Add to collection(s) Add to saved
  1. Business
  2. Management

What is Quality?

advertisement 
Quality Assurance in the
Netherlands: Experiences
from 35 Organizations
Hans Nieuwlands CIA CGAP CCSA
CEO IIA Netherlands
Brussels, 20 November, 2014
www.theiia.org/Quality
Outline
•Introduction
•Definition of Quality
•Guidance from The IIA
•QAIP Framework
•Common improvement areas
•Conclusion
Quality Assessments in the Netherlands
www.theiia.org/Quality
What is Quality?
Quality is not an act, it is a habit.
Aristotle
www.theiia.org/Quality
What is Quality?
Quality means doing it right when
nobody is watching.
Henry Ford
www.theiia.org/Quality
What is Quality?
Quality in a product or service is
not what the supplier puts in.
It is what the customer gets out
and is willing to pay for.
Peter F. Drucker
www.theiia.org/Quality
What is Quality?
Quality in internal audit is guided
by both an obligation to meet
customer expectations as well as
professional responsibilities
inherent in conforming to the
Standards.
Practice Guide
www.theiia.org/Quality
Professional Guidance
www.theiia.org/Quality
Standards
1300 – Quality Assurance and Improvement
Program
The chief audit executive must develop and
maintain a quality assurance and improvement
program that covers all aspects of the internal
audit activity.
www.theiia.org/Quality
Standards
Interpretation 1300:
A quality assurance and improvement program is
designed to enable an evaluation of the internal
audit activity’s conformance with the Definition
of Internal Auditing and the Standards and an
evaluation of whether internal auditors apply the
Code of Ethics.
The program also assesses the efficiency and
effectiveness of the internal audit activity and
identifies opportunities for improvement.
www.theiia.org/Quality
Standards
1310 – Requirements of the Quality
Assurance and Improvement Program
The quality assurance and improvement program
must include both internal and external
assessments.
www.theiia.org/Quality
Standards
1311 – Internal Assessments
Internal assessments must include:
• Ongoing monitoring of the performance of the
internal audit activity; and
• Periodic self-assessments or assessments by
other persons within the organization with
sufficient knowledge of internal audit practices.
www.theiia.org/Quality
Standards
Interpretation 1311:
Ongoing monitoring is an integral part of the
day-to-day supervision, review, and
measurement of the internal audit activity.
Ongoing monitoring is incorporated into the
routine policies and practices used to manage
the internal audit activity and uses processes,
tools, and information considered necessary to
evaluate conformance with the Definition of
Internal Auditing, the Code of Ethics, and the
Standards…
www.theiia.org/Quality
Standards
1320 – Reporting on the Quality Assurance
and Improvement Program
The chief audit executive must communicate the
results of the quality assurance and
improvement program to senior management
and the board.
www.theiia.org/Quality
Practice Guides
www.theiia.org/Quality
QAIP Framework
www.theiia.org/Quality
QAIP Components
www.theiia.org/Quality
QAIP Assessment
www.theiia.org/Quality
The Value of a QAIP
www.theiia.org/Quality
Assessments
Standard 1311
– Internal Assessments
Standard 1312
– External Assessments
www.theiia.org/Quality
Common improvement
areas
Definition
- Discuss with (Supervisory) Board
- Include in Charter
Code of Ethics
- Include in manual
- Include in job descriptions
- All staff should acknowledge
compliance annually
www.theiia.org/Quality
Attribute Standards
1000: Purpose, Authority and
Responsibility
1100: Independence and
Objectivity
- Define reporting line to CEO and
Audit Committee (AC)
- Define attendance at AC meetings
- Include hiring/firing of the CAE
www.theiia.org/Quality
Attribute Standards
1200: Proficiency and Due
Professional Care
- Stimulate Professional Certification
- Create Personal Development plan
- Take into account external
developments
- Develop new competencies and
skills(e.g. soft controls)
- Utilize opportunities created by the
employer
www.theiia.org/Quality
Attribute Standards
1300: Quality Assessment and
Improvement Program (QAIP)
- Do the self assessment frequently
- Include Quality aspects in
operational processes
- Check periodically is the manual
needs an update
- Communicate results of quality
assessments to the CEO and AC
www.theiia.org/Quality
Performance Standards
2000: Managing the Internal Audit
Function
- Ensure audit universe is complete up
to date and accurate
- Describe the risk assessment
methodology used
- Document the trail from universe to
audit plan
- Document the reasons for dropped
audits
www.theiia.org/Quality
Performance Standards
2100: Nature of Work
Include in every audit:
- Governance aspects
- Risk Management processes
Advice on these matters in the report
www.theiia.org/Quality
Performance Standards
 2200: Engagement Planning
- Substantiate the Planning
Memorandum, including interviews
- Document red flags used to identify
potential fraud
- Align the audit program with the
specific risk assessment made
- Document manager’s approval of
the audit program, prior to fieldwork
www.theiia.org/Quality
Performance Standards
 2300: Performing the Engagement
-
Document field work done
Substantiate sampling method used
Ensure complete cross references
Document supervision of fieldwork
Create a trail from findings to report
and vice versa
- Finalize all supervision before
issuance of drat report
www.theiia.org/Quality
Performance Standards
 2400: Communicating Results
Ask stakeholders for feedback on the
reports, e.g.:
- Overall quality of report
- Extend to what risks are addressed
- Level of detail
- Clarity of audit opinion
- Readability
www.theiia.org/Quality
Performance Standards
 2500: Monitoring Progress
- Communicate frequently follow up
activities on audit recommendations
to appropriate levels of
management
- Report periodically on high risk and
overdue issues to CEO and AC
www.theiia.org/Quality
Performance Standards
 2600: Communicating the Acceptance
of Risks
- Include the escalation procedure to
be used when senior management
and the CAE disagree on the
acceptance if business risks in the
Audit Charter
- Include this disagreement in the
audit report
www.theiia.org/Quality
Good luck with the External
Quality Assessment
www.theiia.org/Quality
Thank you for your
attention!
www.theiia.org/Quality
Related documents
Overview of GTAG-8 on Auditing Application Controls
Overview of GTAG-8 on Auditing Application Controls
Textbook 3 rd Edition Desk Copy Request Form
Textbook 3 rd Edition Desk Copy Request Form
The IIA Public Sector Update
The IIA Public Sector Update
An Elected Official at Your Event
An Elected Official at Your Event
Getting to Know Internal Auditing - The Institute of Internal Auditors
Getting to Know Internal Auditing - The Institute of Internal Auditors
Audit Skills - Dick Anderson`s Deck for the Presentation
Audit Skills - Dick Anderson`s Deck for the Presentation
The IIA
The IIA
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Applying COSO's Enterprise Risk Management — Integrated
Applying COSO's Enterprise Risk Management — Integrated
Download
advertisement