Documentos de Académico
Documentos de Profesional
Documentos de Cultura
According to the study done by Holt and Dezoort (2006), providing an internal audit
report of the management’s financial status increase investor confidence that the reported
financial information is free from both errors and intentional misstatements. Moreover,
internal audit report was perceived to be as useful as an audit committee report,
management’s discussion and analysis and management’s report on internal control.
Furthermore, there is higher perceived disclosure credibility when a chief audit executive
(CAE) report to the audit committee, chief executive officer (CEO) and chief finance officer
(CFO).
Other than that, internal audit is used to check the proper use of resources. The
misuse of resources can increase the cost of organization. The optimum use of resources
can be determined to control the cost of output. In this way internal audit is a tool to use the
resources in the best interest of business. It also very helpful to get better the performance
of the organization. The achievements of previous year are the basis of preparing budgets
for the next years. The estimated income statement and balance sheet are drawn up. An
attempt is made to get helpful results. Thus internal audit look up performance of business
and employees.
2. Discuss the process of writing an internal audit report based on the
Performance Standard 2400 in the International Professional Practices
Framework (IPPF).
First of all, conduct field audit exit meeting. This is when internal audit team
conducts a meeting with an auditee or management to discuss the result from an audit
process. The purpose of an exit meeting is to enable auditors to discuss matters on the
weaknesses of the system and the risk areas discovered during the audit. More
corrective action on lack of control and protection need to be provided on risk area
system. In the meeting, auditors need to discuss and ask auditees and management for
significant and material issues.
Second, internal auditors will prepare the draft audit report after management has
agreed with the entire content and facts. The draft audit will include audit observations,
audit recommendations and an audit plan. The audit plan will highlight specific
recommendations and will mention the person in charge of improving the risk areas. The
draft will be prepared by the CAE and submitted to the CEO or senior management. The
CEO or senior management will make decisions based on recommendations given in the
report.
Next, auditees will receive a copy of draft report from the CEO. The department
itself must take into consideration each recommendation provided by the internal
auditors for the purpose of improving the business operations and ensuring the
effectiveness of the system.
After that, the final audit report will be prepared by the CAE after receiving
responses from auditees. The final report will include the significant issues, action plan,
recommendations, department’s response and auditors’ conclusion. The internal audit
report will be publish together with management’s responses.
Next, the group of internal auditors will require auditees and management to fill in a
post-audit survey. This is to evaluate the effectiveness of the audit process, audit
planning, audit performance, professionalism and knowledge of the audit team.
Lastly, auditors will perform a follow up audit for the significant issues that were
identified in the final engagement report. Internal auditors will request for follow up
information to review and report on corrective actions taken in addressing all previous
significant issues.
3. Describe the quality of an internal audit report based on the IIA Standard 2420
Quality of Communications.
There are seven quality of an internal audit report based on the IIA Standard 2420
Quality of Communications which are must be accurate, objective, clear, concise,
constructive, complete and timely.
Quality Description
Accurate Free from errors and distortions and is faithful to underlying facts.
Objective Fair impartial and unbiased and is the result of a fair minded and
balance assessment of all relevant facts and circumstances.
Complete Lacks nothing that is essential to the target audience and includes all
significant and relevant information and observations to support
recommendations and conclusions.
In payroll internal audit have to check the on the structure of Report, Payroll Internal
Control Review, Time and Attendance Record, the overall adheres expected structure and
format.
Based on the report quality checklist, the structure of Report must be readability.
Message placement, coherence, conciseness and the use of graphics can help enhance the
readability of a report. Message placement refer to the structure of report, where each
observation needs to be delivered in a structured manner in executive summary and body of
the report. The executive summary which consist of background, objective, scope, and
opinion must be accurate, include necessary exclusions, tailors the objective to the
engagement and limits the background not more than three short paragraphs. The report
has to contain the right information and avoid redundant wording. It will help management in
understanding the main conditions, causes, effects and recommendation for each
observation.
According to the Payroll Internal Control Review, the record must be clarity which
there has to be appropriate use of definitions. Definitions are crucial in understanding
concepts for each observation and audit process. Each observation may carry different
concepts and terms. The report should be written in simple and clear structured sentences.
Based on the time and attendance record, the report about time and record must be
unbiased wording and must be prepared objectively when describing the engagement,
where the wording used must be fair, impartial and unbiased. The written report must state
the weakness of the process internal control payroll so that the company can improve it. The
tone of writing has to reflect level severity for each observation. While, the language in
explaining the performance of time and attendance record used in report should be
associated with the culture of the place.
5. Discuss the role of internal auditors in monitoring and follow-up process for each
reporting.
monitoring
Follow-up
Internal auditor need to look through whether management has taken action for each
recommendation. based on Practice Advisory 2500, A1-1, a follow up is a process by which
internal auditors evaluate the adequacy, effectiveness and timeliness of actions taken by
management on reported observations and recommendations, including those made by
external auditors and others.
1. Follow-up documentation
performance standard 2330, internal auditor must document relevant information
to support their conclusions and engagement results as well as document follow-up
procedures and results.
3. follow-up frequency
According to Flynn (2010), the rule of thumb for follow-up performance is that it
should be conducted at least twice a year.
REVIEW QUESTIONS - CHAPTER 10
1. Define fraud.
Fraud defined in the law as an intentional misrepresentation of material existing fact
made by one person to another with knowledge of its falsity and for the purpose of
inducing the other person to act, and upon which the other person relies with
resulting injury or damage. Fraud may also include an omission or international
failure to state material facts, knowledge of which would be necessary to make other
statements not misleading.
2. What are three elements that have to be present for a person committing
fraud?
1. Opportunity
2. Rationalization
3. Pressure
3. Identify the element of Fraud Triangle theory for each of the following
situations:
1. A person who is having financial constraints stole the company’s money.
= Pressure
2. A person labels a theft as ‘borrowing’ and fully intends to pay back the stolen
money at some point.
= Rationalization
3. A cashier stole the money from cash register machine because she knew that
there is no CCTV installed at the shop.
= Opportunity
4. Identify whether the following measures are meant for fraud prevention or
fraud detection.
2. Forensic audit involves analysis of past trend and substantive or ‘in depth’
checking of selected transaction, whereas statutory audit involves ‘substantive’
and ‘compliance‘ procedures. ( TRUE )