Uploaded by Shafayat Shafin

AIS Porject [Internal Auditing, Control & Risk Management]

Subject & Section->
Accounting Information System (Sec A)
Internal Auditing & Internal Control & Risk
Management in AIS
Niaz Mohammad
Table of Content & Sub content
 Introduction
 Objectives
 Literature review
 Opportunities
 Challenges
 Bangladesh Perspective
Internal auditing is associate freelance, objective assurance associated consulting
activity designed to feature price to and improve an organization's operations. ...
Professionals known as internal auditors are used by organizations to perform the
interior auditing activity. Internal audits value a company’s internal controls,
together with its company governance and accounting processes. These audits
guarantee compliance with laws and laws and facilitate to take care of correct and
timely money reportage and knowledge assortment. Internal audits conjointly give
management with the tools necessary to realize operational potency
Control that create method, established by associate entity's board of administrators,
management and alternative personnel, designed to supply affordable assurance:
That data is reliable, correct and timely. Of compliance with applicable laws, laws,
contracts, policies and procedures. Associate Auditor ought to make sure that bound
rules and procedures are followed by the business unit he's engaged on, in spite of
the actual fact that an electronic equipment of control is as sole responsibility of the
management. The Auditor will merely guide or facilitate the management if he's
asked to try and do therefore, as a result of he has no authority to inflict such rules
and procedures. The degree of reliance on the system depends upon the effectiveness
of control system; thus, the Auditor ought to review and value the interior system of
a corporation to organize his program.
For all businesses, there square measure risks that exist and wish to be known and
self-addressed so as to forestall or minimize losses. Risk is that the threat that an
occurrence, action or non-action can adversely have {an effect on} an organization’s
ability to attain its business objectives and execute its methods with success. Risk is
measured in terms of consequences and probability.
Risk management should management known risks to assist the corporate deliver
the goods its performance and profitableness targets, stop loss of resources,
guarantee reliable monetary coverage, and guarantee compliance with laws and
rules, avoiding injury to its name and different consequences.
Objectives & background of system
The auditor's opinion that accompanies money statements is predicated on Associate
in nursing audit of the procedures and records won’t to turn out them. As a part of
Associate in nursing audit, external auditors can take a look at a company's
accounting processes Associate in nursing internal controls and supply an opinion
on their effectiveness. An inside audit could be a make certain is conducted at
specific times, whereas management control} is to blame for checks that are ongoing to create certain operational potency and effectiveness are achieved through
the control of risks.
Internal Control->
 Internal control system provides reliable and accurate data that is necessary
for decision making and to run business activity efficiently.
 Adequate internal control system safeguard business assets, in absence of it,
assets of the company may be stolen, misused or accidentally destroyed.
 Internal control system within organization is necessary to discourage and stop
non performing business activities and to protect business from wastage is all
aspects of the business.
 Internal control system insures that rules and procedures are to be followed by
business personnel.
Internal Auditing->
 Management decision to choose cost effective control system may reduce the
effectiveness of internal auditing system.
 There are chances of misuse by a person of authority who is operating on
internal control system & auditing process.
 Objectives of internal systems may be defeated by manipulation of
 Since internal auditing is involved in routine transactions, irregular
transactions may be overlooked.
 Changes in conditions may affect the effectiveness of internal control & also
The objective of risk management is to assist determine and document the
organization's risks in vital business methods and also the internal controls inside
every process to mitigate those risks. Risk management must control identified risks
to help the company achieve its performance and profitability targets, prevent loss
of resources, ensure reliable financial reporting, and ensure compliance with laws
and regulations, avoiding damage to its reputation and other consequences.
Literature review
The Internal control system ought to be reviewed by the Auditor before star audit
as delineated below −
1. To frame programmer consistent with gift circumstances. Frauds, errors and
mistakes are seemingly to be situated or not.
2. To review existence of internal programmer and to envision the potency of
control system.
3. To review the dependability of reports, records and certificates as conferred
by the management.
4. To check if there's any chance of improvement in existing control system.
5. Reviewing the system of accounting entries, whether or not recorded as per
principle or not.
The objective supported the subjective judgment of the authority and also the control
analysis of the pure mathematical model. Early control studies have shown that
private judgment and skilled expertise have a major impact on control analysis,
therefore the analysis of control is generally supported this…
The internal audit projected by the on top of students doesn't ought to swear an
excessive amount of on the subjective judgment of the authority, or is just too strictly
physics and physics, leading to the dearth of sensible proxy variables within the
actual application, the model hypothesis is tough to simply accept and also the price
of use is comparatively high. In advanced things, they're not wide adopted in
observe. However, it arranged the inspiration for the follow-up researchers to still
study and construct a scientific and affordable internal audit analysis system…
The audit system reviewed by the Auditor before star audit as delineated below −
1. Internal audits square measure the mechanisms, rules, and procedures
enforced by a corporation to confirm the integrity of monetary and accounting
info, promote irresponsibleness and stop fraud.
2. Besides yielding with laws and laws, and preventing workers from stealing
assets or committing fraud, internal auditors will facilitate improve operational
potency by rising the accuracy and timeliness of monetary news.
3. Internal audits play a vital role in a very company’s internal controls and
company governance, currently that the Sarbanes-Oxley Act of 2002 has created
managers de jure to blame for the accuracy of its money statements.
4. An internal audit offers risk management and evaluates the effectiveness of a
company’s internal controls, company governance, and accounting processes.
5. Internal audits offer management and board of administrators with an added
service wherever flaws in a very method could also be caught and corrected
before external audits.
In today’s difficult world economy, there's a necessity for distinctive, assessing,
managing associate degreed observance an organization’s business opportunities
and audit risks. The idea of enterprise risk management (ERM) helps elevate the
main focus of risk management from the plan of action to strategic level. The aim of
this publication is to deal with a number of the foremost normally asked queries with
relation to ERM. It offers ideas, suggestions and insights to executives to blame for
ERM implementation..
In the past, crises of this nature failed to target the role of internal auditing.
Today, several square measure trying to the inner audit operate and
therefore the chief audit government as a part of the answer to a perceived
breakdown within the systems of business coverage, control, and moral
behavior. The matter has become thus severe that even the overall public is
setting out to perceive the essential role that the inner auditing profession
will play. Company management must amendment, however it conjointly
must be able to demonstrate the quality of its leadership. Specifically, at
intervals organizations, those charged with governance got to offer
assurances that they need enforced effective governance processes which
all info reportable to the general public is itself credible. The inner auditing
profession’s role during this method are often a big one. we have a tendency
to conjointly believe that the key to continued development of basic, applied,
and education analysis in internal auditing is to require advantage of our
information of accounting establishments and call settings to supply a basis
for the choice of vital analysis topics.
Chance risk management may be a vital component in each enterprise. Risk
assessment is taken into account because the basis that has an effect on
the sort and severity of the undertaken strategy... The audit management is
meant to create tutorial researchers additional aware of the wealthy context
of internal audit apply whereas presenting abstract frameworks that may
promote higher understanding of connected ideas and theories & Risk
Management helps to a method during which the advantages square
measure tangible. The secret's to make sure that risk manage is as well as
in each method at intervals the enterprise. During this respect, the analysis
queries appended to every chapter are often very useful in selecting one or
additional lines of analysis merit exploration and investigation. Not solely this
however conjointly chance Management helps eliminate poor ideas before
they consume substantial resources and permits at an equivalent time the
event of powerful ideas that support the continued development of the
enterprise. Like with managing opportunities, Associate in Nursing audit risk
manager is answerable for organizing a team which can follow a risk
treatment arrange and report back on current progress of project risk
management strategy to beat from this.
The audit profession in East Pakistan is within the initial stages of clutches
technology. The unexpected move to a virtual setting could be an important
initial shift. Getting audit proof is wherever the crisis begins. Access to the
first document, confirming the supply, and management over preparation,
are important factors of ‘evidence.’ The audit proof that's 'sufficient and
appropriate' to create a basis for an opinion is currently completely different.
Remote access, electronic records, scan copies of the document, video
conferencing, and virtual conferences are the new toys. These changes be
getting balance confirmations and account statements.
Auditors can need to use their judgement in determinative if the proof
therefore obtained is reliable. They need to exercise skepticism regarding
such records' credibleness and perform further procedures to assess
controls over manufacturing these electronic records.
Revision of audit plans
Risk assessment could be a dynamic method in an audit. Auditors should
assess further risks conferred because of Covid-19, the changes within the
organization’s operations and methods, and revise existing audit plans
Auditors ought to assess the impact on accessibility the provision chain,
reducing client base, new channels of operation, written agreement
breaches, worker absence, changes in method and procedures to fulfill the
present setting, modification to elements of controls, and also the risk of
fraud. Audit groups will need to contemplate the impact on materiality
because of all of those.
Going concern
The pandemic has forced governments to implement physical restrictions
that have caused disruptions to operations. These embrace supply-chain
disorder, hyperbolic value of materials, export restrictions, reduced demand,
and loss of contracts, delays in money flows, problem grouping debts and
liquidity problems.
Audit groups can need to assess the management's assessment of the
organization as a going concern. They’ll need to check if all factors impacting
a going concern are thought of and perform further audit procedures to check
the assumptions employed in such analysis. These embrace management's
forecasts, the amount thought of, the chance of uncertainty, prolonged
imprisonment measures in several geographical locations and then on.
Asset verification
Lockdown has had a major impact on physical inventory counts ANd quality
verifications in an audit. There ar things wherever physical count couldn't be
administrated by the organization at the amount finish, absence of auditors'
physical presence throughout the physical count, inventory command at a
third-party location.
Audit groups can need to assess if physical count is administrated on a
special date, with further procedures like rollback, remote observation
through a live feed, or perform alternate procedures like document
verification, and reconciliation. Wherever physical verification or alternate
audit procedures don't seem to be potential to get decent proof, auditors
could need to assess the impact on their opinion.
Accounting estimates
Accounting estimates and disclosures ar the responsibilities of the
management. They’re pervasive throughout the money statements and also
the audit. Some examples are: impairment of assets, providing for a decline
in price of investments, valuation of assets, and loans and advances. The
management uses assumptions and projections within the use of such
estimates. The uncertainty around these assumptions might increase, as
there's no clarity on however long Covid-19 can last.
Auditors should check the appropriateness of the assumptions, ways
applied, and dependableness data of used. Procedures ought to embrace a
take a look at for connation and appropriateness to the present setting. The
audit team could need to use specialists (say, valuation specialists), as
If the parent company's auditor isn't the auditor of all the part corporations,
he uses the part auditors' work. In these times, the principal auditor could
face challenges in meeting the part audit team, evaluating and review
essential audit operating papers, acquire decent acceptable proof in time, or
perhaps face restrictions within the transfer of knowledge. Wherever the part
auditor has not been able to get adequate proof or perform audit procedures,
it might impact the audit of the cluster entity.
Subsequent events
Management is needed to think about events that occur once the reportage
amount and use their judgements in preparation of monetary statements.
Amounts recognized within the money statements are adjusted to replicate
adjusting events, whereas solely disclosures are needed for material nonadjusting events. Given the uncertainties concerned round the pandemic
amount, the management's assessment can need to be reviewed oft and
updated until the money statements are issued.
Focus on data security
The pandemic has forced folks to admit technology at a pace that
organizations wouldn't are ready for. This includes enabling a piece from
home setting, remote access to records, data, information, ERP, processing,
information transfer, cloud storage, and virtual conferences.
This hyperbolic role of technology has introduced a further specialize in data
technology reviews in audits, for auditors to get confirmation and assurance
on controls for the safety, availability, confidentiality, and privacy of the
knowledge collected, processed, stored, and their disposal. The absence of
such outlined technology controls in organizations that don't seem to be
matured would need further audit procedures.
In short, the neo-normal challenges need the auditor to appraise crucial
aspects of the audit ceaselessly. Hence, the audit procedures can need to
be dynamic and strong with the dynamic times. Several parts of AN audit are
going to be compact by the pandemic, and therefore the importance of the
exercise of skilled skepticism and judgement by auditors obtains a lot of
substantial significance.
Bangladesh Perspective
Bangladesh Securities and Exchange Commission and the Institute of Chartered
Accountants of Bangladesh have demonstrated a keen interest in implementing
International Accounting Standards (IAS) and International Standards on Auditing
(ISA) to upgrade the quality of corporate financial reporting. Various steps have
already been taken, however, further results will require the design and
implementation of a comprehensive action plan on accountancy reform. This report
includes policy recommendations, which may be used as in puts for such an action
plan. This report provides an assessment of accounting and auditing practices within
the broader context of the Bangladesh institutional framework and capacity needed
to ensure the quality of corporate financial reporting. The accounting and auditing
practices in Bangladesh suffer from institutional weaknesses in regulation,
compliance, and enforcement of standards and rules. The preparation of financial
statements and conduct of audits, in many cases, are not consistent with
internationally acceptable standards and practices. Better-qualified graduates
generally do not join the accounting profession because it is not viewed as a
stepping-stone to a rewarding and prestigious career. The out-of-date legal
requirements, widespread noncompliance with accounting and auditing standards,
in effective enforcement mechanism, poor quality accounting education and
training, and inadequate adherence to professional ethics have contributed to the
weakness of the financial reporting regime. The policy recommendations provided
in this report focus on improving statutory framework, strengthening enforcement
mechanisms, upgrading professional education and training, and enhancing capacity
of regulatory and professional bodies. A major recommendation is that an
independent oversight body Financial Reporting Council should be established…..
 (https://www.scribd.com/document/250498179/Audit-Perspective-in-Bangladesh)
 (https://repository.up.ac.za/bitstream/handle/2263/52871/Motubatse_Perceived_2015.pdf?seq
 (https://bloncampus.thehindubusinessline.com/accountancy/auditing-presents-newchallenges-in-covid-times/article33289699.ece)
 (https://www.scirp.org/journal/paperinformation.aspx?paperid=102301)
 (https://www.emerald.com/insight/content/doi/10.1108/MAJ-08-2018-1980/full/html)
 (https://www.tutorialspoint.com/auditing/auditing_internal_control.htm)
 (https://www.investopedia.com/terms/i/internalaudit.asp)
 (https://www.knowledgeleader.com/knowledgeleader/content.nsf/web+content/uciarmthebasics)
 (https://mymanagementguide.com/project-risk-management-strategy-defining-threats-andtaking-opportunities/)