mu1 module 1 powerpoint
Post on 02-Jan-2016
206 Views
Preview:
TRANSCRIPT
1
Course Name: Internal Auditing and Controls
Module: 1
Module Title: Introduction to Internal Auditing
Lectures and handouts by:
Chuck Campbell
Copyright © The Certified General Accountants Association of British Columbia. All rights reserved.
1
Content of lectures
Audio lectures focus on course content. (For help
with administrative matters, contact your local CGA
office. For help with technical [IT] matters contact
the tech support staff at your local CGA office.)
These audio lectures include a review of past
examination questions and assignment hints for
those modules where assignments have been set.
Please provide your feedback on the online lectures
to: onlinelectures@cga-bc.org
2
Disclaimers
Neither the audio lectures nor PowerPoint slides were designed to be used as a stand-alone resource.
If the lecture contradicts the Module Notes, it is the Module Notes that you are examined on.
I do not know the content of the course exam.
Past exams and solutions are not updated to new material (although the practice exam has been).
Students are responsible for reviewing any Technical Updates and Information Bulletins issued by CGA-Canada during the course.
3
2
Internal Auditing & Controls
Course Overview
Modules 1 to 7 The standards and techniques of internal auditing
Module 1 Introduction to internal auditing
Module 2 Internal auditing standards
Module 3 Risk management, control frameworks, and governance
Module 4 Planning the internal audit
Module 5 Examination phase of the internal audit
Module 6 Internal audit communications and reporting
Module 7 Information technology auditing
4
Internal Auditing & Controls
Course Overview
Modules 8 to 10 Specific examples of applied internal
auditing
Module 8 Marketing, purchasing and production functions
Module 9 Human resources management, treasury
and strategic planning
Module 10 Internal auditing in the public and not-for-profit
sectors
5
Introduction to internal auditing
Module 1
The first module in this course sets the stage for your study of internal auditing (also known as “management auditing”). You consider the definition, development and scope of internal auditing as well as the business environment and its accompanying risks. The various types of internal audits and the relationship between internal auditing and performance measurement are explained. Finally, you study role of professional ethical standards in internal auditing and review case analysis, a technique used frequently throughout this course.
6
3
Internal Auditing & Controls Module 1
Part 1 Introduction to the course
Topic 1.1 Definition of internal auditing
Topic 1.2 Scope of internal auditing
Part 2 Topic 1.3 Functions of management
Part 3 Topic 1.4 Enterprise risk
Part 4 Topic 1.5 Role of the internal auditor
Topic 1.6 Types of internal audit assignments
Part 5 Topic 1.7 Performance measurement
Part 6 Topic 1.8 The ethical climate
Topic 1.9 Ethical considerations
Part 7 Topic 1.10 Introduction to case analysis
Part 8 Module summary – Learning objectives
Recent examination questions
7
Internal Auditing & Controls Module 1
Part 1
Topic 1.1 Definition of internal auditing
Topic 1.2 Scope of internal auditing
8
Definition of internal auditing
Internal auditing has been defined (since June
1999) by the Institute of Internal Auditors as “an
independent, objective assurance and
consulting activity designed to add value and
improve an organization’s operations. It helps
an organization accomplish its objectives by
bringing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk
management, control, and governance
processes.”
9
4
Key terms in the definition
INDEPENDENCE is freedom from conditions that threaten the ability of the internal auditing activity to carry out internal audit responsibilities in an unbiased manner. Such threats to objectivity must be managed at the individual auditor, engagement, functional, and organizational levels.
10
Key terms in the definition (cont’d) INDEPENDENCE is the freedom from conditions that
threaten objectivity or the appearance of objectivity. Such threats to objectivity must be managed at the individual auditor, engagement, functional, and organizational levels.
OBJECTIVITY is an unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires internal auditors not to subordinate their judgement on audit matters to others.
11
Key terms in the definition (cont’d)
ASSURANCE refers to services that provide an objective examination of evidence for the purpose of providing an independent assessment on risk management, control or governance processes for the organization. Examples may include financial, performance, compliance, system security and due diligence engagements.
12
5
Key terms in the definition (cont’d)
ASSURANCE refers to services that provide an objective
examination of evidence for the purpose of providing an
independent assessment on risk management, control or
governance processes for the organization.
CONSULTING refers to services that are advisory and
are intended to add value and improve an organization’s
governance, risk management and control processes
without the internal auditor assuming management
responsibility. Their nature and scope are agreed with
the audit client. They include counsel, advice, facilitation,
and training.
13
Key terms in the definition (cont’d)
ASSURANCE refers to services that provide an objective examination of evidence for the purpose of providing an independent assessment on risk management, control or governance processes for the organization.
CONSULTING refers to services that are advisory and are intended to add value and improve an organization’s operations without the internal auditor assuming management responsibility.
ADDING VALUE to the organization (and its stakeholders) is when the audit provides objective and relevant assurance and contributes to the effectiveness and efficiency of governance, risk management and control processes.
14
Key terms in the definition (cont’d)
ASSURANCE refers to services that provide an objective examination of evidence for the purpose of providing an independent assessment on risk management, control or governance processes for the organization.
CONSULTING refers to services that are advisory and are intended to add value and improve an organization’s operations without the internal auditor assuming management responsibilities.
ADDING VALUE to the organization (and its stakeholders) is when the audit provides objective and relevant assurance and contributes to the effectiveness and efficiency of governance, risk management and control processes.
HELPING THE ORGANIZATION refers to the focus on the overall organizational objectives and on the way in which they are achieved operationally.
15
6
Key terms in the definition (cont’d)
RISK MANAGEMENT PROCESSES identify, assess, manage and control potential events or situations to provide reasonable assurance toward the achievement of the organization’s objectives.
16
Key terms in the definition (cont’d)
RISK MANAGEMENT PROCESSES identify, assess,
manage and control potential events to situations to
provide reasonable assurance toward the achievement
of the organization’s objectives.
CONTROL PROCESSES are the policies, procedures,
and activities that are part of a control framework,
designed to ensure that risks are contained within the
risk tolerances established by the risk management
process.
17
Key terms in the definition (cont’d)
RISK MANAGEMENT PROCESSES identify, assess, manage and control potential events to situations to provide reasonable assurance toward the achievement of the organization’s objectives.
CONTROL PROCESSES are the policies, procedures, and activities that are part of a control framework, designed to ensure that risks are contained within the risk tolerances established by the risk management process.
GOVERNANCE consists of the combination of processes and structures implemented by the board to inform, direct, manage, and monitor the activities of the organization toward the achievement of its objectives.
18
7
Old definition of internal auditing
Internal auditing is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization. The objective of internal auditing is to assist members of the organization in the effective discharge of their responsibilities. To this end, internal auditing furnishes them with analyses, appraisals, recommendations, counsel and information concerning the activities reviewed. The audit objective includes promoting effective control at reasonable cost.
19
Premises underlying the current
definition
1. The internal auditing profession will be delineated by how well its services are performed, rather than by who performs them or what they are.
2. To remain viable, the internal auditing profession needs to be perceived as adding value to organizations.
3. Internal auditors must adopt the perspective of the entire value chain.
4. Internal auditing’s conceptual structure must reach beyond its own inherent processes to reflect organizational service drivers.
5. Standards and other professional guidance must not only lead the profession but must also come to symbolize distinctive quality to the marketplace.
20
The Institute of Internal Auditors
(the IIA)
an international organization based in Florida;
more than 175,000 members in the profession of internal auditing (as of August 2012);
has national, regional and local chapters in Canada and elsewhere;
provides standards, guidance and best practice information;
conducts examinations for the Certified Internal Auditor (CIA) qualification.
21
8
Information Systems Audit and
Control Association (ISACA)
an international organization based in Chicago;
more than 95,000 members world-wide (as of August 2012);
has national, regional and local chapters in Canada and elsewhere;
its purpose is the education, certification and standard-setting for IT auditing;
conducts examinations for the Certified Information Systems Auditor (CISA) designation;
not all members are involved in internal auditing, but most are.
22
The State of the Profession
Reading 1-1 provides a look at where internal
auditing has been, its current condition, and
where it is headed.
The profession is more mature and has been
recognized for a longer time in North
American and Western Europe.
The numbers of internal auditors have
increased everywhere in recent years, as
have the expectations of the profession.
23
Raising the Stature of Internal
Auditing
Reading 1-2 sets out some ways in which the
profession of internal auditing can enhance
its stature.
Increased independence is a key to achieving
a higher stature.
Internal audit activities and their benefits
should be marketed internally with their
organizations.
24
9
Scope of internal auditing
There are three elements to the scope of internal auditing:
1. Risk management – to identify and evaluate significant exposures to risk and contribute to the improvement of risk management and control systems.
2. Control – to maintain effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement.
3. Governance – to evaluate and improve the processes through which values and goals are established and communicated, the accomplishment of goals is monitored, accountability is ensured and values are preserved.
25
Scope of internal auditing –
old standards
The scope of internal auditing was previously defined to include assessing the controls designed and operated to achieve five objectives:
relevant and timely financial information;
compliance with laws, regulations, policies and procedures;
safeguarding of assets;
attaining organizational objectives (effectiveness);
operational efficiency and economy.
26
Internal Auditing in the Spotlight
This video presentation was developed by the Institute of Internal Auditors to communicate to university and college seniors and recent graduates about the advantages of a career in internal auditing.
It includes a number of quotations from chief audit executives from companies around the world.
Although recorded in 2006, the points raised in the video remain valid today.
27
10
Internal Auditing & Controls
Module 1
Part 2
Topic 1.3 Functions of management
28
The importance of an understanding
of the principles of management
1. Internal auditing is only effective to the extent that it results in constructive changes in the organization.
2. Changes must be implemented by those responsible for managing activities.
3. An understanding of management principles will help internal auditors develop recommendations that will be implemented by managers.
4. An understanding of management principles will help internal auditors convince management of the importance of appropriate risk management, control and governance processes (and accept and implement the recommendations of internal auditors).
29
Main functions of management
1. Planning is developing a clear idea of the purpose, long-term objectives and short-term goals of an organization;
30
11
Activities in the planning process
setting objectives and goals;
defining strategies to meet objectives;
formulating principles, policies and procedures;
adhering to rules and standards;
formulating programs and premises;
preparing budgets;
making decisions.
31
Main functions of management
1. Planning is developing a clear idea of the purpose, long-term objectives and short-term goals of an organization;
2. Organizing entails establishing a rule structure to help achieve the goals of the organization;
32
Requirements for effective
organization
a clear statement of responsibilities;
an understanding of the area of discretion provided;
a clear understanding of the types of decisions that can be made;
availability of information needed to make decisions;
a control system to monitor the exercising of delegated authority.
33
12
Main functions of management
1. Planning is developing a clear idea of the purpose, long-term objectives and short-term goals of an organization;
2. Organizing entails establishing a rule structure to help achieve the goals of the organization;
3. Directing is the process of inducing members of an organization to perform their roles successfully;
34
Main functions of management
1. Planning is developing a clear idea of the purpose, long-term objectives and short-term goals of an organization;
2. Organizing entails establishing a rule structure to help achieve the goals of the organization;
3. Directing is the process of inducing members of an organization to perform their roles successfully;
4. Controlling is the comparison of actual performance with pre-determined standards, plans or objectives.
35
Activities in management control
1. establish performance standards
2. measure performance
3. compare performance with standards
4. evaluate deviations
5. determine and implement corrective action
6. follow up on corrective action (return to step 2)
36
13
Requirements for achieving
control
control systems must fit the needs of the managers and the organization;
37
Requirements for achieving
control
control systems must fit the needs of the managers and the organization;
control systems must focus on exceptions and critical points;
38
Requirements for achieving
control
control systems must fit the needs of the managers and the organization;
control systems must focus on exceptions and critical points;
control systems must be flexible and accommodate changes; and
39
14
Requirements for achieving
control
control systems must fit the needs of the managers and
the organization;
control systems must focus on exceptions and critical
points;
control systems must be flexible and accommodate
changes; and
control systems must be cost-effective.
40
The Rotational Route
Reading 1-3 discusses the pros and cons of a program
designed to provide opportunities for ambitious potential
managers to gain knowledge of all the activities of their
organization while developing strong problem-solving
skills.
41
Internal Auditing & Controls
Module 1
Part 3
Topic 1.4 Enterprise risk
42
15
Enterprise risk management
Risk is the possibility (uncertainty) of an event occurring that will have a (negative) impact on the achievement of objectives. Enterprise risk (also called business risk) is, therefore, the possibility (uncertainty) of an event occurring that will reduce the likelihood of an organization achieving its objectives.
43
Enterprise risk management (cont’d)
Enterprise risk management is defined (by COSO) as
“a process, effected by an entity’s board of directors,
management and other personnel, applied in
strategy setting and across the enterprise, designed
to identify potential events that may affect the entity,
and manage risks to be within its risk appetite, to
provide reasonable assurance regarding the
achievement of entity objectives.”
44
Enterprise risk management (cont’d)
As long as there have been business organizations
with managers, the managers have managed the
risks faced by their organization. What has changed
in recent years is not that management manages
risk, but that they have developed more formalized
and comprehensive processes to do so.
45
16
Relationship between risk and
control
Effective control provides reasonable (but not
absolute) assurance that the entity will achieve its
objectives (by reducing uncontrolled risks to an
acceptable level) and therefore includes the
identification and management of risks.
46
Components of Internal Control
Internal control is considered (by the International
Standards on Auditing) to consist of five components:
the control environment;
the entity’s risk assessment process;
the information system, including related business
processes;
control activities; and
monitoring of controls.
Internal audit activities fall into the component of
monitoring of controls and seek to improve the
effectiveness of all components.
47
Internal Auditing & Controls Module 1
Part 4
Topic 1.5 Role of the internal auditor
Topic 1.6 Types of internal audit assignments
48
17
Role of the internal auditor The internal auditor acts as a consultant to both management
and the board of directors in assessing and improving the effectiveness and efficiency of the organization’s risk management, control and governance processes.
Internal auditing aids the organization by helping managers to manage better.
The internal auditor must co-operate closely with the management of the activities being audited, but must maintain independence and objectivity while carrying out assurance activities. In performing consulting activities, the internal auditor will report directly to the management of the unit or activity being reviewed.
The internal auditing function must have a direct reporting relationship to the board of directors or its audit committee in order to perform assurance functions.
49
Internal auditing contrasted with
external auditing
Internal auditors are responsible to the board and management of the organization; external auditors are responsible to the shareholders;
50
Internal auditing contrasted with
external auditing
Internal auditors are responsible to the board and management of the organization; external auditors are responsible to the shareholders;
Internal auditors are independent of the functions that they audit but are not independent of the organization; external auditors must be independent of the organizations that they audit;
51
18
Internal auditing contrasted with
external auditing
Internal auditors are responsible to the board and management of the organization; external auditors are responsible to the shareholders;
Internal auditors are independent of the functions that they audit but are not independent of the organization; external auditors must be independent of the organizations that they audit;
The purpose of internal auditing is to improve organizational performance; the purpose of external auditing is to express an opinion on the organization’s financial statements;
52
Internal auditing contrasted with
external auditing (cont’d)
The scope of internal auditing covers all the activities of the organization; the scope of external auditing is limited to those areas impacting the financial statements;
53
Internal auditing contrasted with
external auditing (cont’d)
The scope of internal auditing covers all the activities of the organization; the scope of external auditing is limited to those areas impacting the financial statements;
Internal auditing focuses on the appropriate design and implementation of management processes; external auditing focuses on financial statement balances at a point in time;
54
19
Internal auditing contrasted with
external auditing (cont’d)
The scope of internal auditing covers all the activities of the organization; the scope of external auditing is limited to those areas impacting the financial statements;
Internal auditing focuses on the appropriate design and implementation of management processes; external auditing focuses on financial statement balances at a point in time;
Although internal auditing standards are set by the Institute of Internal Auditors, internal auditors are not required to be members of the IIA; external auditing standards are set by professional accounting organizations of which external auditors must be members.
55
Types of internal audits
Compliance audits focus on reviewing compliance with established policies, procedures, laws, etc.
56
Types of internal audits (cont’d)
Compliance audits focus on reviewing compliance with
established policies, procedures, laws, etc.
Internal financial audits focus on the reliability and integrity of
the accounting system and its output.
57
20
Types of internal audits (cont’d)
Compliance audits focus on reviewing compliance with
established policies, procedures, laws, etc.
Internal financial audits focus on the reliability and integrity of
the accounting system and its output.
Operational audits review an organization’s effectiveness,
efficiency and economy of operations and recommend
improvements.
58
Types of internal audits (cont’d)
Compliance audits focus on reviewing compliance with established policies, procedures, laws, etc.
Internal financial audits focus on the reliability and integrity of the accounting system and its output.
Operational audits review an organization’s effectiveness, efficiency and economy of operations and recommend improvements.
Comprehensive audits (mainly in the public sector) focus on financial verification, compliance and performance (value-for-money) assessments.
59
Types of internal audits (cont’d)
Information Technology (IT) audits focus on the controls in computerized environments.
60
21
Types of internal audits (cont’d)
Information Technology (IT) audits focus on the controls
in computerized environments.
Integrated audits are conducted when IT auditing is
included within other types of internal audits.
61
Types of internal audits (cont’d)
Information Technology (IT) audits focus on the controls
in computerized environments.
Integrated audits are conducted when IT auditing is
included within other types of internal audits.
Fraud audits may be carried out by internal auditors
when fraud exists or is suspected.
62
Types of internal audits (cont’d)
Information Technology (IT) audits focus on the controls in computerized environments.
Integrated audits are conducted when IT auditing is included within other types of internal audits.
Fraud audits may be carried out by internal auditors when fraud exists or is suspected.
Environmental audits assess the extent to which the entity is in compliance with regulatory requirements on environmental matters.
63
22
Internal Auditing & Controls Module 1
Part 5
Topic 1.7 Performance measurement
64
Performance measurement
Performance measurement is based on identifying those measures critical to an organization’s success and setting specific, measurable targets for them. Achieved results are compared with targets to assess organizational performance.
Performance measures should be Specific, Measurable, Attainable, Realistic and Trackable (i.e., SMART).
A number of approaches have been developed including the Balanced Scorecard approach and the approach developed by the Canadian Comprehensive Auditing Foundation.
65
Internal auditing compared with
performance measurement
Internal auditing evaluates and reports on the degree of correspondence between performance and appropriate agreed-upon criteria.
66
23
Internal auditing compared with
performance measurement (cont’d)
Internal auditing increasingly focuses on the
evaluation of organizational effectiveness and
efficiency and requires that measurable criteria be
established against which to assess performance.
67
Internal auditing compared with
performance measurement (cont’d)
Performance measurement has the advantage of
being a continuous process; internal auditing of
particular activities is usually intermittent.
68
Internal Auditing & Controls Module 1
Part 6
Topic 1.8 The ethical climate
Topic 1.9 Ethical considerations
69
24
The importance of ethics to the
internal auditor
Internal auditors should use their positions of trust and integrity to be advocates of ethical conduct. They should work towards increased compliance with legal, ethical and societal responsibilities.
70
The importance of ethics to the
internal auditor
Internal auditors should use their positions of trust and integrity to be advocates of ethical conduct. They should work towards increased compliance with legal, ethical and societal responsibilities.
Internal auditors should periodically assess the state of the ethical climate and evaluate the extent to which the organization fulfills its ethical responsibilities. This assessment should include evaluating compliance with the organization’s code of ethics. Unethical actions can pose a significant risk to an organization and should be reported to senior management or the board of directors.
71
The importance of ethics to the
internal auditor (cont’d)
Adherence to a professional code of ethics increases the reputation and effectiveness of the work of the internal auditor. Internal auditors have access to confidential and sensitive information and must respect the principle of confidentiality.
72
25
The importance of ethics to the
internal auditor (cont’d)
Adherence to a professional code of ethics increases the reputation and effectiveness of the work of the internal auditor. Internal auditors have access to confidential and sensitive information and must respect the principle of confidentiality.
Internal auditors who are members of a professional accounting organization must comply with the ethics of that organization. In addition, internal auditors who are members of the Institute of Internal Auditors must comply with the IIA standards and Code of Ethics.
73
The IIA Code of Ethics
The IIA Code of Ethics (On-line Reading 1.8-2) is based on the principles of integrity, objectivity, confidentiality and competency and consists of Rules of Conduct describing expected behavioural norms for its members.
74
IIA Rules of Conduct -- integrity
Internal auditors:
Shall perform their work with honesty, diligence and responsibility.
Shall observe the law and make disclosures expected by the law and the profession.
Shall not knowingly be a party to any illegal activity, or engage in any acts that are discreditable to the profession of internal auditing or to the organization.
Shall respect and contribute to the legitimate and ethical objectives of the organization.
75
26
IIA Rules of Conduct -- objectivity
Internal auditors:
Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization.
Shall not accept anything that may impair or be presumed to impair their professional judgement.
Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review.
76
IIA Rules of Conduct -- confidentiality
Internal auditors:
Shall be prudent in the use and protection of information acquired in the course of their duties.
Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization.
77
IIA Rules of Conduct -- competency
Internal auditors:
Shall engage only in those services for which they have the necessary knowledge, skills and experience.
Shall perform internal auditing services in accordance with the International Standards for the Professional Practice of Internal Auditing.
Shall continually improve their proficiency and the effectiveness and quality of their services.
78
27
Role of the internal auditor in the
ethical culture of the organization
The internal or management auditor should contribute to
the organization’s governance process by evaluating
and improving the process through which:
1. values and goals are established and communicated;
2. the accomplishment of goals is monitored;
3. accountability is ensured; and
4. values are preserved.
79
Applied ethics in internal auditing
-- examples
Assessment of ethical practices and conduct.
Performance of or assistance with fraud investigations.
Serving as a source of advice on ethical matters.
Receiving reports of unethical or illegal activity.
Promotion of strong ethical culture in the organization.
80
Examples of possible unethical activities
encountered by internal auditors
By-passing of control procedures by employees.
Manipulation of accounting information to improve performance.
Personal travel or entertainment charged to the employer.
Purchase kickbacks received by purchasing officers.
Personnel in conflict of interest positions.
81
28
Internal Auditing & Controls Module 1
Part 7
Topic 1.10 Introduction to case analysis
82
Steps in case analysis
1. Skim the case.
a) Read the required.
b) Read all material quickly.
c) Determine your role.
d) Determine the main issue and its importance.
83
Steps in case analysis (cont’d)
2. Carefully reread the information.
a) Read all material carefully.
b) Understand all the information.
c) Work through any numeric exhibits.
84
29
Steps in case analysis (cont’d)
3. Identify the problem areas and issues.
85
Steps in case analysis (cont’d)
4. Analyze the data.
a) Prioritize the issues.
b) Determine the appropriate accounting or business tool to use.
c) Separate the cause from the effect. (Your solution must focus on the cause.)
d) Apply both quantitative and qualitative analysis.
e) Identify any constraints or opportunities.
86
Steps in case analysis (cont’d)
5. Generate alternatives.
87
30
Steps in case analysis (cont’d)
6. Select the decision criteria.
a) Consider ethical criteria.
b) Consider organizational criteria.
c) Weight criteria appropriately
88
Steps in case analysis (cont’d)
7. Analyze and evaluate each alternative.
-- Conduct qualitative and quantitative analysis of each
alternative (including sensitivity).
89
Steps in case analysis (cont’d)
8. Make a recommendation or decision consistent with your
analysis.
90
31
Steps in case analysis (cont’d)
9. Write a report or action plan.
91
Steps in case analysis (cont’d)
1. Skim the case.
2. Carefully reread the information.
3. Identify the problem areas and issues.
4. Analyze the data.
5. Generate alternatives.
6. Select the decision criteria.
7. Analyze and evaluate each alternative.
8. Make a recommendation or decision.
9. Write a report or action plan.
92
Internal Auditing & Controls Module 1
Part 8
Module summary -- Learning objectives
Recent examination questions
93
32
Module 1
Learning Objectives
1. Define internal auditing and explain the key terms used in the definition. (Level 1)
94
Module 1
Learning Objectives
2. Describe the three elements that determine the scope of internal auditing. (Level 1)
95
Module 1
Learning Objectives
3. Explain the main functions of management and
how they relate to achieving control. (Level 2)
96
33
Module 1
Learning Objectives
4. Define risk and enterprise risk, and explain
how they are related to the concept of control.
(Level 1)
97
Module 1
Learning Objectives
5. Explain the role of internal auditors in their
organization and compare it with the role of the
organization’s external auditors. (Level 1)
98
Module 1
Learning Objectives
6. Describe the types of audits carried out by
internal auditors. (Level 1)
99
34
Module 1
Learning Objectives
7. Compare internal auditing and performance
measurement. (Level 2)
100
Module 1
Learning Objectives
8. Explain the role of the internal auditor in
promoting ethical culture and standards in an
organization. (Level 1)
101
Module 1
Learning Objectives
9. Apply ethical judgements in the context of the
internal auditor’s work. (Level 1)
102
35
Module 1
Learning Objectives
10. Prepare a case analysis report from
information provided on an internal auditing
issue. (Level 1)
103
A note about examination questions
The format of the examination will likely be similar to that
of the practice examination included in your lesson
materials, and will probably consist of:
Multiple choice questions
Interpretation of generalized audit software output
Two major essay questions (perhaps multi-topic)
The content of the examination must conform to the
examination blueprint for the course. Questions based
on Module 1 will make up between 4% and 7% of the
total marks on the exam.
104
A note about examination questions
CGA-Canada’s policy has changed to posting only the most recent year’s examinations and solutions. In a world where accounting and auditing standards are changing more rapidly than ever before, solutions become outdated relatively quickly. You should be aware that CGA-Canada does not up-date solutions to past examinations to reflect changes in course content, accounting and auditing standards, etc. The practice examinations provided with the course material have, however, been updated and are current.
The questions that I will go over in the last part of each lecture have been selected from recent exams and the solutions reviewed to ensure that they are still correct.
105
36
Typical examination questions
Multiple choice questions:
See handout for multiple choice questions
106
top related