Planning the Audit Engagement: key ingredients

Slides:

Advertisements

Similar presentations

. . . key messages for CAEs, Senior Management and the Board

Advertisements

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

IS Audit Function Knowledge

Auditing A Risk-Based Approach To Conducting A Quality Audit

Office of Inspector General (OIG) Internal Audit

Purpose of the Standards

Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.

Conducting the IT Audit

Internal Auditing and Outsourcing

D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.

The Institute of Internal Auditors

Internal Control in a Financial Statement Audit

© 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Differing Roles of Internal Auditor and Risk.

International Auditing and Assurance Standards Board Communication with Those Charged with Governance ISA Implementation Support Module Prepared by IAASB.

S7: Audit Planning. Session Objectives To explain the need for planning To explain the need for planning To outline the essential elements of planning.

Standards and Guidelines for IS Auditing (ISACA).

Corporate Governance Yoshi Kawai Secretary General, IAIS IAIS-ASSAL Regional Seminar Buenos Aires, Argentina, November 2011 PUBLIC.

Taking the STANDARDS Seriously... what they are and why they are so critically important to internal audit professionalism.

Audit Planning. Session Objectives To explain the need for planning To outline the essential elements of planning process To finalise the audit approach.

Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.

RAWG.  Risk assessment guideline for strategic and annual planning ◦ Identifying auditing universe ◦ Identification of risks ◦ Categorization of possible.

Chapter 21 Internal, Operational, and Compliance Auditing McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

1 Internal Audit. 2 Definition Is an independent activity established by management to examine and evaluate the organization’s risk management processes.

Harmonization Project FAS Meeting Harmonization project and ISSAI 200 Purpose and scope of the project The purpose is to provide a conceptual basis.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.

Developing an Investment Governance Framework

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.

Internal Audit Quality Assessment Guide

Internal Audit FINANCE LEARNING FORUM ICF Diakonia Centre April 23, 2015.

The International Professional Practices Framework

Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

 Planning an audit of cost statements, records and other related documents is considered necessary to ensure achievement of audit objectives with available.

Jean-Pierre Garitte Budapest 29 March 2017

Internal Audit Standards

Principles of Good Governance

Hans Nieuwlands CIA CGAP CCSA CEO IIA Netherlands

Maintenance BC - NZTA assessment in TIO

Government Auditing Standards

Well Trained International

EIA approval process, Management plan and Monitoring

How to Survive an External Quality Assessment

Assurance, Related Services and Internal Auditing

Understanding the Principles and Their Effect on the Audit

Internal and Governmental Financial Auditing and Operational Auditing

Scope of the audit Reference Frameworks Tashkent, October 2017.

Understand the principles of effective decision making

2010 IIA Standards Update Andrew J. Dahle, CIA, CPA, CISA, CFE

Small Internal Audit Activity Challenges

Agenda Introduction Internal Audit IIA Standard Overview COSO Overview

A Framework for Control

. . . key messages for CAEs, Senior Management and the Board

Following Up on Internal Audit Reports Workshop on IIA Standard 2500

COSO Internal Control s Framework

Internal control - the IA perspective

Alignment of COBIT to Botswana IT Audit Methodology

Independent Internal Audit Quality Reviews

PEM PAL IA COP AiP Working Group The ISPPIA on Planning

Week Ten – IT Audit Reporting

Quality Assurance and Improvement Program

Audit mission objectives, audit plan and program

How to conduct Effective Stage-1 Audit

Portfolio, Programme and Project

Taking the STANDARDS Seriously

Internal Audit Who? What? When? How? Why? In brief . . .

Internal Audit’s Role in Preventing Fraud and Corruption

An overview of Internal Controls Structure & Mechanism

Conducting the Assurance Engagement

Portfolio Committee on Communications

Technology Bob Dohrer, Technology Working Group Chair

Presentation transcript:

Planning the Audit Engagement: key ingredients Manfred van Kesteren Tashkent, October 2017

Planning the audit engagement Planning is part of internal auditing’s systematic, disciplined, and risk-based approach and is mandated by the International Standards for the Professional Practice of Internal Auditing (ISPPF); Planning internal audit engagements involves considering the strategies and objectives of the area or process under review, prioritizing the risks relevant to the engagement, determining the engagement objectives and scope, and documenting the approach Tashkent, October 2017

Relevant International Standards (mandatory) 2200 – Engagement Planning Internal auditors must develop and document a plan for each engagement, including the engagement’s objectives, scope, timing, and resource allocations. The plan must consider the organization’s strategies, objectives, and risks relevant to the engagement; 2201 – Planning Considerations In planning the engagement, internal auditors must consider: The strategies and objectives of the activity being reviewed and the means by which the activity controls its performance. The significant risks to the activity’s objectives, resources, and operations and the means by which the potential impact of risk is kept to an acceptable level. The adequacy and effectiveness of the activity’s governance, risk management, and control processes compared to a relevant framework or model. The opportunities for making significant improvements to the activity’s governance, risk management, and control processes. Tashkent, October 2017

Planning the audit engagement: the steps Understand the context and purpose of the engagement; Gather information to understand the area or process under review; Conduct a preliminary assessment of relevant risks; Form engagement objectives; Establish engagement scope; Allocate appropriate and sufficient resources; Document the plan. Tashkent, October 2017

Objectives for assurance and consulting engagements The engagement objectives articulate what the engagement is specifically attempting to accomplish; therefore, the objectives should have a clear purpose, be concise, and be linked to the risk assessment (Standard 2210.A1); Internal auditors should ensure that the objectives of the assurance engagement align with the business objectives of the area or process under review; Internal auditors must also identify adequate criteria to evaluate the governance, risk management, and controls of the area or process under review and determine whether the business objectives and goals have been accomplished  Reference frameworks Tashkent, October 2017

Scope for assurance and consulting engagements The engagement scope sets the boundaries of the engagement and outlines what will be included in the review. Internal auditors must carefully consider the boundaries of the engagement to ensure that the scope will be sufficient to achieve the objectives of the engagement (Standard 2220 – Engagement Scope); The scope may define such elements as the specific processes and/or areas, geographic locations, and time period (e.g., point in time, fiscal quarter, or calendar year) that will be covered by the engagement, given the available resources; If the assurance engagement scope is limited in any manner or if access to necessary sources of information is restricted, internal auditors must disclose these situations to senior management and/or the board. Such situations would be considered impairments to internal audit independence (Standard 1130 – Impairment to Independence or Objectivity). Tashkent, October 2017

Allocating appropriate and sufficient resources After establishing the engagement objectives and scope, internal auditors must determine appropriate and sufficient resources to achieve the engagement objectives, as required by Standard 2230 – Engagement Resource Allocation; appropriate refers to the mix of knowledge, skills, and other competencies needed to perform the engagement, and sufficient refers to the quantity of resources needed to accomplish the engagement with due professional care; Timing/overall planning (stages of the audit) should also be considered. Tashkent, October 2017

Documenting the engagement planning During planning, internal auditors document information in engagement workpapers. This information becomes part of the engagement work program that must be established to achieve the engagement objectives, as required by Standard 2240 – Engagement Work Program; The results of the preliminary risk assessment, the engagement objectives, and the engagement scope should be discussed with management of the area or process under review and key stakeholders across the organization; Internal auditors may create an engagement planning memorandum (planning memo), to communicate the objectives, scope, and timing of the engagement. Tashkent, October 2017

m.Kesteren@minfin.nl