Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

In my view the risk management and internal audit functions of firms

advertisement 
Improving internal audit performance
through quality assurance
IIA Scotland Annual Conference
Dr Ian Peters, Chief Executive
Thursday, 1st November, 2012
A changing world
Loss of confidence in financial services
Public sector under pressure
Globalisation of risk
Increasing expectations of governance, control and internal audit
Low expectations
Low expectations of internal audit meant that it was largely ignored in the
analysis of corporate governance in the banks
Walker review (Nov 2009):
“Some concern was expressed at the very limited discussion of
audit, in particular internal audit… this reflected judgement that the
principal failures that afflicted problem banks did not principally
arise under the rubric of ‘audit’.”
Increasing expectations
Surveys:
E&Y
- 80% of boards and CEO’s acknowledged that their internal audit functions
have room for improvement
- Internal audit needs to increase relevance to achieving strategic objectives
PwC
- Internal audit needs to develop a more strategic, proactive mindset, capable
of identifying risk in relation to strategic objectives, evaluating their threat,
recommending controls
Increasing expectations
National Audit Office Value for Money Report (June 2012)
“There needs to be a clearer statement of the important role of internal audit from the
Treasury on one side and a determined move to deliver internal audit’s full potential
across government on the other.“
Amyas Morse, Comptroller and Auditor General, NAO, 20th June, 2012
Increasing expectations
National Audit Office Value for Money Report (June 2012)
Key findings:
•
Government has not ‘set a clear expectation’ of what an effective internal audit function should deliver
•
Chairs of audit committees and other senior stakeholders expect more from their internal audit
service - Internal audit should be the eyes and ears of management
•
Variations in quality and coverage mean that internal audit work is often not reliable to support NAO’s
external audit work
•
Little consistency in the application of standards by internal audit. Little consistency in the scope of
internal audit coverage across the range from strategic issues to core information systems.
Increasing expectations
Basel principles for internal audit functions in banks (June 2012)
“Banks should have an internal audit function with sufficient authority, stature, independence,
resources and access to the board of directors. Independent, competent and qualified
internal auditors are vital to sound corporate governance.”
Increasing expectations
Basel principles for internal audit functions in banks (June 2012)
•
The bank’s internal audit function must be independent of the audited activities, which requires it to
have sufficient standing and authority within the bank, thereby enabling internal auditors to carry out
their assignments with objectivity
•
The board should support the internal audit function in discharging its duties effectively
•
Bank internal auditors should comply with and to contribute to the development of national and
international professional standards, such as those of the IIA.
•
Professional competence, including the knowledge and experience of each internal auditor and of
internal auditors collectively, is essential to the effectiveness of the bank’s internal audit function.
Increasing expectations
Andrew Bailey, Executive Director and member of the Financial Policy Committee,
Bank of England; Managing Director of the Prudential Business Unit, FSA
“In my view the risk management and internal audit functions of firms must be active and able
to push their case strongly …[boards] and senior management must be supported by robust
and well - functioning risk and audit functions (internal and external). Unfortunately, when I
look across the landscape, I don’t believe that we are in the right place today in terms of the
role and influence of these risk and audit functions.”
Common themes
Status and authority
The right relationship with the board and the audit committee
Clear expectations
Independence and objectivity
Adherence to standards
Skills and competence
Meeting expectations
‘Internal Audit in Practice’ – a series of case studies with the National
Audit Office – promoting new ideas and best practice
Public sector standards (in collaboration with CIPFA) – a joined-up
approach across the public sector
Financial services sector guidance project – responding to the
demands of the sector and the regulator
External Quality Assessment (EQA) - a new service for members
Are internal audit teams
evaluating their capabilities?
IIA Survey
Internal Auditing 2012 : Trends and Outlook
- 90% of boards and executives indicate that adherence to the IIA
Standards increases their confidence in internal audit.
- However: 30% of internal audit teams have no formal quality
assurance programme. And 60% have not undergone an external
quality assessment.
Why measure quality ?
Not only because the Standards say so…
Attribute standard 1312:
‘External assessments must be conducted at least once every five
years by a qualified, independent reviewer or review team from
outside the organisation.’
Why measure quality ?
…But because it helps you to :• Understand how /where to deliver greater value to stakeholders,
customers and your organisation
• Establish a culture of continuous improvement
– Improve efficiency and effectiveness
– Develop and motivate your people through opportunities and increased job
satisfaction
• Demonstrate credibility and professionalism to management and
non-executives.
External Quality Assessment services
• Self Assessment Checklist
• Validated Self Assessment
• Facilitated or Guided Self Assessment
• External Quality Assessment
chris.baker@iia.org.uk. Mob 07966 494462 www.iia.org.uk/quality
External Quality Assessment
(EQA) Services
Already proving popular across sectors :
Completed :
•
•
•
•
•
•
A higher education internal audit consortium
An international insurance group
A global healthcare and medical insurance company
An international charity
A food ingredients and consumer goods manufacturer
A regional accountancy and financial advisory firm
Agreed :
•
•
An international insurance and risk management company
A defence agency
EQA findings
•
Weak links between an organisation’s key risks and their internal audit
plans - Due to under developed risk management processes
•
Poor co ordination of assurance - Duplication /gaps in assurance, making it difficult for
audit committees to see the full picture
•
Audit committees seeking to understand what the right level of internal audit resource is
Narrow assessments of internal audit’s performance
•
Poor internal communication/promotion of internal audit to aid understanding and build
relationships.
Questions ?
Follow me on Twitter: @doctorianp
Follow the Institute on Twitter: @CharteredIIA
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Marketing Plan Rubric
Marketing Plan Rubric
Big Data As Complementary Audit Evidence
Big Data As Complementary Audit Evidence
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
system audit - Study Channel
system audit - Study Channel
Most Important Issues Confronting Colleges
Most Important Issues Confronting Colleges
Lutz Internal Audit Director 10 22 2015
Lutz Internal Audit Director 10 22 2015
Download
advertisement