1 / 36

Arising Importance of Audit due to Present Economic Developments

Arising Importance of Audit due to Present Economic Developments. Agenda. Definition an d Components of Internal Audi t International Standards and Regulations about Internal Audit Effects of Economic Crisis and Technologic al Development s

sohalia-bijoy
Télécharger la présentation

Arising Importance of Audit due to Present Economic Developments

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Arising Importance of Audit due to Present Economic Developments

  2. Agenda Definition and Components of Internal Audit International Standards and Regulations about Internal Audit Effects of Economic Crisis and Technological Developments New Trends and Changing Role of Internal Audit

  3. Definition and Components of Internal Audit 

  4. Definition of Internal Audit • Internal audit helps an organization to • accomplish its objectives by bringing • a systematic, disciplined approach to • evaluate and improve the effectiveness of • risk management, • control, • governance processes. • Internal Auditis an independent, objective assurance and consulting activity designed to add value and improve an organization's operations.

  5. Corporate Governance Corporate governance is a general system which promotes enterprise orientation and control structure. As generally accepted international corporate governance understanding involves; • Equality, • Transparency, • Accountability and • Liability.

  6. Risk Management Risk management is a process which satisfies appropriate transition or exchange between risk and yield and adds “value” to the organization. Risk management concerns all departments. TAKING NECESSARY ACTIONS IDENTIFICATIONOF RISKS PRIORITIZATION OF RISKS 2. Prioritization of Risk Probability of the Risk Severity of the Risk 3. Taking Necessary Actions Acceptance Transferring Controlling 1. Identification of Risks Defining the risks Measuring the risks Analysis the risks Reporting

  7. Internal Control Control is one of the actions which are taken to mitigate the effects of the risks in terms of; • Safeguarding of assets, • Compliance with laws, regulations, and aggrements, • Reliability and integrity of financial and operational information, • Effectiveness and efficiency of operations. Basic Control Activity Examples are; • Authorization Methods • Limit Applications • Decompositions of Tasks • Policy and Procedures • Task Descriptions and Responsibilities • Reconcilement Methods

  8. International Standards and Regulations about Internal Audit

  9. Regulations about Internal Audit Regulations in Turkey - 5411 numbered Banking Law - Arrangements of Banking Regulation and Supervision Agency (BRSA) - Arrangements of Capital Markets Boards Of Turkey International Regulations - Regulations by Basel Committee - Regulations by Professional Associations (IFAC, IICPA, etc.)

  10. Standards of Internal Audit A. ATTRIBUTE STANDARDS • Purpose, Authority and Responsibilities   • Independency and Objectiveness • Proficiency and Due Professional Care • Quality, Assurance and Improvement Program B. PERFORMANCE STANDARDS • Management of Internal Audit Activities • Quality of Work • Engagement Planning • Performing Engagement • Reporting Results • Observing Developments • Acceptance of Residual Risks by Management

  11. Attribute Standards Purpose, Authority and Responsibilities Purpose, authority and responsibilities of internal audit activities should be obviously declared in the charter which has to be approved by the Board of Directors. Independence and Objectivity • Organizational Independence • Individual Objectivity • Impairment to Independence or Objectivity Proficiency and Due Professional Care • Proficiency Requires the knowledge, skills and other competenciesneeded toperform individual responsibilities. • Due Professional Care The care and the skill expected of a reasonably prudent and competent internal auditor. Due professional care does notimply infallibility. • Continuing Professional Development Enhancement of knowledge, skills, and other competencies through continuing professional development.

  12. The Internal Audit Activity Management Performance Standards The chief audit executive must effectively manage the internal audit activity to ensure it adds value to the organization. • Planning • Communication and Approval • Resource Management • Policies and Procedures • Coordination • Effective reporting mechanisms in order to communicate with the Board of Directors, Internal Audit Committee and Top Management

  13. Engagement Planning Performance Standards • Engagement Objectives: Setting the engagement objectives, internal auditors should: • Identify and assess risks relevant to the activity under review and the engagement objectives must reflect the results of this assessment, • Consider the probability of significant errors, fraud, noncompliance, and other exposures when developing the engagement objectives. • Consulting engagement objectives should address risks, controls and governance processes to the extent agreed upon with the client. • Scope of Engagement: • The established scope must be sufficient to satisfy the objectives of the engagement. • The scope of the engagement must include consideration of relevant systems, records, personnel, and physical properties, including those under the control of third parties.  • Engagement Resource Allocation: Internal auditors must determine appropriate and sufficient resources to achieve engagement objectives based on a plan regarding the below mentioned issues: -an evaluation of the nature of engagement, -complexity of engagement, -time constraints, -available resources.

  14. Performing the Engagement Performance Standards Internal auditors must • identify, • analyze, • evaluate, and • document sufficient information to achieve the engagement's objectives. Recording Information • Internal auditors must document relevant information to support the conclusions and engagement results. • Thus, it would be beneficial that the Internal auditors prepare working papers.

  15. Communication of theEngagement Results Performance Standards INTERNAL AUDIT Observations about Board of Internal Audit AUDIT COMMITTEE Periodic Activity Report BOARD OF DIRECTORS BRSA (BDDK) Annual Report and Observations

  16. Monitoring Progress Performance Standards • There are some tasks that each Chief Audit Executive (CAE) is expected to satisfy. These are as follows: A CAE; • Must establish and maintain a system to monitor the disposition of results communicated to management, • Must establish a follow-up process to monitor and ensure that management actions have been effectively implemented, • Or that senior management has accepted the risk of not taking action (defined as residual risk).

  17. Effects of Economic Crisis and Technological Developments

  18. October 07 January 08 June 08 September 08 • Important Corporations Which are Negatively Affected and Failed

  19. Developments After Crisis • What's Expected? • Reconstruction of the Global Banking System • Canonical market economy instead of Free Market Economy– Establishing New Audit/Control System, • Elimination of Weakness of Risk Management, • The Development of Credit Rating Agencies Applications • New Regulations and Regulatory Institutions in Financial Markets

  20. Developments After Crisis • Increment Severity of Audit • Differentiation of Audit methodologies • Monitoring Audit Results • Attribution and Adequacy of Auditors Worldcom Wrong accounting records more than 9 million $ Enron The greatest bankrupt in USA. Tyco International Presented 400 million $ more than real figures of 2002. Société Generale 4,9 million Euro Tresury Transactions

  21. Developments After Crisis • Lessons to Take • Risk must be “respected”.Risk management function should be seen equally with other functions in Banks, and not be described as a ‘back office’ function. • Risk analysis is an important part of modern risk management. On the other hand, models all alone are not sufficient. • There may be limits to regulations. • If the level of exaggerated debts seem to be good in an unbelievable way then it is really unbelievable. U.S.A banks owned tools which they used mainly to remove their credits from their balance-sheets, explained their leverage ratios to 600 to 1. • Accounting change everything. The accounting of the credit assets in accordance to their market value (mark to market) increased the volatility in reported losses nearly 50 percent during the depression period. Accounting is accounting. There should not be any creative accountancy. • Activity of Audit is as effective as its results. • Volume based bonuses redoubles the risk appetite.

  22. Questions to be Answered • Rating Agencies • What are the standard method for working and decision-making? • How transparent and accountable are they? • How objective are their approaches and reviews? • Who checks these organizations and their reports globally and locally?

  23. Questions to be Answered Market Risk Credit Risk Operational Risk • Risk Management and Risk Management Models • How proactive is risk management? • Was the risk management located in the right position within the bank? • Risk Management Models • How applicable are they? • How accurate are they? • Are control and measurement methods sufficient? The Basel II regulations on capital adequacy did not produce the needed effect on Banks to hold enough liquidity. Northern Rock and Bradford & Bingley did cover the requirements related to “capital”, but it did not prevent them from bankruptcy. (The Independent)

  24. Questions to be Answered • Audit Principles • Internal Audit • Independenct? • Sanction Power? • Risk Oriented? • Qualitative Adequacy? • External Audit • Regulations? • Standards?

  25. Questions to be Answered • Board of Directors and Top Management • Volume Focused Bonuses • Audit Committee Acts • Functions of Independent Members of the Board • Corporate Governance

  26. New Trends and Changing Role of Internal Audit

  27. New Trends in Audit • Risk Oriented Audit • Continuous Audit and Supervision • Information System (IT) Audit

  28. Risk Oriented Audit Concept • Identify • Assess • Measure • Monitor AUDIT PLAN RISK Risk Oriented Audit The reasons stated below have effects on working principles of internal audit departments. Risk oriented audit becomes acceptable based on these reasons; • Resources for audit activities are scarce. • Brand new risks may evolve in audited fields. • Activities involve relatively different severity levels. Purpose: Transferring Resources of Audit to Most Risky Areas!

  29. Continuous Audit and Supervision Deriving benefits from IT, • Continuous supervision of processes, • Immediate auditfollowing thetransaction, • Early warning system before the risk is materialized.

  30. IT Audit • Information Systems (IS) provide more effective works with less errors, so it causes more addiction to IS. Important processes flow onIS. • IT systems are vulnerable to many risks: • Authentication • Non-deniable • Data Integrity/Consistency • Data Confidentiality (Privacy) • Business Continuity • Compliance toRegulations

  31. IT Audit Standards COBIT (Control Objectives for Information and Related Technology) is an IT Management and Audit Model and legislatively accepted standard in IT Audits in Turkey. • CMMI: Software Development Process Standards • ISO: Service/Service Management Standards • ITIL: Information/System Security Standards • Service/Service Management Standards

  32. TRADITIONAL Detection Functional Including whole Once Partial Changing Approaches in Audit MODERN • Prevention • Processbased • Risk oriented • Continuous • Integrated

  33. Audit Certifications

  34. QUESTIONS???

  35. Thank You...

More Related