Internal Audit Policy Presentation

advertisement
Auditing: A critical Tool for the
Control in the University
Presentation at 3 Day Workshop
February 19, 2013
09/01/2013
Prepared by Dan Bart - Plange
1
Summary of Audit Policy
•
•
•
•
•
•
•
•
Mission, Vision, objective
Authority & Responsibility
Independence / Confidentiality
Standards & Code of Ethics
Responsibility for detecting fraud (Investigation)
Scope of Internal Audit function
Other services provided by Internal Audit
Audit Process (gathering evidence, entry / exit
conference)
• Reporting
• Relationship with External Auditors
09/01/2013
Prepared by Dan Bart - Plange
2
Introduction
• Internal Auditing is an activity; and it is either
– An Assurance Activity or
– A Consulting Activity
Designed to add value to the operations of the
organisation
• It is suppose to Manage risk (risk defined) in an
organisation through
– Risk Identification
– Risk Evaluation
– Control / develop response to the Risk
• Internal Audit ends at report and recommendation
09/01/2013
Prepared by Dan Bart - Plange
3
Mission & Vision
• The mission of the Internal Audit Department is to
provide independent and objective reviews and
assessments of
–
–
–
–
business activities,
operations,
financial systems and
Internal controls of KNUST.
• The reviews are to ensure that University resources are
used efficiently and effectively
• All resources are to be used to achieve the Goal of the
University
• Therefore Internal Audit help the University achieve its
goals.
09/01/2013
Prepared by Dan Bart - Plange
4
Authority & Responsibility
• The Internal Audit function derive its authority
from the Statute of the University and the
Internal Audit Agency Act, 2003; Act 658
• Section 17 of the statute mandates the Internal
Auditor to
– Ensure that Internal Auditing system of the
University is Efficient & Effective
– Carry out periodic internal audit of the University in
conformity with standards & the Law
– Recommendations should be implemented by
Finance Committee
09/01/2013
Prepared by Dan Bart - Plange
5
Independence & Confidentiality
1. Independence
In the context of External auditing - having no business
relationship or interest in the company you audit
• Independence in the context of Internal Audit (refer to
Std) is having a reporting line which enables you to
review all job areas – satisfied
2. Confidentiality :
• All information obtained during an audit is deemed
confidential unless otherwise instructed. Staff are not
supposed to disclose audit information to anybody.
• Audit Reports are highly confidential
09/01/2013
Prepared by Dan Bart - Plange
6
Standards & Code of Ethics
• We use International Standards for the
Professional Practice of Internal Auditing
–
–
–
–
Planning
Gathering evidence
Documentation of work
Reporting
• We have not developed any Code of Ethics for
ourselves except that Audit staff should:
–
–
–
–
09/01/2013
Have Integrity
Be Objectivity
Be Professional on the job
Be discreet about information
Prepared by Dan Bart - Plange
7
Responsibility for Detecting Fraud
• When it comes to fraud it is a shared responsibility
• The management of the University is
responsible for establishing and maintaining
controls to discourage perpetuation of fraud.
• Internal Audit is responsible for examining and
evaluating the adequacy and effectiveness of
those controls.
• Audit programmes are developed in such a way
that when there are serious fraud, the audit
should be able to identify it
09/01/2013
Prepared by Dan Bart - Plange
8
Scope of Internal Audit
• Statute 47 assign the following responsibilities to
QAPU (in part)
• Coordinate the activities of the University’s
Colleges, faculties & Departments regarding:
– Strategic plan preparation, implementation &
monitoring and evaluation
– Academic and Service excellence in respect to teaching,
research, administration and other services
• Everything shall be done in consultation with the
Provost, Deans and Heads of Departments
09/01/2013
Prepared by Dan Bart - Plange
9
Scope of Internal Audit
• The rest (non - academic activities) are for Internal Audit
– Governance & Organizational Management
(Policies)
– Assets management (including use of KNUST
vehicles)
– Budget preparation and monitoring
– Revenue management
– Cash management
– Payments procedures
– Procurement / stores procedures
– Financial reporting
09/01/2013
Prepared by Dan Bart - Plange
10
Scope of Internal Audit
• Implementation of policies from Management
(A critical Tool For Control In the University)
–
–
–
–
–
–
–
–
–
09/01/2013
Supporting document for payments
Authority level for payment
Permission for Travelling
Assets register
Retiring of special advance
Preparing of budget
Packing of vehicles after 5 pm
Banking of income
Etc.
Prepared by Dan Bart - Plange
11
Scope of Internal Audit
• Over the years, the scope of Audit in the
University has been skewed towards; the
following :
–
–
–
–
reviewing of P.V, (Pre – Audit)
Verifying items purchased (Verification)
Reviewing cash book
Special assignments / investigation
• This reviews, even though still relevant, the
procedure has to be improved to address the
changing circumstances of the University; bear
with us.
09/01/2013
Prepared by Dan Bart - Plange
12
Scope of Internal Audit
• The following have started on a pilot basis:
– New approaches to verification of items where
we visit the departments and confirm the receipt
of the goods, the quality and delivery period etc.
– Revenue Reviews – where we will give assurance
to Provost, Deans / HODs on the component of
your revenue, the part transferred to
investments, other transferred made, etc
• We will need your cooperation in the area of
supply of information and implementing
acceptable recommendations
09/01/2013
Prepared by Dan Bart - Plange
13
Scope of Internal Audit
• A lot of Internal Audit departments in Government
Agencies devoted all their efforts on cash / assets
loss in the past
• This has created some misconception about
Internal Audit in organizations till date
–
–
–
–
–
Audit is only Monetary
Every Audit job is equated to investigation
Audit should uncover fraud
Audit should arrest and dismiss culprit
Audit report should always have something to do with
cash loss
– etc.
• This has to change and see Audit as partners for
development
09/01/2013
Prepared by Dan Bart - Plange
14
Scope of Internal Audit
• Cash / asset loss is still relevant but what is
killing government organisation these days is
inefficiency
• There is the need to tackle inefficiency, waste of
resources and cash / assets loss together
• Some perceptions
– Compare the finances with Elephant
– Compare inefficiencies with the movement of a ship
– Being paid extra for your normal job
09/01/2013
Prepared by Dan Bart - Plange
15
Other Services Provided by Internal
Audit
•
In the definition of Internal Audit, Consulting
Activity is part of the functions; here Audit is to
suggest new and improved ways to add value to
the organisation. In the University:
–
–
–
–
Assets disposal
Use of ICT to improve efficiency
Accounting for Power & water distribution
Obtaining value for money from suppliers of goods and
services
– Effective use of available facilities
– etc
09/01/2013
Prepared by Dan Bart - Plange
16
Other Services Provided by Internal
Audit
• Give Professional Accounting advice to all
income generating units on
–
–
–
–
–
–
How to increase profitability
Investment appraisal issues
Preparation of budgets at departments / units
Variance analysis report
Stocks controls
Etc
Everything on my slide portray what Audit can do, the
next time we meet it should be what we are doing
09/01/2013
Prepared by Dan Bart - Plange
17
Audit Process
The following are the broad guidelines in
audit process
• Planning
• Gathering evidence
• Documentation of work
• Entry / Exit conferences
• Reporting
09/01/2013
Prepared by Dan Bart - Plange
18
Reporting & Follow - Up
Audit Reports should be:
• Timely
• Concise and Constructive
• Discussed with the audit client and have their
inputs
• Addressed to the Chief Executive and Council sub
committee on Finance
Follow – up should be done on previous audit
recommendations
Control environment is very critical for internal
audit to thrive in organisations (implementation
of recommendations)
09/01/2013
Prepared by Dan Bart - Plange
19
Conclusion
• Define "… an independent, objective,
assurance and consulting activity designed to
add value and improve an organization's
operations.
• It helps an organization accomplish its
objectives by bringing a systematic, disciplined
approach to evaluate and improve
effectiveness of risk management, control, and
governance processes.”
09/01/2013
Prepared by Dan Bart - Plange
20
Q&A
Thank You
09/01/2013
Prepared by Dan Bart - Plange
21
Download