Please enable JavaScript.
Coggle requires JavaScript to display documents.
Assurance auditing
an obj examination of evidence for the purpose of…
Assurance auditing
- an obj examination of evidence for the purpose of providing an independent assessm on gov, risk mgt, and ctrl process for the org
- provide reasonable assurance
whether org goals are being
accomplished
scope of work
Financial audit
- look at historical data
- whether fin info was properly recorded
and adequately supported
- f/s assertion - fair, accurate, reliable
Operational audit
- look at the process
- reviewing cycles - revenue, exp, treasury, fin reporting, etc.
- obj: ensure tran are properly authorized, recorded, classified, reported
Compliance assurance
- to assess the conformance with
established laws, std, regulations, policies
IT assurance
- to assure the integrity of info
Assurance providers
- mgt - laws and regulations,
quality assurance, self-assessment
- BOD - through IA function
- external - through independent EA,
gov regulators, ISO
-
-
Info Security Auditing
assess risks, monitor the implementation of corrective action, evaluate controls
IA activity:
- consult capacity by identifying security issues
by working with users of info system, with system personnel to devise and implement ctrl
- evaluate compliance with privacy laws and regulations
- work closely with senior mgt and board - performance of gov function
-
-
Privacy auditing
IA may
- facilitate the developm and implementation of the privacy program
- evaluate mgt's privacy risk assessm
- assurance service regarding the effectiveness of privacy framework
IA identifies
- personal info gathered
- collection method
- use of info is in acc with intended use
and applicable laws
Compliance audits
IA responsibilities:
- evaluate risk exposures relating to gov, operations and info system
with regard to Compliance and the adequacy and effectiveness of ctrl
- evaluate an org's regulatory compliance program (preventing non-compliance act)
- follow-up and report on mgt's response to regulatory body reviews
- consult legal counsel in all matters involving legal issues
Mgt
- org std and procedures - reducing the probability of criminal conduct by its employees and other agents
- reporting - compliance personnel - access to senior mgt, Chief Compliance Officer
and report directly to CEO
- applicant screening - inquire abt criminal convictions/ discipline by licensing boards
- communication - std and procedures - through training programs and publication s
- training - new employees - basic compliance training, other - certify periodically
- monitoring and reporting - whistleblower
-