The Standard states: Show Internal auditors must develop and document a plan for each engagement, including the engagement’s objectives, scope, timing, and resource allocations. The plan must consider the organization’s strategies, objectives, and risks relevant to the engagement. The organisation’s Internal Audit Manual (IAM) should provide suitable working guidance in respect of the expected internal process to be followed by the team when planning any audit. The IAM should also provide any standard documentation templates which the team are expected to utilise when performing their work. In practice what processes are key to demonstrating that the Chief Internal Auditor (CIA) has considered the organisation’s strategies, objectives and risks when planning an engagement’s scope and resources? The CIA will already have performed or overseen the performance of the Audit Needs Assessment (ANA) and resulting Internal Audit Strategy (IAS); this provides the starting point. Thereafter, when planning an individual assignment:
Planning of audit assignments, their scope and resources directed to them is incredibly important; failure to give this stage suitable consideration could devalue the entire audit process, impact negatively upon relationships with auditees, jeopardise the quality of the end product, value derived from our input and ultimately the assurance we are able to provide back to Executive and Board. Clearly documenting the planned audit scope, testing, resources and timeframes provides a benchmark against which to monitor the execution of our work, demonstrate we have discharged our responsibilities and reflect upon to improve our service moving forward. Core Evidence Demonstrating Compliance
The CIA should ensure that risk assessment is clearly evident throughout Strategic and Assignment Planning. Whilst the Strategy provides the justification for the prioritisation of the audit, the Brief provides the specific scope and objectives of the review immediately prior commencement to ensure that it is focused upon current risks as they present themselves at that moment, recognising that the environment may have moved on since the development of the Strategy. Ideally, the Brief should follow a consistent agreed upon format, following any guidance within the IAM; capturing both audit and management’s view of the risk and control environment. Formal acceptance of the Brief and any amendment to scope will help minimise the risk of any expectation gap. The Brief provides the auditor with the ‘plan’ against which audit quality and resources will be subsequently monitored. What is an internal audit engagement objective?The objective is to provide an independent assessment on governance, risk management, and control activities on the processes of an organisation by an impartial and objective examination of evidence.
What do you need to consider when planning an internal audit engagement?Planning internal audit engagements involves considering the strategies and objectives of the area or process under review, prioritizing the risks relevant to the engagement, determining the engagement objectives and scope, and documenting the approach.
What are the main objectives of internal audit?The main purpose or objective of an Internal Audit comes as the provider of objective information to the upper management, government bodies, etc. Such objective information includes that of the control over the environment, risks for the organization, and much more.
Which of the following is an appropriate statement of an engagement objective?Which of the following is an appropriate statement of an engagement objective? To determine whether inventory stocks are sufficient to meet projected sales.
|