Professional Documents
Culture Documents
Compliance Auditing Assignment PDF
Compliance Auditing Assignment PDF
Cover Sheet
KEEP A COPY
Please note that it is your responsibility to retain copies of your assessments.
A CheckforPlagiarism report MUST be attached to each assignment submission.
DECLARATION BY STUDENT
Introduction .......................................................................................................... 3
Conclusion ........................................................................................................... 5
Introduction .......................................................................................................... 6
Conclusion ........................................................................................................... 8
Introduction ............................................................................................................. 8
Body part................................................................................................................. 8
Conclusion .............................................................................................................. 9
From early times dating back to 3500 BC, extant records of various civilizations
indicate by patterns of checks and ticks that verification of records took place, the
genesis of internal auditing was done by two officials working together, with one official
reading from one of the record sheets and the other checking against the other record
sheet. This captures the notion that the profession of internal auditing, as with many
other professions, has its roots in the industrial revolution of the nineteenth century.
Hence with the fall of the Roman Empire, auditing and control disappeared and it was
not until the Middle Ages that the growth of centralized control once again demanded
proof of the adequacy and correctness of record-keeping. The discussion lies in the
interdependence and relationship of the internal audit function and accordingly we will
critically evaluate the reporting relationship and independence between the internal
audit, corporate governance and audit committee in the following sections.
Based on the relationship with internal audit, Cascarino (2015:10) added that a healthy
relationship with the internal auditors can be fostered when the audit committee chair
ensures the keeping of open communications channels. This can take many forms
including getting to know the CAE on a personal basis, frequent contact between
meetings, and the committee chair taking an interest in, and caring about, the internal
audit activity. It is also good practice for the audit committee chair to meet with the
entire senior internal audit staff from time to time to get to know some of the individuals
who report to the CAE, and to thank them for their efforts. The audit committee
provides internal audit with oversight, strategic direction, accountability and
enforcement where required. Part of its oversight involves ensuring that the internal
audit function is properly positioned, adequately resourced and strongly supported,
including reviewing and approving:
➤ The internal audit activity’s charter and mission statement to ensure the needs of
the organization can be met;
➤ The annual work plan to ensure all significant risk areas are being appropriately
addressed and that no inappropriate restrictions are placed on the scope of internal
audit activities;
➤ the adequacy of resources, skill levels, and budget to ensure the work plan is
achievable within the appropriate time; and
Based on the independence, Cascarino (2015:11) noted audit committee relies heavily
on the internal audit function to provide objective opinions, information and, when
necessary, education to the audit committee while the audit committee in turn will
provide oversight and validation to the internal audit function. In today’s environment
this could include the outsourcing or co-sourcing of all or part of the internal audit
function but the audit committee should ensure that the role of the chief audit executive
remains within the organization itself. As part of the audit committee’s responsibility
for ensuring the independence of internal audit, the audit committee is responsible for
providing input into the appointment, dismissal, evaluation, compensation, and
succession planning of the chief audit executive. This is a critical activity of the audit
committee since the CAE will, of neccessity, have a high degree of interaction with the
audit committee. The committee will typically seek to ensure that candidates for a CAE
position have distinguished themselves professionally. They would normally have an
advanced degree, the appropriate professional designation, and several years’
experience in an audit supervisory role.
It seems to be clear that internal audit plays a vital role within the organization. The
essay comes to an end and what we can summarize is that internal auditing and audit
committee perform similar functions and one of them has to rely on the other in terms
of relationship and independence.
QUESTION 2: Measures to mitigate and efficiently prevent reputational risks.
“We shall have to practise to lead our life on the basis of our needs, not under the
influence of our greed”, says Lobsang Tenzin. For the last past years, ESKOM has
suffered a loss narrowed to 18.9 billion rand in the year earlier due mismanagement
and any other act that could bring down the company’s reputation. This captures the
notion that companies whose reputation is tarnished are exposed to risks and those
risks are called reputational risks. Given this the essay deals with the impact of
reputational risks and accordingly, we will point out what measures can ESKOM adopt
so as to mitigate and prevent any reputational risks from happening in the next
sections.
It is well known that any house is only as strong as its foundation and as weather proof
as its insulation. The same goes for an organisation. Agwu (2014:20) argued that it is
necessary, therefore, that a strong foundation is built by leveraging robust information
technology systems, framing effective policies and procedures, laying down strict
compliance processes, setting high integrity standards, developing efficient monitoring
capabilities and initiating strict punitive action against the culprits in a time bound
manner. Given this, it also imperative that ESKOM must insulate itself from
unscrupulous activities by strengthening the fraud detection, mitigation and control
mechanism through prompt identification, investigation and exchange of information.
This is necessary not just for the reputation of the company but for ensuring the
stability and resilience of the overall financial system and sustaining the confidence
that various stakeholders have in its strength and integrity.
Here are some of the recommendations that may help ESKOM to prevent its
reputational risk:
Ensure that controls exist for the storage and destruction of all documents that
contain account and other related information.
The three lines of defence model (TLoD) aims to provide a simple and effective way
to improve coordination and enhance communications on risk management and
control by clarifying the essential roles and duties of different governance functions.
Without effective coordination of these governance functions, work can be duplicated
or key risks may be missed or misjudged. It has been accepted as a best practice for
listed companies and as a required organizational model by banking regulators and
The Basel Committee on Banking Supervision in regulated financial institutions as a
response to deficient risk management in the financial crisis. The discussion of our
essay deals with the three lines of defence and accordingly, we will explain each of
them in the following sections.
Reference list:
Agwu, M.E., 2014. Reputational risk impact of internal frauds on bank customers in
Nigeria. International Journal of Development and Management Review, 9(1), pp.175-
192.
Bantleon, U., d'Arcy, A., Eulerich, M., Hucke, A., Pedell, B. and Ratzinger‐Sakel, N.V.,
2021. Coordination challenges in implementing the three lines of defense
model. International Journal of Auditing, 25(1), pp.59-74.
Fombrun, C.J., Gardberg, N.A. and Barnett, M.L., 2000. Opportunity platforms and
safety nets: Corporate citizenship and reputational risk. Business and review, 105(1).
Muhsyaf, S.A., Cahyaningtyas, S.R. and Sasanti, E.E., 2021, June. Three line of
defense: An effective risk management. In 18th International Symposium on
Management (INSYMA 2021) (pp. 85-91). Atlantis Press.