Chapter1
Chapter1
Chapter1
1. What is operational auditing and how can it add value to the organization?
Internal auditing is an independent, objective assurance and consulting activity designed to add
value and improve an organization’s operations. It helps an organization accomplish its
objectives by bringing a systematic, disciplined approach to evaluate and improve the
effectiveness of risk management, control, and governance processes.
2. Explain the importance of independence and objectivity and how having unfettered access
within the organization impacts the internal auditors’ ability to review any program, process,
system, record, at any time and perform operational reviews.
Independence has to do primarily with the position of internal audit within the organization’s
hierarchy. Internal audit should report to the audit committee (or its equivalent) on the board
of directors so it receives advice and support to perform its duties. Furthermore, internal audit
should not be under the control of those they audit. This direct reporting line to the highest
authority within the organization will help internal audit reach its full potential, and also get the
attention from those whose influence, recognition, and respect can compel corrective action of
any anomalies identified by the auditors.
Objectivity is related to the auditors’ frame of mind and their ability to examine documents,
processes, and programs without a bias, without an agenda, with no other motive than to find
the truth and communicate it accurately and promptly. Conflicts of interest are one of the
biggest threats to objectivity, so internal auditors must be careful to balance maintaining
healthy professional and social relationships with others in the organization without becoming
too cozy with them.
3. Describe the difference between retrospective reviews that focus on past events and
prospective engagements. List some of the future threats that internal auditors should
include in their assessments.
The traditional approach to internal auditing was to perform postmortem reviews to verify that
what was done was done appropriately. This was a practice that followed in the footsteps of
public accounting firms, which inspect transactions that occurred during the preceding fiscal
year. Internal auditors need to go beyond inspecting transactions long after they were
performed because the focus now leans toward an examination of future threats and
vulnerabilities that can derail the organization’s goals and objectives in the short, medium, and
even the long term. In fact, focusing on future events and the future implications of present
events would add more value to their organizations than reporting primarily on past events.
When this happens, as has been common practice in the past, the organization dedicates itself
on correcting past issues, which creates rework.
Operational
Technological
Strategic
Environmental
4. What are five of the skills of internal auditors that have been identified as essential for
success in the future? What can your internal audit department do to develop those skills
among its staff?
Communication skills, such as oral, written, report writing, and presentation skills
Problem identification and solution skills, such as conceptual and analytical thinking
Ability to promote the value of internal audit
Knowledge of industry, regulatory, and standards changes
Organization skills
At the individual level, internal auditors, like most professionals today, are expected to take
ownership of their own training and development and not leave it to their employers to decide
and implement. Whereas, in the past, it was common for employees to take a passive
approach, waiting for their employers to tell them when, what, and why training would occur,
today’s auditors should take a more active and engaged approach to their training needs. They
should * Reflect on their present competencies, identify their job needs, and perform a gap
analysis to meet their current skill requirements
Define their career ambitions and chart a roadmap to acquire the skills and competencies
needed in the future
5. Explain the five stages in the IA-CM and its implications for operational auditing.
8. Explain the importance of using business objectives while planning and performing
operational audits, and how to use them when communicating the results of the audit.
By knowing the objective of the business , auditors will come up an idea on how they will create
a plan that will be helpful to the company because basically that is what the business is looking
for. Auditos will explain it more effectively because it meets the business needs cause that was
their objectives.
9. What are the attributes of effective audit evidence outlines in Standard 2310 and what the
implications for operational audits?
Internal auditors must also communicate their conclusions and this requires that their
communications be persuasive. To accomplish this, communications must meet the
requirements of :
◾ Sufficiency. This means that the auditor needs enough information, including quantifiable
facts and figures.
◾ Reliability. Meaning that the information must be trustworthy and free from distortion.
◾ Relevance. This relates to the information being consistent with the objectives and scope of
the review.
◾ Usefulness. This relates to the information helping the organization accomplish its
objectives.Quite often, when clients express confusion, disagreement, or skepticism about the
internal auditors’ communication, it is because the auditor has not met one or more of these
four attributes
10. Explain how an organization could meet its compliance requirements but still fail over the
medium and long term.
Basically all organization must comply all the necessary requirements yo run thrir business but
still the way how they act and manage during operations will judge whether the will last or end
up losing their business.