Presentation is loading. Please wait.

Presentation is loading. Please wait.

Factors to be considered for the Internal Auditors

Published byAnabel Bates Modified over 6 years ago

Similar presentations

Presentation on theme: "Factors to be considered for the Internal Auditors"— Presentation transcript:

1 Factors to be considered for the Internal Auditors
Compiled By: JBSC, Dhaka

2 Operation of Internal Audit & Operational Risk Management.
Basel Committee for Banking Supervision (BCBS) Evolution of Internal Control & Compliance (ICC) concepts has 13 Recommendations. Internal Audit is part of the management process in the bank. It is the actions taken by management to plan, organize and direct the performance of sufficient actions to provide reasonable assurance that the following objectives will be achieved: Ascertainment of Risks exposures in the bank branches & in business operations. Accomplishment of established objectives and goals for operations and programs. The economic and efficient use of resources. The reliability and integrity of information. Compliance with policies, plans, procedures, laws and regulations.

3 Operational Risk Operational risk is the broad discipline focusing on the risks arising from the people, systems and processes through which a company operates. It can also include other classes of risk, such as Fraud & Legal risks, physical or environmental risks. Operational Risk is the potential loss arising from a breakdown in company’s systems and procedures that result in human error, fraud, failure, damage of reputation, delay to perform or compromise of the company’s interests by employees. 3 P-S Policy (lacking or outdated) , Processes ( imperfectly / misguided model ) People ( Ignorance-negligence – offense- lack of integrity – poor judgment ) Systems (unsecured systems –Software- non complying security measures )

4 Risk in Banking Internal Process People External Factors
Corporate Bank Sovereign Retail Project Finance Equity Internal Process People External Factors Interest Rate – in banking and trading books Foreign Exchange Equity Commodity Credit Risk Operational Risk Types of Risks Market Risk Information Risk Systems Risk Security and Integrity Risk

5 Operational risk is inherent to banking business
Retail Banking Commercial Banking Payment and Settlement Treasury (Trading & Sales) ACTIVITY Retail Deposits & Lending Project Finance Payments and Collections Sales Private Banking Trade Finance Funds Transfer Market Making Card Services Proprietary Positions Working Capital Finance Clearing and Settlement Treasury Advisory Services Operation Risk categories Internal Fraud External fraud Employment Practices & Workplace Safety Clients, Products & Business Practices Physical Damage to Assets Business Disruption and System Failures Execution, Delivery & Process Management

6 Components of Operational Risk Management Framework
Control environment: The Control Environment sets the tone of an organization, influencing the control consciousness of its people at the all tiers. Risk Addressing: The risk in an organization is the auditor’s starting point. The audit function is an expensive overhead, so it is important for auditors to concentrate their resources in the areas of greatest risk. Control activities: Control activities are the policies and procedures that help ensure management directives are carried out. Information and communication: Information systems play a key role in internal control systems as they produce reports, including operational, financial and compliance-related information, that make it possible to run and control the business. Monitoring: Internal control systems need to be monitored—a process that assesses the quality of the system's performance over time.

7 Operational Risks Includes:
The loss of money or reputation are the high level risks, but the actual loss can come about in a number of different ways. These different ways give rise to a set of secondary risks, which auditors particularly need to focus on, these risks will include: Individual Ignorance, Negligence, Offence & Lacking of Integrity Frauds & Forgery, Misappropriation, embezzlement Breach of the law- Malpractice Error - Loss of data Theft - Loss of premises Poor judgment Poor strategic planning Insufficient management information Ineffective support for computer systems

8 Some Basic practical points for Auditors
There are a number of basic practical points that auditors need to bear in mind during their day-to-day work: Auditors should not act as part of a control system itself.. Auditors should observe Audit protocol ( Audit Manual) wherever they are auditing. Auditors should declare any personal interest which may make it inappropriate for them to audit in an area. Auditors need to be discreet. They will probably see sensitive documents during the course of their audits. Auditors need to follow a strict ethical code. Some information that auditors see could be used for personal gain.

9 Factors to be considered for the Auditors
There are many different types of control that an internal auditor will look for. To control the risks in banks, the types of control will include the following: Controls over STAFF: Adequate experience - Adequate staff level Adequate training - Clear lines of communication Controls over PROCESSING: Delegated authorities ( Business/ Finance, Administration, Expenditure) limits Two signatures needed to transfer money (Checker & Maker). Time deadlines (Execution of Transactions & Feedback) Check totals to prove accuracy of figures

10 Factors to be considered for the Auditors
Controls over TRADING or Investment : Dealing Limits for traders Exception reports showing limit breaches Separation of the dealing function from that of settlement Authentication of foreign trading settlement instructions through SWIFT Separate verification of input of settlement instructions & reconciliation

11 Factors to be considered for the Auditors
Controls over VALUABLES: Dual control over access to valuables, usually by two keys held by different people Separation of custody of valuables from record keeping Regular counting and reconciliation Video screening vaults or strong rooms

12 Factors to be considered for the Internal Auditors
Controls over Information and Communication Technology: Backed-up data in case of loss of prime computer records is ensured Uninterrupted power supply for critical systems Remote contingency site in case there is a disaster in the prime site (DRC) Password access to the computer system Properly documented systems so that technicians can easily trace faults Strict controls over how programs can be accessed when they need to be changed Encrypted networks to reduce the risk of hackers gaining access · Physical controls over access to computer rooms ( Server) ‘Day End’ ‘Audit Tail’ verification & authentications.

13 END

Download ppt "Factors to be considered for the Internal Auditors"

Similar presentations

Appendix F: Common risk categories for the public sector Insert client-specific photo here.

Appendix F: Common risk categories for the public sector Insert client-specific photo here.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
WORKING ON WORK PLANS. Supervisory Committee Work Plans “The better the planning, the better the result!” Work plans provide an organized, systematic.

WORKING ON WORK PLANS. Supervisory Committee Work Plans “The better the planning, the better the result!” Work plans provide an organized, systematic.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.

Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.

INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Copyright © 2007 Prentice-Hall. All rights reserved 1 Internal Control & Cash Chapter 8.

Copyright © 2007 Prentice-Hall. All rights reserved 1 Internal Control & Cash Chapter 8.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
1 Operational Risk Management Member Education Series Seminar Indian Institute of Banking & Finance Nagpur November 2005.

1 Operational Risk Management Member Education Series Seminar Indian Institute of Banking & Finance Nagpur November 2005.
Internal Control and Internal Audit

Internal Control and Internal Audit
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
©2008 Pearson Prentice Hall. All rights reserved. 4-1 Internal Control & Cash Chapter 4.

©2008 Pearson Prentice Hall. All rights reserved. 4-1 Internal Control & Cash Chapter 4.
Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.

Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 3.2 -Internal Control & Audit.

INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 3.2 -Internal Control & Audit.
Control and Accounting Information Systems

Control and Accounting Information Systems
 This presentation looks at: › What is risk management › How to identify risks › How to implement an effective risk management policy to increase your.

 This presentation looks at: › What is risk management › How to identify risks › How to implement an effective risk management policy to increase your.

Similar presentations

Ads by Google