Study sets, textbooks, questions
Upgrade to remove ads
ACCY 462 - Exam 1
Terms in this set (87)
an independent, objective assurance and consulting activity designed to add value and improve an organization's operations.
risk management; control, governance process
Internal audit helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of ____ ________, ______, and the _______ _______.
external auditors audit _______ ___________.
internal auditors audit ______ _______.
expression of an opinion on the fair presentation of financial statements
add value to the company
-improve economy and efficiency of op's
-ensure compliance w/ management directives
-management eyes and ears
characteristics of internal audit
-Utilizes all business perspectives
-Auditor must understand management process
delivering audit value
-audit execution process
-effective, efficient, and valued
internal audit is
-utilizes all business perspectives
-auditor must understand management process
any threat to an organization meeting its goals and objectives
any step taken to mitigate a risk
plans, organizes, and directs performance of organization to provide reasonable assurance that objectives and goals will be achieved.
evaluate the process of planning, organizing and directing, provide information to management and the board
info provided to MGMT/board by auditor
-risk management system is effective
-system of internal control is effective
-governance process is effective
audit for efficiency and effectiveness of policy, procedure and process.
-current risks that need to managed
-quality of performance/best practices
audit for the degree the organization conforms to certain specific requirements; focuses on the detailed testing of conditions
-policy and procedures
-laws, regulations, contracts
audit to determine the company's ability to provide products and services that
-meet customers needs
-are provided in a timely manner
-within the established parameters
-focus on changing customer requirements
quality audit customer needs
-appropriate quality, cost, lead times
quality audit changing customer requirement
quality audit timeliness of product and services
quality audit established parameters
-training of personnel
-understanding of the customer
corporate governance participants
good corporate governance
-executes organizational strategies
-focus on core business
audit for an organization that is subject to environmental laws and regulations
environmental management system
an organization's structure of responsibilities and policies, practices, procedures, processes and resources for protecting the environment and managing environmental issues.
audit connected to corporate social responsibility
audit that assists the external auditors regarding internal financial information
-important to management
-quality of information
-external auditors may use the work of internal audit (cannot subordinate judgment)
-obtain an understanding of internal audit function
audit for efficiency, effectiveness, and requires performance criteria
a threat to the likelihood that an entity will achieve its established objectives
audit that identifies, measures, and prioritizes risks so that the focus is placed on the auditable areas of greatest significance
an audit focusing on _____ adds more value to the organization than an audit focusing only on ______.
risk-based audit procedures
1) identify mangement objectives
2) identify the risks to those objectives
3) identify how risks are managed
the process of assessing the risks faced by an organization and the development of strategies to minimize the effects of risk
risk assessment and management are part of the _____ function.
objectives of risk management
1) risks are identified/prioritized
2) management and BOD have determined acceptable risk level
3) risk mitigation activities are designed/implemented
4) ongoing monitoring activities
5) periodic reporting on results of risk management
how management deals with risk
-Controlling organizational activities
enterprise risk management
a risk-based approach to managing an enterprise, integrating concepts of strategic planning, operations management, and internal control
Internal audit standards
standards describing characteristics of organizations and individuals
standards describing the nature of internal auditing; quality criteria for measuring performance
standards that apply to specific types of engagements
1000 Purpose, Authority, and Responsibility
must be formally defined in an audit charter consistent with the definition of internal auditing, code of ethics and standards
chief audit executive
the ____ ______ ________ must periodically review the internal audit charter and present it to senior management and the board for approval
internal audit charter
a formal document that defines the internal audit activity's purpose, authority, and responsibility
internal audit activities established in charter
-position within organization
-authorizes access to records, personnel, physical properties relevant to engagements
-defines scope of services
assurance; consulting (1000 A.1 and C.1)
the nature of _______ and ________ services must be defined in the internal audit charter.
1100 Independence and Objectivity
internal audit must be ______, and internal auditors must be _______ in performing their work.
freedom from conditions that threaten the ability to carry out responsibilities in an unbiased manner
senior management; the board
to achieve the degree of independence necessary, the CAE has direct and unrestricted access to _____ ________ and ____ _______.
threats to ________ must be managed at the individual auditor, engagement, functional and organizational levels
an unbiased mental attitude that allows internal auditors to perform engagements such that they believe in their work product and that no quality compromises are made.
objectivity requires that internal auditors do not __________ their judgment on audit matters to others.
threats to _______ must be managed at the individual auditor, engagement, functional and organizational levels
1110 Organizational Independence
-CAE must report to a organizational level that allows IA to fulfill its responsibilities
-must confirm annually to the board the organization independence of IA
IA must be free from __________ in determining the scope of internal auditing, performing work, and communicating results
1111 Direct Interaction With the Board
CAE must communicate with ______
1120 Individual Objectivity
Internal auditors must have an impartial, unbiased attitude and avoid any conflict of interest
conflict of interest
situation in which an internal auditor, in a position of trust, has a competing or personal interest
appearance of impropriety
a conflict of interest can create an __________ ___ ________ that can undermine confidence in the internal auditor, activity, and profession
1130 Impairment to Independence or Objectivity
If independence or objectivity is impaired in fact or appearance, the details of the impairment must be disclosed to appropriate parties
-personal conflict of interest
-restrictions on access to records, personnel, properties
-resource limitations, like funding
responsibility; year (1130.A1)
objectivity is presumed to be impaired in an internal auditor provides assurance services for an activity which the internal auditor had _________ within the previous _____.
assurance engagements for functions over which the CAE has responsibility must be overseen by a party _______ the internal audit activity
IA may provide ________ services relating to operations for which they had previous responsibilities
disclosure; prior (1130.C2)
if IA have potential impairments to independence or objectivity relating to proposed consulting services, ________ must be made to the engagement client ________ to accepting the engagement.
1200 Proficiency and Due Professional Care
Engagements must be performed with ________ and ____ _______ _____.
Internal auditors must possess the skills needed to perform their responsibilities
the CAE must obtain competent advice and assistance in the internal auditors lack the knowledge, skills, etc needed to perform the engagement
IA must have sufficient knowledge to evaluate the risk of _____ and the manner in which it is managed by the organization
information technology (1210.A3)
IA must have sufficient knowledge of key _____ ________ risks and controls and available technology-based audit techniques to perform their assigned work
the CAE must decline the ______ engagement or obtain competent advice if the internal auditors lack the skills to perform the engagement
1220 Due Professional Care
Internal auditors must apply the care and skill expected of a reasonably competent internal auditor
due professional care does not imply _________.
Internal auditors must exercise due professional care by considering the:
-Amount of work needed to achieve the engagement's objectives;
-Relative complexity, materiality, or significance of matters to which assurance procedures are applied;
-Adequacy and effectiveness of governance, risk management, and control processes;
-Probability of significant errors, fraud, or noncompliance; and
-Cost of assurance in relation to potential benefits
In exercising due professional care, IA must consider the use of _________ based audit and other data analysis techniques
IA must be alert to significant risks that might affect objectives, operations or resources
Internal auditors must exercise due professional care during a consulting engagement by considering the:
-Needs and expectations of clients, including the nature, timing, and communication of results;
-Complexity and extent of work needed to achieve the engagement s objectives;
-Cost of the consulting engagement
1230 Continuing Professional Development
Internal auditors must enhance their knowledge, skills, and other competencies through _____ _________ _______.
1300 Quality Assurance and Improvement Program
the CAE must develop and maintain a ___ ________ ____ __________ ________ that covers all aspects of the internal audit activity.
quality assurance and improvement program designed to:
-Evaluate internal audit conformance with the Definition of Internal Auditing and the Standards
-Evaluate whether internal auditors apply the Code of Ethics.
-assess the efficiency and effectiveness of internal audit and identifies opportunities for improvement.
1310 Requirements of the Quality Assurance and Improvement Program
The quality assurance and improvement program must include both internal and external assessments.
1311 Internal Assessments
-ongoing monitoring of the performance of the internal audit activity
-periodic reviews performed through self-assessment/others with knowledge of practices
1312 External Assessments
External assessments must be conducted at least once every ____ years by a qualified, independent reviewer or team from outside the organization
1320 Reporting on the Quality Assurance and Improvement Program
The CAE must communicate the results of the quality assurance and improvement program to senior management and the board
1321 Use of Conforms w/ the International Standards for the Professional Practice of Internal Auditing
The CAE may state that the internal audit activity conforms with the International Standards for the Professional Practice of Internal Auditing only if the results of the quality assurance and improvement program support this statement.
1322 Disclosure of Nonconformance
When nonconformance with the Definition of Internal Auditing, the Code of Ethics, or the Standards impacts the overall scope or operation of the internal audit activity, the CAE must disclose the nonconformance and the impact to senior management and the board.
Sets with similar terms
Internal Audit Ch. 9
Internal Auditing Chapter 9
CIA- Part 1
ACCT 422 Chapter 9
Other sets by this creator
462 Final: Fraud
462 Final: Follow-Ups/Post-Audit Evaluations
462 Final: Auditor Communications
462 Final: Risk-Based Audits
Other Quizlet sets
renal test needs help
Physics 11 - Final Exam
(E4) Chapter 14: Adolescent Development (
Performance Breach and discharge