Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operational Auditing--Spring 2010 1 Operational Auditing Spring 2010 Professor Bill O’Brien.

Similar presentations

Presentation on theme: "Operational Auditing--Spring 2010 1 Operational Auditing Spring 2010 Professor Bill O’Brien."— Presentation transcript:

1 Operational Auditing--Spring 2010 1 Operational Auditing Spring 2010 Professor Bill O’Brien

2 Operational Auditing--Spring 20105-2 Frameworks n Internal control n IC-Integrated Framework (COSO) n Guidance on Controls (CoCo) n Internal Control Guidance (Turnbull) n Enterprise risk management n Australian/New Zealand Std. Risk Mgt. n ERM-Integrated Framework (COSO)

3 Operational Auditing--Spring 20105-3 COSO n Committee of Sponsoring Organizations n AICPA, IIA, IMA, FEI, AAA n Treadway Commission n 1992 I/C; 2004 ERM n Control Objectives n Compliance with laws and regulations n Reliability of financial reporting n Effectiveness & efficiency of operations

4 Operational Auditing--Spring 20105-4 Components of I/C n Control environment n Risk assessment n Control activities n Information and communication n Monitoring

5 Operational Auditing--Spring 20105-5 Threats to Control n Management override n Open access to assets n Form over substance approach n Conflict of interest

6 Operational Auditing--Spring 20105-6 Balancing Risk and Control n Too much risk n Loss of assets n Poor decision making n Potential non-compliance n Potential for fraud n Too much control n Increased bureaucracy n Excess costs n Excess cycle-time n Increase in non-value added effort

7 Operational Auditing--Spring 20105-7 Control Activities n Segregation of duties n Performance reviews n Approvals n IT access n Documentation n Physical access n IT applications n Independent verifications & reconciliations

8 Operational Auditing--Spring 20105-8 IIA and Control n IIA control objectives: S-C-O-R-E n Safeguarding of assets n Compliance with laws and regulations n Objective and goal achievement n Reliability & integrity of information n Economical & efficient use of assets

9 Operational Auditing--Spring 20105-9 Control Self Assessment (CSA) n Methodology n Review and Identification n Key business objectives n Related risks n Mitigating controls

10 Operational Auditing--Spring 20105-10 CSA-History n Introduced by Gulf Canada in 1987 n Gulf used facilitated meetings

11 Operational Auditing--Spring 20105-11 Facilitated Meetings n Management and staff participate through interviews and polling n Objectives n Risks n Processes n Soft and/or informal controls

12 Operational Auditing--Spring 20105-12 General Methodology n Shared process n Assessment of internal controls n Evaluation of risks n Development of action plans n Assess the likelihood of achieving objectives n SJSU simulation

13 Operational Auditing--Spring 20105-13 General Approaches n Facilitated meetings--group workshops n Questionnaires--yes/no answers n Management analysis--self studies

14 Operational Auditing--Spring 20105-14 Uses n Self analysis for risk* n Selection of audit areas* n Internal control review* n Special projects n Soft control analysis * alternatives to the traditional approach to the I/A process

15 Operational Auditing--Spring 20105-15 Benefits n Increases I/A scope n Target review of high risk areas n Increases the effectiveness of corrective action n Builds team-oriented relationships

16 Operational Auditing--Spring 20105-16 Engagement Process n Planning: n Selecting the BPO n Pre-site planning n Performing: n Conducting the preliminary survey n Review internal controls n Expanding tests as necessary n Generating findings n Communicating: n Reporting the results n Conducting follow-up n Assessing the process

17 Operational Auditing--Spring 20105-17 Audit Evidence n Healthy skepticism n Attributes n Relevant: consistent with objectives n Reliable: credible n Sufficient: convincing

18 Operational Auditing--Spring 20105-18 Generalized Audit Software (GAS) n Two most popular applications n ACL (ACL) n IDEA (CaseWare) n Typical uses n File examination n Recalculations n Sample selection n File comparison n Reformatting n Pivot tables n Benford’s Law analysis n Reporting n Data analysis log

19 Operational Auditing--Spring 20105-19 GAS, continued n Benefits n Minimizes customization n Independent of company IT n Efficient n Facilitates 100% testing n Frees BPP for analytical work n Obstacles n Data access n Physical access n Format knowledge n Downloading issues to BPP’s computer n Importing data in usable format

20 Operational Auditing--Spring 20105-20 Workpaper Usage n Planning and execution n Supervision and review n Objective tracking n Conclusion support n Supports quality assurance n Professional development n IIA standards’ compliance

21 Operational Auditing--Spring 20105-21 Workpaper Guidelines n Cross-referencing system n Consistent layouts n Standardized symbols or “tick marks” n Standardization for permanent files n Unique indexing n Description of purpose n Initialed by preparer and reviewer n Source of information indicated n Clear explanations of symbols n Legibly written and easy to understand n Must stand alone n Must relate to the engagement objectives

22 Operational Auditing--Spring 20105-22 Sample Work Paper Heading Ref. Review T/M Legend: Source Purpose: Conclusions

Download ppt "Operational Auditing--Spring 2010 1 Operational Auditing Spring 2010 Professor Bill O’Brien."

Similar presentations

Ads by Google