Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Internal auditing is a catalyst for improving an organization's effectiveness and efficiency by providing insight and recommendations based on analyses and assessments of data and business processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Internal auditors are employed by organizations to perform the internal auditing activity.
The scope of internal auditing within an organization is broad and may involve topics such as the efficacy of operations, the reliability of financial reporting, deterring and investigating fraud, safeguarding assets, and compliance with laws and regulations.
Internal Audit Department Objectives
The objective of the Internal Audit Office is to assist members of the organization in the effective discharge of their responsibilities by providing the organization with analyses, appraisals and information concerning the activities reviewed. The attainment of this overall objective includes but is not limited to the following activities:
Reviewing and appraising the soundness, adequacy and application of the accounting, financial and operating controls that comprise the internal control system.
- Ascertaining the extent of compliance with established policies, procedures and applicable laws and regulations;
- Determining the extent to which the Office assets are accounted for and safeguarded from losses of any kind;
- Reviewing the adequacy of information technology security and internal controls;
- Ascertaining the reliability of management data developed and reported within the Office;
- Reporting the results of audits in a timely manner;
- Appraising the effectiveness and timeliness of management's corrective action plans.
Audit Process Overview
In conducting audits we follow a systematic approach consisting of a series of well-defined phases that are designed to achieve specific objectives and each phase is dependent upon results of the preceding phase:
Risk Assessment and Audit Plan:
The assessment will evaluate the impact and likelihood of risk occurrence and selecting areas to be audited accordingly.
Planning & Work Program
Gain an understanding of the activity, process, or function under review and identify objectives, risks, and audit steps to be performed during the audit engagement.
Activities include detailed testing, analysis and gathering of adequate evidence to support or refute preliminary findings or conclusions drawn during the audit.
Audit Report and Communicating Results:
Consist of presenting preliminary findings in the early stages of the audit, to a more formal listing of observations and recommendations in a Draft Audit Report to the Auditee; prior to a Final Audit Report for the Permanent Secretary and the Audit Committee.
Audit Follow-up and Resolution:
Provide an effective means to ensure recommendations and corrective action plans are implemented and the desired results are achieved.