Presentation is loading. Please wait.

Presentation is loading. Please wait.

SJ State Operational Auditing BT 852 October 12, 2006 Page 1 San Jose State University October 12, 2006 Internal Audit: A 2006 Perspective Lynn Falbo

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SJ State Operational Auditing BT 852 October 12, 2006 Page 1 San Jose State University October 12, 2006 Internal Audit: A 2006 Perspective Lynn Falbo"— Presentation transcript:

1 SJ State Operational Auditing BT 852 October 12, 2006 Page 1 San Jose State University October 12, 2006 Internal Audit: A 2006 Perspective Lynn Falbo lfalbo@wrcas.com

2 SJ State Operational Auditing BT 852 October 12, 2006 Page 2 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

3 SJ State Operational Auditing BT 852 October 12, 2006 Page 3 “Audit” Evolution” “Audit Generations” 1.Control-Based Auditing 2.Process-Based Auditing 3.Risk-Based Auditing 4.Risk-Management Based Auditing Merging / integration of Financial, Operational, IT focus

4 SJ State Operational Auditing BT 852 October 12, 2006 Page 4 Audit "Generation": One TwoThreeFour Control-Based Process-BasedRisk-BasedRisk Mgmt-Based Objective: Compliance with underlying guidelines Effectiveness and efficiency of a process Effectiveness of controls and procedures to mitigate key risks Effectiveness of risk management activities to achieve objectives and optimize/mitigate risks Approach: Understand guidelines and audit for compliance Compare current process to best practices Identify key business risks and evaluate controls to mitigate the risks Understand objectives, identify related risks, understand tolerance levels, identify performance and risk measures, and assess risk management effectiveness Focus: Identify compliance exceptions and errors Identify gaps between the current process and best practices Identify controls and procedures that are not operating as needed to mitigate the key risks Identify gaps between current and desired risk management effectiveness Testing Approach: Statistical based predictive and substantive tests, with some compliance tests Consulting focused evaluation of current and best practices, with some compliance tests Combination of substantive and compliance tests, focusing only on key risks Combination of substantive and compliance tests, focusing only on key objectives and the related risks Recommendations: Relate exceptions or errors to the relevant guidelines Relate gaps to specific operational objectives Relate exceptions or errors to key risks Relate gaps in risk management effectiveness to underlying risks and key business objectives Audit Generations

5 SJ State Operational Auditing BT 852 October 12, 2006 Page 5 Knowledge about ideal situations Comparison Analysis of Documents Interviews Questionnaires Actual Key Data Structure Processes Interfaces etc. Recommendations constructive future-oriented feasible improving processes and profits Ideal (Better) Strategy Business Policy Law, guidelines State of the Art Customer Surveys etc. Audit Process Methodology are the keys for improvements Understanding the actual status Introduction

6 SJ State Operational Auditing BT 852 October 12, 2006 Page 6 “Audit” Evolution” – Questions Introduction What Generation is represented by previous slide “Audit Process Methodology” model? What Generation best represents the focus of SOX (COSO Internal Control Framework)? What Generation best describes the methodology you were taught? What Generation is predominant in industry today?

7 SJ State Operational Auditing BT 852 October 12, 2006 Page 7 COSO Internal Control Framework

8 SJ State Operational Auditing BT 852 October 12, 2006 Page 8 COSO / Cobit Internal Control Framework

9 SJ State Operational Auditing BT 852 October 12, 2006 Page 9 COSO ERM (Enterprise Risk Management) Framework

10 SJ State Operational Auditing BT 852 October 12, 2006 Page 10

11 SJ State Operational Auditing BT 852 October 12, 2006 Page 11 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

12 SJ State Operational Auditing BT 852 October 12, 2006 Page 12 Working for Multi-national companies Unique challenges Culture Management style Philosophy “Global” business model Diversity Organization

13 SJ State Operational Auditing BT 852 October 12, 2006 Page 13 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

14 SJ State Operational Auditing BT 852 October 12, 2006 Page 14 Career Opportunities Audit Accounting / Finance SOX Compliance Other…..

15 SJ State Operational Auditing BT 852 October 12, 2006 Page 15 Career Opportunities Auditor for a Day –Exposure to the audit profession –Site visit at local companies –Attendance at the IIA meeting

16 SJ State Operational Auditing BT 852 October 12, 2006 Page 16 Agenda “Audit” Evolution Working for Multi-national companies Career Opportunities Questions

Download ppt "SJ State Operational Auditing BT 852 October 12, 2006 Page 1 San Jose State University October 12, 2006 Internal Audit: A 2006 Perspective Lynn Falbo"

Similar presentations

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Getting to Know Internal Auditing

Getting to Know Internal Auditing
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
Chapter 14 Fraud Risk Assessment.

Chapter 14 Fraud Risk Assessment.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Control and Accounting Information Systems

Control and Accounting Information Systems
Information System Assurance Practices in China Key players doing IS Assurance In China Regulatory Regime and Professional Organizations -Regulatory AuthoritiesRegulatory.

Information System Assurance Practices in China Key players doing IS Assurance In China Regulatory Regime and Professional Organizations -Regulatory AuthoritiesRegulatory.
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
1 Continuous Auditing Implications: Rethinking the Roles of Systems of Internal Controls Presented by Rob Nehmer Berry College at the Fifth Continuous.

1 Continuous Auditing Implications: Rethinking the Roles of Systems of Internal Controls Presented by Rob Nehmer Berry College at the Fifth Continuous.
ProCognis SOX 404 & COSO Implementation Presentation

ProCognis SOX 404 & COSO Implementation Presentation
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Operational Auditing--Fall 2010 1 Operational Auditing Fall 2010 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2010 Professor Bill O’Brien.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Operational Auditing--Fall 2009 1 Operational Auditing Fall 2009 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

Similar presentations

Ads by Google