Please enable JavaScript.
Coggle requires JavaScript to display documents.
nature of internal audit work (the COSO framework and the internal control…
nature of internal audit work
Governance- risk control professional guidance
2100 Nature of work
2110 governance
internal audit activity must assess and make appropriate recommendations to improve the organisational processes
2120 risk management
the internal auditor must evaluate the effectiveness and contribute to the improvement of risk management processes
2130 control
the internal audit must assist the organisation in maintaining effective controls by evaluating their effectiveness and by promoting continuous improvement
the importance of internal control
what is internal control
now the IIA and IPPF diffing internal control as any action taken by management, the bought and other parties to manage risk and increase the likelihood that established objective and goal will be achieved
the objective of internal control
operational objectives
effectiveness and efficiency of operations
safeguarding af assets
reporting objectives
financial and non-financial reporting
internal and external reporting
reliability, timeliness,transparency
compliance objectives
compliance with law, regulations and contracts
control in the information technology environment
general controls
it relate to IT as a whole ,they are software operates
application controls
a detailed discussion of controls in an IT environment and auditing in an IT environment will take place later
the COSO framework and the internal control process
control environment
philosophy and style of management
planning
organising
directing
controlling
organisational structure (hierarchy)
the organisational structure should be suitable for that type of organisation
grouping of activities
method used to communicate task and responsibilities to personnel
organisation policy
assignment of responsibility
job description
computer system
organisational code of ethics
memorandum from senior managers
human resources manager
the appointment and evaluation of personnel
personal scheduling
regular rotation of duties, within limits
career path possibilities
formalization of personnel practices
risk assessment
management's responsibility as they should initiate plan, programmes and actions to address risk identified or decide to accept the risk
control activities
classication of internal control activity
preventive controls
detective controls
corrective controls
types of internal control
segregation of duties
proper authorization of transaction and activities
adequate documents and records
safeguarding of assets and information
independent checks
information and communication
the information from top management to staff must be clear and arrive in time
monitoring
the internal control structures need to be monitored process that assesses the quality of the performanse overtime
responsibility for internal control
the responsibility of manager
is to resides with the board of directors of an organisation
the function of the external auditor
is to express an opinion on the reasonableness of financial statements
the function of internal audit
advantage and limitations of internal control
advantage of internal control
achive its goal for profitability and outputs
prevent resource losses
promote reliable financial reporting
ensure compliance with legislation and regulations
limitations of internal control
ensure an organisation's success
ensure the reliability of financial reporting and comoliance withj legislation and regulation