This course is a premium course it can be accessed either by individual purchase or through a premium subscription
These documents are ancillary to the Internal Controls certificate program and are to be used as guides for internal controls and internal audit.
This section provides a few templates and information sheets that can be utilized and refined. It is important to note that these tools should NOT be used as a simple check-list. They must be appropriately tailored to your organization. They are being provided to assist participants in brainstorming and developing the proper documentation needed to comply with the legislation. They include:
Introduction
Individuals who have performed the chief audit executive (CAE) role can most likely compile a never-ending list of lessons learned from the experience. It can be beneficial to reevaluate those lessons at various crossroads in an individual career and share the experiences with others who may be considering a similar role. Through the act of sharing and identifying lessons learned, individuals who continue to pursue internal audit as a profession can assist in the advancement of the role of the internal auditor in today’s business.
SECTION-1: Lessons Learned
The poem by Robert Fulghum titled “All I Really Need to Know I Learned in Kindergarten” provides an analogy of how the simplistic concepts learned in kindergarten can be applied within everyday life. These concepts extend past personal lives into business and government. The poem recites simple learnings such as “share every- thing,” “play fair,” “clean up your own mess,” and many other factors of leading a balanced life. The poem even speaks to the need to “hold hands when you go out in the world, watch out for traffic, and stick together.”
Lesson 1: Clarify/Define Management Expectations for Internal Audit
Not everyone sees things in the same light or recognizes concepts that may seem clearly outlined. It is important to make sure management and the internal audit team work together and are on the same page of the handbook when working through depart- mental responsibilities and expectations.
Lesson 2: Balance Management Expectations with the International Institute of Auditors Standards
Internal auditors understand the purpose and intent of the Standards. However, it is not unusual for management to have varying views that may conflict with the internal auditor’s professional obligation to the Standards. The concept of playing fair correlates to ensuring that the Standards are not used as a bat or whipping stick when working to get management on the same page as the auditors. Keep in mind that the Standards are not laws; they are professional guidelines. The entire organization must understand the importance of playing fair and according to the guidelines of the profession.
Lesson 3: Validate the Internal Audit Charter as Fact and Not Fiction
Internal auditors are accustomed to clarifying and documenting. We look to leading practice to guide us on the procedures most relevant to apply. We often utilize leading practice documents when developing departmental protocols and documents like charters. However, it is important to look at departmental charters periodically to ensure that the elements listed are executable and true in fact. Elements that appear in a charter that are not relevant to the organization or that could never be executed given the current structure may actually put the organization at greater risk.
Lesson 4: Clarify the Purpose and Execution of Risk-Based Auditing
Make sure that management and internal audit are on the same page concerning concepts and the need for a true risk- based audit approach.
Lesson 5: Define “Independent Risk Assessment” in Relation to the Audit Plan
Everyone sees things in a distinct and separate manner. Similarly, the concept of independent risk assessment may be viewed differently by each company, management, and internal audit function. It is important to clarify the concept of independent risk assessment to ensure a consistent organizational understanding and application.
Lesson 6: Add Value While Maintaining Independence
The concepts of independence are complicated, and it is important to remember to play fair when executing responsibilities.
Lesson 7: Serve the Audit Committee
In this instance, the responsibility of serving the audit committee can be correlated to almost every lesson outlined in Robert Fulghum’s poem. When serving the audit committee, auditors should employ all aspects of playing fair, sticking together, taking responsibility for their own actions, and learning when and how to appropriately communicate the aspect of cleaning up messes. As a challenge, internal auditors should revisit the poem and link individual responsibilities and challenge areas to components outlined in the kindergarten rules. Think simplistically. Everything can be translated into everyday life.
Lesson 8: Communication of Issues When Management Objects
Communication is an art. Be cognizant of how communication is perceived especially when others are not in full agreement. Gaining agreement and acceptance or sticking together will take you much further than fighting over irrelevant issues.
Lesson 9: Understand How the CAE Role and Audit Department Are Viewed
Internal auditors understand the role of the CAE as defined by professional Standards. However, it is important to “balance” our perceptions and how we execute the role with the manner in which management and the audit committee view the role. In essence, ensure that you are “living a balanced role.”
Lesson 10: Gaining a “Seat at the Table”
To gain the perennial seat at the table, the CAE must build strong relationships with management that include developing trust and respect. It is important that internal auditors stick together and understand the professional Standards to enable proper communication of requirements and expectations to management. Through holistic application of the Standards by all CAEs, internal auditors will be able to more readily gain the coveted seat at the table. However, absent CAEs sticking together and abiding by the Standards, management will continue to view the profession as one in which they can dictate the acceptance of guidelines.
SECTION-2: Is It Legal or Is It Ethical? The CAE’s Dilemma
Introduction
The phrase “Is it legal or is it ethical?” can be a mini mantra of the internal audit function. Auditors will sometimes describe the dilemma when identifying a control gap that legally may be accept- able but morally may not. Many professions have their own code of conduct. The code is established to ensure that professionals follow proper morals and behavior as expected in their roles. Lawyers, doctors, certified public accountants, as well as other professional roles have detailed codes of conduct. The IIA has defined a code of ethics for the profession. The code states the principles and expectations governing the behavior of individuals in the conduct of internal auditing. It also describes the minimum requirements for conduct and behavioral expectations. But the ethical line is not always a black-and- white demarcation. In addition, legal implications can impact how gray the line may appear.
Lessons of an Auditor can be download here:
https://www.crcpress.com/go/internal_audit_and_it_audit?utm_medium=email&utm_source=EmailStudio&utm_campaign=B190507996+-+20190926_140042_3573645
Learning Objectives
- Identify how to clarify management expectations for internal audit.
- Explore how to balance management expectations with Standards.
- Discover how to validate that the internal audit charter is fact, not fiction.
- Identify how to clarify the purpose and execution of risk-based auditing.
- Recognize “independent risk assessment” when developing the audit plan.
- Discover how to add value while maintaining independence.
- Explore how to serve the audit committee.
- Identify how to clarify issues when management objects.
- Discover how the CAE role and the internal audit department are viewed by the company.
- Recognize hot to gain a “seat at the table.”
Included In Certifications
This course is included in the following Certification Programs:
32 CoursesInternal Controls and Internal Audit Certification
- Internal Audit Standards Overview
- Managing the Internal Audit Function in Line with GIAS - Part 1
- Managing the Internal Audit Function in Line with GIAS – Part 2
- Managing the Internal Audit Function in Line with GIAS – Part 3
- Executing the Internal Audit Engagement in Line with GIAS – Part 1
- Executing the Internal Audit Engagement in Line with GIAS – Part 2
- Identifying and Implementing the Proper Balance of Internal Controls
- Documentation Methods For Internal Control Processes
- Segregation of Duties for Core Business Processes
- Foundations for a Strong Internal Audit Department
- Internal Audit Management - Top Skills
- Internal Audit: Keys to Managing an Effective Function
- Understanding Risk-Based Auditing
- Risk Based Auditing – Establishing a Methodology
- Risk Based Auditing – Applying the Methodology
- Cyber Risk Frameworks And Concepts
- Information Technology (IT) Controls in Emerging Business Environments
- Fraud Risk Assessments
- Professional Skepticism - Keys to Maintaining
- Introduction to Forensic Accounting
- The Fraud Triangle
- Internal Audit Effective Relations with the Audit Committee
- COSO 2013 Overview
- COSO 2013 - Operational Execution
- Internal Audit Emerging Risks for 2021 and Beyond - Part 1
- Internal Audit Emerging Risks for 2021 and Beyond - Part 2
- Internal Audit Emerging Risks for 2021 and Beyond - Part 3
- Internal Audit Emerging Risks for 2021 and Beyond - Part 4
- Internal Audit Challenges During Times of COVID
- Global Internal Audit Standards (GIAS) - Overview and Contrast to 2017 International Professional Practices Framework
- Tools for Internal Control Certificate
- Lessons of an Auditor- Tools for Internal Control Certificate
2 Reviews (7 ratings)
Reviews
Prerequisites
- No advanced preparation or prerequisites are required for this course.