This action might not be possible to undo. Are you sure you want to continue?
Chief Audit executive
A senior position within the organization responsible
for internal audit activities. The term also includes titles such as general auditor, head of internal audit, chief internal auditor, internal audit director and inspector general.
CAE IIA standard 2000
The chief audit executive must effectively manage
the internal audit activity to ensure it adds value to the organization The internal audit function is effectively managed when:
The results of internal audit function’s work achieve the purpose and responsibility included in the internal audit charter It conforms the definition of internal auditing and the standards The individuals who are part of the internal audit function demonstrate conformance with the Code of ethics and standards. .
It is subordinate to the audit committee’s charter.Internal Audit Charter A formal written document that defines the internal audit function’s purpose. . authority and responsibility.
Objectivity requires internal auditors not to subordinate their judgement on audit matters that of others. .Individual objectivity An unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they have an honest belief in their work product and that no significant quality compromises are made.
Organizational Independence The chief audit executive’s line of reporting within the organization that allows the internal audit function to fulfill its responsibilities free from interference. .
Proficiency The knowledge. and other competencies internal auditors need to perform their individual responsibilities . skills.
. however internal auditors are not expected to be infallible.Due professional Care Internal auditors must apply the care and skill expected of a reasonable prudent internal auditor.
A1 Internal auditors must refrain from assessing specific operations for which they were previously responsible. Objectivity is presumed to be impaired if an internal auditor provides assurance services for an activity for which the internal auditor had responsibility within the previous year. .IIA requirements regarding impairments to independence and objectivity Standard 1130.
.A2 Assurance engagements for functions over which the executive has responsibility must be overseen by a party outside the internal audit activity. Standard 1130.
Standard 1130.C1 Internal auditors may provide consulting services relating to operations for which they had previous responsibilities. .
C2 If internal auditors have potential impairments to independence or objectivity relating to proposed consulting services. Standard 1130. disclosure must be made to the engagement client prior to accepting the engagement. .
staffing schedules. effective planning should reflect the internal audit charter and be consistent with organizational objectives. . and financial budgets.Planning The planning process should include the establishment of goals. Additionally. engagement schedules.
A1) . (Standard 2010. The input of senior management and the board must be considered in the process. undertaken at least annually.Assurance services The IA activity’s plan of engagements must be based on a documented risk assessment.
and improve the organization’s operations. add value. Accepted engagements must be included in the plan.c1) . (standard 2010.Consulting Services The Chief audit executive should consider accepting proposed consulting engagements based on the engagement’s potential to improve the management of risks.
significant interim changes.Communication and Approval After the internal audit plan has been established. and the potential implications of resource limitations should all be included in the communication to senior management and the board (IIA Standard 2020: Communication and approval) . Resource requirements. it is incumbent upon the CAE to present it to senior management and the board (typically the audit committee) to be approved.
Internal Audit Plan An outline of the specific assurance and consulting engagements scheduled for a period of time (typically one year) based on an assessment of the organization’s risks. .
. It is the CAE’s responsibility to ensure that internal audit resources are appropriate. sufficient. and effectively deployed to achieve the approved plan (IIA standard 2030: Resource management) This is achieved by carefully orchestrating a umber of factors as discussed below.Resource management A significant consideration in implementing an internal audit function’s plan is how to allocate resources.
The CAE may choose to employ a flat organizational structure in which most of the Internal auditors have more or less the same level of skills. . highly knowledgeable and very collaborative.Organizational structure and staffing strategy IA functions must be structured in a way that it consistent with the needs and culture of the organization. Typically. experience and seniority. this type creates an internal audit function that is stable.
Typical hierarchical internal audit function Staff auditor Senior auditor Audit manager Audit director Chief audit executive .
The internal auditor competency framework Interpersonal skills Tools and techniques Internal audit standards Knowledge areas .
without putting undue stress on the staff by creating oppressive work loads. .Right Sizing An important concept in the staffing and scheduling of an IA function. It is important to achieve and maintain a balance of knowledgeable and skilled staff to complete the IA plan. while simultaneously maintaining a reasonable financial budget.
individuals with specialized knowledge and/or skills from elsewhere in the organization may assist with an internal audit engagement when the necessary competencies are not present within the IA function.Staffing plans/ Human resources The CAE must assign human resources effectively. In some instances. meaning that internal auditors are assigned to engagements that they are qualified and capable to perform . .
Hiring practices The CAE is responsible for hiring associates to fill the organizational structure of the internal audit function in a way that maximizes efficiency. provides the necessary skill base and makes good use of the financial budget. . effectively.
. internal audit function through the use of third party vendor services for the purposes of gaining subject matter expertise for a specific engagement or filling a gap in needed resources to complete the internal audit plan.Strategic sourcing Supplements in the house.
Financial Budget Driven primarily by the audit plan. The CAE must carefully evaluate the financial resources necessary to accomplish the objectives set forth. . organizational structure. and staffing strategy.
to perform a financial statement audit. hired by the organization’s board or executive management.Independent outside auditor A registered public accounting firm. .
Board An organization’s governing body such as a board of directors. board of governors or trustees of nonprofit organization. head of an agency or legislative body. . or any other designated body of the organization including the audit committee to whom the chief audit executive may functionally report. supervisory board.
Management and the CAE coordinate efforts to routinely report in various risk and control activities performed by either. It includes: Business unit monitoring and risk monitoring reports Independent outside auditor activity reports Key financial activity reports Risk management activity reports Legal and compliance monitoring reports . in accordance with roles and responsibilities set by the board an the audit committee.
and monitor the activities of the organization toward the achievement of its objectives. direct.Governance The combination of processes and structures implemented by the board to inform. manage. .
Risk Management The process conducted by the management to understand and deal with the uncertainties (risks and opportunities) that could affect the organization’s ability to achieve its objectives. .
Control Any action taken by the management. . Management plans. organizes and directs the performance of sufficient actions to provide the reasonable assurance that objectives and goals will be achieved. the board and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved.
.Quality assurance The process if assuring that an internal audit function operates according to a set of standards defining the specific elements that must be present to ensure that the finding of the internal audit function are legitimate.
.Noncorformance with the standards Occurs when the internal audit function is found to be deficient to the point that it impacts the overall scope or operation of the internal audit function and it must be disclosed.
Quality assurance and improvement program An ongoing and periodic assessment of the entire spectrum of audit and consulting work performed by the internal audit function. .
assessment A facilitated process whereby control owners provide a self assessment of the design adequacy and operating effectiveness of controls for which they are responsible. .Control Self.
Continuous auditing The use of computerized techniques to perpetually audit processing of business transactions .
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue reading from where you left off, or restart the preview.