PLAN TO REPORT How we undertake an Audit 1 INTERNAL AUDIT SHARED - - PowerPoint PPT Presentation

▶

Sep 17, 2022 19 likes •141 views

INTERNAL AUDIT SHARED SERVICE (IASS) Audit Committee Presentation 6 th February 2014 PLAN TO REPORT How we undertake an Audit 1 INTERNAL AUDIT SHARED SERVICE (IASS) PRESENTATION OVERVIEW Planning; Conducting; Reporting; 2

SLIDE 1

PLAN TO REPORT How we undertake an Audit

Audit Committee Presentation 6th February 2014

INTERNAL AUDIT SHARED SERVICE (IASS)

SLIDE 2

PRESENTATION OVERVIEW

INTERNAL AUDIT SHARED SERVICE (IASS)

Planning;
Conducting;
Reporting;

SLIDE 3

INTERNAL AUDIT SHARED SERVICE (IASS)

Refer to Annual Audit Plan
Assign Job Entity to the most appropriate Auditor

(raise job via APACE);

Prepare Audit Brief (specific Objectives, Scope,

Audit Criteria and Methodology);

Meet with Auditor to discuss assignment;
Make initial contact with Auditee;
Notify Auditee in Writing / Schedule opening

meeting. Planning - Preparing for the Assignment

SLIDE 4

INTERNAL AUDIT SHARED SERVICE (IASS)

Gain an understanding of the nature of the work,

activity, organisation or initiative being audited;

Attend opening meeting with Auditee;
Prepare standard documentation (Control Evaluation

Sheets, Working Papers, Report Format).

Commence Audit Field Work.

Planning - Preparing for the Assignment – Lead Auditor

SLIDE 5

INTERNAL AUDIT SHARED SERVICE (IASS)

Identify and document the System;

Normally achieved through discussion with Directorate Management.

The objectives of Recording Systems;

Helps the auditor to understand the procedures for processing, recording and controlling its transactions; Helps assess the overall security of the systems by evaluating controls and any weaknesses; Helps assess the efficiency of the System.

The Methods of Recording;

Systems notes; Descriptive Questionnaires (I.C.Q’s); Flow Charts and Block Diagrams.

Sources of Information

Previous audit files, Guides, manuals, desk instructions, interviews with staff who operate the system,

bservations, organisational charts, job descriptions etc.

Conducting the Audit – Recording and Evaluating the System.

SLIDE 6

INTERNAL AUDIT SHARED SERVICE (IASS)

Example: Payroll System:-

Control Objectives – “Pay and related costs should be

incurred only in respect of staff currently employed in authorised posts”.

Expected Controls – “Each department should

periodically be required to confirm the accuracy of a schedule containing names of all employees currently charged to the department, the post held, grade and the cost code of each post”.

Identifying risks. – “Ghost employees may be set up on

the payroll system and go undetected resulting in fraudulent payments being made”.

Conducting the Audit - Continued

SLIDE 7

Conducting the Audit - Continued

INTERNAL AUDIT SHARED SERVICE (IASS)

Determine Actual Controls:- this is achieved by:-

Testing and Evidence; Types of Test

1. Walk Through Tests – follows a transaction or

process through the system;

2. Compliance Tests – Seeks to provide evidence

that internal control procedures identified within the system are actually operating in a manner intended by management;

3. Substantive Tests – tests the completeness,

accuracy and the validity of transactions (tends to be directed at the outputs of the system).

SLIDE 8

Conducting the Audit - Continued

INTERNAL AUDIT SHARED SERVICE (IASS)

Fully document findings on the appropriate

working papers (including Control Evaluation Sheets);

Comparison of Benchmark (Expected) Control

with Actual Control as determined from the

utcome of the tests performed and the

evidence gathered;

Provide an overall assessment of the system.

SLIDE 9

Reporting

INTERNAL AUDIT SHARED SERVICE (IASS)

The Aim of every report should be to:-
Prompt management action to implement

recommendations for change leading to improvement in performance and control;

Provide a formal record of points arising from the

audit and, where appropriate, of the actions agreed with management.

Internal Audit reports must be accurate, clear,

concise and constructive and issued promptly.

SLIDE 10

Reporting - Continued

INTERNAL AUDIT SHARED SERVICE (IASS)

Draft Report Prepared – the auditor will use the results of

the tests performed and the assessment of weaknesses found to draw conclusion about the quality and reliability

f the system under review; including an overall opinion on

the internal control environment;

Discuss with Client Manager – normally takes the form of a

debrief session at the conclusion of the fieldwork;

Reviewed by Group Auditors /Principal Auditors;
Review points documented and addressed;
Draft Report issued to Auditee including Implementation

Action Plan for completion.

SLIDE 11

Reporting - Continued

INTERNAL AUDIT SHARED SERVICE (IASS)

Response received from Auditee and Reviewed to

ensure acceptance of recommendations, timeliness of implementation and accuracy.

Final PDF Audit Report issued (incorporating

Management Responses); Internal Audit diarise key recommendations for follow up; particularly those where risks are high.

Client Satisfaction Questionnaire sent for

feedback on conduct of the Audit.

SLIDE 12

Questions???

INTERNAL AUDIT SHARED SERVICE (IASS)

PLAN TO REPORT How we undertake an Audit

Audit Committee Presentation 6th February 2014

PRESENTATION OVERVIEW

(raise job via APACE);

Audit Criteria and Methodology);

meeting. Planning - Preparing for the Assignment

activity, organisation or initiative being audited;

Sheets, Working Papers, Report Format).

Planning - Preparing for the Assignment – Lead Auditor

Conducting the Audit – Recording and Evaluating the System.

Example: Payroll System:-

incurred only in respect of staff currently employed in authorised posts”.

periodically be required to confirm the accuracy of a schedule containing names of all employees currently charged to the department, the post held, grade and the cost code of each post”.

the payroll system and go undetected resulting in fraudulent payments being made”.

Conducting the Audit - Continued

Conducting the Audit - Continued

Testing and Evidence; Types of Test

process through the system;

that internal control procedures identified within the system are actually operating in a manner intended by management;

accuracy and the validity of transactions (tends to be directed at the outputs of the system).

Conducting the Audit - Continued

working papers (including Control Evaluation Sheets);

with Actual Control as determined from the

evidence gathered;

Reporting

recommendations for change leading to improvement in performance and control;

audit and, where appropriate, of the actions agreed with management.

concise and constructive and issued promptly.

Reporting - Continued

the tests performed and the assessment of weaknesses found to draw conclusion about the quality and reliability

the internal control environment;

debrief session at the conclusion of the fieldwork;

Action Plan for completion.

Reporting - Continued

ensure acceptance of recommendations, timeliness of implementation and accuracy.

Management Responses); Internal Audit diarise key recommendations for follow up; particularly those where risks are high.

feedback on conduct of the Audit.

Questions???

Plan to Report