Add to collection(s) Add to saved
  1. Business
  2. Finance

IACM - E1-L2-1 - The Institute of Internal Auditors

advertisement 
Internal Audit Capability Model (IA-CM) for the Public Sector
Detailed Key Process Areas
Services and Role of Internal Auditing
Level 2 – Infrastructure
Compliance Auditing
Purpose — To carry out an audit of conformity and adherence of a particular area, process, or system to
policies, plans, procedures, laws, regulations, contracts, or other requirements that govern the conduct of
the area, process, or system subject to audit.1
Essential Activities
• Include in the internal audit charter the nature of the assurance services provided to the
organization.
• Plan the internal audit engagement:
o Communicate with client management (e.g., through an audit engagement letter).
o Identify the relevant authorities/criteria.
o Obtain management acceptance of the audit criteria.
o Document the control framework.
o Identify the audit objectives, scope, and methodology (including sampling methodology).
o Develop the detailed audit engagement plan.
• Perform the audit engagement:
o Apply specific audit procedures.
o Document the procedures performed and their results.
o Evaluate the information obtained.
o Draw specific conclusions and develop recommendations.
• Communicate the results of the audit engagement:
o Prepare the report or other mechanism to communicate the engagement results.
o Establish and maintain a system to monitor the disposition of results communicated to
management (e.g., a follow-up process to ensure management actions have been effectively
implemented).
Outputs
• Documented audit engagement results/report are provided to appropriate parties (including the
external auditor, where relevant).
• Working-paper file that supports the audit conclusions and contents of the audit engagement
product/report.
• Management action plan, if necessary.
Outcomes
• Assurance that the area, process, or system subject to audit operates in compliance with relevant
authorities/criteria.
• Added value by identifying opportunities to improve the achievement of organizational objectives
and the effectiveness of operations.
• Prevent, deter, and detect illegal acts or violations of established policies, procedures, or contract
requirements.
Institutionalizing Practice Examples
• Internal audit charter includes the nature of the assurance services provided to the organization.
• Documented audit programs, procedures, and internal control questionnaires.
• Documented internal audit engagement guidelines.
• Internal audit engagement training.
1
This includes the audit of financial transactions, including an evaluation of compliance with applicable statutes and regulations; the
audit of the probity and propriety of administrative decisions taken within the audited entity; and any process-approach internal
auditing.
© 2009, The Institute of Internal Auditors Research Foundation
Disclosure statement
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
CIS 349 – Information Technology Audit and Control
CIS 349 – Information Technology Audit and Control
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
Lutz Internal Audit Director 10 22 2015
Lutz Internal Audit Director 10 22 2015
LGFMA Presentation - Internal Audit Program Model
LGFMA Presentation - Internal Audit Program Model
Fetal Medicine Foundation - FMF
Fetal Medicine Foundation - FMF
Download
advertisement