Add to collection(s) Add to saved
  1. Business
  2. Management

Nuala Comerford & Pamela McDonald

advertisement 
Internal auditing for credit unions
Credit Union Summer School
Nuala Comerford, Chair IIA Irish Region Committee
Pamela McDonald Council Member IIA
Thursday, 23rd May, 2013
Presentation
• The role of internal audit
• How the institute supports the internal audit profession
• The Profession and the institute in Ireland
The role of internal audit
“Internal auditing is an independent, objective
assurance and consulting activity designed to add value
and improve an organisation's operations.
It helps an organisation accomplish its objectives by
bringing a systematic, disciplined approach to evaluate
and improve the effectiveness of risk management,
internal control, and governance processes.”
The Chartered Institute of Internal Auditors
A cornerstone of good governance
Internal audit is the management function responsible for
evaluating and improving the effectiveness of risk management, control and
governance processes.
It is therefore one of the
four cornerstones of
good corporate governance:
Control Environment- Key
Issues
Corporate Governance
Control Environment
Control Framework
Corporate Governance
Manner by which Organisations are directed & controlled as
administered by management
Structures and processes in place to direct, manage & monitor the
activities towards achievement of objectives
Principles
– Openness
– Transparency
– Accountability
Control Environment
Attitudes of Management / Board regarding the significance of control
in the Organisation
Management’s philosophy & operating style
Integrity & ethical values
Control environment sets the discipline for the achievement of the
primary objectives of the system of internal control
Control Framework
Internal Control Objectives / Why?
Control Activities / How?
Risk Assessment / Best practice form of
management
Control Objectives / Why?
Achievement of Objectives
Compliance with statutory requirements
Reliability of financial & other information
Effectiveness & Efficiency of operations
Safeguarding of Assets
8 Key areas of Control Activities
How?
Segregation of duties
Organisation’s structures
Authorisation & Approval
HR policies
Management controls
Arithmetic & Accounting
Physical controls
Supervision
Types of Controls
Preventive
Detective
Corrective
Anticipatory
Directive
Managing risk
…Is part of good management and good governance
– Risk management is of value to organisations because it increases the chances of
achieving objectives.
…is a foundation for control
– risk management is central to good internal control
– A sound system of internal control is defined as one where the risks facing an
organisation are managed as all stakeholders expect or want – within its risk appetite.
What does it Mean for the
Credit Union?
Identify relevant control / Set of actions,
Is control sufficient / helps achieve objectives
Guard against negative consequences of risk
Must be cost effective
Procedure Manuals are best format for
documenting Controls and ensuring
compliance
Activities of Internal Audit
•
•
•
•
Evaluating controls & advise managers at all levels
Evaluating Risks
Analysing operations and confirm information
Review compliance
A critical friend
An Internal auditor is a “critical friend” to the
organisation, someone who can:
•
Challenge the business on risk management and internal controls
•
Champion best practice in risk management
•
Act as a Catalyst for change and improvement in risk management
The Internal Auditor should be well positioned in the organisation in order to influence
management and effect change
Options for Internal Audit Services
•
•
•
•
•
In house
Shared Service
Outsourced
Co-outsourced
Collaboration
External audit and internal audit?
Internal auditors are distinct from external auditors:
• They occupy a unique position of independence and objectivity
• Their remit goes beyond evaluation of financial controls
• They have in-depth knowledge of the organisation as a whole
The core activities of an internal auditor are:
• Evaluating key risks arising from the current and future activities
• Evaluating specific controls and advising managers at all levels on their
effectiveness
• Reviewing compliance with laws, rules, policies, Codes of Practice,
Guidelines
• Reporting findings to all levels of management but crucially the Board, usually via
the Audit Committee
Other assurance providers
Risk Strategy and
Policy Setting
Control Framework
Design
Control Framework
Operation
Measuring and
Monitoring
A
S
S
U
R
A
N
C
E
Three lines of defence
Value for the audit committee
Confidence in risk management processes
Confidence in management’s assurances
Regulatory compliance enabled
Value for management
Confirmation of effective operation of controls
Confidence in own management of risk
Challenge & support for better management of risks
Confidence for regulatory reporting
Enabling safe risk-taking – opportunity management
About the Institute
• Established 1948. Professional body for internal auditors across all sectors in the UK and
Ireland
• Affiliated to Global IIA, 180,000 members in 190 countries. Part of the European Confederation
of Institutes of Internal Audit (ECIIA), which represents 40,000 members in 33 countries
• 8,000 members in the UK/ Ireland, including 700 Heads of Internal Audit.
9 Regional Groups, including Scotland, Wales, Ireland
• 70 % representation in the FTSE 100.
• Two qualifications: Diploma and Advanced Diploma Qualifications,
leading to Chartered status (accredited by the Open University)
• Offers extensive programme of training courses and support services,
including on-line learning tools, technical guidance
• All members globally work to the International Standards and are
bound by a Code of Ethics.
International Professional
Practices Framework (IPPF)
International Standards
Standards for what to do: setting
up a function; completing audit
work; reporting lines
Definition
A standard for
the profession
Code of Ethics
Behaviours for individuals
Working to improve the management
of risk and develop the profession
• The Institute contributes to the debates on governance and the management of risk, through
relationships with key government departments and regulators and collaboration with other
professional bodies
• International Standards form the basis of the Irish Government and UK Government’s standards
for public sector internal audit.
• Invited by the UK financial regulator to create sector specific guidance on internal audit (due for
publication in 2013)
The regulator’s expectations : Robust guidance, agreed by the industry, which
provide principles that firms can assert they comply with; and supervisors
can measure and monitor IA effectiveness.
The internal audit profession
in Ireland
The institute has 764 members in Ireland – over 300 in the financial services sector
Over 200 of our members hold the Institute's qualifications, including over 120 Chartered
Internal Auditors (35 of whom work in the financial services sector)
The Institute’s Irish region network embraces members in the North and South and runs
a number of events each year. An annual conference takes place in the Spring.
Regional Chair’s contact details:
Nuala Comerford
Tel : +353 1 414 9210
Email : ncomerford@sdublincoco.ie
www.iia.org.uk
Questions ?
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
TECHNICAL MESSAGES OF THE IIA – UK AND IRELAND
TECHNICAL MESSAGES OF THE IIA – UK AND IRELAND
Big Data As Complementary Audit Evidence
Big Data As Complementary Audit Evidence
Risk management strategy - Leicestershire County Council
Risk management strategy - Leicestershire County Council
Sample environmental sustainability audit - CPSISC E
Sample environmental sustainability audit - CPSISC E
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
Download
advertisement