1 / 31

Balanced scorecard slide 10

Balanced scorecard slide 10. Risk based Internal audit. CA Rajnikant M. Patel. Content:. Concept of Internal Audit. Changing role of Internal Audit.( Traditional V/s Modern) Skill Set & Capabilities. Approach towards Internal Auditing with Reporting. Opportunities.

ingo
Download Presentation

Balanced scorecard slide 10

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Balanced scorecard slide 10 Risk based Internal audit CA Rajnikant M. Patel

  2. Content: • Concept of Internal Audit. • Changing role of Internal Audit.( Traditional V/s Modern) • Skill Set & Capabilities. • Approach towards Internal Auditing with Reporting. • Opportunities

  3. Concept of Internal Audit

  4. What is Internal Audit? • Internal Auditing is an Independent, Objective assurance and Consulting activity designed to add value and Improve an Organizations’ operations. • Internal Auditing is a Continuous process & not a One time event • It helps improve effectiveness of Risk Management, control and Governance processes • It involves Conducting pro-active Fraud audits to identify potential fraudulent acts, and Conducting post fraud investigation & identify Financial Loss and Control Breakdowns • Internal Auditors are not responsible for execution of Company’s activities, but advise management & BODs regarding how to better execute their responsibilities. • Internal Auditors typically Issue reports at the end of the each audit that summarize their Findings, recommendations, and any resources or action plans from management • Role Of Internal Audit should ideally act as a strategic partner to business, by providing quality assurance on various critical risks that are crucial to achieving organization goals.

  5. Balanced scorecard slide 4 Objectives Of Internal Audit To Verify Correctness, accuracy and authenticity of the financial accounting & Statistical records presented to management Undertake Special Investigation For the Management Facilitate Early Detection and Prevention Of Frauds Comment on Design and operational Effectiveness of Internal Control System and the Internal Check System

  6. Changing role of Internal Audit (Traditional V/S Modern)

  7. Traditional Internal Auditing Policing Role Focus on Financial Audit Manual Work Papers

  8. Modern Internal Auditing Strategic Function Focus on overall business processes Use of Technology

  9. ServiceCommitment expected: 9

  10. Skill Set and Capabilities

  11. Balanced scorecard slide 8 Skill Set & Capabilities Global Perspective Business acumen Technologically adapt ( CAAT, Flowcharts, Risk mapping Tools) Creative Thinking and Problem solving Strong Ethical Compass Superb Communication ( Written & Oral) Relationship Expert ( Interpersonal Skills)

  12. Approach towards Internal Auditing with Reporting

  13. Balanced scorecard slide 1 Planning Process of InternalAudit

  14. Understanding value chain Board and Leadership Business Planning Market Development Business Development Pricing Strategies Procurement - Procure to Pay Staff Management Inventory Management Operational Efficiency Manufacturing of Goods Logistics Inbound and Outbound Revenue – Order to Cash Sales promotion and Marketing Fixed Assets Management and Capex Insurance Finance and Accounts HR and Payroll related compliances Information Technology Statutory Compliance Admin Activities Treasury Operations Operational Support Strategic Internal Audit Focus Areas 14

  15. Process Design Review Mechanism Regulatory Compliance Policies & Procedures Risk & Control Organisation Structure Information Technology effectiveness Operational Effectiveness & Efficiency Internal Audit Solution Solution Focus Risk Based Internal Audit • Evaluate the design and operating effectiveness of the controls for various auditable areas so as to give an assurance to the management on the efficiency of the overall process. • For all the deficiencies observed, do a relative prioritization so that the leadership can concentrate on key risks. • Come up with a defined action plan for mitigation of the gaps identified in conjunction with the Management. • Give positive assurance to the Audit Committee on the operational and financial controls. This will also assist the Board in commenting on operating effectiveness of operating as well as financial controls across processes. Approach to Internal Audit is an ideal mix of traditional orthodox audit approach and process driven risk based approach, focusing on evaluating the end- to- end process risks and evaluating design and operating effectiveness of controls, using a sampling methodology 15

  16. Audit Analytics – An integral part of our IA Methodology Substantive Testing Planning Data Analytics • Based on process understanding and walkthrough , identify analysis relevant to the audit • Identify data fields required for analyzing each control matrices and define the requirements for extracting the data. • Extract relevant reports from the system required to run the planned analytics • Based on the exceptions identified through data analytics, select samples for substantive testing • Carry out substantive testing and report exceptions • Do the analysis (Excel) on the data dumps obtained • Discuss preliminary exceptions with the process owners • Fine tune results by removing false positives

  17. Balanced scorecard slide 1 Audit Approach Process Efficiency Strategic Partnering Focus: Enabling, drive into strategic gaps Impact: Influence strategy & deployment; change behavior; leverage technology; strategy/action congruence Report: Best practices, analysis of strategy/action incongruity, business case for change, off-report assistance Collaborative & Enabling Consultative Focus: Process & control efficiency Impact: Systematic process & control improvement, cost reduction Report: Analysis, facts & circumstances; recommended actions Business Assurance Monitor Process Effectiveness Focus: Compliance & controls Impact: Enhanced controls Report: Exceptions & recommendations Focus: Align process to support objectives; automate controls & solutions Impact: Change, influence system development & deployment Report: Analysis, facts & circumstances, business case for change Controls & Compliance Value Proposition Risk Management Strategy Achievement

  18. Illustrative CATEGORIZATION OF RISK AND STATUS OF OBSERVATION CLASSIFICATION : Process Control/Software control issue, Compliance Issue, and Other issue. CATEGORISATION OF RISK: The audit findings in this report have been rated in terms of significance based on our understanding of the business and with the sole objective of helping the management to put a process in place to review and strengthen controls on an ongoing basis. The rating has been done as under: STATUS OF OBSERVATION:

  19. Internal Audit Service Approach Audit closing meeting • Clarify points or issues with unit/management • Resolve open items, if any • Finalise process ratings • Agree follow-up plan Internal audit calendar • Understand business goals • understand changes in organizational relationships and protocols • Stakeholders mapping • Finalize the annual audit calendar • Evolve and issue rolling plan to all the concerned stakeholders Review process • Understand major processes and associated sub-processes • Assess and identify significant risks and controls • Evaluationof key controls to evaluate operating effectiveness. Issue sheets • Issue sheets are provided to the auditees to arrive at agreement over the issue identified • Co- develop an action plan. Agree action plan, person responsible and due date for implementation Presentation to management /audit committee • Summary of key risks needing mitigation • Advice on directional matters • summary of status of agreed action • Deliverable : Audit Committee Presentation Implementation/ status follow-up • Maintain dashboard of agreed action • Periodically review/update status of implementation Issue reports • Report capturing in detail the root cause, risk /business impact and recommendations for the issues observed • Executive summary of the leadership team • Deliverable : Audit Report Communication protocols embedded into service delivery approach allows multiple connect points 19

  20. Deliverables – Contents of the audit report 20

  21. Balanced scorecard slide 1 Governance Structure for Internal Audit Management Team Members • Present key audit issues raised during the quarter • Define & review long term relationship goals • Highest level for dispute resolution • Managing Partners Level3 Business Heads / IA Coordinator • Engagement Partner • Reviews program information at executive level, resolves issues/makes decisions, confirms direction, provides guidance • Monthly meeting to review progress • Discuss & finalize audit issues • Second level for dispute resolution Level 2 Process Owners • Audit Manager • Audit Team • Ensure smooth day-to-day functioning & guidance to auditors • Review the operational performance • First level for dispute resolution Level 1 21

  22. Balanced scorecard slide 8 Different Stages of Communication of Findings Discussion of Draft: At the conclusion of fieldwork, discussion draft should be submitted to the entity management for their review before the exit meeting Exit Meeting: At this meeting, entity’s management should comment on the draft and the internal audit team should work to achieve consensus and reach an agreement on the internal audit findings Formal Draft: The internal auditor should then prepare a formal draft, taking into account any revision or modification resulting from the exit meeting and other discussions. Final Report: The internal auditor should submit the final report to the appointing authority or such members of management, as directed.

  23. Illustrative DRAFTING OF OBSERVATIONS – Illustrative

  24. Illustrative STATUS OF OBSERVATIONS REPORTED

  25. Illustrative EXECUTIVE SUMMARY for Audit Committee/Board Meeting

  26. Opportunities

  27. Emerging Trends in Risk Management:

  28. Act on Opportunity • Customer Relationship Management. • Data management. • Competitiveadvantage. Stakeholder Value Enhancement REALIZATION OF POTENTIAL Operating Performance • Efficiencies • Continuous Improvements • Standardize Processes • People, Paper, Processes Compliance and Prevention • Avoid Risk • Legal liability • Fines/penalties • Reputation risk OPPORTUNITIES

  29. Opportunities: Following are the types of audits carried out by Internal auditors: • Compliance Audit: To ensure Compliance with rules, regulations and Laws applicable to a company. • Operational Audit: To ensure Effective & Efficient conduct of operations of a company. • Information System Audit: To ensure Proper Functioning of Information System throughout the life of a Business. • Performance Audit: To ensure the efficient use of resources to obtain the objectives of a Company. • Environmental Audits: To Ensure Compliance with the Environmental Laws & Regulations. • Special Assignments: relate to Investigations on fraud and Corruption, or any other Special service with the approval of the Board.

  30. How We Help Our Customers: Internal Auditors helps to achieve the right balance between risk and reward by establishing an environment for timely and effective response to the ever changing business risks. 30

  31. Balanced scorecard slide 10 Thank you CA Rajnikant M. Patel

More Related