internal audit quality assessment

Download Internal Audit Quality Assessment

Post on 16-Jul-2015

336 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

Risk Advisory Services

Internal Audit Quality Assessment

# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Mohammad Kamel AL-Draidi Attend/Workshopinternal audit quality assessment18 November 2014Riyadh, Saudi Arabia

# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.We will focus on:Understand requirements of Quality in Internal AuditUnderstand what is Quality AssessmentInternational Professional Practices Framework (IPPF) and International Standards for the Professional Practice of Internal Auditing (International Standards)Quality Assessment & Improvement ProgramFamiliarization of Quality Assessment Process of an Internal Audit FunctionUnderstand the Quality Assessment tools and techniquesCommon observations highlighted in Quality Assessment reviewsAttributes of high performing Quality Assessment reviewsObjectives of the Workshop# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Quality# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Quality is not absolute. The quality of a product or service is the degree to which the product or service meets the customers expectations and the degree to which it is fit for purpose. Delivering quality requires a systematic and disciplined approach as professionals quality does not just happen. It is the combination of the right people, the right systems, and a commitment to excellence. It is driven by the leaders of the organization who are responsible for setting the tone at the top. What is Quality?Quality is never an accident, it is always an Intelligent Effort John Ruskin# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.For an internal audit activity, Stakeholders could include the board, senior management, the external auditor, and operational managers. Quality in internal audit is guided by both an obligation to meet customer expectations as well as professional responsibilities inherent in conforming to the StandardsQuality in internal audit begins with the structure and organization of the audit activity. Quality should be built in to, and not on to, the way the activity conducts its business. This can be done through deploying:Internal audit methodology, Policies and procedures and Human resource practices. Each of these should be premised on a common understanding of quality and stakeholder perception of value. Quality in Internal Audit# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.DRIVERSStakeholders ExpectationsIA Charter, Policies and ProceduresLeading PracticesIIA Standards# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Quality Assessment# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.5Ws of Quality Assessment (QA)WHAT is QA?A QA evaluates conformance with the International Standards, the efficiency and effectiveness of the internal audit activity, and the use of leading practices.WHY undergo QA?QAs are necessary in order to provide full objectivity. # 2They build stakeholder confidence by documenting the internal audit function's commitment to quality and leading practices, and the internal auditors' mindset for professionalism. Provides evidence to the board, management, and staff that the internal audit activity is concerned about the organization's internal controls, governance, and risk management processes # 1# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.WHO can conduct a QA?The Professional Practices Framework defines the required competency of the QA team leaders and team.# 4WHERE do I start?To conduct an internal quality assessment, establishing a benchmark of your internal audit activity that can be used to establish metrics indicating improvement in areas of partial compliance or noncompliance with the International Standards.# 5WHEN does an Internal Audit Activity need to have a QA performed?It is mandatory that every internal audit activity undergo an QA conducted by an independent team or independent validator once every five years to comply with the International Standard. # 3The clock starts ticking for the five-year period when an internal audit activity formally adopts the International Standards.5Ws of Quality Assessment [QA] (contd.)# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Benefits of Quality Assurance# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Internal AuditorsEmployeesAudit Committee / BoardManagementBeneficiaries of Quality Assurance BeneficiariesInternal AuditorsManagementEmployeesInternal AuditorsManagementAudit Committee / BoardEmployeesInternal AuditorsManagement# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Benefits of Quality Assurance for Internal Auditors

Ability to state conformance with the International StandardsContinuous improvementObtaining best-practice recommendations and benchmarksGaining a sense of accomplishment and satisfactionBetter focus on the areas for further improvement and new ideas on how to do things better# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Benefits of Quality Assurance for the Audit Committee & Board

Assurance of the internal audit activitys quality, competence and professionalismClarity for the internal audit and audit committees roles and responsibilities and their respective chartersReceiving an independent assessment / opinion of the effectiveness of the internal audit activityIncreased reliance upon the work of internal audit activity and enhanced credibility# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Benefits of Quality Assurance for the Management

Opportunity to provide anonymous feedback to the internal audit activityRaised awareness among the management about internal audit role and professional standardsAssurance that the auditors are being auditedIndependent validation of the effectiveness of the internal audit activity# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Benefits of Quality Assurance for the Employees

Assurance that the auditors are being auditedGained more familiarity with the internal auditors roleAbility to express feedback on the internal audit activityAssurance that the internal audit activity can be trusted and is credible# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.International Professional Practices Framework (IPPF)# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.The International Professional Practices Framework (IPPF) is the conceptual framework that organizes authoritative guidance promulgated by The Institute of Internal Auditors. IPPF guidance includes:Mandatory GuidanceDefinitionCode of EthicsInternational StandardsStrongly Recommended GuidancePosition PapersPractice AdvisoriesPractice GuidesThe International Professional Practices Framework

# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organizations operations.It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.IPPF Definition of Internal Auditing

# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.The Code of Ethics of The Institute of Internal Auditors (IIA) are principles relevant to the profession and practice of internal auditing and Rules of Conduct that describe behavior expected of internal auditors.The Code of Ethics apply to both parties and entities that provide internal audit services. The purpose of the Code of Ethics is to promote an ethical culture in the global profession of internal auditing.IPPF Code of Ethics

CODE OF ETHICS.# 2013 Protiviti Middle East RegionCONFIDENTIAL: This document is for your company's internal use only and may not be copied nor distributed to any third party.The purpose of the International Standards for the Professional Practice of Internal Auditing (International Standards) is to:Delineate basic principles that represe

Recommended

View more >