ENTRANCE

MEETING/CONFERENCE

PARTNERS NAME
Date
Accredited auditor of PEF -
CPAs
 Audit committee

Organized in July 8, 2011

Approved Charter or Terms of
Reference, its objective is to assist
the Board in ensuring that PEF
operations are compliant with set
policies leading to judicious use of
resources in attaining its strategic
goals.
 Internal auditing is
an independent, objective assurance
and consulting activity designed to add
value and improve an organization's
operations. It helps an organization
accomplish its objectives by bringing a
systematic, disciplined approach to
evaluate and improve the
effectiveness of risk management,
control, and governance processes.
 Governance, Risk Management,
Control (GRC)
INTERNAL
AUDIT
RISK
GOVERNAN CONTROL
MANAGEME
CE
NT

The combination of
A process to identify, Any action taken by
processes and
assess, manage, and management, the
structures
control potential board, and other
implemented by the
events or situations to parties to manage risk
board to inform, direct,
provide reasonable and increase the
manage, and monitor
assurance regarding the likelihood that
the activities of the
achievement of the established objectives
organization toward
organizations and goals will be
the achievement of its
objectives. achieved.
objectives.
INTERNAL AUDIT assesses -
ADEQUACY AND
EFFECTIVENESS

GOVERNANCE

RISK
MANAGEMENT

INTERNAL
CONTROL
 RISK MANAGEMENT, control,
governance
Nature of Work (Roles) of Internal Audit:
Risk Management. The internal audit activity must evaluate the
effectiveness and contribute to the improvement of risk
management processes.
Controls. The internal audit activity must assist the organization
in maintaining effective controls by evaluating their
effectiveness, efficiency and promoting continuous
improvement.
Governance. The internal audit activity must assess and make
appropriate recommendations for improving the governance
process in its accomplishment of the certain objectives.
 TYPES OF AUDIT

Includes
Governance
audit
PARTNER Financial
AUDIT/
ORGANIZATION
AUDIT Operations/
AND Performance

PROJECT AUDIT Compliance

 OBJECTIVES AND SCOPE- Partner/
Organizational Audit
1. Express an opinion as to the fairness in all material respects, the financial position and
results of operations, in conformity with generally accepted accounting principles and
Philippine Financial Reporting Standards.
2. Issue an Assessment Report about the result of Compliance and Operations Audit by
presenting a risk assessment summary, with specific areas of observations or areas for
improvement with corresponding recommendations. Such areas includes but not
limited to the following depending on the nature of the partners operations:
Procurement, Warehousing Manufacturing including Processing Plant, Inventory,
Distribution and Trucking, Marketing, Sales, Promotion, Customers Services, Financial
Management, Human Resources, Administration, Tax/Legal.
3. Issue Audit Ratings on PEF assisted projects based on approved Deliverables and
Compliance with the Uniform Guidelines on the Disbursement and Liquidation of
Loans and Grants.
 OBJECTIVES AND SCOPE-Partners
Audit or Organizational Audit

4. Check the adequacy and effectiveness of the Partners internal

control system, governance, and operations as prescribed and
guided by its financial and operating policies and procedures,
existing laws and pronouncements of regulatory agencies and
PEFs requirements as stipulated in the approved Project
Agreement and its Annexes including updated written
agreements/amendments on required deliverables and timelines.
5. Determine cases of partners fund leveraging with other partners
and donors, which can be reported as part of the Operations
Audit Report if applicable otherwise it can be included as a
separate item under Audit Result.
 OBJECTIVES AND SCOPE-Partners
Audit or Organizational Audit

6. Perform tests to determine compliance with the project agreement

terms and conditions, including counterpart contributions, the proper
usage of funds and accounting of project funds, and specifically to
determine that costs incurred are allowable and reasonable (under
the agreement terms) for the duration of the project under review. As
such, the audit should include evaluation of project implementation,
actions, and accomplishments or Deliverables as annexed to the
Project Agreement.

7. Follow-up of previous audit recommendations and determine extent

of compliance (if applicable).
 OBJECTIVES AND SCOPE-Project
Audit

1. Ascertain compliance with the approved Project Agreement and

annexes with PEF including policies and procedures, contracts, laws
and regulations and other requirements established by management,
Board and government-regulatory agencies.
2. Assess adequacy of internal control system and governance,
particularly in managing the projects.
3. Ascertain existence of adequate monitoring system of the projects;
progress of project implementation; achievement of deliverables;
accounting of funds including operating effectiveness and efficiency.
4. Review reliability of project reports narrative and financial reports.
Follow-up previous audit recommendations, if any.
 Audit requirements

Trial Balance; Financial Reports; Books of Accounts (General

Journal, Cash Receipts Book, Cash Disbursements Book, General
Ledger, Subsidiary Ledgers of each account); Counterpart
contributions, if any
Documents supporting the transactions (Official Receipts,
Check/Cash Vouchers and supporting documents, Journal
Vouchers and other supporting documents
Bank Reconciliation Reports - bankbook & bank statements
Minutes of Meetings/Board Resolutions related to the project
under audit
List of Officers/Key Personnel and their functions/Organization Chart
Project/Organizations Policies and Procedures; Status/Closure Reports;
Other docs as required
Performing the Engagement -
the Audit Process
Planning the
Engagement

Monitoring Performing the

Engagement Engagement (Field
Result/Follow-up work)

Reporting Engagement
Results (Reporting)
 Internal Audit Rating

A - consistent compliance or B - basic compliance or

full assurance (least 90% substantial assurance (at
accomplishment; refer to least 80% accomplishment;
criteria) refer to criteria)
LOW RISK LOW-MEDIUM RISK
Audit Rating
System

D - non-compliance or no assurance (at

C - inconsistent compliance or limited
least 25% accomplishment; reportable
assurance (at least 70%
conditions or existence of
accomplishment; refer to criteria)
fraud/irregularity)
MEDIUM-HIGH RISK
HIGH RISK
 Internal Audit Rating
Two (2) separate Ratings:

Objectives/Deliverables
(90%, 80%, 70%, 25%)

Governance/Financial Management
(Budget, accounting system,
internal controls,
monitoring/reporting) refer to
next slide for the criteria)
 Internal Audit Rating - A
a. No deviation, at least one or two audit observations on procedural lapses
b. Very minor internal control weakness and procedural exceptions
c. Limited risk exposure
d. Very Minor financial exceptions loss, misstatements, errors
e. Minor law or regulatory violations (external) frequency late filing but
done on the next working day i.e. out of 5 samples on report submission,
1 report was filed late
f. Extent of compliance with previous audit recommendations

Required Action: Management should initiate action to address the

observations. Timeliness would need to be determined within three to
six months.
 Internal Audit Rating - B

a. Maximum of 5 observations on procedural lapses

b. Minor internal control weakness and procedural exceptions
c. Minor policy deviations
d. Minor risk exposures
e. No indication of irregularity or fraud
f. Minor financial exceptions loss, misstatements, errors
g. Minor law or regulatory violations ( same as A rating)
h. Extent of compliance with previous audit recommendations

Required Action: Management should initiate action to address the

observations. Timeliness would need to be determined within two to
three months.
 Internal Audit Rating - C
a. Maximum of 10 audit observations (6-10)
b. Numerous cases of observations on procedural lapses
c. Incomplete books of accounts
d. With written policies and procedures but not adequate and updated
e. Without written policies and procedures of a specific process relevant to
the project
f. Substantial risk exposures
g. Observations in the form of non-compliance to statutory requirements (
auditor to probe reasons on non-compliance: why , impact, sanction,
effect to the organization)
h. Extent of compliance with previous audit recommendations
i. No indication of irregularity or fraud
Required Action: Management should initiate action to address the
observations. Timeliness would need to be determined within one month.
 Internal Audit Rating - D
a. more than 10 significant audit observations
b. absence of books of accounts; absence of formal policies and procedures
c. presence of red flags/reportable conditions - serious control weaknesses such as but not
limited to:
overdue outstanding cash advances (several unliquidated cash advances without
justifiable/approved reasons, 1-2 months overdue from due date),
misuse of funds/fund shortage, fund diversion without written approval from PEF,
management override, cases of tampering receipts,
several cases of disbursements without proof of payment or Official Receipts,
no segregation of duties, etc
e. indication/presence of irregularity or fraud regardless of amount and impact
f. significant risk exposures; g. significant law or regulatory violations
h. major financial exceptions loss, misstatement
Required Action: Management should initiate action to address the observations.
Timeliness would need to be determined within one week-month.
 Audit Report finalization process

Exit Meeting-1st
draft/partners
comments
(1 working day)

within 5 working days

Audit finalize report
after GO signal from within 5 working
PEF, and submits of maximum days from Exit
Partners Comments, 14 days Meeting Auditor
sends Final Report Final Draft and sends
draft to print copies to to Partner for final
PEF comments

within 3 working days from

receipt of Final Draft, Partner
prepares/confirms
Comments/Reactions and
sends to Auditor, then
Auditor sends to PEF the
final draft
 Summary: Audit Protocol
Communicate the Audit Schedule (PEF/Auditor)
List of audit requirements; questionnaire to fill-up

Entrance meeting (Template)

Objectives, scope, coverage, Audit Ratings, Internal Audit
schedule Feedback Survey (IAF Survey)

Fieldwork
Performance of Audit Procedures

Exit meeting or conference Presentation of Audit Results Good

practices/good points, Audit Observations/Recommendations and
Audit Rating
1st Draft, Final Draft, Final
Accomplished IAF Survey (PEF)
Report/Action Plan
 Project agreement
(ORGANIZATION)
Signed Project Agreement and annexes:
A.Approval Letter
B.Board Resolution
C.Deliverables
D.Budget
E. Promissory Note
F. Continuing Suretyship
G.Uniform Guidelines on Disbursements and
Liquidation of Loans and Grants
 Project/s to be Audited

List down the projects to be audited

 Audit timetable
(Audit Workplan of Auditor)

Duratio
n (days
Activities or hrs) Unit Start Finish Responsible

A Planning

1 Understand the project and related activities of the auditee

2 Preparation of preliminary survey questions
Review and analyze initial documents from Partner/risk
3 assessment
4 Review the latest auditor's report and FS
Review the summary of observations and recommendations
of the external auditor/others
6 Conduct analytical review
7 Determine the project audit strategy
8 Prepare engagement work program
 Audit timetable

Duration
Activities (days or Unit Start Finish
hours)
Fieldwork

1Hold entrance conference with Partner

Evidence gathering and conduct of analytical
2
review
Observation of general systems and procedures;
3
comparison vs. policies (if any)
Validation/confirmation w/ beneficiaries: site visit
4
or interview
5Consolidation of audit observations

6Conduct exit conference/Obtain Comments PM

7Travel
-
 Audit timetable

Duration
Activities (days or Unit Start Finish
hours)

Reporting and Communication to PEF

13.00

1Prepare initial draft of report days

5.00

2Obtain Management Response from Audit Client days

3.00

3Finalize initial draft with Management Response days

2.00

Send draft report to PEF for review before

4 days
finalization 2.00

5Revision and Issuance of the final audit report day

1.00
 Audit requirements
Trial Balance; Financial Reports
Books of Accounts (General Journal, Cash Receipts Book, Cash
Disbursements Book, General Ledger, Subsidiary Ledgers of each account)
Project expense reports
Documents supporting the transactions (Official Receipts, Check/Cash
Vouchers and supporting documents, Journal Vouchers and other supporting
documents
Bank Reconciliation Reports including bankbook and bank statements
Counterpart contributions, if any
Minutes of Meetings/Board Resolutions related to the project under audit
List of Officers/Key Personnel and their functions/Organization Chart
Project/Organizations Policies and Procedures; Status/Closure Reports;
Other docs as required
 Internal Audit Rating

B - basic compliance or
A - consistent compliance or
substantial assurance (at
full assurance (zero
least 2 but not more than 5
finding/deviation;
findings/deviations; at least
accomplishment vs target is
80% accomplishment vs
on track, at least 90%)
target)
Audit
Compliance
Rating

C - inconsistent compliance or D - non-compliance or no

limited assurance (at least 6 but assurance - more than 10
not more than 10 findings/deviations or reportable
findings/deviations; at least 70% condition or existence of
accomplishment vs target) fraud/irregularity
Audit Report finalization process

Exit Meeting-1st
draft from Internal
Control Manager (1)

within 5 working
days from receipt
of Final Report within 5 working
from Process days from Exit
maximum Meeting - Internal
Owner, Internal 14 days
Control Manager Control Manager
finalizes the prepares Final
report Draft and sends o
Process owner
within 3 working
days from receipt
of Final Draft,
Process Owner
prepares
Comments/Reactio
ns and sends to
Internal Control
Manager
 Summary: Audit protocol

Communicate the Audit Schedule

List of audit requirements; questionnaire to fill-up

Entrance meeting
Audit Ratings, Internal Audit
Objectives, scope, coverage
(IA) Feedback Survey

Fieldwork
Performance of Audit Procedures

Exit meeting or conference, Audit Result-Good Points, Audit

Observations, Recommendations
1st Draft, Final Draft, Final Plan of Action/Accomplished IA
Report Feedback Survey from Partner
 Audit timetable
Duration
Activities (days or Unit Start Finish
hours)
03.05.201 03.17.201
Fieldwork
2.75 4 4
03.05.201 03.05.201
1Hold entrance conference with Partner day
0.25 4 4
Evidence gathering and conduct of analytical 03.10.201 03.10.201
2 days
review 1.00 4 4
Observation of general systems and procedures; 03.14.201 03.14.201
3 day
comparison vs. policies (if any) 0.50 4 4
Validation/confirmation w/ beneficiaries: site visit 03.17.201 03.17.201
4 day
or interview 0.50 4 4
03.17.201 03.17.201
5Consolidation of audit observations day
0.25 4 4
03.17.201 03.17.201
6Conduct exit conference day
0.25 4 4
7Travel
-

03.24.201 04.09.201
Reporting and Communication to PEF
13.00 4 4
03.24.201 03.28.201
 UPDATES/STATUS
(from partner)

1. Expectations from this audit

2. Overview of the organizations operations
3. Updates/status/projects particularly as to deliverables,
timetable, changes and other project-related matters,
previous audit recommendations
4. Any major/significant changes in the organization
operation, plans, members of management and those
charged with governance, policies & procedures, etc.
5. Areas that need more attention. Other matters
ATTENDANCE ENTRANCE
MEETING
 EXIT
MEETING/CONFERENCE

PARTNERS NAME
Date
Review the OBJECTIVES AND
SCOPE
 Audit Result summary
1. Good practices or Good points Governance, Risk Management,
Controls
2. Financial Statement/performance
3. Project Status
4. Risk Assessment Summary
5. Evaluation of Internal Control and Governance
6. Evaluation of Deliverables
7. Audit Observations and Recommendations
8. Audit Rating
 GOOD POINTS/PRACTICES

LIST DOWN GOOD POINTS OR GOOD

PRACTICES
 AUDIT OBSERVATIONS &
RECOMMENDATIONS

LIST DOWN A UDIT OBSERVATIONS AND

RECOMMENDATIONS
Internal Audit Compliance Rating
(as of result of project audit)
 Summary: Audit protocol
Communicate the Audit Schedule
List of audit requirements; questionnaire to fill-up

Entrance meeting
Internal Audit Feedback Survey;
Objectives, scope, coverage
Audit Compliance Ratings

Fieldwork
Performance of Audit Procedures

Exit meeting or conference, good points, observations and

recommendations
1st Draft, Final Draft, Final Report Plan of Action
Partners Reactions/comments
(please obtain written
reactions/comments)
ATTENDANCE EXIT
MEETING