Professional Documents
Culture Documents
To do this, internal auditors work with management to systematically review systems and
operations. These reviews (audits) are aimed at identifying how well risks are managed including
whether the right processes are in place, and whether agreed procedures are being adhered to.
Audits can also identify areas where efficiencies or innovations might be made. Internal audits are
organized under an ongoing program of review and advisory activity this is based on the strategic
needs of an organization.
In the course of their role, internal auditors work across all areas of an organization. In addition to
core areas of financial control and IT, they review the tangible aspects of operations, such as an
organization’s supply chain or IT systems; as well as more intangible aspects such as
organizational culture and ethics. In fact, any system that has an impact on the effective
operation of an organization may be included in internal audit’s scope.
Internal audit reports are presented to the CEO and board (via the audit committee) as they
provide an independent viewpoint on the extent to which an organization is poised for success and
advice on areas for improvement.
Internal auditors work in all sectors (public, private and not-for-profit) and may work as an
employee of the organization, or through an external service provider.
Many people make the mistake that an Accountant is an Internal Auditor. Whilst many
Accountants do become Internal Auditors, it is not true to say that any Accountant is competent
to perform internal audit work.
This takes specialized training over many years and in fact Internal Auditors can come from
almost any discipline including areas such as engineering, healthcare and ICT.
Many people also make the mistake of assuming ISO–related auditing such as the auditing of
Quality Management Systems is the same as internal auditing conducted in corporate and public
sector organizations.
Internal audit is a key pillar of good governance. It provides the Board of Directors, the Audit
Committee, the Chief Executive Officer, Senior Executives and stakeholders with an independent
view on whether the organization has an appropriate risk and control environment, whilst also
acting as a catalyst for a strong risk and compliance culture within an organization.
The department executes an approved audit plan and will perform the following tasks in accordance with its
overall strategy:
Verify the existence of assets and recommend proper safeguards for their protection;
Evaluate the adequacy of the system of internal controls;
Recommend improvements in controls;
Assess compliance with policies and procedures and sound business practices;
Assess compliance with state and federal laws and contractual obligations.
Review operations/programs to ascertain whether results are consistent with established objectives and
whether the operations/programs are being carried out as planned;
Investigate reported occurrences of fraud, embezzlement, theft, waste, etc.
2
Internal Audits Important
Organizations establish an independent internal audit function to provide continuous review of
the effectiveness of risk management, control, and governance processes. Internal audit does
this by: Providing independent, unbiased assessment of the operations of the organization.
Types of audit
There are a number of types of audits that can be conducted, including the
following:
Compliance audit.
Construction audit.
Financial audit.
Information systems audit.
Investigative audit.
Operational audit.
Tax audit.
3
Steps to conduct an internal Audit
1. Step #1: Know what and when to audit. Before conducting the internal audit, you
should identify what processes are going to be audited. ...
2. Step #2: Create an audit schedule. ...
3. Step #3: Pre-Planning the scheduled Audit. ...
4. Step #4: Conducting the audit. ...
5. Step #5: Record the findings. ...
6. Step #6: Report findings.
4
Strategic Management
5
General Knowledge Topic
6
Wages, Salary, Administration
7
8