Dramatic changes in market conditions have spurred the need to identify process improvement opportunities and minimize any possible surprises. Dynamic business environment, industries standards and regulatory requirements make it necessary to establish a reliable control environment, including the need for establishing or improving the operations of internal audit function.
The rapid changes in regulation and the global business marketplace have had a signifcant impact on organizations. The internal audit function, had such a function been established, has been heavily focused on internal controls over fnancial reporting, and in some cases with limited attention paid to assessment and/or validation of internal organizational changes. As a result of the changes, there are increased requests around risk management activities by executives, board members, shareholders, and regulators leading more organizations to realize the need to establish or revitalize their internal audit function-focusing far beyond internal controls over fnancial reporting. Transformational shift A transformational shift toward a comprehensive risk-centric approach signifcantly expands the scope of responsibilities and complexities of the internal audit function. Expectations are high. There is a much greater emphasis on improving governance and oversight functions as well as providing an assessment of risk management processes and the control environment. Companies are recognizing the dramatic impact and beneft of an internal audit function that is agile, properly resourced, effectively managed, and aligned with company goals, which can improve risk management and control processes and drive better effciencies. Moving forward with the right approach Companys management is demanding more from internal auditors while necessary skill sets may be lacking. Without properly resourced and effectively established function that includes items often overlooked the audit committees and management can lose confdence in the head of the internal audit function and the internal audit function itself. With so much at stake, the right approach to establishing or revitalizing an internal audit function is critical to its success. KPMG team of highly experienced internal audit professionals, aided by proprietary tools and methodologies, are committed to helping internal audit better fulfll their responsibilities and bring added value to the organization. Our professionalists help organizations to move forward with the right approach which requires understanding of the interdependencies among a broader set of governance, risk, and compliance functions across the enterprise. Phase 1 Establish governance framework Develop operational guidance Establish executive/ board reporting Perform enterprise risk assessment Internal audit plan development Establishing an Internal Audit Function Internal Audit Methodology InTErnAl AuDIT, rIsK & COMPlIAnCE sErvICEs Establishing or revitalizing Internal Audit ADvIsOry Phase 2 Phase 3 Phase 4 Phase 5 kpmg.com.mk KPMG offers a comprehensive approach that coordinates a series of steps and activities designed to meet the increased requirements of todays internal audit function. It also takes advantage of KPMGs proprietary Global Internal Audit Methodology. Key phases involved in developing a new or improved internal audit function include: Establish a governance framework includes gaining an understanding of the organization and existing governance structure and aligning this understanding with the expectations of the various stakeholders. It also involves establishing the internal audit governance structure and framework and establishing formal oversight of the internal audit function. Develop operational guidance calls for establishing the operational framework of internal audits as well as developing standardized tools and templates for use in the operations of the internal audit function. Establish executive/board reporting requires determining reporting requirements with key stakeholders and developing related protocols. It also entails developing the necessary reporting tools and formalizing the reporting process. Perform enterprise risk assessment involves developing risk criteria and performing risk assessment. It requires identifying enterprise risks and facilitating discussions on how these risks threaten business objectives. Additionally, it involves associating risks to key business processes and communicating results and validating fndings to develop the basis for the internal audit plan. Internal audit plan development leads to creating a risk-based internal audit plan and includes determining timing and resource requirements. It entails developing and sharing a draft plan with the function sponsor before obtaining audit committee approval. Once approval is granted, this step also requires maintaining and updating the internal audit plan on a regular basis. Contact us For additional information related to our services, please contact: Lozina Alexieva Partner, Advisory Tel: +389 2 3135 220 lalexieva@kpmg.com Kiril Estatiev senior Manager, Advisory risk & Compliance Tel: +389 2 3135 220 kestatiev@kpmg.com The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. KPMG and the KPMG logo are registered trademarks of KPMG International Cooperative (KPMG International), a Swiss entity. 2010 KPMG DOOEL Skopje is a Macedonian limited liability company and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (KPMG International), a Swiss entity. All rights reserved. Printed in Macedonia.