IIA has designed an examination to grant the designation of CIA (Certified Internal Auditor), covering the following topics:
Part I - The Internal Audit Activity's Role in Governance, Risk, and ControlGovernance is the overall elements that affect the company decision making process including how to achieve the established objectives and determine the relations with all related parties such as senior management, shareholder, employee and others.
Risk is the threats that might affect the company of not being able to achieve its objectives. Controls are the activities established by the management to ensure that the objectives will be achieved with respect to the accepted amount of risk.
Internal audit role is to provide reasonable assurance that the company objectives will be met. However, this role should be defined and communicated to the related party through the audit charter.
The importance of this topic for the internal auditor is come from the fact that the internal auditor is part of the governance process through the audit charter, provide opinion in the company risk assessment process, and ensure that the control activities have been established and being followed.
Part II - Conducting the Internal Audit EngagementThe role of the Internal audit Department will be defined in the governance process, thereafter the Department should move to next stage which is to established and execute the internal audit activities.
The importance of this topic is that the internal auditor should conduct the engagement based on the "The International Standards for the Professional Practice of Internal Auditing".
Part III - Business Analysis and Information Technology
This topic describes the business skills and technical knowledge required by the internal auditor in order to be able to execute the internal audit engagement.
For example, the internal auditor should have considerable knowledge in the accounting where as he might be required to have only awareness in other field such as environmental control aspect.
The importance of this topic to the internal auditor is to obtain the required business skill and knowledge to be able to perform the required level of business analysis to understand the industry that he is auditing.
Part IV - Business Management Skills.This topic covers different subjects in the management filed such as marketing strategies, conflict management, international business and several management terminologies. Further, it explores a sort of managerial skills that required for the internal auditor to help him in different managerial aspects.
The importance of this topic for the internal auditor is that, he should have the awareness about the subject raised in this topic.
Saturday, May 12, 2007
Internal control
Internal control
It is the process of providing reasonable assurance on that the organization goals and objectives will be achieved.
The COSO definition of internal control:
"Internal control is a process, affected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives".
The COSO definition of internal control:
"Internal control is a process, affected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives".
The IIA's definition of internal control:
"Any action taken by the management, the board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved."
"Any action taken by the management, the board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved."
It obvious that Internal control is affected by three main elements;
1- People;
2- Activities; and
3- Reasonable assurance.
1- People are the most important element in the control foundation. People may directly or indirectly affect the control process.
1- People;
2- Activities; and
3- Reasonable assurance.
1- People are the most important element in the control foundation. People may directly or indirectly affect the control process.
Direct affect such as managemnet and employee. However, management is responsible to establish the mechanisms and activities for an effective internal control, employees in the organization are responsible to ensure applying the management control. Indirect people included suppliers and customers.
2. Management activities of effective internal controls range from operational to financial activities it might included:
2. Management activities of effective internal controls range from operational to financial activities it might included:
- safeguard the company resources;
- produce reliable financial reports;
- comply with laws and regulations;
- reduces the possibility of significant errors and irregularities and;
- assists in their timely detection when they do occur.
3. Reasonable assurance: Internal Control Provides Reasonable Assurance, Not Absolute Assurance. It is also a high of confidence by management that the objective of the company will be met.
Reasonable assurance is affected by:-
cost and benefits
Factors outside the control or influence of management can affect the entity’s ability to achieve all of its goals
Materiality
Subscribe to:
Posts (Atom)