• No results found

Practice Advisory 2120-3: Internal Audit Coverage of Risks to Achieving Strategic Objectives

N/A
N/A
Info
Downloaden
Protected

Academic year: 2022

Share "Practice Advisory 2120-3: Internal Audit Coverage of Risks to Achieving Strategic Objectives"

Copied!
2
0
0

Bezig met laden.... (Bekijk nu de volledige tekst)

Download het nu ( 2 pagina )

Hele tekst

(1)

Issued: June 2013 PA 2120-3: Internal Audit Coverage of Risks to Achieving Strategic Objectives

© 2013 The Institute of Internal Auditors www.globaliia.org

Practice Advisory 2120-3:

Internal Audit Coverage of Risks to Achieving Strategic Objectives

Primary Related Standards 2120 – Risk Management

2120. A1 – The internal audit activity must evaluate risk exposures relating to the organization’s governance, operations, and information systems regarding the:

 Achievement of the organization’s strategic objectives.

 Reliability and integrity of financial and operational information.

 Effectiveness and efficiency of operations and programs.

 Safeguarding of assets.

 Compliance with laws, regulations, policies, procedures, and contracts.

1. Executive management is responsible for identifying and managing risk in pursuit of the organization’s strategic objectives. It is the board’s responsibility to ensure that all strategic risks are identified, understood, and managed to an acceptable level within risk tolerance ranges. Internal audit should have an understanding of the organization’s strategy, how it is executed, the associated risks, and how these risks are being managed.

2. To enable internal audit to focus on the critical risks to the organization, the organization’s strategy should be a foundational element when developing a risk- based audit plan. This will align internal audit with the organization’s strategic priorities and help ensure its resources are allocated to the areas of significant importance.

3. When developing the audit plan, internal audit should leverage the work of

management and other assurance functions to help identify the risks that present the most significant threats and opportunities to the achievement of an organization’s strategic objectives.

4. Strategic threats and opportunities will drive management’s creation and prioritization of the organization’s short-term and long-term strategic initiatives or the

organization’s most significant investments to deliver value to its stakeholders.

5. Internal audit should consider providing assurance services related to these strategic initiatives when developing its audit plan. This will allow internal audit to assess whether the strategic risks are being managed to an acceptable level through

evaluating some or all of the mitigation efforts. It also may provide the opportunity for internal audit to deliver advisory services that directly impact the organization’s evolution.

6. After determining the strategic risks to include in the audit plan, internal audit should assess whether all the required skills and knowledge exist in the internal audit department to execute applicable assurance or advisory engagements. Specialized

(2)

Issued: June 2013 PA 2120-3: Internal Audit Coverage of Risks to Achieving Strategic Objectives

© 2013 The Institute of Internal Auditors www.globaliia.org

skills and knowledge may need to be sourced (internally or externally) before the internal audit department is qualified to perform the work.

Referenties

Download het nu ( PDF - 2 pagina - 209.11 KB )

GERELATEERDE DOCUMENTEN

Internal Audit:

Sources: The Pulse of Internal Audit survey: © 2015 The IIA Audit Executive Center conducted in collaboration with the 2015 Common Body of Knowledge Study, © 2015 The IIA and The

INTErNAL AUDIT

At the top-end of the organisation, the Head of Internal Audit should focus on identifying Bribery and Corruption issues (ISO 37001), which represent a major risk for

Internal Audit Code of Practice

The guidance contained within the Code represents the final recommendations of the independent Internal Audit Code of Practice Steering Committee, which the Institute has accepted

Internal Audit

Ten slotte is getoetst of internal auditors beter in staat zijn om de juiste grondoorzaak te achterhalen als zij de Five why’s-methode in samenspel met het

Impact on Internal Audit

My internal audit function will perform an audit on the crisis preparedness and management. My internal audit function is/was fully prepared for

20 key risks to consider by Internal Audit before 2020

• Assist the organization to develop a business continuity plan and crisis management framework by identifying the organization’s priorities and needs and the respective

The Internal Audit Charter A Blueprint to Assurance Success

A charter provides a blueprint for how internal audit will operate and allows the governing body to clearly signal the value it places on internal audit’s independence..

Internal Audit

1.1 Demonstrably consider a scope that covers all legal entities and activities under the control of the Organisation and ensure that, in the first year that an activity or