1:Internal Audit Operations Flashcards
(41 cards)
Define the role of governance as it relates to the internal audit activity.
To inform, direct, manage, and monitor the activities of the organization toward the achievement of its objectives.
Define risk management as it relates to the internal audit activity.
A process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization’s objectives.
Define control as it relates to the internal audit activity.
Any action taken to manage risk and increase the likelihood that established objectives and goals will be achieved.
Reasonable assurance that objectives and goals will be achieved is the responsibility of
Management.
Who is responsible for guiding governance processes?
Who is responsible for guiding governance processes?
Define compliance.
Adherence to policies, plans, procedures, laws, regulations, contracts, or other requirements.
Who evaluates the controls regarding compliance?
The internal audit activity.
What is the difference between efficient performance and economical performance?
Efficient performance
Accomplishes objectives in an accurate, timely, and economical fashion
Economical performance
Accomplishes objectives with minimal use of resources proportionate to the risk exposure
Reasonable assurance is achieved when
The most cost-effective measures are taken in the design and implementation of controls to reduce risks and restrict expected deviations to a tolerable level.
What are the two basic types of internal audit engagements?
Assurance services
Consulting services
Define the purpose of assurance services.
To provide an independent assessment on governance, risk management, and control processes for the organization.
Define consulting services.
Advisory and related client service activities intended to add value and improve an organization’s governance, risk management, and control processes.
Performance Standard 2100, Nature of Work, states, “The internal audit activity must . . .”
“evaluate and contribute to the improvement of the organization’s governance, risk management, and control processes using a systematic, disciplined, and risk-based approach.”
Define control processes.
The policies, procedures (both manual and automated), and activities that are part of a control framework, designed and operated to ensure that risks are contained within the level that an organization is willing to accept.
Internal auditors may use their knowledge, experience, and best practices to provide
Observations of weaknesses
Recommendations
Who is responsible for the management of internal audit activity to ensure it adds value to the organization?
Chief Audit Executive.
The internal audit activity is effectively managed when it
Achieves the purpose and responsibility included in the internal audit charter,
Conforms with the Standards,
Conforms by individual members with the Code of Ethics and the Standards, and
Considers trends and emerging issues that could impact the organization.
How does the internal audit activity add value to an organization and its stakeholders?
Considers strategies, objectives, and risks.
Strives to offer ways to enhance governance, risk management, and control processes.
Objectively provides relevant assurance.
Why must the chief audit executive establish policies and procedures?
To guide the internal audit activity.
The form and content of policies and procedures are dependent upon the _____[1]_____ and _____[2]_____ of the internal audit activity and the _____[3]_____ of its work.
1-Size
2-Structure
3-Complexity
Key stakeholders in an organization include
Board of Directors,
Audit committees,
Management,
External auditors, and
Regulators.
To achieve organizational independence, the Chief Audit Executive, in managing the internal audit committee, must have
Direct and unrestricted access to senior management and the Board.
The highest level governing body of an organization is
The Board.
The audit committee is composed of
A sub-unit of the Board of Directors.
