Memorise Flashcards

Question

What is the difference between risk identification, analysis and evaluation?

Answer 1

Risk identification: The process of determining which events might occur to affect the objectives of the organisation and their root causes. Risk analysis: The systematic use of available information to determine the likelihood of specified events occurring and the magnitude of their consequences ie their impact. Risk evaluation: The process used to determine risk management priorities by comparing the level of risk against predetermined standards, target risk levels or other criteria.

Answer 2

Any action taken by management, the board and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organises and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved.

Answer 3

The policies, procedures (both manual and automated) and activities that are part of a control framework, designed and operated to ensure that risks are contained within the level that an organisation is willing to accept.

Answer 4

The attitude and actions of the board and management regarding the importance of control within the organisation. The control environment provides the discipline and structure for the achievement of the primary objectives of the system of internal control. The control environment includes the following elements: integrity and ethical value, management's philosophy and operating style, organisational structure, assignment of authority and responsibility, human resource policies and practices, and competence of personnel.

Answer 5

1. Understand the context and purpose 2. Gather information to understand area or process 3. Conduct a preliminary risk assessment 4. Establish objectives 5. Establish scope 6. Allocate resources 7. Document work program

Answer 6

The facts or knowledge provided or learned. It can be tacit, in people's heads, or explicit, in documents - electronic or hard copy.

Answer 7

Internal auditors must identify sufficient, reliable, relevant and useful information to achieve the engagement’s objectives.

Answer 8

sufficient useful reliable relevant (identifying information / quality of the information)

Answer 9

1. Internal (eg policies and procedures of the organisation) 2. External (eg laws and regulations imposed by statutory bodies) 3. Leading practices (eg industry and professional guidance)

Answer 10

Probability/Likelihood Impact

Answer 11

Descriptive information, which usually derives from observations, interviews, focus groups or analysis of graphical material such as photographs.

Answer 12

Information based on measurable data. This usually entails mathematical analysis to shed light on the activity or phenomena being investigated.

Answer 13

Getting information from audit clients, process owners and users and other groups. Examples Interviewing clients face to face Gathering information from a focus group Collecting information from employees using electronic surveys.

Answer 14

This involves observing people, processes and other organisational activities. Examples Undertaking inventory counts Observing an employee undertake part of a process Observing that certain assets are in place eg fire doors are kept shut, security cameras are in place.

Answer 15

To determine whether the controls in place achieve the control objectives

Answer 16

To determine whether the prescribed controls are being adhered to

Answer 17

The combination of processes and structures implemented by the board to inform, direct, manage and monitor the activities of the organisation toward the achievement of its objectives.

Answer 18

Computer assisted audit tools and techniques

Answer 19

Variance analysis compares sets of data to identify and understand any differences between them.

Answer 20

Trend analysis is used to identify patterns in sets of data. Usually we are looking for patterns over periods of time.

Answer 21

Benchmarking: The process for comparing two or more items against the benchmark. Benchmark: The standard or point of reference against which the item is compared.

Answer 22

Occurs within an organisation, such as comparing the performance of two or more internal audit teams within the same organisation, or comparing internal audit against another function within the same organisation.

Answer 23

benchmarking against competitors. For instance, comparing the performance of the internal audit function against those of a competitor using ratios of qualiﬁed to unqualiﬁed auditors and total costs of the internal audit function as the benchmark.

Answer 24

benchmarking performance against unrelated industries. For instance, comparing the learning and development of internal auditors with that of management accountants.

Answer 25

when benchmarking is carried out collaboratively by groups of organisations or by a professional body on behalf of their members. For instance, the Chartered IIA carries out benchmarking surveys of its members' functions. Chartered IIA members can then compare their own internal audit performance against these benchmarks.

Answer 26

a type of competitive or collaborative benchmarking that involves comparing performance against an organisation or function that is regarded as performing a particular activity best.

Answer 27

Also known as fishbone diagram. takes you through a process of describing the problem, collecting and analysing data and then through possibly brainstorming identifying potential causes. This should then enable you to analyse and identify the root cause(s) and then advise on possible solutions. It may take a number of steps to trace the problem back to the ‘root cause’ by going through a series of questions: What happened/What was the problem? Why did it happen? How can it be put right to stop it happening again?

Answer 28

Ishikawa/Fishbone diagram Five whys Pareto analysis

Answer 29

when problems involve human factors and best for simple to moderately difficult problems with regards to trouble shooting, quality improvements and problem solving.

Answer 30

By arranging the issues in order according to the impact they have we can resolve roughly 80% of the problem by tackling 20% of the issues. The key point is that we have to apply our limited resources to those areas where we can make the biggest impact.

Answer 31

R = Responsible - The person who performs the work. A = Accountable - The person ultimately accountable for the work or decision being made. We can use this letter where appropriate, but not to excess – only when a key decision or task is at hand. C = Consulted - Anyone who must be consulted with prior to a decision being made and/or the task being completed. I = Informed - Anyone who must be informed when a decision is made or work is completed.

Answer 32

Judgmental: the internal auditor uses their knowledge and experience to determine what transactions and records to sample and the number to look at Statistical sampling: the internal auditor applies statistical (mathematical) methods to select the samples.

Answer 33

The entire set of items from which the sample will be drawn. The population size refers to the number of that population.

Answer 34

The size of the sample in relation to the population.

Answer 35

The degree of certainty that the sample is the same as the population, for example, 95% confidence level indicates that 95 times out of 100 the sample will reflect the population and five times out of 100 it will not and we will draw the wrong conclusion.

Answer 36

A measure of the possible difference between the sample estimate and the actual population value.

Answer 37

The degree or amount of difference among items in the population.

Answer 38

1. Simple random sampling 2. Attribute sampling 3. Variable sampling 4. Monetary (dollar) unit sampling 5. Discovery sampling

Answer 39

Simple random sampling ensure every item in the population has an equal chance of selection. For example, the internal auditor may randomly select an agreed percentage of items from a large batch of invoices.

Answer 40

The internal auditor seeks items with particular characteristics. Alternatively, the process may seek to exclude particular items. This may be from the whole population, sub population or a random sample of the whole population. For instance, the internal auditor may use attribute sampling to estimate the number of purchase orders of a particular value range that were not authorised based on a sample.

Answer 41

Variable sampling seeks to provide information on the values associated with a sub population or sample of the population. For instance, the internal auditor will use variable sampling to estimate the total monetary value of orders of a particular value range that were not authorised.

Answer 42

Monetary unit sampling is also called probability-proportionate-to-size. It is used to determine the accuracy of financial accounts such as accounts receivable, loans receivable and inventory. Each dollar/pound/euro in a transaction is a separate sampling unit. For example, a transaction of $100 has 100 sampling units.

Answer 43

Discovery sampling is a type of attribute sampling. It is used to determine the sample size that will provide the desired conﬁdence of ﬁnding at least one deviation in the population. Discovery sampling is usually used by internal auditors to calculate the probability of an action or item occurring. This type of sampling is used to identify critical errors and the probability of fraud occurring

Answer 44

Extremely large, complex structured, semi-structured and unstructured data that could potentially be mined for information.

Answer 45

A process of inspecting, cleaning, transforming, and modeling data with the goal of highlighting useful information, suggesting conclusions, and supporting decision-making.

Answer 46

The process of finding correlations or patterns among dozens of fields in large databases.

Answer 47

It measures four perspectives that result in focusing on the long-term health of organisations: financial, customer, internal business process, learning and growth.

Answer 48

A year chosen as the ‘start-off’ year for comparison purposes; the initial benchmark that subsequent years are compared to.

Answer 49

Also referred to as the operating cycle or cash conversion cycle. At a basic level, it is the time taken for an organisation to convert raw materials into cash. More broadly, it refers to the cycle of activities involved - purchasing raw materials, converting them into finished goods, selling those good (usually in credit to other organisations) and then collecting the revenue from them. This equally applies to service organisations, who sell services rather than physical goods.

Answer 50

In the context of this course, cost refers to the cost per unit of something (raw materials, physical good or services).

Answer 51

A sub-set of financial statement analysis, whereby financial statement line items are compared over a number of accounting periods to a base year.Also known as base year analysis.

Answer 52

A sub-set of financial statement analysis, whereby financial statement line items are compared over a number of accounting periods to a base year.Also known as horizontal analysis.

Answer 53

Analysis of financial data presented in an organisation’s financials statements, in order to assess liquidity, profitability, efficiency, leverage and value. Ratio analysis can be used to review year on year performance for one organisation, or for comparison between different organisations.

Answer 54

Statistical model showing how changes to an independent input variable may affect the behaviour of a dependent variable. Different to scenario planning and usually relates to financial planning, whereas scenario planning is applied strategically. Also known as what-if analysis.

Answer 55

Also known as sensitivity analysis. Statistical model showing how changes to an independent input variable may affect the behaviour of a dependent variable. Different to scenario planning and usually relates to financial planning, whereas scenario planning is applied strategically.

Answer 56

Sub-set of financial statement analysis, whereby each line item within a financial statement is expressed as a percentage of a base figure within the same statement. Also know as common size financial statement analysis.

Answer 57

Same as vertical analysis. Sub-set of financial statement analysis, whereby each line item within a financial statement is expressed as a percentage of a base figure within the same statement.

Answer 58

to analyse financial data, namely the financial statements published by organisations. They allow you to express the relationship between one piece of accounting data and another. Accounting ratios are a way of making comparisons, either within the organisation (comparing one department’s performance to another or comparing year on year results) or external comparison to other organisations.

Answer 59

1. Profitability ratios 2. Liquidity ratios 3. Efficiency (or activity) ratios 4. Leverage ratios

Answer 60

the organisation’s ability to generate earnings compared to its expenses (thus the focus is performance).

Answer 61

how well an organisation uses its assets and liabilities. These types of ratios are used by various stakeholders – management within the organisation, and external parties such as investors or banks and government departments - when assessing an organisation’s declared profits for tax purposes.

Answer 62

the proportion of debt that an organisation has to its equity/capital. They can be used to answer the question 'how is the organisation funding its assets - via equity or debt, or in what combination?'

Answer 63

Cost, usage, revenue

Answer 64

accurate, objective, clear, concise, constructive, complete and timely