Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Differing Roles of Internal Auditor and Risk.

Published byJudith Morton Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Differing Roles of Internal Auditor and Risk."— Presentation transcript:

1 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Differing Roles of Internal Auditor and Risk Management in ERM Advisory Lee Min On, Partner 10 April 2007 Lee Min On, Partner 10 April 2007

2 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 2 Overview Risk and risk management defined Responsibility for risk management What internal audit is and role of internal auditor Can the internal auditor take on the role of a risk manager? Questions and comments

3 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 3 Risk “Anything that has the potential to prevent an organisation from achieving its objectives” Risk Risk Management “The identification, measurement & control of risks that impact the assets and earnings or essential services of an organisation” Risk Management “The identification, measurement & control of risks that impact the assets and earnings or essential services of an organisation”

4 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 4 Risk management - paraphrased Paraphrased from ERM integrated framework - COSO Appropriate balance between opportunities for gain while minimizing loss arising from risk identified Achievement of corporate objectives through strategy setting A process effected by the Board

5 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 5 Risk management philosophy Assurance to stakeholders Stakeholders Board Management Employees Risk profile Issues to emerge Current risk profile Action plans Establish structured risk management system Ensure accountability Risk aware culture Risk management -Policy -Philosophy Responsibility for risk management

6 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 6 Internal audit as defined assuranceconsulting Activity that provides independent, objective assurance & consulting services Designed to add value & improve an organization’s operations Helps organization accomplish its objectives by: - bringing a systematic & disciplined approach - to evaluate & improve - effectiveness of risk management, control & governance process International Standards for the Professional Practice of Internal Auditing, IIA

7 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 7 Role of internal auditor Risk management? Control process Governance process Assurance services Consulting services

8 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 8 Involvement of IA in risk management Assurance role: Assurance role: Examining, evaluating, reporting and recommending improvements on: adequacy and effectiveness of Management’s risk processes; and control measures that can be considered by Management to address risks as identified Consulting role: I Consulting role: Identifying, evaluating & implementing risk management methodologies and controls to address those risks

9 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 9 Drawing the “boundary” Assurance role - compliance Consulting role - advisory Risk owner – management of the risk identified (deployment of specific controls to treat the risk) The Great Divide

10 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 10 Drawing the boundary (cont’d) Some pertinent thoughts Does organization size matter? What about cost/benefit consideration? Threat of self review? Role of Risk Officer

11 © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 11 In conclusion Ideally, the risk management function should be separate from the internal audit function If internal auditor is roped in for risk management, a clear line has to be drawn between advisory and ownership of risk Avoid self-review threat that mars objectivity! Can the internal auditor take on the role of a risk manager?

12 The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. © 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. Presenter’s contact details Lee Min On KPMG +60(3) 20953388 (Ext 8401) minonlee@kpmg.com.my www.kpmg.com.my Presenter’s contact details Lee Min On KPMG +60(3) 20953388 (Ext 8401) minonlee@kpmg.com.my www.kpmg.com.my

Download ppt "© 2007 KPMG, the Malaysian member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Differing Roles of Internal Auditor and Risk."

Similar presentations

AUDIT INTERREG LP Seminar on Financial Management and Auditing: Financial Reporting from auditors perspective Kirsi Toivanen Manager, Audit Turku, Finland.

AUDIT INTERREG LP Seminar on Financial Management and Auditing: Financial Reporting from auditors perspective Kirsi Toivanen Manager, Audit Turku, Finland.
1 K P M G L L P A D V I S O R Y Changes in the IT Audit Profession Stephen G. Hasty, Jr. National Partner in Charge IT Advisory Savannah, GA January 4,

1 K P M G L L P A D V I S O R Y Changes in the IT Audit Profession Stephen G. Hasty, Jr. National Partner in Charge IT Advisory Savannah, GA January 4,
Organizational Governance

Organizational Governance
Els Hostyn Partner Internal Audit, Risk & Compliance Services Forensic 13 October 2009 FORENSIC ADVISORY Internal Audit and other assurance providers.

Els Hostyn Partner Internal Audit, Risk & Compliance Services Forensic 13 October 2009 FORENSIC ADVISORY Internal Audit and other assurance providers.
PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.
Driving change in information risk within the financial services industry Subtitle Date.

Driving change in information risk within the financial services industry Subtitle Date.
A clear and compelling business case… …for the individual

A clear and compelling business case… …for the individual
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
©2009 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Business Combinations: What you need to know about.

©2009 KPMG LLP, the U.S. member firm of KPMG International, a Swiss cooperative. All rights reserved. 1 Business Combinations: What you need to know about.
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.

Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
Start-ups & big business Competition or competitive advantage? Imperial Business Insights Lecture 13 February 2014.

Start-ups & big business Competition or competitive advantage? Imperial Business Insights Lecture 13 February 2014.
Institute of Operational Risk Breakout Session - Operational Risk Nirvana KPMG Giles Triffitt Peter Watson Peter Docherty 1 November 2013.

Institute of Operational Risk Breakout Session - Operational Risk Nirvana KPMG Giles Triffitt Peter Watson Peter Docherty 1 November 2013.
KPMG CEE AUDIT / TAX / ADVISORY / LINE OF BUSINESS CEE Real Estate Capital Markets “Dense Clouds, No Rain” George Leslie Director Advisory Head of Special.

KPMG CEE AUDIT / TAX / ADVISORY / LINE OF BUSINESS CEE Real Estate Capital Markets “Dense Clouds, No Rain” George Leslie Director Advisory Head of Special.
What is Risk Management? Whose responsibility is it in your institution? Mark Weatherley.

What is Risk Management? Whose responsibility is it in your institution? Mark Weatherley.
Increasing customer value through effective security risk management

Increasing customer value through effective security risk management
External auditors’ perspective

External auditors’ perspective
The Role of the Internal Audit Department

The Role of the Internal Audit Department
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit

Similar presentations

Ads by Google