethics  Review processes and Procedures  Monitor Compliance  Assure Safeguards  Investigate Fraud  Communicate results TOPIC 4, TOPIC 5, TOPIC 6, TOPIC 7 Assertions are categorised as follows : assertions about classes of transactions and events for period under audit e.g. sales, interest received assertions about account balances at year-end e.g. accounts receivable, property, plant and equipment assertions about presentation and disclosure e.g. notes that support Statement of Financial Position accounts headings, contingent liabilities Transactions and events : Account balances : Presentation &disclosure : Occurrence – have all Existence – assets, Occurrence and rights and occurred and pertain to the liabilities and equity interest obligations – have occurred entity exist and pertain to entity Completeness – anything Rights and obligations – Completeness – all has that should have been entity holds and controls been included recorded has been recorded rights to assets and Classification & Accuracy - have been obligations are theirs understandability – is recorded appropriately Completeness – have all appropriately presented and Cut-off - have been been recorded described and disclosures recorded in the correct Valuation and allocation – are clearly expressed [Type here] © 2017 Together We Pass. All rights reserved. accounting period included at appropriate Accuracy and valuation – Classification - have been amounts and valuation or disclosed fairly & at recorded in the correct allocation adjustments are appropriate amounts. accounts recorded Assertions for Statement of Financial Position transactions and balances :