Essay About Internal Auditinternal Auditor And Risk Management

Audit Revision
Essay Preview: Audit Revision
Report this essay
AUDIT REVISIONCHAPTER 19 – INTERNAL AUDITINTERNAL AUDITOR 🡪 independent and consulting activity designed to improve a company’s operations. Helps organisations use systematic and disciplined approaches to improve risk management, control and governance process.NOT LEGAL REQUIREMENT 🡪 only listed companies, public sector e.g. NHS (where companies are funded by public money). This is mandatory because:Accountability – funded through taxpayer’s money so needs to be properly accounted for to ensure the public how the money has been spentRegularity – to use the funds for the purpose for which they were intended e.g. capital funds cannot be used for revenueROLE OF INTERNAL AUDITOR 🡪 looks how companies manage risk by: Identify problem areasRecommend ways of improving risk management & control systemsMonitor corporate governance issues e.g. firm wide values, acceptable behavioursReviewing operational procedures e.g. value for money, HR processReviewing compliance with laws and regulationExamination and evaluation of financial & non-financial informationInternal auditors and required to give an opinion on whether internal controls are working as intended e.g. management policies, management of business risks.WORK THE INTERNAL AUDIT DEPARTMENT DO:Reviewing the policies and procedures for managing business riskReviewing compliance procedures Monitoring the operation of the internal control procedures including identifying potential problem areas and recommending improvementsCarrying out audits of information produced from the management information systemValue for money (VFM) assignments Advising on information systems developmentINTERNAL VS EXTERNALINTERNAL AUDITEXTERNAL AUDITObjective is to evaluate the organisations risk and control systems and to make recommendations.Objective is to provide an opinion on whether financial statements show true and fair view.Responsibility is to management Responsibility is to shareholdersIt is carried out by employees within the organisationIt is carried out by an external body, independent of the organisationCovers all aspects of activities within organisation e.g. operational and compliance issuesCovers audit programme, working papers, queries and explanationsThe approach is risk based, evaluates internal control systems, test systemsThe approach is risk based, the need to verify assets and liabilities, test if financial statements are reliable.Legal status is to report to management, there is no legal requirement unless listed company or within public sectorReport to shareholders (Companies Act 2006)EXTERNAL AUDITORS RELYING ON INTERNAL?🡪 ISA 610 ‘Using the work of internal auditors’🡪 Problematic for external auditor to rely on internal auditor because internal works for the company so to what degree of dependency do they have?It is important for external to be able to evaluate whether internal have the skills needed to carry out the work, this needs to be built into the plan on whether to use internals work.Communication between the two parties and regular meetings is deemed important.Once the work is done, it is reviewed by external to consider if the work is been properly supervised and reviewed when completed.External will compare with work carried out by their own staff in a similar area, any issues should be properly resolved.