SlideShare une entreprise Scribd logo

Internal audits role in compliance

Télécharger en tant que PPTX, PDF
Salih Islam
Salih Islam

Internal Audit

Business
1  sur  30
Internal Audits Role in Compliance
Your Questions and Concerns? • Who audits who? • Who audits what? • Who is responsible for compliance oversight? • Who reports compliance issues to the board? • How do we reduce duplication of effort? • Is there a best practice organization model?
Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
Audit Committee’s Primary Role Internal Audit’s Role Defined Foreign Corrupt Practices Act of 1997 requires companies to devise and maintain a system of internal accounting control sufficient to provide reasonable assurances that:  transactions are authorized by management;  transactions are recorded so that statements can be prepared in accordance with generally accepted accounting principles and accountability for assets maintained;  access to assets is authorized by management;  and periodic inventory is performed to compare recorded assets with existing assets.
Audit Committee’s Additional Roles Internal Audit’s Role Defined In order to assist a Corporation’s Board of Directors in fulfilling its fiduciary responsibilities, Audit Committees are usually chartered to review:  The financial information provided in the Company's Annual Report on Form 10-K and the quarterly reports on Form 10-Q and other reports as appropriate.  The Company’s systems of internal controls regarding finance, accounting, legal, compliance and ethics that management and the Board have established.  The Company’s auditing, accounting and financial reporting processes.  The independence and performance of the Company's independent accountants and internal auditing department.
Internal Audit’s Role Defined What is Internal Auditing? Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. (Institute of Internal Auditors)
Internal Audit’s Role Defined Corporate Governance Defined Elements of Corporate Governance – Corporate and Functional Strategy and Planning – Enterprise Risk Management – Tone at the Top - Ethics and Compliance – Measuring and Monitoring Performance – Transformational Transactions - Mergers, Acquisitions, Divestitures – Management Evaluation, Compensation, and Succession Planning – Telling the World: External Communications & Financial Reporting – Board Dynamics
Summary - Internal Audit’s Role Defined #1 - Support the Audit Committee #2 - Assurance on Risk Management, Control, and Governance #3 - Consulting on Risk Management, Control, and Governance
Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
Risk Based Engagement Planning How Internal Audit Does Its Work • The internal auditor should be alert to significant risks that might affect objectives, operations, or resources. • The internal auditor should consider the probability of significant errors, irregularities, noncompliance, and other exposures when developing the engagement objectives.
Focus of Engagement Risk Assessment How Internal Audit Does Its Work Based on the results of the risk assessment, the internal audit activity should evaluate the adequacy and effectiveness of controls encompassing the organization’s governance, operations, and information systems. This should include: – Reliability of integrity of financial and operational information. – Effectiveness and efficiency of operations. – Safeguarding of assets. – Compliance with laws, regulations, and contracts.
Ownership Risks – The risks associated with acquiring, maintaining, and disposing of assets (all except human assets). External Threats Ø Customer demands Ø Labor/financial/product markets Ø Suppliers Ø Competitors Ø Government Regulation Ø Economic/Political Forces Ø Environmental Forces Custodial Risks Ø Obsolescence of products and resources Ø Damage in handling/storing assets Ø Theft from storage Ø Image and reputation Ø Financial operations and reporting Hazards Ø Fire Ø Natural or man-made disaster Ø Accidental loss Opportunity Costs Ø Purchasing wrong asset or at wrong time, wrong price (technology, new companies, partnerships) Ø Selling asset too soon/too late Ø Disposing of wrong asset Errors/Omissions/Delays Ø Poor judgment in plans or operations Ø Inappropriate or outdated control mechanisms, Ø Systems malfunctions Ø Lack of timely, accurate information Ø Customer relations Hazards Ø Fire Ø Natural or man-made disaster Ø Accidental loss Frauds Ø Intentional misrepresentation Ø Theft (internal and external) Ø Bid rigging Ø Bribery Ø Kick-back schemes Ø Customer abuse Productivity Loss Ø Poor process design Ø Scheduling conflicts Ø Inappropriate work rules Ø Lack of monitoring controls Ø Under-utilizing assets Ø Goal conflicts Ø Inefficient processes and controls Workplace Environment Ø Gender/racial harassment Ø Excessive pressure to meet objectives Ø Employee theft and sabotage Ø Workplace injuries Ø Employee lawsuits Ø Workplace violence/safety Opportunity Costs Ø Hiring the wrong people or skills Ø Poor compensation system Ø Losing the wrong people or skills Turnover Ø Inadequate staff Ø Lack of key staff Ø Lack of trained staff Productivity Loss Ø Poor management practices Ø Poor worker commitment Ø Under-utilizing human assets Ø Poor leadership Ø Favoritism Ø Lack of work structure/discipline Ø Inconsistent management decisions Ø Personal/work goal conflicts Ø Lack of training Ø Performance-goal misalignment Process Risks – The risks associated with putting assets to work to achieve objectives. Behavioral Risks – The risks associated with acquiring, maintaining, and disposing of human assets. Generic Risk Matrix How Internal Audit Does Its Work
Audit Approach Collaborative & Enabling Consultative Controls & Compliance Focus: Process & control efficiency Impact: Systematic process & control improvement, cost reduction Report: Analysis, facts & circumstances; recommended actions Skills: General, medium technical, project management & partnering Effort: Medium Focus: Compliance & controls Impact: Enhanced controls Report: Exceptions & recommendations Skills: Control generalist Effort: Low to medium Strategic Partnering Business Assurance Focus: Enabling, drive into strategic gaps Impact: Influence strategy & deployment; change behavior; leverage technology; strategy/action congruence Report: Best practices, analysis of strategy/action incongruity, business case for change, off-report assistance Skills: Integrated business & deep technology skills plus Humana experience, credibility w/ line management Effort: Medium to very high Focus: Align process to support objectives; automate controls & solutions Impact: Change, influence system development & deployment Report: Analysis, facts & circumstances, business case for change Skills: Business process, IT/automation, management consulting Effort: Medium to high Process Efficiency Monitor Process Effectiveness Value Proposition Risk Management Strategy Achievement
A Range of HIPAA Value Propositions Stakeholder Value Enhancement OPPORTUNITIES Compliance and Prevention Operating Performance Act on Opportunity • Support e-health • CRM • Data management • Competitive advantage Efficiencies • Continuous Improvements • Standardize Processes • People, Paper, Processes Avoid Risk • Legal liability • Fines/penalties • Reputation risk REALIZATION OF POTENTIAL
Summary - How Internal Audit Does Its Work 5 Year Outlook - Assurance & Consulting Services Groups • Enterprise Wide Risk Management • Majority of Effort on Consulting & Facilitating • Less Than 50% of Effort on Traditional Audits • Shift to Assurance on Risk Management Culture • Manager of Outsourced Experts • Strategic Role
Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
Practice Advisory 2100-5: Legal Considerations in Evaluating Regulatory Compliance Programs Internal auditors should evaluate an organization’s regulatory compliance programs in light of the following suggested steps for effective compliance programs. • The organization should establish compliance standards and procedures to be followed by employees and agents. • Specific high-level individual(s) should be assigned overall responsibility to oversee regulatory compliance. • The organization should use due care not to delegate substantial discretionary authority to individuals the organization knows, or should know through the exercise of due diligence, have a propensity to engage in illegal activities. • The organization should take steps to communicate effectively its standards and procedures. • The organization should take reasonable steps to achieve compliance with its standards. • The standards should be consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense. • After an offense has been detected, the organization should take all reasonable steps to respond appropriately to the offense and to prevent further similar offenses. Internal Audits Role In Compliance
Internal Audits Role In Compliance Practice Advisory 2130-1: Role of the Internal Audit Activity and Internal Auditor in the Ethical Culture of an Organization At a minimum, the internal audit activity should periodically assess the state of the ethical climate of the organization and the effectiveness of its strategies, tactics, communications, and other processes in achieving the desired level of legal and ethical compliance. Internal auditors should evaluate the effectiveness of the following features of an enhanced, highly effective ethical culture. – Formal code of conduct. – Frequent communication of expected ethical attitudes and behavior by the influential leaders of the organization. – Explicit strategies to support and enhance the ethical culture with regular programs. – Several, easily accessible ways for people to confidentially report alleged violations of ethics code. – Regular declarations by employees, vendors that they are aware of requirements for ethical behavior. – Clear delegation of responsibilities for investigation and resolution of case findings. – Easy access to learning opportunities regarding ethics. – Regular reviews of formal and informal processes within the organization. – Regular reference and background checks.
Internal Audits Role In Compliance Practice Advisory 2130-1: Role of the Internal Audit Activity and Internal Auditor in the Ethical Culture of an Organization The internal audit activity may assume one of several different roles as an ethics advocate. Those roles include chief ethics officer (ombudsman, compliance officer, management ethics counselor, or ethics expert), member of an internal ethics council, or assessor of the organization’s ethical climate. In some circumstances, the role of chief ethics officer may conflict with the independence attribute of the internal audit activity.
Summary - Internal Audits Role in Compliance • Internal Audit Independently and Objectively Reviews Organizations Compliance and Ethics Policies and Processes • The Internal Audit Function May Assume Various Roles Including That of Ethics or Compliance Officer
Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
Independence Requirement - IIA Standards How Internal Audit and Compliance Differ Independence and Objectivity: The internal audit activity should be independent, and internal auditors should be objective in performing their work. Assurance engagements for functions over which the chief audit executive has responsibility should be overseen by a party outside the internal audit activity. How would these standards be applied if the Internal Audit Function was responsible for establishing and overseeing the compliance & ethics functions?
Reporting Requirement - IIA Standard How Internal Audit and Compliance Differ The chief audit executive is responsible for communicating the final results of engagements to individuals who can ensure that the results are given due consideration. The chief audit executive should establish a follow-up process to monitor and ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action.
How Internal Audit and Compliance Differ Management’s Acceptance of Risks - IIA Standard When the chief audit executive believes that senior management has accepted a level of residual risk that is unacceptable to the organization, the chief audit executive should discuss the matter with senior management. If the decision regarding residual risk is not resolved, the chief audit executive and senior management should report the matter to the board for resolution.
How Internal Audit and Compliance Differ Summary - How Internal Audit & Compliance Differ • Independence Requirement • Explicit and Expected Regular Reporting Role to the Audit Committee • Chief Audit Executive Reports and Is Accountable to the Audit Committee • Compliance Functions May Not Have an Independent or Objective Means for Assessing or Regularly Reporting How Well They Achieve Compliance • Compliance Functions Generally Have A Responsibility for Implementing Compliance Processes
Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
Defining Roles at Your Organization Internal Audit - Different Approaches Activities Other Than Traditional Audit • GE - Controllership, Corporate Initiatives, and Management Development • GM - Enterprise Risk Management, Crisis Management, Continuity Planning • Disney, DuPont, Caterpillar - Enterprise Risk Management • Citicorp - Rating Awareness & Management of Risks
Coordination - IIA Standard The chief audit executive should share information and coordinate activities with other internal and external providers of relevant assurance and consulting services to ensure proper coverage and minimize duplication of efforts. How do you coordinate compliance and Internal Audit activity? What information does compliance provide to internal audit at your organization? Defining Roles at Your Organization
Summary - Defining Roles at Your Organization The Value Proposition Internal Audit Compliance • Powerful Voice • Clear Responsibilities for Bringing Matters to the Attention of Senior Management and the Board • Clear Access To Board and Responsibility to Follow-up on Issues • Assurance & Consulting Focus on Risk Management, Controls, and Governance • Powerful Insight and Understanding of Compliance Issues and Activities • Champion of Compliance Activities • Key Quality Assurance Function • Consultant to Management on Compliance Issues

Recommandé

Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor RolesIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing functionDebashis Gupta
 
Internal audit department
Internal audit departmentInternal audit department
Internal audit departmentPopun
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid themSurajit Datta
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Internal Audit
Internal AuditInternal Audit
Internal AuditJami Martin
 

Recommandé

Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor RolesIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing functionDebashis Gupta
 
Internal audit department
Internal audit departmentInternal audit department
Internal audit departmentPopun
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid themSurajit Datta
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Internal Audit
Internal AuditInternal Audit
Internal AuditJami Martin
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit FrameworkAhmad Tariq Bhatti
 
Internal Audit
Internal AuditInternal Audit
Internal AuditAhmad Tariq Bhatti
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologyManoj Agarwal
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit pptLetzconsult.com
 
Internal Financial Controls over Financial Reporting
Internal Financial Controls over Financial ReportingInternal Financial Controls over Financial Reporting
Internal Financial Controls over Financial ReportingManish Kagathara
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditinggrifff
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
Compliance audit
Compliance auditCompliance audit
Compliance auditEmma Yaks
 
Internal auditing
Internal auditingInternal auditing
Internal auditingShach Faisal
 
Ch 9. Internal Audit
Ch 9. Internal AuditCh 9. Internal Audit
Ch 9. Internal AuditSazzad Hossain, ITP, MBA, CSCA™
 
Audit & compliance
Audit & complianceAudit & compliance
Audit & complianceGDE Coaching - Jean Noel Macaque
 
Statutory Compliance Audit Process
Statutory Compliance Audit ProcessStatutory Compliance Audit Process
Statutory Compliance Audit Processashwiniarondkar
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEbbongio
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditingFrederick Altum Pokoo-Aikins
 
Internal Audit Manual
Internal Audit ManualInternal Audit Manual
Internal Audit ManualDavid Griffiths
 
Internal audit
Internal auditInternal audit
Internal auditRahul Mithia
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
Process Audit and ISO
Process Audit and ISOProcess Audit and ISO
Process Audit and ISOSadafhazel
 
The Consulting Approach of IA
The Consulting Approach of IAThe Consulting Approach of IA
The Consulting Approach of IASalih Islam
 
Denetim - Güncel Yaklaşımlar
Denetim - Güncel YaklaşımlarDenetim - Güncel Yaklaşımlar
Denetim - Güncel YaklaşımlarSalih Islam
 

Contenu connexe

Tendances

Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologyManoj Agarwal
 
Internal Financial Controls over Financial Reporting
Internal Financial Controls over Financial ReportingInternal Financial Controls over Financial Reporting
Internal Financial Controls over Financial ReportingManish Kagathara
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditinggrifff
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
Compliance audit
Compliance auditCompliance audit
Compliance auditEmma Yaks
 
Statutory Compliance Audit Process
Statutory Compliance Audit ProcessStatutory Compliance Audit Process
Statutory Compliance Audit Processashwiniarondkar
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEbbongio
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
Process Audit and ISO
Process Audit and ISOProcess Audit and ISO
Process Audit and ISOSadafhazel
 

Tendances (20)

The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
 
Internal Financial Controls over Financial Reporting
Internal Financial Controls over Financial ReportingInternal Financial Controls over Financial Reporting
Internal Financial Controls over Financial Reporting
 
An introduction to internal auditing
An introduction to internal auditingAn introduction to internal auditing
An introduction to internal auditing
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal Audit
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal Audit
 
Compliance audit
Compliance auditCompliance audit
Compliance audit
 
Internal auditing
Internal auditingInternal auditing
Internal auditing
 
Ch 9. Internal Audit
Ch 9. Internal AuditCh 9. Internal Audit
Ch 9. Internal Audit
 
Audit & compliance
Audit & complianceAudit & compliance
Audit & compliance
 
Statutory Compliance Audit Process
Statutory Compliance Audit ProcessStatutory Compliance Audit Process
Statutory Compliance Audit Process
 
MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCE
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditing
 
Internal Audit Manual
Internal Audit ManualInternal Audit Manual
Internal Audit Manual
 
Internal audit
Internal auditInternal audit
Internal audit
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditors
 
Process Audit and ISO
Process Audit and ISOProcess Audit and ISO
Process Audit and ISO
 

En vedette

The Consulting Approach of IA
The Consulting Approach of IAThe Consulting Approach of IA
The Consulting Approach of IASalih Islam
 
Denetim - Güncel Yaklaşımlar
Denetim - Güncel YaklaşımlarDenetim - Güncel Yaklaşımlar
Denetim - Güncel YaklaşımlarSalih Islam
 
Summary of work experience
Summary of work experienceSummary of work experience
Summary of work experienceSalih Islam
 
Internal Audit Primary Mission
Internal Audit Primary MissionInternal Audit Primary Mission
Internal Audit Primary MissionSalih Islam
 
Evolving Risk Management
Evolving Risk ManagementEvolving Risk Management
Evolving Risk ManagementSalih Islam
 
High performance leadership project.nextdoor neighborhoods.slideshare
High performance leadership project.nextdoor neighborhoods.slideshareHigh performance leadership project.nextdoor neighborhoods.slideshare
High performance leadership project.nextdoor neighborhoods.slideshareWayne Holley
 
Examples of actual work performed in sahinler
Examples of actual work performed in sahinlerExamples of actual work performed in sahinler
Examples of actual work performed in sahinlerSalih Islam
 
Biology and Management of Eurasian Watermilfoil
Biology and Management of Eurasian WatermilfoilBiology and Management of Eurasian Watermilfoil
Biology and Management of Eurasian WatermilfoilMissouri Conservation
 
The Biology and Management of Hydrilla
The Biology and Management of HydrillaThe Biology and Management of Hydrilla
The Biology and Management of HydrillaMissouri Conservation
 
Evangelization Digital Age - Part I
Evangelization Digital Age - Part IEvangelization Digital Age - Part I
Evangelization Digital Age - Part ICaroline Cerveny
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal AuditKaran Puri
 
The Movement Of Water On Earth1
The Movement Of Water On Earth1The Movement Of Water On Earth1
The Movement Of Water On Earth1rbosch
 
Internal Audit Report Writing Best Practice
Internal Audit Report Writing Best PracticeInternal Audit Report Writing Best Practice
Internal Audit Report Writing Best PracticeDJones68
 
Internal Audit Quality Assessment
Internal Audit Quality AssessmentInternal Audit Quality Assessment
Internal Audit Quality AssessmentMohammad Draidi
 

En vedette (20)

The Consulting Approach of IA
The Consulting Approach of IAThe Consulting Approach of IA
The Consulting Approach of IA
 
Denetim - Güncel Yaklaşımlar
Denetim - Güncel YaklaşımlarDenetim - Güncel Yaklaşımlar
Denetim - Güncel Yaklaşımlar
 
Summary of work experience
Summary of work experienceSummary of work experience
Summary of work experience
 
Internal Audit Primary Mission
Internal Audit Primary MissionInternal Audit Primary Mission
Internal Audit Primary Mission
 
Evolving Risk Management
Evolving Risk ManagementEvolving Risk Management
Evolving Risk Management
 
High performance leadership project.nextdoor neighborhoods.slideshare
High performance leadership project.nextdoor neighborhoods.slideshareHigh performance leadership project.nextdoor neighborhoods.slideshare
High performance leadership project.nextdoor neighborhoods.slideshare
 
Independency
IndependencyIndependency
Independency
 
Sesbania Herbacea
Sesbania HerbaceaSesbania Herbacea
Sesbania Herbacea
 
Examples of actual work performed in sahinler
Examples of actual work performed in sahinlerExamples of actual work performed in sahinler
Examples of actual work performed in sahinler
 
Biology and Management of Eurasian Watermilfoil
Biology and Management of Eurasian WatermilfoilBiology and Management of Eurasian Watermilfoil
Biology and Management of Eurasian Watermilfoil
 
The Biology and Management of Hydrilla
The Biology and Management of HydrillaThe Biology and Management of Hydrilla
The Biology and Management of Hydrilla
 
Control of Reed Canary Grass
Control of Reed Canary GrassControl of Reed Canary Grass
Control of Reed Canary Grass
 
Intro to Spiritual Pilgrimage
Intro to Spiritual PilgrimageIntro to Spiritual Pilgrimage
Intro to Spiritual Pilgrimage
 
Spotted Knapweed
Spotted KnapweedSpotted Knapweed
Spotted Knapweed
 
Evangelization Digital Age - Part I
Evangelization Digital Age - Part IEvangelization Digital Age - Part I
Evangelization Digital Age - Part I
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal Audit
 
The Movement Of Water On Earth1
The Movement Of Water On Earth1The Movement Of Water On Earth1
The Movement Of Water On Earth1
 
Internal Audit Report Writing Best Practice
Internal Audit Report Writing Best PracticeInternal Audit Report Writing Best Practice
Internal Audit Report Writing Best Practice
 
Internal Audit Quality Assessment
Internal Audit Quality AssessmentInternal Audit Quality Assessment
Internal Audit Quality Assessment
 
Audit report
Audit reportAudit report
Audit report
 

Similaire à Internal audits role in compliance

Red Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level ControlsRed Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level ControlsSmith-Howard
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and auditAstri Stiawaty
 
Audit Framework presentation.pptx
Audit Framework presentation.pptxAudit Framework presentation.pptx
Audit Framework presentation.pptxOnwVinx
 
Internal Audit Strategic Framework
Internal Audit Strategic FrameworkInternal Audit Strategic Framework
Internal Audit Strategic FrameworkJeremy Cheng
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self AssessmentManoj Agarwal
 
Value of internal auditing
Value of internal auditingValue of internal auditing
Value of internal auditingHazem Saleh
 
Introduction to cooperative auditing
Introduction to cooperative auditingIntroduction to cooperative auditing
Introduction to cooperative auditingefferson ramirez
 
Navigating the Realm of Audits: Understanding, Preparation, and Compliance
Navigating the Realm of Audits: Understanding, Preparation, and ComplianceNavigating the Realm of Audits: Understanding, Preparation, and Compliance
Navigating the Realm of Audits: Understanding, Preparation, and Complianceamanrajput052046
 
Final presentation internal controls
Final presentation internal controlsFinal presentation internal controls
Final presentation internal controlsRishab Nahata
 
ANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.ppt
ANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.pptANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.ppt
ANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.ppt1111964
 
Ethics in accounting
Ethics in accountingEthics in accounting
Ethics in accountingMuhammad Arif
 
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.pptDECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt1111964
 
Internal Controls Topic 2.ppt
Internal Controls Topic 2.pptInternal Controls Topic 2.ppt
Internal Controls Topic 2.pptyahyamuthamia
 
Process Level Auditing Presentation
Process Level Auditing PresentationProcess Level Auditing Presentation
Process Level Auditing PresentationVernon Benjamin
 
Argannoo Odiitii Auditing-Degu Desta (3).pptx
Argannoo Odiitii Auditing-Degu Desta (3).pptxArgannoo Odiitii Auditing-Degu Desta (3).pptx
Argannoo Odiitii Auditing-Degu Desta (3).pptxmiadjafar463
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Mohammad Wahid Abdullah Khan
 

Similaire à Internal audits role in compliance (20)

Internal controls
Internal controlsInternal controls
Internal controls
 
Red Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level ControlsRed Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level Controls
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
 
Audit Framework presentation.pptx
Audit Framework presentation.pptxAudit Framework presentation.pptx
Audit Framework presentation.pptx
 
Internal Audit Strategic Framework
Internal Audit Strategic FrameworkInternal Audit Strategic Framework
Internal Audit Strategic Framework
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self Assessment
 
Value of internal auditing
Value of internal auditingValue of internal auditing
Value of internal auditing
 
Introduction to cooperative auditing
Introduction to cooperative auditingIntroduction to cooperative auditing
Introduction to cooperative auditing
 
Navigating the Realm of Audits: Understanding, Preparation, and Compliance
Navigating the Realm of Audits: Understanding, Preparation, and ComplianceNavigating the Realm of Audits: Understanding, Preparation, and Compliance
Navigating the Realm of Audits: Understanding, Preparation, and Compliance
 
Final presentation internal controls
Final presentation internal controlsFinal presentation internal controls
Final presentation internal controls
 
ANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.ppt
ANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.pptANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.ppt
ANATOMY OF FINANCIAL PROCESSES IN PUBLIC SECTOR.ppt
 
Ethics in accounting
Ethics in accountingEthics in accounting
Ethics in accounting
 
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.pptDECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
 
Internal Controls Topic 2.ppt
Internal Controls Topic 2.pptInternal Controls Topic 2.ppt
Internal Controls Topic 2.ppt
 
Process Level Auditing Presentation
Process Level Auditing PresentationProcess Level Auditing Presentation
Process Level Auditing Presentation
 
Argannoo Odiitii Auditing-Degu Desta (3).pptx
Argannoo Odiitii Auditing-Degu Desta (3).pptxArgannoo Odiitii Auditing-Degu Desta (3).pptx
Argannoo Odiitii Auditing-Degu Desta (3).pptx
 
Corporate governance
Corporate governanceCorporate governance
Corporate governance
 
Hr audit
Hr auditHr audit
Hr audit
 
2019_SOU_Internal_Audit.pptx
2019_SOU_Internal_Audit.pptx2019_SOU_Internal_Audit.pptx
2019_SOU_Internal_Audit.pptx
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)
 

Plus de Salih Islam

Corporate Governance
Corporate GovernanceCorporate Governance
Corporate GovernanceSalih Islam
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologiesSalih Islam
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologySalih Islam
 
Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud InvestigationSalih Islam
 
New approaches in internal audit
New approaches in internal auditNew approaches in internal audit
New approaches in internal auditSalih Islam
 
Assessing Strengths and Weaknesses
Assessing Strengths and WeaknessesAssessing Strengths and Weaknesses
Assessing Strengths and WeaknessesSalih Islam
 
Financial Statements Audit
Financial Statements AuditFinancial Statements Audit
Financial Statements AuditSalih Islam
 
The role of auditing in the erm process
The role of auditing in the erm processThe role of auditing in the erm process
The role of auditing in the erm processSalih Islam
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit ApproachSalih Islam
 
Internal auditors’ roles and responsibilities
Internal auditors’ roles and responsibilitiesInternal auditors’ roles and responsibilities
Internal auditors’ roles and responsibilitiesSalih Islam
 
Summary of Work Experience
Summary of Work ExperienceSummary of Work Experience
Summary of Work ExperienceSalih Islam
 
Internal Control
Internal ControlInternal Control
Internal ControlSalih Islam
 
Internal Auditors’ Roles and Responsibilities
Internal Auditors’ Roles and ResponsibilitiesInternal Auditors’ Roles and Responsibilities
Internal Auditors’ Roles and ResponsibilitiesSalih Islam
 
Project Auditing
Project AuditingProject Auditing
Project AuditingSalih Islam
 
Be Independent & Objective
Be Independent & ObjectiveBe Independent & Objective
Be Independent & ObjectiveSalih Islam
 
Calculate the Risk
Calculate the RiskCalculate the Risk
Calculate the RiskSalih Islam
 
Follow the Footprints
Follow the FootprintsFollow the Footprints
Follow the FootprintsSalih Islam
 

Plus de Salih Islam (20)

Corporate Governance
Corporate GovernanceCorporate Governance
Corporate Governance
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologies
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
 
Audit Fields
Audit FieldsAudit Fields
Audit Fields
 
Fraud Investigation
Fraud InvestigationFraud Investigation
Fraud Investigation
 
New approaches in internal audit
New approaches in internal auditNew approaches in internal audit
New approaches in internal audit
 
Assessing Strengths and Weaknesses
Assessing Strengths and WeaknessesAssessing Strengths and Weaknesses
Assessing Strengths and Weaknesses
 
Financial Statements Audit
Financial Statements AuditFinancial Statements Audit
Financial Statements Audit
 
The role of auditing in the erm process
The role of auditing in the erm processThe role of auditing in the erm process
The role of auditing in the erm process
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit Approach
 
Internal auditors’ roles and responsibilities
Internal auditors’ roles and responsibilitiesInternal auditors’ roles and responsibilities
Internal auditors’ roles and responsibilities
 
Audit Cycle
Audit CycleAudit Cycle
Audit Cycle
 
Summary of Work Experience
Summary of Work ExperienceSummary of Work Experience
Summary of Work Experience
 
COSO
COSOCOSO
COSO
 
Internal Control
Internal ControlInternal Control
Internal Control
 
Internal Auditors’ Roles and Responsibilities
Internal Auditors’ Roles and ResponsibilitiesInternal Auditors’ Roles and Responsibilities
Internal Auditors’ Roles and Responsibilities
 
Project Auditing
Project AuditingProject Auditing
Project Auditing
 
Be Independent & Objective
Be Independent & ObjectiveBe Independent & Objective
Be Independent & Objective
 
Calculate the Risk
Calculate the RiskCalculate the Risk
Calculate the Risk
 
Follow the Footprints
Follow the FootprintsFollow the Footprints
Follow the Footprints
 

Dernier

Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...ssuserf63bd7
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesEntrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesDavidSamuel525586
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Doge Mining Website
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxappkodes
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditNhtLNguyn9
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 

Dernier (20)

Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in PhilippinesEntrepreneurship lessons in Philippines
Entrepreneurship lessons in Philippines
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptx
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal audit
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 

Internal audits role in compliance

  • 1.
  • 2. Internal Audits Role in Compliance
  • 3. Your Questions and Concerns? • Who audits who? • Who audits what? • Who is responsible for compliance oversight? • Who reports compliance issues to the board? • How do we reduce duplication of effort? • Is there a best practice organization model?
  • 4. Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
  • 5. Audit Committee’s Primary Role Internal Audit’s Role Defined Foreign Corrupt Practices Act of 1997 requires companies to devise and maintain a system of internal accounting control sufficient to provide reasonable assurances that:  transactions are authorized by management;  transactions are recorded so that statements can be prepared in accordance with generally accepted accounting principles and accountability for assets maintained;  access to assets is authorized by management;  and periodic inventory is performed to compare recorded assets with existing assets.
  • 6. Audit Committee’s Additional Roles Internal Audit’s Role Defined In order to assist a Corporation’s Board of Directors in fulfilling its fiduciary responsibilities, Audit Committees are usually chartered to review:  The financial information provided in the Company's Annual Report on Form 10-K and the quarterly reports on Form 10-Q and other reports as appropriate.  The Company’s systems of internal controls regarding finance, accounting, legal, compliance and ethics that management and the Board have established.  The Company’s auditing, accounting and financial reporting processes.  The independence and performance of the Company's independent accountants and internal auditing department.
  • 7. Internal Audit’s Role Defined What is Internal Auditing? Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. (Institute of Internal Auditors)
  • 8. Internal Audit’s Role Defined Corporate Governance Defined Elements of Corporate Governance – Corporate and Functional Strategy and Planning – Enterprise Risk Management – Tone at the Top - Ethics and Compliance – Measuring and Monitoring Performance – Transformational Transactions - Mergers, Acquisitions, Divestitures – Management Evaluation, Compensation, and Succession Planning – Telling the World: External Communications & Financial Reporting – Board Dynamics
  • 9. Summary - Internal Audit’s Role Defined #1 - Support the Audit Committee #2 - Assurance on Risk Management, Control, and Governance #3 - Consulting on Risk Management, Control, and Governance
  • 10. Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
  • 11. Risk Based Engagement Planning How Internal Audit Does Its Work • The internal auditor should be alert to significant risks that might affect objectives, operations, or resources. • The internal auditor should consider the probability of significant errors, irregularities, noncompliance, and other exposures when developing the engagement objectives.
  • 12. Focus of Engagement Risk Assessment How Internal Audit Does Its Work Based on the results of the risk assessment, the internal audit activity should evaluate the adequacy and effectiveness of controls encompassing the organization’s governance, operations, and information systems. This should include: – Reliability of integrity of financial and operational information. – Effectiveness and efficiency of operations. – Safeguarding of assets. – Compliance with laws, regulations, and contracts.
  • 13. Ownership Risks – The risks associated with acquiring, maintaining, and disposing of assets (all except human assets). External Threats Ø Customer demands Ø Labor/financial/product markets Ø Suppliers Ø Competitors Ø Government Regulation Ø Economic/Political Forces Ø Environmental Forces Custodial Risks Ø Obsolescence of products and resources Ø Damage in handling/storing assets Ø Theft from storage Ø Image and reputation Ø Financial operations and reporting Hazards Ø Fire Ø Natural or man-made disaster Ø Accidental loss Opportunity Costs Ø Purchasing wrong asset or at wrong time, wrong price (technology, new companies, partnerships) Ø Selling asset too soon/too late Ø Disposing of wrong asset Errors/Omissions/Delays Ø Poor judgment in plans or operations Ø Inappropriate or outdated control mechanisms, Ø Systems malfunctions Ø Lack of timely, accurate information Ø Customer relations Hazards Ø Fire Ø Natural or man-made disaster Ø Accidental loss Frauds Ø Intentional misrepresentation Ø Theft (internal and external) Ø Bid rigging Ø Bribery Ø Kick-back schemes Ø Customer abuse Productivity Loss Ø Poor process design Ø Scheduling conflicts Ø Inappropriate work rules Ø Lack of monitoring controls Ø Under-utilizing assets Ø Goal conflicts Ø Inefficient processes and controls Workplace Environment Ø Gender/racial harassment Ø Excessive pressure to meet objectives Ø Employee theft and sabotage Ø Workplace injuries Ø Employee lawsuits Ø Workplace violence/safety Opportunity Costs Ø Hiring the wrong people or skills Ø Poor compensation system Ø Losing the wrong people or skills Turnover Ø Inadequate staff Ø Lack of key staff Ø Lack of trained staff Productivity Loss Ø Poor management practices Ø Poor worker commitment Ø Under-utilizing human assets Ø Poor leadership Ø Favoritism Ø Lack of work structure/discipline Ø Inconsistent management decisions Ø Personal/work goal conflicts Ø Lack of training Ø Performance-goal misalignment Process Risks – The risks associated with putting assets to work to achieve objectives. Behavioral Risks – The risks associated with acquiring, maintaining, and disposing of human assets. Generic Risk Matrix How Internal Audit Does Its Work
  • 14. Audit Approach Collaborative & Enabling Consultative Controls & Compliance Focus: Process & control efficiency Impact: Systematic process & control improvement, cost reduction Report: Analysis, facts & circumstances; recommended actions Skills: General, medium technical, project management & partnering Effort: Medium Focus: Compliance & controls Impact: Enhanced controls Report: Exceptions & recommendations Skills: Control generalist Effort: Low to medium Strategic Partnering Business Assurance Focus: Enabling, drive into strategic gaps Impact: Influence strategy & deployment; change behavior; leverage technology; strategy/action congruence Report: Best practices, analysis of strategy/action incongruity, business case for change, off-report assistance Skills: Integrated business & deep technology skills plus Humana experience, credibility w/ line management Effort: Medium to very high Focus: Align process to support objectives; automate controls & solutions Impact: Change, influence system development & deployment Report: Analysis, facts & circumstances, business case for change Skills: Business process, IT/automation, management consulting Effort: Medium to high Process Efficiency Monitor Process Effectiveness Value Proposition Risk Management Strategy Achievement
  • 15. A Range of HIPAA Value Propositions Stakeholder Value Enhancement OPPORTUNITIES Compliance and Prevention Operating Performance Act on Opportunity • Support e-health • CRM • Data management • Competitive advantage Efficiencies • Continuous Improvements • Standardize Processes • People, Paper, Processes Avoid Risk • Legal liability • Fines/penalties • Reputation risk REALIZATION OF POTENTIAL
  • 16. Summary - How Internal Audit Does Its Work 5 Year Outlook - Assurance & Consulting Services Groups • Enterprise Wide Risk Management • Majority of Effort on Consulting & Facilitating • Less Than 50% of Effort on Traditional Audits • Shift to Assurance on Risk Management Culture • Manager of Outsourced Experts • Strategic Role
  • 17. Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
  • 18. Practice Advisory 2100-5: Legal Considerations in Evaluating Regulatory Compliance Programs Internal auditors should evaluate an organization’s regulatory compliance programs in light of the following suggested steps for effective compliance programs. • The organization should establish compliance standards and procedures to be followed by employees and agents. • Specific high-level individual(s) should be assigned overall responsibility to oversee regulatory compliance. • The organization should use due care not to delegate substantial discretionary authority to individuals the organization knows, or should know through the exercise of due diligence, have a propensity to engage in illegal activities. • The organization should take steps to communicate effectively its standards and procedures. • The organization should take reasonable steps to achieve compliance with its standards. • The standards should be consistently enforced through appropriate disciplinary mechanisms, including, as appropriate, discipline of individuals responsible for the failure to detect an offense. • After an offense has been detected, the organization should take all reasonable steps to respond appropriately to the offense and to prevent further similar offenses. Internal Audits Role In Compliance
  • 19. Internal Audits Role In Compliance Practice Advisory 2130-1: Role of the Internal Audit Activity and Internal Auditor in the Ethical Culture of an Organization At a minimum, the internal audit activity should periodically assess the state of the ethical climate of the organization and the effectiveness of its strategies, tactics, communications, and other processes in achieving the desired level of legal and ethical compliance. Internal auditors should evaluate the effectiveness of the following features of an enhanced, highly effective ethical culture. – Formal code of conduct. – Frequent communication of expected ethical attitudes and behavior by the influential leaders of the organization. – Explicit strategies to support and enhance the ethical culture with regular programs. – Several, easily accessible ways for people to confidentially report alleged violations of ethics code. – Regular declarations by employees, vendors that they are aware of requirements for ethical behavior. – Clear delegation of responsibilities for investigation and resolution of case findings. – Easy access to learning opportunities regarding ethics. – Regular reviews of formal and informal processes within the organization. – Regular reference and background checks.
  • 20. Internal Audits Role In Compliance Practice Advisory 2130-1: Role of the Internal Audit Activity and Internal Auditor in the Ethical Culture of an Organization The internal audit activity may assume one of several different roles as an ethics advocate. Those roles include chief ethics officer (ombudsman, compliance officer, management ethics counselor, or ethics expert), member of an internal ethics council, or assessor of the organization’s ethical climate. In some circumstances, the role of chief ethics officer may conflict with the independence attribute of the internal audit activity.
  • 21. Summary - Internal Audits Role in Compliance • Internal Audit Independently and Objectively Reviews Organizations Compliance and Ethics Policies and Processes • The Internal Audit Function May Assume Various Roles Including That of Ethics or Compliance Officer
  • 22. Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
  • 23. Independence Requirement - IIA Standards How Internal Audit and Compliance Differ Independence and Objectivity: The internal audit activity should be independent, and internal auditors should be objective in performing their work. Assurance engagements for functions over which the chief audit executive has responsibility should be overseen by a party outside the internal audit activity. How would these standards be applied if the Internal Audit Function was responsible for establishing and overseeing the compliance & ethics functions?
  • 24. Reporting Requirement - IIA Standard How Internal Audit and Compliance Differ The chief audit executive is responsible for communicating the final results of engagements to individuals who can ensure that the results are given due consideration. The chief audit executive should establish a follow-up process to monitor and ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action.
  • 25. How Internal Audit and Compliance Differ Management’s Acceptance of Risks - IIA Standard When the chief audit executive believes that senior management has accepted a level of residual risk that is unacceptable to the organization, the chief audit executive should discuss the matter with senior management. If the decision regarding residual risk is not resolved, the chief audit executive and senior management should report the matter to the board for resolution.
  • 26. How Internal Audit and Compliance Differ Summary - How Internal Audit & Compliance Differ • Independence Requirement • Explicit and Expected Regular Reporting Role to the Audit Committee • Chief Audit Executive Reports and Is Accountable to the Audit Committee • Compliance Functions May Not Have an Independent or Objective Means for Assessing or Regularly Reporting How Well They Achieve Compliance • Compliance Functions Generally Have A Responsibility for Implementing Compliance Processes
  • 27. Agenda • Internal Audit’s Role Defined • How Internal Audit Does Its Work • Internal Audit’s Role in Compliance • How Internal Audit and Compliance Differ • Defining Roles at Your Organization
  • 28. Defining Roles at Your Organization Internal Audit - Different Approaches Activities Other Than Traditional Audit • GE - Controllership, Corporate Initiatives, and Management Development • GM - Enterprise Risk Management, Crisis Management, Continuity Planning • Disney, DuPont, Caterpillar - Enterprise Risk Management • Citicorp - Rating Awareness & Management of Risks
  • 29. Coordination - IIA Standard The chief audit executive should share information and coordinate activities with other internal and external providers of relevant assurance and consulting services to ensure proper coverage and minimize duplication of efforts. How do you coordinate compliance and Internal Audit activity? What information does compliance provide to internal audit at your organization? Defining Roles at Your Organization
  • 30. Summary - Defining Roles at Your Organization The Value Proposition Internal Audit Compliance • Powerful Voice • Clear Responsibilities for Bringing Matters to the Attention of Senior Management and the Board • Clear Access To Board and Responsibility to Follow-up on Issues • Assurance & Consulting Focus on Risk Management, Controls, and Governance • Powerful Insight and Understanding of Compliance Issues and Activities • Champion of Compliance Activities • Key Quality Assurance Function • Consultant to Management on Compliance Issues