School Board Audit Committee Training Module 4 Internal Audit

Slides:



Advertisements
Similar presentations
Board Governance: A Key to Quality Organizations
Advertisements

Managing Compliance Related to Human Subjects Research Review Joseph Sherwin, Ph.D. Office of Regulatory Affairs University of Pennsylvania Fourth Annual.
MONITORING OF SUBGRANTEES
ENTITIES FOR A UN SYSTEM EVALUATION FRAMEWORK 17th MEETING OF SENIOR FELLOWSHIP OFFICERS OF THE UNITED NATIONS SYSTEM AND HOST COUNTRY AGENCIES BY DAVIDE.
Module N° 4 – ICAO SSP framework
1 Welcome Safety Regulatory Function Handbook April 2006.
Organizational Governance
. . . a step-by-step guide to world-class internal auditing
Gaining Senior Leadership Support for Continuity of Operations
MSCG Training for Project Officers and Consultants: Project Officer and Consultant Roles in Supporting Successful Onsite Technical Assistance Visits.
EMS Checklist (ISO model)
Vision: A strong and capable civil society, cooperating and responsive to Cambodias development challenges 1.
Subchapter M-Indian Self- Determination and Education Assistance Act Program Part 273-Education Contracts under Johnson-OMalley Act.
SAI Performance Measurement Framework
Facilitated by: Pobal Training Initiative.  Using the “Managing Better” Toolkit  Principles of Good Governance  Key Responsibilities of the Company.
What is Pay & Performance?
Compliance Matters and Other Topics
School Board Audit Committee Training Module 7 Evaluation of the Audit Committee 1.
2 3 There are two basic areas where there is a need to have resources available. Internal:  Financial  Personnel  Assets  Time External  Consultants.
PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.
CUPA-HR Strong – together!
CUPA-HR Strong – together!
1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Internal Control and Control Risk
World’s Largest Educational Community
Auditing, Assurance and Governance in Local Government
Preparing for an External Quality Assessment of your Quality Assurance and Improvement Program Institute of Internal Auditors El Paso Chapter August 29,
Institute of Municipal Finance Officers & Related Professions
IS Audit Function Knowledge
Quality evaluation and improvement for Internal Audit
Office of Inspector General (OIG) Internal Audit
Purpose of the Standards
ASPEC Internal Auditor Training Version
Emerging Latino Communities Initiative Webinar Series 2011 June 22, 2011 Presenter: Janet Hernandez, Capacity-Building Coordinator.
Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Control environment and control activities. Day II Session III and IV.
Internal Auditing and Outsourcing
Challenges Faced in Developing Audit Plans and Programs 21 st March, 2013.
An Educational Computer Based Training Program CBTCBT.
Improving Corporate Governance in Malaysian Capital Markets – The Role of the Audit Committee Role of the Audit Committee in Assessing Audit Quality.
INTOSAI Public Debt Working Group Updating of the Strategic Plan Richard Domingue Office of the Auditor General of Canada June 14, 2010.
Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.
City of Tshwane GDS August Reputation promise/mission The Auditor-General of South Africa has a constitutional mandate and, as the Supreme.
Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.
Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.
Copyright © 2007 Pearson Education Canada 1 Chapter 24: Assurance Services: Internal Auditing and Government Auditing.
1 Internal Audit. 2 Definition Is an independent activity established by management to examine and evaluate the organization’s risk management processes.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Systems Accreditation Berkeley County School District School Facilitator Training October 7, 2014 Dr. Rodney Thompson Superintendent.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Board Assessment Governing Board Online Training Module.
ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
CHB Conference 2007 Planning for and Promoting Healthy Communities Roles and Responsibilities of Community Health Boards Presented by Carla Anglehart Director,
Internal Audit Quality Assessment Guide
AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.
School Board Audit Committee Training Module 4 Internal Audit
Board Roles & Responsibilities
Getting to Know Internal Auditing
Session objectives After completing this session you will:
Session objectives After completing this session you will:
Well Trained International
Getting to Know Internal Auditing
Getting to Know Internal Auditing
Kode Etik dan IA Standard Dr Rilla Gantino, SE., AK., MM
Following Up on Internal Audit Reports Workshop on IIA Standard 2500
Getting to Know Internal Auditing
Taking the STANDARDS Seriously
Presentation transcript:

School Board Audit Committee Training Module 4 Internal Audit Click to edit Master text styles Second level Third level Fourth level

Session objectives After completing this session you will: Understand the Audit Committee’s responsibilities related to Internal Audit (IA). Understand how the IA function will operate. Walkthrough the audit planning and approval process. Explain the independence requirements of the IA function. Understand the Audit Committee’s effective monitoring, oversight and assessment role for Internal Audit Comfortably interact with the IA function.

Audit Committee Duties related to the Internal Auditor [ON Regulation 361/10 9(3)] To review the Internal Auditor’s mandate, activities, staffing and organizational structure. To make recommendations on the content of the Internal Audit plan and on all proposed major changes to the plan. To ensure there are no unjustified restrictions or limitations on the scope of the activities performed by Internal Audit. To review, at least once in each fiscal year, the performance of the Internal Auditor and provide comments regarding his or her performance. To review the effectiveness of the Internal Auditor, including the Internal Auditor’s compliance with standards for internal auditing. To meet on a regular basis with the Internal Auditor. To review findings, recommendations and any difficulties encountered in the course of the Internal Auditor’s work. 3

International Standards for the Professional Practice of Internal Auditing The IIA Standards are principle-focused and provide a framework for performing internal auditing. The Standards are mandatory requirements consisting of: Statements of basic requirements for the professional practice of Internal Auditing and for evaluating the effectiveness of its performance. The requirements are internationally applicable at organizational and individual levels. Interpretations, which clarify terms or concepts within the statements. It is necessary to consider both the statements and their interpretations to understand and apply the Standards correctly. Current standards can be found online at http://www.theiia.org/guidance/standards-and-guidance/ippf/standards/ The website provides access to numerous tools, such as quality assessments, discussion groups, etc. 4

Objectives of an Internal Audit function Objectively monitor and report on the health of financial, operational, and compliance controls. Provide insight into the effectiveness of the DSB’s risk management. Offer guidance regarding effective governance Become a catalyst for positive change in processes and controls. Deliver value to the audit committee, executives, and management in the areas of controls, risk management, and governance to assist in the audit committee’s assessment of the efficiency of programs and procedures. Coordinate activities and share perspectives with the external auditor. 5

Ontario DSB Internal Audit Mandate Mission: to provide independent, objective assurance and consulting services designed to add value and improve the DSB’ operations. Scope of work: to determine whether the network of risk management, control, and governance processes, as designed and implemented by the DSBs, is adequate and functioning in a manner to ensure: Risks are appropriately identified and managed. Significant financial, managerial, and operating information is accurate, reliable and timely. Employees’ actions comply with policies, standards, procedures, laws and regulations. Resources are acquired economically, used efficiently, and adequately protected. Programs, plans, and objectives are defined, communicated and achieved. Significant legislative or regulatory issues impacting the DSBs are recognized and addressed. (Source: Sample Internal Audit Mandate Ministry of Education Website) 6

Ontario School Board Internal Audit service model Regional model This model will be replicated in each of the eight regions in the province. DSB audit committees Regional Internal Audit Manager (RIAM) Audit Staff Audit Staff Audit Staff Audit Staff 7

Roles and responsibilities of the Internal Auditor Develop and implement annual and multi-year Internal Audit Plans. Maintain a professional/competent audit staff. Perform consulting services (as requested and appropriate). Issue periodic reports. Inform audit committee of emerging trends and leading practices in risk management and internal auditing. Assist in the investigation of suspected fraudulent activities. Consider the scope of work of external auditors. Assist the Audit Committee in complying with Regulation 361/10. 8

Annual Internal Audit Plan Audit planning Annually, the RIAM shall submit to the director of education, senior business official and audit committee of each DSB a summary of the audit plan (current year work schedule and multi-year plan), staffing plan, and budget for the following fiscal year. The audit plan is to be developed based on a prioritization of the audit universe using a risk-based methodology. Multi-Year Plan Plan is driven by two key factors: risk assessment results and Internal Audit resources. It describes the Internal Audit objectives, audit goals, a forecast of available audit hours, the planned allocation of audit hours to each type of audit and school board for a five year period given the identified risk areas and the available resources. Changes in risk or audit resources may lead to a change in the plan. Annual Internal Audit Plan Describes in further detail audit responsibilities, audit focus and audit direction for the fiscal year. The plan will be uniquely prepared from a regional perspective. (Source: Sample Internal Audit Mandate and Guideline on Establishing the IA Plan- Ministry of Education Website) 9

Role of Audit Committee vis-à-vis Audit Plans Approve multi-year and annual audit plan for YOUR school board  part of a larger plan 1. Presentation of allocation of resources by RIAM for ALL boards that are part of your region 2. Fair and equitable based on risk assessment results of ALL boards….Yes? Recommend Approval …. No? Regional Conflict Resolution Committee Regional Conflict Resolution Committee (RCRC) designed by the Ministry of Education in conjunction with the host board workgroup to resolve audit committee conflicts How ? 10

Regional Conflict Resolution Committee Background: To be created in each of the 8 regions only when the need arises Purpose: To ensure that the conflict resolution process is fair and unbiased for all of the school boards in the region Composition: Odd number of school boards in region = One trustee member from each Audit Committee in the region Even number of school boards in region = Same as above + one additional trustee member of the Audit Committee of the host board 11

Regional Conflict Resolution Committee(cont’d) RCRC Structure The chair of the RCRC will be the trustee member of the host board Meetings will be called by the chair as-needed 75% of the members must be present for quorum Each member is entitled to one vote Conflict Resolution Process Discussion of matter Vote by each member Majority decision binding to all boards A conflict should be fully resolved within six weeks from the date the issue is submitted to the chair of the RCRC. 12

Relationship between the Internal Audit Function and the External Auditor External auditors can, in certain circumstances, use the work of the Internal Audit function External auditors must determine: If the work of the internal auditor is likely to be adequate for the external audit. Consider points: objectivity technical competence due professional care effective communication The impact on the nature, timing and extent of the external auditor’s procedures nature and scope of specific internal audit work risks of material misstatements degree of subjectivity involved in evaluating evidence 13

Independence of the Internal Audit function When the Internal Audit function’s direct reporting line is to the Audit Committee, it allows the Internal Auditors to remain structurally separate from management and enhances objectivity. It also encourages the free flow of communication on issues and promotes direct feedback from the Audit Committee on the performance of the Chief Audit Executive (CAE). In relation to the school board environment, this would refer to the Regional Internal Audit Manager (RIAM). 14

Independence of the Internal Audit function (cont’d) The Institute of Internal Auditor’s (IIA’s) Standards for Professional Practice of Internal Auditing mandate that the Internal Auditors maintain a certain level of independence from the work they audit. An Internal Auditor should have no personal or professional involvement with the area being audited The Internal Auditor should maintain an impartial perspective on all engagements Internal Auditors should have access to records and personnel when necessary, and they should be allowed to employ appropriate investigative techniques without impediment 15

Interaction with the Audit Committee Audit Committees should take several steps to facilitate a mutually beneficial relationship with the Internal Auditors. An effective relationship here is fundamental to the success of the IA function. Communication Hold regular private sessions with the Internal Auditors Be available when contacted by the RIAM Engage in a substantial and communicative reporting relationship Goal Setting Actively participate in discussing goals and evaluating the performance of the RIAM; these responsibilities should not be delegated solely to the host board management Challenge the RIAM and the Internal Audit function by setting expectations, communicating those expectations clearly, and holding the function accountable for meeting them Support See that the Internal Auditors have appropriate stature and respect and are visibly supported by senior management throughout the organization Support the RIAM providing guidance and assistance, if needed 16

Practical tools to guide interaction between Internal Auditors and the Audit Committee Quarterly report: Should highlight activities performed and status of each audit on plan Provide timelines indicating if audits are ahead or behind schedule (metrics) Highlight the number of high priority findings from completed audits Identify the status of outstanding action plans for prior audit observations Include a quality assessment score based on audit and stakeholder feedback Executive summary for completed audits: Review the scope and objectives of the review Summarize key findings and action steps Provide an overall conclusion of the effectiveness of risk management procedures in the areas reviewed Planning Memo Introduce the upcoming audits and key risks to be addressed Outline the scope, approach and timelines for the review 17

Questions for Audit Committees to consider Are the Internal Auditors responsive to the needs of today’s rapidly changing environment? Are the Internal Auditors monitoring critical controls and identifying and addressing emerging risks? Is the function proactively evaluating DSB internal controls and risk management as conditions change? Are the Internal Auditors cognizant of new laws, regulations, and leading practices? Are Internal Audit personnel appropriately qualified and pursuing appropriate professional development? Does the Internal Audit function have the necessary and appropriate skills sets and experience to evaluate risk and carry-out the Internal Audit plan? Is the Internal Audit Plan aligned with the DSB’s critical risks and focusing on what is important rather than reviewing those processes easiest to review? 18

An Example of the Audit Committee’s Evaluation of the Internal Auditors Question Expectations for the IA function Are the Internal Auditors responsive to the needs of today’s rapidly changing environment? Awareness of the “Ontario Equity and Inclusive Education Strategy”. Are the Internal Auditors monitoring critical controls and identifying and addressing emerging risks? Monitoring and reporting on Administrator’s action on policy development and implementation for equity and inclusive education. Are the Internal Auditors cognizant of new laws, regulations, and best practices? Understanding of the Policy/Program Memorandum No. 119 on Developing and implementing equity and inclusive education policies in Ontario schools Does Internal Audit have the necessary and appropriate skills sets and experience to evaluate risk and carry-out the Internal Audit plan? The risk-based Internal Audit plan has been designed considering policy documents, regulations, and best practice. 19

Questions for Audit Committees to consider (cont’d) Have key DSB stakeholders including the Audit Committee, Trustees, Directors and Superintendents, reconciled their expectations for the Internal Audit function with the RIAM? How does the Internal Audit function relate to other risk management related functions, such as legal, security, and health and safety? Are there duplications of effort or gaps between these functions? Has the audit committee reached a supportable conclusion as to whether the Internal Auditors are operating in compliance with Institute of Internal Auditors standards? Is the Internal Audit function viewed as objective and competent by the external auditor? How is the internal audit function perceived by its stakeholders? How has Internal Audit's performance been assessed by those that have been audited? 20

Audit Committee leading practices Audit Committee leading practices for interacting with the Internal Auditors include the following: Assess whether the Internal Auditors have a direct functional reporting line to the Audit Committee and an indirect line to management for administrative activities. Be involved in Internal Audit Planning Process through the review and approval of the risk assessment and Internal Audit Plan. Constructively challenge the Internal Audit function. Conduct annual performance evaluations. Understand Internal Audit staffing and succession planning. 21

Audit Committee Evaluation of Internal Audit Audit Committees must complete annual evaluation of the Regional Internal Audit Manager (RIAM) and the Internal Auditor (senior auditors and audit staff) performance. Sample Areas of evaluation Regional IA Manager Internal Auditors Management of the Regional Internal Audit Team Professional Behaviour Audit Committee Meetings Written Communication Communication Timeliness General Skills Initiative Overall Evaluation Include evaluation sheets in toolkit 22 Source: Ministry Evaluation Worksheet