Debriefing of IA Work

8/8/2019 Debriefing of IA Work

http://slidepdf.com/reader/full/debriefing-of-ia-work 1/16

DEBRIEFING OF IA WORK



-Internal auditing activity is primarily directed atimproving internal control of the entity as a

whole (every Business Units).

IA Primary Role



Control that leads to:

-Effectiveness and efficiency of operations.

-Reliability of financial reporting.

-Safeguarding of assets.

-Compliance with laws and regulations.

*Note: Internal Control is established and conducted bythe management and personnel of each business unit,and it will be evaluated and tested by IA.

Internal Control



Basic Nature of IA Activities

1. Establish and communicate thescope and objectives for the auditto appropriate management.

2. Develop an understanding of the

business area under review. Thisincludes objectives, measurements,and key transaction types. Thisinvolves review of documents andinterviews. Flowcharts andnarratives may be created ifnecessary.

3. Describe the key risks facing thebusiness activities within the scopeof the audit.

4. Identify control procedures usedto ensure each key risk and

transaction type is properly

controlled and monitored.

5. Develop and execute a risk-basedsampling and testing approach todetermine whether the most

important controls are operatingas intended.

6. Report problems identified andnegotiate action plans withmanagement to address theproblems.

7. Follow-up on reported findings atappropriate intervals. Internalaudit departments maintain afollow-up database for thispurpose.



-Preventive Control- Job description

- FAR (Fixed Asset Register)

- Organization chart

- Authorization level

- MIS (Management InformationSystem) ... etc.

-Detective Control- Account review

- Account reconciliation

- FA count,... etc.

-Corrective Control- Report and feedback to errors

Control Activities



-Business performancereview

-Application control,

Input and output control

-Segregation of duty

-Reconciliation

-Physical control-Training

-Policies/Procedures,

...etc.

More Control Activities



-Occurrence-Completeness

-Accuracy

-Cut-off

-Classification

-Existence

-Valuation

-Right and obligation-Allocation

-Understandability

Control/Financial Assertion



Audit Approach: Top-Down

Top Management

Middle Management

Staff



Audit Approach

Senior Managements/Board

Deep understanding of the

business and risks

Department Heads

Operations

Transaction Processing

Further comfort

Perform validation of controls

and assertions

Derive comfort from the

way seniormanagement manage

the business



1. Scope and Objectives



1. Expectation (Business/Entity Objectives)1. Strategic, Operational, Financial, and Compliance Objectives. Theobjectives and strategies and the related business risks that mayresult in a material misstatement of the financial statements.

2. Plan (Business Plan)1. Measurement and review of the entity's financial performance.

3. Requirement from Head Office/Others1. Industry, regulatory, and other external factors, including the

applicable financial reporting framework.

2. Nature of the entity, including the entity's selection and applicationof accounting policies.

3. Internal control.

2. Understanding



-Inquiries of management and others within theentities

-Analytical procedures

-Observation and inspection

3. Risk Assessment



3. Risk Assessment (Cont)

Business Risk

BusinessObjective

Audit Risk

Entity Lvl.

Account Lvl.

TransactionLvl.

Key RiskKey Risk Key Risk



1.

Business Risk1. Risk that prevents the entity from achieving its business/entityobjectives .

2. Audit Risk (Risk of Fraud & Errors)1. Inherent Risk.

2. Control Risk.

3. Detection Risk.

3. Key Risk

*Note: Audit Risk is Business Risk

3. Risk Assessment (Cont)



Arrangement with other

Managements and Staffs

Debriefing of IA Work

Documents

Transcript of Debriefing of IA Work