s g a internal audit - a comprehensive risk management tool understanding document
TRANSCRIPT
![Page 1: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/1.jpg)
S G A
Internal Audit - A Comprehensive Risk Management toolUnderstanding Document
![Page 2: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/2.jpg)
2
Impacts
Increasing Capital investments
Global Funding
Strategic initiatives have significant impact on operational and tactical decisions
Effective Project
Management
People
Process
Technology
STRATEGY
Internal Audit function therefore needs to clearly understand the strategic plans of Management and plan assignments around three
broad dimensions - People, Process and Technology
![Page 3: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/3.jpg)
3
Critical areas that need to be focused during such internal audits can be categorized under these three spheres
People Process Technology
• Organization roles and relationship
• Change in job descriptions
• New KPIs and performance measurement systems
• Technology savviness
• Training on new software
• Roles in ERP
• Internal controls in a fully automated environment
• Standard operating procedures
• Customer accounts reconciliation status
• Inter-office transactions
• Employee related transactions like PF, ESI
• IT Strategy vs. Business growth
• Data conversion
• Mapping business processes to IT
• Marrying standard operating procedures to Oracle functionalities
• IT Organization
• IT Controls – authorization
![Page 4: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/4.jpg)
4
Critical areas that need to be focused during such internal audits can be categorized under these three spheres
Process
• Treasury related processes
• Bank reconciliation
• Deposit of customer collection
• Inventory control
• Processes relating to advances – control account vs. subsidiary ledgers
• MIS - Reporting mechanisms, data integrity etc
Process Process
• Control, valuation and effective project management relating to Capital Work in Progress
• Verification of capital work in progress
• Assistance in Royalty and Technical Know-How Payments
• GOs – verification, follow up and analysis of consequential effect on operational transactions
• Taxation related processes such as
• TDS
• Annual taxation
• Income exemption
• Costing systems
![Page 5: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/5.jpg)
5
Internal audit, thus can be positioned as a risk management tool to support top and middle management in their pursuits
Traditional audit focused on
Correctness of recording
information
Completeness
Accounting related controls
Proprietary aspects relating to
delegation of authority
Pre-computerization, business
transactions left behind a trail. This
enabled business managers to track
origination, changes and implication
easily
• Internal audit assumes a “business consulting/ advisory function”
• Stretches into the realm of management audit
• Critical Risk Management Tool • As lower management jobs have been redundant and more “rules-driven”, the portion of management audit has increased
Traditional Audit Management Audit
![Page 6: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/6.jpg)
6
New dimensions add to the complexity of audit and skills required in executing such assignments
Review of Information Technology areas
Human Resources optimization (Time Motion Studies etc)
Cost and Resource Optimization
Review of Project Management systems
Review and redesign of Management Info Systems
Tax management and consulting
Supply chain management
Social responsibility audit
Illustrative audit scope
Review of Corporate Governance Machinery
In order to ensure optimal delivery, the function needs to be resourced with multi-dimensional personnel having exposure in areas such as accounting, business advisory, technology, energy-saving, cost reduction etc
![Page 7: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/7.jpg)
7
Best practices in Internal audit need to be implemented to harness maximum from such assignments
• Sync with the long term business strategy and objectives
• Project management structure and approach– Project Sponsor (Members from Top Management)
– Project Review layer (Partners of the Audit & Consulting firm and Top/Middle Management)
– Project execution layer (Consultants + Employees from Metro Water)
– Quality control layer (Audit & Consulting firm partner)
• Determine scope along with Client team considering – Strategic intent and plans
– Client needs and priorities
– Findings of internal control diagnostics
• Diagnostic phase carrying out internal control review and As-Is mapping
• Continuous communication strategy
• Project Team – a mix of client and consultant members
• Cost benefit analysis
• Agreeing on KPI of exercise and regular monitoring of performance
• Use of special resources – Management Graduates
– Engineers
– Information Systems specialists
![Page 8: S G A Internal Audit - A Comprehensive Risk Management tool Understanding Document](https://reader036.vdocument.in/reader036/viewer/2022082805/55146cf8550346414e8b5eb9/html5/thumbnails/8.jpg)
8
This template throws light on the broad scope of an ideal Internal Audit assignment
• Internal control review for the following processes
– Purchase to pay cycle
– Order to receive cycle
• Review of IT Systems/ Processes
– Role conflicts in IT
– MIS Functionality used vs. EXCEL reports
– Review of IT Organization/ roles
• Customer satisfaction processes
• Purchase Transaction audit