SlideShare una empresa de Scribd logo
1 de 4
Descargar para leer sin conexión
NBI Internal Audit Methodology
Information
gathering
Planning
Overview of the
Organisation
 Gather and analyse
industry information
 Identify strategies,
objectives and
processes
 Determine
legislative
requirements
Execution Reporting Follow-up
Enterprise Risk
Assessment
 Identify high risk
areas
 Analyse and
evaluate the risk
information
 Determine areas to
be audited
Plan development
 Determine
processes and
projects
 Utilise risk
assessment results
 Determine resources
and timing
 Develop and draft
the plan
 Obtain audit
Committee approval
 Maintain and update
plan
Execution
 Notification of
process owner and
kick-off meeting
 Project planning
 Process description
and audit
programme creation
 Testing and
documenting
Process owner
reporting
 Identified risks
 All findings
identified during
field work (including
medium and low
risks)
 Process
improvements noted
 Follow-up items
from previous
reports
 Management action
plans
Issue resolution and
follow-up
 Follow-up on issue
resolution
 Monitor and assess
management’s
progress against
agreed-upon action
plans
 Adequacy of actual
actions taken
 Timeliness of issue
resolution
 Report the progress
to senior
management and
the Audit and Risk
Committee
 Escalate unresolved
issues
Audit and Risk
Committee
 All significant
findings
 Management action
plans and due date
Internal Audit Execution
1) Notification of process owner and Kick-off meeting
 Review of high-level audit objectives and scope.
 Audit process and time line.
 Communications, reporting, and follow-up activities.
 Discussion of business objectives, risks, and key activities
2) Project planning
 Define the scope and allocate time.
 Determine if additional resources or training is required.
 Implement monitoring tools to manage the project
3) Process description and audit programme
 Document the process by conducting interviews and reviewing procedure documents
 Perform walkthrough of the processes
 Identify risk areas and control gaps.
 Develop procedures to test the key controls identified during the process description
 Control gaps are tested to determine the to determine the magnitude of the risk
4) Testing and documenting
 Create working papers based on the audit programme
 Determine the population, testing quantity and the source documents to be used.
 Test the design and operating effectiveness of internal controls, including financial, operational and compliance
4) Testing and documenting (continued)
 Perform manual control testing through observation, inquiry, re-performance, inspection and knowledge assessment
 Perform substantive testing when the controls are determined to be ineffective to assist with evaluating the extent or impact of the
ineffective control
 The use of CAAT may be involved. Create working papers based on the audit programme
Supporting documentation:
 Exception based documentation is kept on file and if no exception is noted then one copy of an item tested. If an exception is noted then a
copy of the exception as well as one of the items tested without an exception is kept on file.
 All supporting documentation is maintained
 Supporting documentation is reviewed in in conjunction with the working papers.
5) Confirm and report findings
 A finding is noted when the results of internal controls testing denotes that the control is either missing or not working as expected.
These findings are all documented in the working papers.
 Performance improvement observations (POI) are areas that can be improved but do not involve a control weakness or an area that falls
outside the scope of the internal audit project.
 The details of the findings should be confirmed and validated with the process owner before reporting.
 All findings will be documented in audit report and tie back to the summary of findings document.
 A close out meeting should be held with the process owner and any other key contacts for the project.
 The draft report will be presented and discussed during this meeting.
 Minutes of the meeting will be kept on file.
 The objective is to clearly communicate and finalise findings with the process owner and obtain acceptance and support for the reporting
items and the recommendations.
6) Review of reports
 All reports are reviewed by the senior auditor, the internal audit manager and the head of internal audit before they are presented to the Audit
and Risk Committee.
 Before the reports are reported to the Audit and Risk Committee they are reviewed by the process owner and the head of division.
 During the meeting with the process owner and the head of division can they request any working papers and supporting documentation.
 Disagreements between the Internal Auditor and the process owner and head of division that are not resolved will be discussed at the Audit
and Risk Committee.
Special Assignments
Request for Special
assignment
• Managers are encouraged to approach their senior managers (SMT) with the requests for a special assignments, unless they have a valid
reason for bypassing their senior manager.
• Members of the SMT can come directly to the internal auditor or to financial director for the special assignments, however, the requests
that come directly to the internal auditor are communicated to financial director for input.
• Once the request is received , will a meeting be set up between the manager, their senior manager, the financial director and the internal
auditor.
Establishing the
need for a special
assignment
•During the meeting the following questions will be asked to determine the need for the special assignment:
•Is the reason for involving internal audit instead of dealing with the issue within the department valid?
•Is the risk significant and is the assignment urgent?
•Has the root cause been established?
•Can tools be provided to resolve the issue instead of conducting a detailed audit?
Planning for special
assignment
•If it is not possible to resolve the issue within the department then internal audit is required to perform an audit:
•If the assignment is not urgent then it will be added to the existing internal audit plan and additional testing will be included for the special
assignment.
•If the assignment is urgent then arrangements are made to conduct the assignemnt within the required period, depending on the
available resources (staff, time, etc)

Más contenido relacionado

La actualidad más candente

MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEbbongio
 
Internal audit report writing.pdf
Internal audit   report writing.pdfInternal audit   report writing.pdf
Internal audit report writing.pdfkavyashree k
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing functionDebashis Gupta
 
Process Audit and ISO
Process Audit and ISOProcess Audit and ISO
Process Audit and ISOSadafhazel
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Risk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal AuditRisk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal AuditSmitesh Bhosale
 
Internal Audit Plan 2015
Internal Audit Plan 2015Internal Audit Plan 2015
Internal Audit Plan 2015Mohammad Kashif
 
Internal Process Audit
Internal Process AuditInternal Process Audit
Internal Process Auditintellisenseit
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologyManoj Agarwal
 
Basic internal auditing
Basic internal auditingBasic internal auditing
Basic internal auditingKhalid Aziz
 
Practical approach to auditing v2
Practical approach to auditing v2Practical approach to auditing v2
Practical approach to auditing v2Edu Umechukwu
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid themSurajit Datta
 
Audit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAudit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAdvance Business Consulting
 

La actualidad más candente (20)

MEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCEMEASURING INTERNAL AUDIT PERFORMANCE
MEASURING INTERNAL AUDIT PERFORMANCE
 
Internal audit report writing.pdf
Internal audit   report writing.pdfInternal audit   report writing.pdf
Internal audit report writing.pdf
 
Risk based internal auditing
 Risk based internal auditing Risk based internal auditing
Risk based internal auditing
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing function
 
Process Audit and ISO
Process Audit and ISOProcess Audit and ISO
Process Audit and ISO
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit department
 
Risk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal AuditRisk assessment and internal controls - Internal Audit
Risk assessment and internal controls - Internal Audit
 
Internal Audit Plan 2015
Internal Audit Plan 2015Internal Audit Plan 2015
Internal Audit Plan 2015
 
Internal Process Audit
Internal Process AuditInternal Process Audit
Internal Process Audit
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
 
Basic internal auditing
Basic internal auditingBasic internal auditing
Basic internal auditing
 
Practical approach to auditing v2
Practical approach to auditing v2Practical approach to auditing v2
Practical approach to auditing v2
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal Audit
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
 
Ch 9. Internal Audit
Ch 9. Internal AuditCh 9. Internal Audit
Ch 9. Internal Audit
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal Audit
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid them
 
Audit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAudit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, Auditing
 

Similar a Internal Audit Methodology.docx

ARC 1-19^J 1-5(12marks).pptx
ARC 1-19^J 1-5(12marks).pptxARC 1-19^J 1-5(12marks).pptx
ARC 1-19^J 1-5(12marks).pptxSohailSheikh62
 
AT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINES
AT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINESAT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINES
AT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINESRenee Lewis
 
Audit and regulatory compliance
Audit  and  regulatory complianceAudit  and  regulatory compliance
Audit and regulatory complianceArchana Chavhan
 
250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdf
250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdf250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdf
250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdfAddisu15
 
Internal audit procedure
Internal audit procedureInternal audit procedure
Internal audit procedurebhavikjariwala
 
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - Jordan
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - JordanAuditing Management systems based on ISO19011 By Eng. Karam Malkawi - Jordan
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - JordanEng. A.karam Al Malkawi
 
Basic concepts of quality assurance
Basic concepts of quality assuranceBasic concepts of quality assurance
Basic concepts of quality assurancesonaliph
 
Audit Planning - Considerations
Audit Planning - ConsiderationsAudit Planning - Considerations
Audit Planning - ConsiderationsRyan Vaz
 
auditing Fram . from the start to Reporting .pdf
auditing Fram . from the start to Reporting .pdfauditing Fram . from the start to Reporting .pdf
auditing Fram . from the start to Reporting .pdfnguyenanvuong2007
 
Practical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdf
Practical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdfPractical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdf
Practical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdfAbhishekPareek64
 
How to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality AuditHow to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality AuditGreenlight Guru
 
Internal Audit 03-03-16
Internal Audit 03-03-16Internal Audit 03-03-16
Internal Audit 03-03-16Lisa Barnes
 

Similar a Internal Audit Methodology.docx (20)

Project auditing
Project auditingProject auditing
Project auditing
 
ARC 1-19^J 1-5(12marks).pptx
ARC 1-19^J 1-5(12marks).pptxARC 1-19^J 1-5(12marks).pptx
ARC 1-19^J 1-5(12marks).pptx
 
AT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINES
AT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINESAT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINES
AT-5908 CPA REVIEW SCHOOL OF THE PHILIPPINES
 
Ia audit process_lisd
Ia audit process_lisdIa audit process_lisd
Ia audit process_lisd
 
Audit and regulatory compliance
Audit  and  regulatory complianceAudit  and  regulatory compliance
Audit and regulatory compliance
 
250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdf
250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdf250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdf
250250902-141-ISACA-NACACS-Auditing-IT-Projects-Audit-Program.pdf
 
Internal audit procedure
Internal audit procedureInternal audit procedure
Internal audit procedure
 
Basic Audit
Basic AuditBasic Audit
Basic Audit
 
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - Jordan
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - JordanAuditing Management systems based on ISO19011 By Eng. Karam Malkawi - Jordan
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - Jordan
 
Operational audit
Operational auditOperational audit
Operational audit
 
SFC Plan of engagement
SFC Plan of engagementSFC Plan of engagement
SFC Plan of engagement
 
How to do a Project Audit
How to do a Project AuditHow to do a Project Audit
How to do a Project Audit
 
Basic concepts of quality assurance
Basic concepts of quality assuranceBasic concepts of quality assurance
Basic concepts of quality assurance
 
Audit Planning - Considerations
Audit Planning - ConsiderationsAudit Planning - Considerations
Audit Planning - Considerations
 
Introduction to Internal Auditing FSMS
Introduction to Internal Auditing FSMSIntroduction to Internal Auditing FSMS
Introduction to Internal Auditing FSMS
 
auditing Fram . from the start to Reporting .pdf
auditing Fram . from the start to Reporting .pdfauditing Fram . from the start to Reporting .pdf
auditing Fram . from the start to Reporting .pdf
 
Practical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdf
Practical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdfPractical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdf
Practical_aspects_of_Statutory_Audit_Doc_to_reporting_by_CA._Amit_Doshi.pdf
 
How to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality AuditHow to Perform a Successful Internal Quality Audit
How to Perform a Successful Internal Quality Audit
 
Audit process tonatiuh lozada
Audit process tonatiuh lozadaAudit process tonatiuh lozada
Audit process tonatiuh lozada
 
Internal Audit 03-03-16
Internal Audit 03-03-16Internal Audit 03-03-16
Internal Audit 03-03-16
 

Último

Pitch Deck Teardown: SuperScale's $5.4M Series A deck
Pitch Deck Teardown: SuperScale's $5.4M Series A deckPitch Deck Teardown: SuperScale's $5.4M Series A deck
Pitch Deck Teardown: SuperScale's $5.4M Series A deckHajeJanKamps
 
Benihana of Tokyo case study11111111.pdf
Benihana of Tokyo case study11111111.pdfBenihana of Tokyo case study11111111.pdf
Benihana of Tokyo case study11111111.pdfjavenxxx01
 
Record of Module Forensic photography in
Record of Module Forensic photography inRecord of Module Forensic photography in
Record of Module Forensic photography inalexademileighpacal
 
Dashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de OperacionesDashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de OperacionesLPI ONG
 
CORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdf
CORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdfCORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdf
CORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdfLouis Malaybalay
 
Optimize Your CRM Customization and Beyond
Optimize Your CRM Customization and BeyondOptimize Your CRM Customization and Beyond
Optimize Your CRM Customization and BeyondBoundify
 
HOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETINGHOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETINGNATHAN SPEAKS
 
Streamlining Your Accounting A Guide to QuickBooks Migration Tools.pptx
Streamlining Your Accounting A Guide to QuickBooks Migration Tools.pptxStreamlining Your Accounting A Guide to QuickBooks Migration Tools.pptx
Streamlining Your Accounting A Guide to QuickBooks Migration Tools.pptxPaulBryant58
 
Olympus 38DL Plus Ultrasonic Thickness Gauge
Olympus 38DL Plus Ultrasonic Thickness GaugeOlympus 38DL Plus Ultrasonic Thickness Gauge
Olympus 38DL Plus Ultrasonic Thickness GaugeStephenKim86
 
NewBase 14 March 2024 Energy News issue - 1707 by Khaled Al Awadi_compress...
NewBase  14 March  2024  Energy News issue - 1707 by Khaled Al Awadi_compress...NewBase  14 March  2024  Energy News issue - 1707 by Khaled Al Awadi_compress...
NewBase 14 March 2024 Energy News issue - 1707 by Khaled Al Awadi_compress...Khaled Al Awadi
 
unfinished legacy it is a clothing brand
unfinished legacy it is a clothing brandunfinished legacy it is a clothing brand
unfinished legacy it is a clothing brandakashm530190
 
NVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptxNVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptxKrutik Rakade
 
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...BilalAhmed717
 
Importance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptxImportance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptxBonano Insurance
 
Presented by Sabri international .......
Presented by Sabri international .......Presented by Sabri international .......
Presented by Sabri international .......SABRI INTERNATIONAL
 
L-1 VISA Business (Plan Sample) - Plan Writers
L-1 VISA Business (Plan Sample) - Plan WritersL-1 VISA Business (Plan Sample) - Plan Writers
L-1 VISA Business (Plan Sample) - Plan WritersPlan Writers
 
How The Hustle Milestone Referral Program Got 300K Subscribers
How The Hustle Milestone Referral Program Got 300K SubscribersHow The Hustle Milestone Referral Program Got 300K Subscribers
How The Hustle Milestone Referral Program Got 300K SubscribersFlyyx Tech
 
Business Models and Business Model Innovation
Business Models and Business Model InnovationBusiness Models and Business Model Innovation
Business Models and Business Model InnovationMichal Hron
 
14 march 2024-capital-markets-update eni.pdf
14 march 2024-capital-markets-update eni.pdf14 march 2024-capital-markets-update eni.pdf
14 march 2024-capital-markets-update eni.pdfEni
 

Último (20)

Pitch Deck Teardown: SuperScale's $5.4M Series A deck
Pitch Deck Teardown: SuperScale's $5.4M Series A deckPitch Deck Teardown: SuperScale's $5.4M Series A deck
Pitch Deck Teardown: SuperScale's $5.4M Series A deck
 
Benihana of Tokyo case study11111111.pdf
Benihana of Tokyo case study11111111.pdfBenihana of Tokyo case study11111111.pdf
Benihana of Tokyo case study11111111.pdf
 
Record of Module Forensic photography in
Record of Module Forensic photography inRecord of Module Forensic photography in
Record of Module Forensic photography in
 
Dashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de OperacionesDashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de Operaciones
 
WAM Corporate Presentation Mar 12 2024.pdf
WAM Corporate Presentation Mar 12 2024.pdfWAM Corporate Presentation Mar 12 2024.pdf
WAM Corporate Presentation Mar 12 2024.pdf
 
CORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdf
CORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdfCORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdf
CORPORATE SOCIAL RESPONSIBILITY - FINAL REQUIREMENT.pdf
 
Optimize Your CRM Customization and Beyond
Optimize Your CRM Customization and BeyondOptimize Your CRM Customization and Beyond
Optimize Your CRM Customization and Beyond
 
HOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETINGHOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETING
 
Streamlining Your Accounting A Guide to QuickBooks Migration Tools.pptx
Streamlining Your Accounting A Guide to QuickBooks Migration Tools.pptxStreamlining Your Accounting A Guide to QuickBooks Migration Tools.pptx
Streamlining Your Accounting A Guide to QuickBooks Migration Tools.pptx
 
Olympus 38DL Plus Ultrasonic Thickness Gauge
Olympus 38DL Plus Ultrasonic Thickness GaugeOlympus 38DL Plus Ultrasonic Thickness Gauge
Olympus 38DL Plus Ultrasonic Thickness Gauge
 
NewBase 14 March 2024 Energy News issue - 1707 by Khaled Al Awadi_compress...
NewBase  14 March  2024  Energy News issue - 1707 by Khaled Al Awadi_compress...NewBase  14 March  2024  Energy News issue - 1707 by Khaled Al Awadi_compress...
NewBase 14 March 2024 Energy News issue - 1707 by Khaled Al Awadi_compress...
 
unfinished legacy it is a clothing brand
unfinished legacy it is a clothing brandunfinished legacy it is a clothing brand
unfinished legacy it is a clothing brand
 
NVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptxNVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptx
 
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
 
Importance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptxImportance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptx
 
Presented by Sabri international .......
Presented by Sabri international .......Presented by Sabri international .......
Presented by Sabri international .......
 
L-1 VISA Business (Plan Sample) - Plan Writers
L-1 VISA Business (Plan Sample) - Plan WritersL-1 VISA Business (Plan Sample) - Plan Writers
L-1 VISA Business (Plan Sample) - Plan Writers
 
How The Hustle Milestone Referral Program Got 300K Subscribers
How The Hustle Milestone Referral Program Got 300K SubscribersHow The Hustle Milestone Referral Program Got 300K Subscribers
How The Hustle Milestone Referral Program Got 300K Subscribers
 
Business Models and Business Model Innovation
Business Models and Business Model InnovationBusiness Models and Business Model Innovation
Business Models and Business Model Innovation
 
14 march 2024-capital-markets-update eni.pdf
14 march 2024-capital-markets-update eni.pdf14 march 2024-capital-markets-update eni.pdf
14 march 2024-capital-markets-update eni.pdf
 

Internal Audit Methodology.docx

  • 1. NBI Internal Audit Methodology Information gathering Planning Overview of the Organisation  Gather and analyse industry information  Identify strategies, objectives and processes  Determine legislative requirements Execution Reporting Follow-up Enterprise Risk Assessment  Identify high risk areas  Analyse and evaluate the risk information  Determine areas to be audited Plan development  Determine processes and projects  Utilise risk assessment results  Determine resources and timing  Develop and draft the plan  Obtain audit Committee approval  Maintain and update plan Execution  Notification of process owner and kick-off meeting  Project planning  Process description and audit programme creation  Testing and documenting Process owner reporting  Identified risks  All findings identified during field work (including medium and low risks)  Process improvements noted  Follow-up items from previous reports  Management action plans Issue resolution and follow-up  Follow-up on issue resolution  Monitor and assess management’s progress against agreed-upon action plans  Adequacy of actual actions taken  Timeliness of issue resolution  Report the progress to senior management and the Audit and Risk Committee  Escalate unresolved issues Audit and Risk Committee  All significant findings  Management action plans and due date
  • 2. Internal Audit Execution 1) Notification of process owner and Kick-off meeting  Review of high-level audit objectives and scope.  Audit process and time line.  Communications, reporting, and follow-up activities.  Discussion of business objectives, risks, and key activities 2) Project planning  Define the scope and allocate time.  Determine if additional resources or training is required.  Implement monitoring tools to manage the project 3) Process description and audit programme  Document the process by conducting interviews and reviewing procedure documents  Perform walkthrough of the processes  Identify risk areas and control gaps.  Develop procedures to test the key controls identified during the process description  Control gaps are tested to determine the to determine the magnitude of the risk 4) Testing and documenting  Create working papers based on the audit programme  Determine the population, testing quantity and the source documents to be used.  Test the design and operating effectiveness of internal controls, including financial, operational and compliance
  • 3. 4) Testing and documenting (continued)  Perform manual control testing through observation, inquiry, re-performance, inspection and knowledge assessment  Perform substantive testing when the controls are determined to be ineffective to assist with evaluating the extent or impact of the ineffective control  The use of CAAT may be involved. Create working papers based on the audit programme Supporting documentation:  Exception based documentation is kept on file and if no exception is noted then one copy of an item tested. If an exception is noted then a copy of the exception as well as one of the items tested without an exception is kept on file.  All supporting documentation is maintained  Supporting documentation is reviewed in in conjunction with the working papers. 5) Confirm and report findings  A finding is noted when the results of internal controls testing denotes that the control is either missing or not working as expected. These findings are all documented in the working papers.  Performance improvement observations (POI) are areas that can be improved but do not involve a control weakness or an area that falls outside the scope of the internal audit project.  The details of the findings should be confirmed and validated with the process owner before reporting.  All findings will be documented in audit report and tie back to the summary of findings document.  A close out meeting should be held with the process owner and any other key contacts for the project.  The draft report will be presented and discussed during this meeting.  Minutes of the meeting will be kept on file.  The objective is to clearly communicate and finalise findings with the process owner and obtain acceptance and support for the reporting items and the recommendations. 6) Review of reports  All reports are reviewed by the senior auditor, the internal audit manager and the head of internal audit before they are presented to the Audit and Risk Committee.  Before the reports are reported to the Audit and Risk Committee they are reviewed by the process owner and the head of division.  During the meeting with the process owner and the head of division can they request any working papers and supporting documentation.  Disagreements between the Internal Auditor and the process owner and head of division that are not resolved will be discussed at the Audit and Risk Committee.
  • 4. Special Assignments Request for Special assignment • Managers are encouraged to approach their senior managers (SMT) with the requests for a special assignments, unless they have a valid reason for bypassing their senior manager. • Members of the SMT can come directly to the internal auditor or to financial director for the special assignments, however, the requests that come directly to the internal auditor are communicated to financial director for input. • Once the request is received , will a meeting be set up between the manager, their senior manager, the financial director and the internal auditor. Establishing the need for a special assignment •During the meeting the following questions will be asked to determine the need for the special assignment: •Is the reason for involving internal audit instead of dealing with the issue within the department valid? •Is the risk significant and is the assignment urgent? •Has the root cause been established? •Can tools be provided to resolve the issue instead of conducting a detailed audit? Planning for special assignment •If it is not possible to resolve the issue within the department then internal audit is required to perform an audit: •If the assignment is not urgent then it will be added to the existing internal audit plan and additional testing will be included for the special assignment. •If the assignment is urgent then arrangements are made to conduct the assignemnt within the required period, depending on the available resources (staff, time, etc)