Core Activity E: Recommend and maintain a sound control environment Flashcards
(18 cards)
What is the scope of internal audit work?
- Examine financial and operating information (Testing)
- Review economy, effectiveness & operations
- Review compliance with laws, regulations or internal policies
- Special Investigations
- Assisting with identification of significant risks
- Assist in carrying out external audit procedures
- Review accounting and internal control systems
What are the features of external audit?
- Appointed by shareholders or directors
- Reports to shareholders and management
- Reports on financial statements
What are the features of internal audit?
- Appointed by directors and shareholders, usually in larger organisations
- Appointed by audit committee
- Reports to audit committee
- Reports on internal controls
What are the factors that external auditors should consider?
- Status of internal audit within the organisation
- Scope of the internal audit function
- Whether management act on the recommendation of internal audit
- Technical competence of the internal auditors
- Whether objectives of the internal audit function work aligned with that of the external audit
- Whether work of the internal audit function appears to have been planned, supervised, reviewed and documented with due professional care.
What are the types of audit work?
Compliance audit
Transaction audit
Risk based audit
Quality audit
Post-completion audit
Value for money audit
Social and environmental audit
Management audit
Systems based audit
What is a compliance audit?
checks implementation of written rules, regulations and procedures
What is a transactions audit?
involves the checking of a sample of transactions against documentary evidence
What is a risk based audit?
refers to a systems audit in which the auditors use their judgement to decide on the level of risk
What is a post completion audit?
objective and independent appraisal of the measure of success of a project
What is a value for money audit?
auditors assesses three main areas, economy, efficiency, effectiveness
What is the audit process?
- Agree the objectives of the audit
- Plan the audit
- Find out about systems and controls
- Confirm the operation of the system
- Assess if controls are adequate
- Test compliance with controls
- Test application of controls
- Review, report and recommend
What is an internal control system?
The whole system of controls, financial and otherwise, established by the management in order to carry out the business of the enterprise in an orderly and efficient manner, ensure adherence to management policies, safeguard the assets, prevent and detect fraud and error and secure as far as possible the completeness and accuracy of the records.
What are the principles of the UK corporate governance code?
- Board Leadership and company purpose
- Division of responsibilities
- Composition, succession and evaluation
- Audit, risk and internal control
- Remuneration
What is the turnbull report?
- Report required that internal controls should be established using a risk-based approach.
- Specifically, a company should:
Establish business objectives
Identify the associated key risks
Decide upon the controls to address the risks
Set up a system to implement the required controls, including regular feedback - Report summarised the way that businesses should be controlled
- Report suggests that internal audit makes a significant and valuable contribution to a company
What is SOX?
- SOX legislation is extremely detailed and carries the full force of the law behind it.
- Relevant to US companies, directors of subsidiaries of US listed businesses and auditors who are working on US listed businesses.
What are the differences between SOX and UK code?
- Enforcement – UK code is a series of voluntary code whereas SOX takes a robust legislative approach
- Documentation – SOX creates a much more rigorous demand for evidencing internal controls and having them audited
What are the roles of a NED?
Strategy role - contribute to development of strategy
Scrutinising role - review the performance of management in meeting objectives. NEDs are required to hold executive colleagues to account for decisions taken and results obtained.
People role - decide remuneration of board and ensure appropriate succession planning
Risk role - financial systems accurate and risk management robust
When may an NED not be independent?
Cross directorship in other countries
Employee in last 5 years
Material business relationship with company in last 3 years
Receive other remuneration from the company besides director’s fee
Close family ties with director
Significant shareholder
Served on board for more than 9 years
