Chapter one

Introduction to Auditing
Definition of Auditing
• The accumulation and evaluation of evidence about
information to determine and report on the degree of
correspondence between the information and
established criteria.
• ISA 200 states that an auditor should conduct an audit
sufficiently to enable him/her to express an opinion
whether the financial statements present a true and fair
view or present fairly, in all material respects the
financial health of a company in accordance with an
identified financial reporting framework.
•

• Auditing should be done by a competent and

independent person
Types of Audits
1. Financial Statement Audits
 Evaluates correspondence between
financial statements and GAAP
2. Operational Audits
 Evaluates correspondence between
org’s procedures and methods and
criteria of efficiency and effectiveness
3. Compliance Audits
 Evaluates correspondence between
org’s operations and specific procedures
or rules
4. Comprehensive Audits
Information Systems Auditing

• The introduction of computer technology into

accounting systems changed the way data is stored,
retrieved, and controlled.
At the beginning, the auditing activities were
conducted around the computer.
Then, the need for auditors came to become familiar
with electronic data processing (EDP) concepts in
business.
Next, the industry realized that they needed to develop
their own software and the first of the generalized audit
software (GAS) was developed.
Con’t

• In 1968 the Big Eight (now the Big Four) accounting

firms participated in the development of EDP
auditing. The result of this was the release of
Auditing & EDP.
• In 1977, the first edition of control objectives was
published. As the technology has seen rapid
changes from mainframe to microcomputer, and
networking to the internet; these changes came
with five major events that changed IS auditing
forever (Senft et al., 2004).
 Con’t
• The equity funding scandal from 1964 until 1973,
• the development of the internet and E-commerce,
• the 1998 IT failure at AT&T that impacted worldwide
commerce and communication,
• the Enron and Arthur Anderson LLP scandal, and
• the September 11, 2001 attacks have been continuously
affecting the audit practice in general and the IS audit in
particular.
Today, the IS audit is an integral part of the audit process
since it complements the auditor’s role and supports his
judgment on the quality of the information processed by
computer systems
 Con’t

• Sayana (2002) has defined IS audit as “the process of

collecting and evaluating evidence to determine whether
a computer system (information system) safeguards
assets, maintains data integrity, achieves organizational
goals effectively, and consumes resources efficiently”.
• Wulandari (2003) has defined IS audit as “the process of
evaluating and reporting the adequacy of system controls,
efficiency, economy, effectiveness, and security practices
to assure that data integrity is protected, and that the
system complies with applicable policies, procedures,
standards, rules, laws and regulations”.
Accounting vs. Auditing
1. Accounting
 Recording, classifying and summarizing
of economic events for the purpose of
providing financial information for
decision making
 Requires understanding of GAAP
2. Auditing
 Determining whether recorded
information properly reflects the
economic events of the period
 Requires understanding of GAAP and of
accumulation and interpretation of audit
evidence
 Auditing as a separate discipline
from accounting
• Mautz and Sharaf (1961) opposed the idea that
auditing should be considered as a subdivision
of accounting. In their view the relationship of
auditing to accounting is close, yet their natures
are very different. Of course, the auditing field
has close links with accounting, but it takes
much from other fields too, perhaps more than
from accounting.
 Auditing as a separate discipline
from accounting
• Auditing is analytical, not constructive; it is
critical, investigative, concerned with the basis
for accounting measurements and assertions.
Auditing emphasizes proof, the support for
financial statements and data. Thus auditing
has its principal roots, not in accounting, which
it reviews, but in logic, on which it leans heavily
for ideas and methods.
(Mautz and Sharf, 1961: 14)
Financial Statement Audit Objectives

The objective of the audit of financial

statements is to enable the auditor Opinion
to express an opinion on whether
the financial statements present
Fairly
fairly, in all material respects, the
financial position, results of
operations and changes in financial Materiality
position in accordance with generally
accepted accounting principles. GAAP
Objectives of an Audit

Dicksee (1900) in Auditing: A Practical Manual for

Auditors, states that an objective of an audit is
three fold, namely:
• The detection of fraud
• The detection of technical errors
• The detection of errors on principle
As Hayes et al. (2005) note, however, gradually the
auditor’s duties began to change, with fraud
detection becoming less and less of a priority.
What was the reason for this development away
from fraud? (look next slide)
Con’t
 The most important reasons according to Hayes et al. are:
the acceptance that the audit of the financial statements
on behalf of the third parties is an art in its own way
 the acceptance that an investigation aimed at finding any
kind of fraud is extremely laborious expensive and not
practical, considering the increases in size and complexity
of the companies, as well as their improved self or internal
controls.
 By the late 1950s, fraud detection became merely a responsibility and not a
primary objective of auditing.
Con’t

• Currently auditors have to implement very extensive procedures

to detect fraud
• The PCAOB has now taken the requirements of SAS 99 which
states that auditors will have to gather and consider much more
information to assess fraud risks than in the past.
• The current position of the IAASB with respect to fraud detection
is described in ISA 240. The responsibility for the prevention and
detection of fraud and error rests primarily with management
and those charged with governance under ISA 240.
Objective of Audit
• The overall objective of every audit engagement can
include four basic aims:
to evaluate whether financial statements and
accompanying footnotes are in accordance with specified
criteria;
 to evaluate the effectiveness and appropriateness of
internal control systems over financial reporting;
 to evaluate the possibility of fraud occurring within the
organization;
 to evaluate the likelihood that the organization will
continue as a going concern.
FUNDAMENTAL CONCEPTS

• Materiality
• Something is material if, in auditor’s
judgment, its omission or misstatement
would probably affect a user’s decision.
• Audit risk
• The risk that the auditor may unknowingly
provide a “clean” opinion on financial
statements that are materiality misstated.
“Presents fairly” means that this risk is at
an appropriately low level.
So, an audit opinion…

• is NOT an assurance as to the future viability

of an entity
• is NOT an opinion as to the efficiency or
effectiveness with which its operations,
including internal control, have been
conducted
• Is NOT a guarantee that the financial
statements are free of error
Benefits of Being Audited
1. Operational Audits
 Improves efficiency and effectiveness
2. Compliance Audits
 Reduces cost of non-compliance
 Reassures external parties
3. Financial Statement Audits
 May be mandatory
 Reduces cost of capital. Why?…….
Business Risk vs. Information Risk
1. Business Risk
 Risk that organization will fail to achieve its
objectives
2. Information Risk
 Risk that the information upon which a
business decision was made is inaccurate
The financial stakeholders of a firm face both
types of risk. A financial statement audit
reduces information risk, but not business
risk
Sources of Information Risk
 Remoteness of Information
 Voluminous Data
 Complex Exchange Transactions
 Bias and Motives of Information Provider
Who Performs Audits?
1. Public Accounting Firms
• Independent as external to audit client
• Primarily f/s audits, but can be hired to
perform other types of audits
2. Internal Auditors
• Employees of org. Less independent:
depends on org structure
• Primarily operational and compliance audits
3. Government Auditors
• Often perform comprehensive audits, but
depends on mandate
4. Revenue Auditors (tax auditors)
• Compliance audits
What makes external auditors credible?
• Legal Liability
• Quality Control Adopted by Firm
• Securities Commissions
• Members of a Profession
Financial Statement Audits

• In an audit of financial statements, the auditor

complies with generally accepted auditing
standards (GAAS)……
 Generally accepted auditing
standards (GAAS) in the US
• Auditing standards are general guidelines to aid auditors in
fulfilling their professional responsibilities in the audit of
financial statements. They include consideration of
professional qualities, reporting requirements and evidence.
• Setting auditing standards in the US, from the 1940s until the
introduction of the Sarbanes-Oxley Act (SOX Act) of 2002,
was one of the functions of the American Institute of Certified
Public Accountants (AICPA).
• Since April 16, 2003, the AICPA has remained as the setter
of auditing standards for privately owned companies in the
United States.
•
Generally Accepted Auditing Standards
(GAAS)

• The ten generally accepted auditing standards are the

broadest guidelines developed by the AICPA in 1947.
• The General Standard
• "The examination should be performed and
the report prepared by a person or persons
having adequate technical training and
proficiency in auditing, with due care and with
an objective state of mind" [Sept 1975]
• General Standard therefore emphasizes:
• Competence
• Objectivity
• Due Professional Care
Generally Accepted Auditing Standards
(GAAS) Examination Standards

• Adequate Planning and

Supervision
• (i) The work should be
adequately planned and
properly executed. If
assistants are employed
they should be properly
supervised. [Sept. 1975]
Generally Accepted Auditing Standards
(GAAS)
• Sufficient Understanding of
Internal control
• (ii) A sufficient understanding
of internal control is to be
obtained to plan the audit.
When control risk is assessed
below maximum, sufficient
appropriate audit evidence
should be obtained through
tests of controls to support the
assessment. [Oct. 1992]
Quick discussion of Internal Control
Control comprises those elements of an
organization (including it resources, systems,
processes, culture, structure and tasks) that, taken
together, support people in the achievement of the
organization’s objectives.
Objectives relate to:
 effectiveness and efficiency of operations,
including safeguarding of assets
 reliability of internal and external reporting
 compliance with applicable laws, regulations, and
internal policies
 Generally Accepted Auditing Standards
(GAAS)
• Sufficient and Appropriate Audit
Evidence
• (iii) Sufficient appropriate audit
evidence should be obtained
through inspection, observation,
inquiries and confirmation to
afford a reasonable basis for an
opinion regarding the financial
statements under audit.
[Sept. 1975]
 GAAS Reporting Standards

• (i) The report shall state whether the

financial statements are presented in
accordance with GAAP and distinguish
between the responsibilities of
management and the degree of
responsibilities the auditor is taking.
• (ii) The report should describe the
scope of the auditor's examination.
• (iii) The report shall contain either an
expression of opinion on the financial
statements or an assertion to the effect
that an opinion cannot be expressed. In
the latter case, the reasons therefor
should be stated.
 Reporting Standards

• (iv) Where an opinion is expressed, it should indicate

whether the financial statements present fairly, in
all material respects, the financial position, results of
operations and changes in financial position in
accordance with an appropriate disclosed basis of
accounting, which except in
special circumstances should be
generally accepted accounting
principles. The report should
provide adequate explanations
with respect to any reservation
contained in such opinion."
Generally accepted auditing standards
(GAAS) in the US
• There have been substantial changes to the auditing
standards since 1947, however, that are not explicitly
included within the GAAS.
• For example, although four of the standards address
auditor reporting, none addresses the auditor’s
obligation to communicate with the audit committee.
• Additionally, there is no recognition in the ten
standards of the auditor’s responsibility for the
detection of financial statement misstatements caused
by fraud.
The PCAOB and auditing standards

• Since introduction of the SOX Act of 2002, regulatory agencies

in the US have designated the Public Company Accounting
Oversight Board (PCAOB) as the responsible body for setting
standards in auditing and supervising the audit profession .
• With the establishment of the PCAOB and the issuance of
Auditing Standard No. 1, References in Auditors’ Reports to the
Standards of the PCAOB, the central focus of the auditor’s
responsibility and of the auditor’s report for audits of public
companies has changed from auditing in accordance with GAAS
to auditing in accordance with the standards of the PCAOB.

•
The PCAOB and auditing standards

The PCAOB has adopted three auditing standards (and

several rules) that are approved by the SEC:
Auditing Standard No. 1: References in auditors’ reports
to the standards of the PCAOB;
Auditing Standard No. 2: An audit of internal control
over financial reporting performed in conjunction with
an audit of financial statements;
Auditing Standard No. 3: Audit documentation.
Interim standards: existing standards adopted by the
board as its interim standards to be used on an initial,
transitional basis.
 The International Federation of Accountant
(IFAC) and the international harmonization
of auditing standards
• Contributors for evolvement of international harmonized
accounting and auditing standards are:-
• Supports of the financial markets and regulators in major
developed countries
• The corporate failures at the beginning of this century
• Multinational enterprises, audit firms and financial institutions
• Competition among the capital markets is a factor in
encouraging a change of attitude by national regulators towards
international standards in the areas of accounting and auditing
Major Developments in Auditing in the 21st
Century

• Four events, in particular, shifted the auditing

profession in one form or another.
• Each has had a considerable influence on internal
auditing as it’s practiced today, and has helped
define the role of today’s auditor.
1. Flagrant Financial Reporting Fraud

• Financial reporting fraud has most likely been

present since the beginning of financial reporting
itself.
• But the extent and audaciousness of the reporting
frauds at the start of the 21st century were
unprecedented.
• While Fortune magazine named Enron “America’s
most innovative company” for six years, little did
anyone know that its greatest innovation may
actually have been dreaming up new ways to deceive
auditors and investors.
• Enron was not alone as we consider WorldCom,
Tyco, and others.
 Changes in the auditors’ evaluation of
companies’ internal control systems
• The biggest impact on auditor as a result of these scandals was
probably the U.S. Sarbanes-Oxley Act of 2002 — particularly
Section 404, which focuses on internal controls over financial
reporting.
• The auditor’s objective in an audit of internal control over
financial reporting is to express an opinion on management’s
assessment of the effectiveness of the company’s internal
control over financial reporting. To form a basis for expressing
such an opinion, the auditor must plan and perform the audit to
obtain reasonable assurance about whether the company
maintained, in all material respects, effective internal control
over financial reporting as of the date specified in management’s
assessment.
 Changes in the auditors’ evaluation of
companies’ internal control systems
• An audit of internal control over financial reporting is
integrated with the audit of the financial statements
in an extensive process involving several steps. These
steps include:
planning the audit;
evaluating the process management uses to perform
its assessment of internal control effectiveness;
obtaining an understanding of the internal control;
evaluating the effectiveness of both the design and
operation of the internal control; and
forming an opinion about whether internal control
over financial reporting is effective (PCAOB, 2004).
 2. Financial Markets Meltdown
• What does one do when banks that are “too big to fail” look
like they are going to collapse under the weight of toxic loans
and market illiquidity?
• In a conversation with Fortune 50 in 2008, a chief financial
officer said that a government bailout was needed, as liquidity
in the banking system is like blood in the human body — when
it is missing, nothing works and a transfusion is required.
• These events taught us all a lot about risk.
• While enterprise risk management (ERM) was birthed before
the financial market meltdown, its lack of maturity became
painfully evident during this period.  
• N.B: ERM is the process of planning, organizing, leading, and
controlling the activities of an organization in order to
minimize the effects of risk on an organization's capital and
earnings.
 3. Cybersecurity
• A newer issue for virtually every organization is cybersecurity
risk.
• What started as seemingly isolated attacks on companies for
specific purposes has grown into a generalized concern over
security of all electronic data.
• Today, it would be difficult to find a board of directors that
doesn’t have cybersecurity on its agenda.
• Internal auditors were often caught unprepared for this risk.
• With cybersecurity risk, that task is even more difficult.
• Such situations require expertise of penetration-testing
auditors.
• The technology is new, and the way it is implemented relies on
methods that didn’t exist at the beginning of the 21 st century.
4. Bribery and Corruption
• Bribery and corruption have been part of human history for
about as far back as records exist.
• Many countries have passed new laws addressing bribery — 
some stronger than others.
• Every company of reasonable size faces risk not only of bribery
perpetrated by its employees, but also of violating strict laws that
are strongly enforced.
• Perhaps the most glaring example of bribery occurred at German
industrial group Siemens, where it was reported that processes
organized to implement bribery payments were quite mature.
• But any observers who think the risk only involves large
organizations would be fooling themselves.
• All it takes is one person with access to cash for bribery to
become a risk.
 Lessons From the Past
• While it is interesting to look back on the events that have
shaped internal auditing, practitioners must ask themselves
what they should learn from these events moving forward.
• A few key messages stand out:
• Human behavior is always a risk.
• Each of the aforementioned events resulted from people
making the wrong decisions, often for the wrong reasons.
• The world of potential risks we might face is enormous.
• No matter how good our risk assessments may be, we will
not always be able to anticipate the next big event.
• While new risks regularly come into view, the old ones
never seem to go away completely.
 Con’t
• So what should an internal auditor, specifically, take away
from this retrospective look?
• S/he must stay true to what makes her/him indispensable to
their respective organizations.
• Audit departments should assemble the best talent they
possibly can, stay focused on risk, keep watching for what is
happening inside and outside the organization, and
challenge themselves to ever increasing levels of
performance.
Any less would be a disservice (harmful practice) to their
organizations. 
Credibility Crisis to the Accounting
Profession in 21st Century
• The 21st century saw various company scandals that undermined the
accounting profession.
• We can refer some of such scandals, particularly of Enron, Tyco, and
WorldCom Companies briefly.
Assignment 1.

• Read carefully about these three companies` and discuses, company

profile, the scandals , causes of the scandals, partners in crime ,
fraud components, role of auditor, etc.
 International Standards on Auditing :
The Clarified Standards
• The increasing growth of investing and raising capital in
the global markets has put more emphasis on the
development of international accounting, auditing and
corporate governance.
• The regulatory and market bodies responsible for
protecting the stakeholders, together with the
accountancy profession, preparers and other interested
bodies, have been making considerable efforts to
develop high quality standards in accounting, auditing
and financial reporting that can be implemented in the
global as well as domestic capital markets.
 International Standards on Auditing : The
Clarified Standards
• The final set of clarified standards comprise 36 International Standards on
Auditing (ISAs) and International Standard on Quality Control (ISQC) 1,
including:
• One new standard, addressing communication of
deficiencies in internal control;
• 16 ISAs containing new and revised requirements
(these have been referred to as "revised and redrafted
ISAs"); and
• 20 ISAs that have been redrafted to apply the new
conventions and reflect matters of general clarity only
(these have been referred to as "redrafted ISAs and
redrafted ISQC 1").
Structure of the ISAs

• The ISAs now have a new structure, in which information

is presented in separate sections: Introduction,
Objective, Definitions, Requirements, and Application
and Other Explanatory Material. 
Introduction
Introductory material may include information regarding
the purpose, scope, and subject matter of the ISA, in
addition to the responsibilities of the auditors and others
in the context in which the ISA is set.
Objective 
Each ISA now contains a clear statement of the objective
of the auditor in the audit area addressed by that ISA.
Structure of the ISAs…
Definitions
For greater understanding of the ISAs, applicable
terms have been defined in each ISA.
Requirements
Each objective is supported by clearly stated
requirements. Requirements are always expressed by
the phrase "the auditor shall."
Application and Other Explanatory Material
The application and other explanatory material
explains more precisely what a requirement means or
is intended to cover, or includes examples of
procedures that may be appropriate under
given circumstances.
ISAs and ISQC 1
• A complete list of the individual standards that comprise the clarified
ISAs, as well as ISQC 1, is below. These standards are available to view
and/or download under Publications & Resources.
• The Basis for Conclusions for each ISA and ISQC 1 can be found under P
ublications & Resources
. These staff-prepared documents provide background information,
main comments received on the exposure drafts, and the IAASB's
conclusions regarding these comments in developing the final standard.
• In finalizing the 2012 Handbook of International Quality Control,
Auditing, Review, Other Assurance, and Related Services
Pronouncements (the handbook), editorial and formatting changes
were made to some ISAs from the 2010 handbook.
General Principles and Responsibilities
A bridging document has been prepared which provides an overview of these changes.
• ISA 200, Overall Objectives of the Independent Auditor and
the Conduct of an Audit in Accordance with International
Standards on Auditing 
• ISA 210, Agreeing the Terms of Audit Engagements 
• ISA 220, Quality Control for an Audit of Financial Statements
• ISA 230, Audit Documentation 
• ISA 240, The Auditor's Responsibilities Relating to Fraud in
an Audit of Financial Statements 
• ISA 250, Consideration of Laws and Regulations in an Audit
of Financial Statements 
• ISA 260, Communication with Those Charged with
Governance 
• ISA 265, Communicating Deficiencies in Internal Control to
Those Charged with Governance and Management
Risk Assessment and Response to Assessed
Risks
• ISA 300, Planning an Audit of Financial Statements 
• ISA 315, Identifying and Assessing the Risks of Material
Misstatement through Understanding the Entity and Its
Environment
• ISA 320, Materiality in Planning and Performing an
Audit 
• ISA 330, The Auditor's Responses to Assessed Risks 
• ISA 402, Audit Considerations Relating to an Entity
Using a Service Organization 
• ISA 450, Evaluation of Misstatements Identified during
the Audit 
Audit Evidence
• ISA 500, Audit Evidence 
• ISA 501, Audit Evidence-Specific Considerations for Selected
Items 
• ISA 505, External Confirmations 
• ISA 510, Initial Audit Engagements-Opening Balances 
• ISA 520, Analytical Procedures 
• ISA 530, Audit Sampling 
• ISA 540, Auditing Accounting Estimates, Including
• ISA 545 Auditing Fair Value measurements and Disclosures 
• ISA 550, Related Parties 
• ISA 560, Subsequent Events 
• ISA 570, Going Concern
• ISA 580, Written Representations 
Using Work of Others
• ISA 600, Special Considerations-Audits of Group
Financial Statements (Including the Work of Component
Auditors)  
• ISA 610, Using the Work of Internal Auditors 
• ISA 620, Using the Work of an Expert
Audit Conclusions and Reporting
• ISA 700, The auditor’s report on complete set of general
purpose Financial Statements 
• ISA 705, Modifications to the Independent Auditor's
Report
• ISA 706, Emphasis of Matter Paragraphs and Other
Matter Paragraphs in the Independent Auditor's Report 
• ISA 710, Comparative Information-Corresponding
Figures and Comparative Financial Statements 
• ISA 720, The Auditor's Responsibilities Relating to Other
Information in Documents Containing Audited Financial
Statements

56
Specialised Areas
• ISA 800, Special Considerations-Audits of Financial
Statements Prepared in Accordance with Special Purpose
Frameworks 
• ISA 805, Special Considerations-Audits of Single Financial
Statements and Specific Elements, Accounts or Items of a
Financial Statement 
• ISA 810, Engagements to Report on Summary Financial
Statements 
IAASB Vs PCAOB standards
• IFAC states that the AICPA’s ASB has chosen to use the
IAASB’s ISA as the basis for its own standards with the aim
of having minimal if any differences between AICPA
Statements on Auditing Standards (SASs) and the
requirements of the IAASB’s ISA
• AICPA auditing standards, like those of the IAASB, are often
considered to encourage greater reliance on the auditor’s
professional judgment and skepticism than do the PCAOB
standards.
• the PCAOB standards impose more detailed guidelines with
respect to how audits of financial statements are supposed
to be undertaken.
Ethiopian Code of Professional Accountants
issued by the Office of Federal Auditor General

• Assignment 2
• The Code recognizes that the objectives of the
accountancy profession are to work to the highest
standards of professionalism, to attain the highest
levels of performance and generally to meet the
public interest requirement set out above
• What are the basic needs
• Technical standards
• Principle of professionalism
Ethics- reading assignment

• Ethics and Audit

• What is Ethics
• Ethical culture
• IIA’s Code of Ethics for Internal Auditors —Practice
What We Preach
• Code of Ethics
• Ethical dilemmas
• The IIA’s 2015 Global Internal Audit Common Body
of Knowledge Survey.
What happens when internal auditors don’t
want to go along with unethical requests?

According to the report,

•33 percent said they’d be excluded from meetings,
•18 percent would lose opportunities,
•4 percent saw budget cuts,
•1 percent were demoted, another
•1 percent had their pay cut, and
• 13 percent said “other.”
What happens….

While each situation is unique, the report states, some

of the more typical “other” responses included:
•Reduced communication from executive management.
•Discrimination via gossip and second-guessing.
•Job elimination.
•Audit department outsourcing.
 What happens…..

• Hostile working conditions and stress, resulting in health issues.

• Pay raises for internal audit staff frozen, while others received pay
increases.
• Denied requests for additional internal audit department staff.
• Internal auditors can often find themselves side-lined or hindered
in their quest to ascertain whether the governance around such
decisions is adequate. Being asked to reschedule audits, delaying
meetings, documents forgotten to be shared or worse still being
told that certain areas will not be looked
• at
 Auditing ethics

• Common Body of Knowledge (CBOK ) 2015 Global Practitioner Survey

advanced or expert in ethics' competencies of maintaining confidentiality
and objectivity.
professionals confident in performing advanced and complex tasks
they need supervision for routine tasks
 Auditing ethics

• legal requirement
“The internal audit activity must evaluate the design,
implementation, and effectiveness of the organization’s
ethics-related objectives, programs, and activities.”
• the role of Internal Auditors
Assessing, evaluating and providing assurance of
implementation, and effectiveness of the organization’s
ethics-related objectives, programs, and activities,
Consulting services, role model and ethical advocate
• understanding organizational culture
• Key Considerations
Auditing ethics

Scope of the Audit

•Tone at the top – commitment of the board and top
management to ethics.
•Ethical principles – how well these are adhered to
by all levels of the organization, including
stakeholders and suppliers.
•Risk management recognition of the need for risk
management and effective implementation of risk
management throughout the organization.
Auditing ethics-scope of audit

• Information – availability of information relating to

ethical conduct such as a documented ethical
program, awareness activities, and breaches of
ethical guidelines.
• Sharing – active sharing of information relating to
the ethical program and its results.
• Alignment – risk management alignment with the
organization’s ethical culture.
Audit ethics-Reporting and monitoring

• Report the audit results without fear or favor to the audit committee
and senior management.
• Monitor and follow-up to ensure recommendations are effectively
implemented and meaningful change occurs in a timely way
 Auditing Ethics – Benefits

• To improve ethical performance and to give assurance that the organizations

has an effective ethics program.
• The auditing process can highlight trends, improve organizational learning,
and facilitate communication and working relationships.
• Improved relationships with stakeholders who desire greater transparency.
•Thank you