Upgrade to remove ads
IIA Chapter 12 & 13
Internal auditing book, chapters 12 and 13
Terms in this set (33)
these engagements focus directly on operational, reporting, and/or compliance performance
these engagements focus on the design adequacy and operating effectiveness of controls implemented to provide reasonable assurance that performance objectives are met
Stages of engagement
Planning, Performing, and Communicating
Planning stage of engagement
-Determine engagement objectives and scope
-Understand the auditee, including their objectives and assertions
-identify and assess risks
-identify key control activities
-evaluate adequacy of control design
-create a test plan
-develop a work program
-Allocate resources to the engagement
Performing stage of engagement
-Conduct tests to gather evidence
-Evaluate evidence gathered and reach conclusions
-Develop observations and formulate recommendations
Communicating stage of engagement
-Perform observation evaluation and escalation process
-Conduct interim and preliminary engagement communications
-Develop final engagement communications
-Distribute formal and informal final communications
-Perform monitoring and follow-up procedures
What the auditee is striving to achieve.
after-the-fact statements of what was achieved
Engagement work program
a document that lists the procedures to be followed during an engagement, designed to achieve the engagement plan
a finding, determination, or judgment derived from the internal auditor's test results
Difference in consulting engagement
Contrasting assurance engagements and consulting engagements is primarily done in the nature and scope of the engagement. Consulting engagements are for counsel, advice, facilitation, and training.
what an audit wants to achieve. These should start with:
what is or is not included within an engagement
a discrete and recognizable portion or component of a process
these are typically governance or task-oriented, and frequently focus on accuracy, timeliness, completeness, or control attributes. Also focus is on ensuring the effectiveness and efficiency of operations and safeguarding of assets
these relate to compliance with external laws and regulations, internal policies, or contracts
these are objectives that specifically align with the organization's strategic objectives. Audits covering these try to create a link from day to day activities to the company's strategic objectives
When doing this, you should focus on inputs, processing, and outputs related to a process or control
Documenting the process flow
during this phase, the auditor should use process maps, flowcharts, and narrative memoranda to be able to communicate how a process works
These should be used when the process is simple to document, when complicated steps require more than a visual representation can feasibly provide, when the process owner requests it, and when they are the more efficient means of documenting a process
Key performance indicator
a metric or other form of measuring whether a process or individual tasks are operating within prescribed tolerances. They should be relevant, measurable, available, aligned, and articulated.
Identify and assess risks
in this step of planning, the auditor, along with the process owner, attempt to answer what can happen that would prevent the achievement of each of the process-level objectives.
the identification and analysis, in terms of impact and likelihood, of relevant risks to the achievement of an organization's objectives, forming a basis for determining how the risks should be managed
an activity designed to reduce risk associated with a critical business objective
Common control types
Approving, Calculating, documenting, examining, matching, monitoring, restricting, segregating, supervising.
Assessment of whether management has planning and organized the controls in a manner that provides reasonable assurance that the related risks can be managed to an acceptable level
Nature, Extent, and timing of tests to reasonably assure that the test is successful
a document that lists the procedure to be followed during an engagement, designed to achieve the engagement plan
estimating the resources that are needed to conduct the engagement. It should be prepared by considering the number of hours needed to complete the engagement, as well as other costs that may be required.
Internal auditors, other people, travel, technology, and more.
this supplements the inhouse internal audit function through the use of third-party vendor services for the purpose of gaining subject matter expertise for a specific engagement or filling a gap in needed resources to complete the internal audit plan
This is the difficulty of scheduling the audit; includes auditors, auditees, technology, and more
this is an assessment of whether management has executed the controls in a manner that provides reasonable assurance that risks have been managed effectively and that the goals and objectives will be achieved efficiently and economically
THIS SET IS OFTEN IN FOLDERS WITH...
IIA Chapter 6
IIA Chapter 10
IIA Chapter 11
YOU MIGHT ALSO LIKE...
Internal Audit Final
ACCT 422 Chapter 12
Internal Audit Chapter 12
ACCT 422 Chapter 13
OTHER SETS BY THIS CREATOR
Strategic Management Ch 12
Strategic Management Ch 11
Strategic Management Ch 9
Strategic Management Ch 8