Presentation on theme: "ABC BANK Audit Plan Presentation to Audit Committee (Date)"— Presentation transcript:
ABC BANK Audit Plan Presentation to Audit Committee (Date)
2 Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com Table of Contents Introduction of Internal and External Audit Teams Audit Risk Assessment Process and Audit Plan Summary Comparison of Audit Effort in Prior Year Versus Plan for the Current Year Internal Audit Schedule Sample Audit Committee Deliverable Matrix for Evaluation of Audit Independence
3 Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com Internal Audit Plan - Overview The audit plan was developed using a risk based audit approach. Utilizing experience and understanding of the banks operations as well as industry knowledge, internal audit identified auditable areas, performed a risk assessment for each of these areas, and assigned each of these a risk rating of high, medium or low. Internal audit considered the following factors, as well as knowledge of the bank, in determining the risk rating for each auditable area: Discussions with bank management, which provided insight regarding issues and risks in the auditable areas Potential impact that the auditable area may have on the financial position of the bank Other environmental factors, such as past audit results, changes in personnel and operations, past and current emphasis by regulators, and future business strategies This risk assessment process will be performed on an ongoing (at least annually) basis to ensure changing risk factors, including losses, operational changes or turnover, are continually monitored. A cycling approach to the internal audit plan was used, whereby high-risk areas are audited on an annual basis, and medium- to low-risk areas are audited over a 18- to 24-month cycle.
4 Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com Medium RisksHigh Risks Low Risks High Low High Significance Likelihood of control/process issues Disaster Recovery Commercial Lending Finance IT Applications Community Reinvestment Act Software Licensing Logical Security/Security Admin. IT Telecommunications Operations Support Small Business Lending Local Area Network Centralized Doc. Unit Treasury/Investments/ALM Central Services Internet Conn./Firewall New Product Development Real Estate Lending Commercial Business Lending SBA Center Branch Network Loan Administration Dept. Financial Products Marketing/Promotions Human Resources/Payroll Credit Administration Appraisal Department Facilities III IIIIV Risk Map - ABC Bank
5 Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com Summary Audit Plan Audit AreaRisk AssessmentBudgeted Hours Treasury/Investments/ALMHighX Real Estate LendingHighX Central ServicesHighX Commercial Business LendingHighX SBA CenterHighX New Product DevelopmentHighX Internet Connectivity/FirewallHighX Centralized Documentation UnitMediumX Logical Security & Security AdminMediumX Local Area NetworksMediumX IT TelecommunicationsMediumX Disaster Recovery PlanningMediumX Software LicensingMediumX Finance/Accounting/Accts PayableMediumX Operations SupportMediumX Community Reinvestment ActMediumX Branch NetworkLowX Human Resources/PayrollLowX DiscretionaryNAX Planning, Admin & Reporting to ACNAX Follow-Up on Prior Year Audit PlanNAX Total Budgeted Audit HoursX
6 Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com Summary Focus of Audit Effort During Prior and Current Years Hours
7 Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com Significant Changes in Audit Plan from Prior to Current Year As is depicted on the preceding page, the following summarizes the most significant changes seen in the audit plan for this year versus last: Greater emphasis on lending activities, including centralized documentation unit, based on risk assessment process Significant re-allocation of time from branch network to centralized/back office operational activities based on our risk assessment process. For branch network, focus to be on high-risk activities, including branch losses, wire initiation, etc. Increased discretionary time for special projects Reduced administration time, as well as no allocation for training, vacation or sick leave
10 Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com Internal Audit Schedule - Regulatory Compliance Federal/state regulations reviewed as part of the audit plan As part of our review of the identified business processes and retail branches, internal audit will integrate compliance testing of the following regulations: Internal audit will coordinate with ABC Banks compliance officer when determining the scope and degree of work to be performed for compliance-related issues.