Audit Process: How to Successfully Plan Audit - PowerPoint PPT Presentation

Loading...

PPT – Audit Process: How to Successfully Plan Audit PowerPoint presentation | free to download - id: 7c778a-MmMwN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Audit Process: How to Successfully Plan Audit

Description:

Learn how to effectively plan your audit to successfully complete the auditing process. – PowerPoint PPT presentation

Number of Views:62

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Audit Process: How to Successfully Plan Audit


1
Audit Process How to Successfully Plan Audit
2
What is an Internal Audit?
  • As defined by the Institute of Internal Auditors
    (IIA), internal audit is an independent,
    objective assurance and consulting activity
    designed to add value and improve an
    organization's operations. It helps an
    organization accomplish its objectives by
    bringing a systematic, disciplined approach to
    evaluate and improve the effectiveness of risk
    management, control, and governance processes.

3
Types of Audits
  • First-Party Audits These are performed within an
    organization to measure its strengths and
    weaknesses against its own procedures or methods
    and/or external standards. Internal audits are
    first-party audits and are conducted by auditors
    who are employed by the company being audited,
    but have no vested interest in the audit results
    of the area(s) being audited.
  • Second-Party Audits These are external audits
    performed on a supplier by a customer or by a
    contracted firm (consulting firm) on behalf of a
    customer.
  • Third-Party Audits These are external audit
    performed on a supplier or regulated entity by an
    external participant other than a customer. They
    are conducted for recognition or registration
    purposes are performed either by Extrinsic
    Regulatory (FDA, FAA, NRC, USDA) or Registrars
    (ISO9001, AIB, JCAHCO ).

4
Phases of Audit Program
5
Plan Audit Properly
  • During the planning phase, the following has to
    be done
  • The purpose of the audit
  • A complete description of the GRC program. This
    should include details such as the entity which
    is to be audited and the key measures of the
    program
  • The scope of the audit and the scope exclusions
  • The objective of the audit and the approach to be
    taken
  • A high level schedule of the audit and a detailed
    timeline
  • The necessary skills needed to complete the audit
  • The selection of members of the internal audit
    team
  • Any other resources required for successful
    completion of the audit
  • Document management and archival/ retention
    policies and processes

6
Define Audit Scope and Objectives
  • Defining the scope of the audit and its
    objectives is an important part of planning the
    process, ensuring that the audit is carried out
    successfully.
  • In order to conduct a successful GRC program
    audit, the auditors need to have a thorough
    understanding of the following
  • The organizations culture, business, strategic
    goals and objectives
  • Key risks that the program and the organization
    face
  • The organization and structure of the GRC program
    and its future evolution
  • Auditors must determine the following
  • The major operational processes
  • Various initiatives being implemented within the
    organization
  • The IT systems that support the operation of the
    GRC program

7
Audit Objectives
  • An audit of a GRC program should have the
    following objectives
  • Evaluate the tone at the top Is it proper and
    effective in promoting a culture that is ethical
    and compliant?
  • Check if the program provides reasonable
    assurance of compliance with organizational
    policies and all applicable laws and regulations.
  • Determine if the motivation/incentive/reward
    system is well planned and structured.
  • Determine if the GRC program has a robust
    management framework that is well documented and
    has enough resources to carry out its tasks.
  • Check whether the GRC program has been
    implemented and if the programs performance
    reporting system accurately represented the end
    results of the programs efforts.
  • Conduct a cost-benefit analysis of the GRC
    program.
  • Determine whether the program is up-to-date with
    prevailing industry practices and is adequate for
    the size and complexity of the organization.
  • Include other audit objectives that the board or
    management has requested.

8
  • Want to learn more about audit, its process and
    best practices for auditing? ComplianceOnline
    webinars and seminars are a great training
    resource. Check out the following links
  • Risk Based Internal Auditing (RBIA)
  • Internal Auditing Essentials for Medical Device
    Manufacturers
  • How to Audit GRC Programs?
  • Role of the Audit Committee in Corporate
    Governance
  • Internal Audit's Role in Enterprise Risk
    Management
  • OCEG Approved GRC (Governance, Risk and
    Compliance) Professional Seminar
  • Auditing Technology and IT Investment Management
About PowerShow.com