Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operational Auditing--Fall 2007 1-1 Establishing an I/A Function n Reporting structure n Mission statement/ role of dept. n Objectives n Department tone--teamwork.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Operational Auditing--Fall 2007 1-1 Establishing an I/A Function n Reporting structure n Mission statement/ role of dept. n Objectives n Department tone--teamwork."— Presentation transcript:

1 Operational Auditing--Fall 2007 1-1 Establishing an I/A Function n Reporting structure n Mission statement/ role of dept. n Objectives n Department tone--teamwork n IIA standards n Commitment to continuing education

2 Operational Auditing--Fall 2007 1-2 Human Relations Issues n General people techniques n Due professional care n Hostile management approaches n Dealing with external auditors n Participative approach w/auditees

3 Operational Auditing--Fall 2007 1-3 General People Techniques n Promote the “wanna” n Foster feedback n Adopt a consultative approach n Use the “Will Rogers’ Approach”

4 Operational Auditing--Fall 2007 1-4 …Due Professional Care n Be fair but don’t whitewash n Avoid surprises n Go for the win-win n Have the guts to go to the top

5 Operational Auditing--Fall 2007 1-5 Hostile Management Approaches n Select the right time for discussion n Remain flexible in your conclusions n Avoid emotion; sometimes even logic won’t work n Don’t corner yourself or the other party n Listen to the other party n Help the other guy “to be right”

6 Operational Auditing--Fall 2007 1-6 Dealing with the External Auditors n Different objectives n Different accountability n Different qualifications n Different activities

7 Operational Auditing--Fall 2007 1-7 Cooperation n Economy n Efficiency n Effectiveness n Advantages for the external auditor n Increases external auditor client insight n Improves client relations n Rotates emphasis n Advantages for the internal auditor n Improves training n Source of additional work n Increases professional knowledge n Independent appraisal source n Compliance with SAS 65 and SAS 99

8 Operational Auditing--Fall 2007 1-8 SAS 65 n Defines roles n Defines function n Discusses competency & objectivity n Considers nature of the work n Discusses coordination n Guidelines for evaluation n Role of direct assistance

9 Operational Auditing--Fall 2007 1-9 SAS 99 n Auditor’s responsibility to detect fraud

10 Operational Auditing--Fall 2007 1-10 Typical Int. Audit Assistance n Design of control systems n Reduction of risk assessment n Reduction of substantive testing

11 Operational Auditing--Fall 2007 1-11 Create a Cooperative Bridge n Coordination n Risk assessment alert n Control system disclosure n Common sampling tools n Pooled IT knowledge n Different perspective n Constant general communication

12 Operational Auditing--Fall 2007 1-12 Participative Approach n Joint goals n Consultation n Joint authority n Open discussion re: findings n Open review of reports

13 Operational Auditing--Fall 2007 1-13 COSO n Committee of Sponsoring Organizations n FEI, ACIPA, IMA, IIA and AAA n Sponsored the Treadway Commission in 1987 n Issued guidelines for Internal Control in 1992: COSO Cube n Issued guidelines for Enterprise Risk Management in 2004: COSO 2

14 Operational Auditing--Fall 2007 1-14 COSO Control Objectives n Economy & efficiency of operations n Reliable financial and operational data and reports n Compliance with laws and regulations

15 Operational Auditing--Fall 2007 1-15 Control Objectives n Reliability and integrity of info n Compliance n Safeguarding of assets n Economical & efficient use of assets n Organizational attainment of goals & objs.

16 Operational Auditing--Fall 2007 1-16 Types of Control n Preventive n Detective n Corrective n Directive n Compensating

17 Operational Auditing--Fall 2007 1-17 Methods of Control n Organizational n Operational n Personnel n Review n Facilities

18 Operational Auditing--Fall 2007 1-18 Threats to Control n Management override n Open access to assets n Form over substance approach n Conflict of interest

19 Operational Auditing--Fall 2007 1-19 COSO Approach to Achievement n Sound control environment n Sound risk assessment process n Sound operational control activities n Are the processes working n Sound info & communications system n Effective monitoring

20 Operational Auditing--Fall 2007 1-20 Control Environment n Culture of integrity, ethics and competence n Overall mgt. philosophy n Proper authority & responsibility n Proper organization of resources n Proper training and development n Senior mgt. attention & direction

21 Operational Auditing--Fall 2007 1-21 Internal Audit Process n Auditee selection n Audit planning n Preliminary survey n Internal control review n Expanded testing n Develop findings & recommendations n Reporting n Follow-up n Post audit evaluation

22 Operational Auditing--Fall 2007 1-22 Control Self Assessment (CSA) n Methodology n Review and Identification n Key business objectives n Related risks n Mitigating controls

23 Operational Auditing--Fall 2007 1-23 CSA-History n Introduced by Gulf Canada in 1987 n Gulf used facilitated meetings

24 Operational Auditing--Fall 2007 1-24 Facilitated Meetings n Management and staff participate through interviews and polling n Objectives n Risks n Processes n Soft and/or informal controls

25 Operational Auditing--Fall 2007 1-25 General Methodology n Shared process n Assessment of internal controls n Evaluation of risks n Development of action plans n Assess the likelihood of achieving objectives n SJSU simulation

26 Operational Auditing--Fall 2007 1-26 General Approaches n Facilitated meetings--group workshops n Questionnaires--yes/no answers n Management analysis--self studies

27 Operational Auditing--Fall 2007 1-27 Uses n Self analysis for risk* n Selection of audit areas* n Internal control review* n Special projects n Soft control analysis * alternatives to the traditional approach to the I/A process

28 Operational Auditing--Fall 2007 1-28 Benefits n Increases I/A scope n Target review of high risk areas n Increases the effectiveness of corrective action n Builds team-oriented relationships

29 Operational Auditing--Fall 2007 1-29 What Is Storyboard Flowcharting? n New method for documenting a process. n Clean and simple flowcharting method. n Allows for clients and auditors to clearly understand process under review. n Simple technique that requires a good graphics package and a little imagination. n Can use Microsoft PowerPoint, Harvard Graphics, Corel Draw, etc. n Does not replace IS flowcharting.

30 Operational Auditing--Fall 2007 1-30 The Basics of Storyboard n Meet with client and document process. n Use your imagination to choose/draw picture. n Under picture write narrative for each step represented. n Be creative - good control narrative in green; poor controls in red. n Completed storyboard must be reviewed with client. n Make any changes necessary. n Final copy should be in color for most effective presentation. n Different process may require different approach.

31 Operational Auditing--Fall 2007 1-31 How to Storyboard Meet with client and document process. From client interview create storyboard. A A Print out story board - black and white draft and color for final. Review storyboard with client and obtain sign off.

32 Operational Auditing--Fall 2007 1-32 Start Customer Service Rep Receives Order Scan Form Into System Shipping Files Yellow Customer Service Rep Researches And Corrects Information Shipping Pulls And Packs Orders End By Phone? By Mail or Fax? On Standard Order Form? Shipping Sends Order and Green Copy (Invoice) Customer Service Rep. Key Enters Data on-Line Approved By Manager? Send to Special Order Department Print Three-Part Shipper Yellow and Green To Shipping Department Pink to Accounts Receivable Department YES NO YES Company XYZ Order-fulfillment process NO

33 Operational Auditing--Fall 2007 1-33 A A Customer Representative Receives orders by fax or mail. Receives orders by phone. Standard orders are scanned into system. Customer Representative enters order data on-line. A three-part packing slip is printed per order. Pink copy sent to accounts receivable department. Company XYZ Order-fulfillment process Packing slip approved by Manager. If not approved, returned to Customer Representative for correction Packing slip Yellow and green copy go to shipping department. Shipping pulls and packs orders. Yellow copy filed in shipping department. Green copy sent with order.

34 Operational Auditing--Fall 2007 1-34 Flowcharting Begin or End File Decide Document Activity

35 Operational Auditing--Fall 2007 1-35 Work Paper Purposes n Documentation of evidence n Audit execution and planning tool n Follow-up reference n Review facilitator

36 Operational Auditing--Fall 2007 1-36 Other W/P Factors n Ownership: the company n Preparation guidelines n Completeness & accuracy n Clarity & understandability n Legibility & neatness n Relevance n Attention to detail

37 Operational Auditing--Fall 2007 1-37 Sample Work Paper Heading Ref. Review T/M Legend: Source Purpose: Conclusions

Download ppt "Operational Auditing--Fall 2007 1-1 Establishing an I/A Function n Reporting structure n Mission statement/ role of dept. n Objectives n Department tone--teamwork."

Similar presentations

Internal Control and Control Risk

Internal Control and Control Risk
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Internal Control.

Internal Control.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Operational Auditing--Fall 2000 Control Self Assessment (CSA) 4 Methodology 4 Review and Identification –Key business objectives –Related risks –Mitigating.

Operational Auditing--Fall 2000 Control Self Assessment (CSA) 4 Methodology 4 Review and Identification –Key business objectives –Related risks –Mitigating.
Operational Auditing--Fall 2010 1 Operational Auditing Fall 2010 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2010 Professor Bill O’Brien.
Operational Auditing--Spring 2006 3-1 Internal Audit Process  Auditee selection  Audit planning  Preliminary survey  Internal control review  Expanded.

Operational Auditing--Spring Internal Audit Process  Auditee selection  Audit planning  Preliminary survey  Internal control review  Expanded.
Operational Auditing--Spring 2008 1 Operational Auditing Spring 2008 Professor Bill O’ Brien.

Operational Auditing--Spring Operational Auditing Spring 2008 Professor Bill O’ Brien.
Operational Auditing--Spring 2002 1 Accounting Business Skills “The What” 4 Business perspective 4 Organizational focus 4 Bias for action 4 Communication.

Operational Auditing--Spring Accounting Business Skills “The What” 4 Business perspective 4 Organizational focus 4 Bias for action 4 Communication.
Planning the Audit; Linking Audit Procedures to Risk

Planning the Audit; Linking Audit Procedures to Risk
Operational Auditing--Fall 2010 1 Operational Auditing Fall 2010 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2010 Professor Bill O’Brien.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Chapter 5 Risk Assessment: Internal Control Evaluation

Chapter 5 Risk Assessment: Internal Control Evaluation
Operational Auditing--Fall 2002 1 Work Paper Purposes 4 Documentation of evidence 4 Audit execution and planning tool 4 Follow-up reference 4 Review facilitator.

Operational Auditing--Fall Work Paper Purposes 4 Documentation of evidence 4 Audit execution and planning tool 4 Follow-up reference 4 Review facilitator.
Operational Auditing--Fall 2001 1 Establishing an I/A Function 4 Reporting structure 4 Mission statement 4 Objectives 4 Methodology & Operations.

Operational Auditing--Fall Establishing an I/A Function 4 Reporting structure 4 Mission statement 4 Objectives 4 Methodology & Operations.
IS Audit Function Knowledge

IS Audit Function Knowledge
Operational Auditing--Fall 2009 1 Operational Auditing Fall 2009 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
Operational Auditing--Fall 2009 1 Operational Auditing Fall 2009 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
Operational Auditing--Spring 2011 1 Operational Auditing Spring 2011 Professor Bill O’Brien.

Operational Auditing--Spring Operational Auditing Spring 2011 Professor Bill O’Brien.
Operational Auditing--Spring 2010 1 Operational Auditing Spring 2010 Professor Bill O’Brien.

Operational Auditing--Spring Operational Auditing Spring 2010 Professor Bill O’Brien.

Similar presentations

Ads by Google