Chapter 13 PPT 4th Edition

4 T H EDITION
Internal Auditing:
Assurance &
Advisory Services
Internal Auditing: Assurance &Internal

AdvisoryAuditing:
Services,Assurance
4th Edition&©Advisory
2017 byServices,
the Internal
4th Edition
Audit Foundation.
© 2017 by the Internal Audit Foundation.
CHAPTER 13
Conducting the Assurance

Engagement
Internal Auditing: Assurance &Internal

AdvisoryAuditing:
Services,Assurance
4th Edition&©Advisory
2017 byServices,
the Internal
4th Edition
Audit Foundation.
© 2017 by the Internal Audit Foundation.
Chapter 13: Conducting the Assurance
Engagement
LEARNING OBJECTIVES
◼ Describe how the purpose of an assurance
engagement impacts the audit objectives.
◼ Determine engagement objectives and
scope statements.
◼ Describe different types and sources of
information that will help the internal
auditor understand the process of
conducting an assurance engagement.
◼ Document simple process flows, showing
key process steps, interfaces, and
departments involved.
◼ Perform a process-level risk assessment.
◼ Distinguish key controls from controls not
considered key.
◼ Describe how to evaluate the design
adequacy of process-level controls.
Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.
Engagement
LEARNING OBJECTIVES
(CONT.)
◼ Design different types of testing

approaches, depending on the design of
the process and engagement objectives.
◼ Develop a general work program to guide
the engagement process.
◼ Describe the resource considerations that
must be evaluated when determining how
to staff and schedule an engagement.
◼ Conduct and document certain types of
tests to gather evidence.
◼ Evaluate evidence from assurance
procedures to reach conclusions based on
the results of testing.
◼ Develop observations and formulate
recommendations.
Engagement
STANDARDS RELATED TO
ASSURANCE ENGAGEMENTS
Engagement
Engagement
REASONS FOR CONDUCTING THE
ENGAGEMENT
 Identified in the annual audit plan

 Part of annual review and compliance, such as the
Sarbanes-Oxley Act
 A recent event (disaster, fraud, bankruptcy, or other event)
that needs a post mortem
 Significant changes in business or industry
Engagement
ENGAGEMENTS OBJECTIVES
AND SCOPE
 Engagement objectives – what  Information to be Gathered

internal auditors intend to achieve ◼ Policies and procedures
through the audit ◼ Organization charts
 Engagement scope – what is and is ◼ Process maps
not included in an engagement ◼ Key tasks and responsibilities
◼ Boundaries of the process ◼ Individual questions
◼ In-scope vs. out-of-scope locations ◼ What do you do?
◼ Subprocesses
◼ Components
◼ Time frame
Engagement
POTENTIAL OUTCOMES
FROM TESTING
 Financial statement errors or misclassifications within financial accounts,

balances, or disclosures.
 Control deficiencies indicating specific controls that are not achieving the
desired effect, that is, mitigating the corresponding risks to the desired level.
 Shortfalls in objective achievement due to control deficiencies or
inadequate performance.
 Inefficiencies due to resources not being deployed in an optimal manner.
 Out-of-compliance situations when laws, regulations, or policies are not
complied with consistently.
Engagement
DOCUMENTING THE PROCESS
FLOW
 Process maps - depict the broad inputs,

activities, workflows, and interactions with other
processes and outputs
 Flowcharts – include additional information,
frequently depicting computer systems and
applications, document flows, detailed risks and
controls, manual versus automated steps, elapsed
time for steps in the process, owners of key
steps, and any additional information needed to
help the reviewer understand the process and its
flow
 Narrative memoranda – provide information
about the process flow using only written words
Engagement
KEY PERFORMANCE
INDICATORS
 Relevant
 Measurable
 Available
 Aligned with key objectives
 Articulated
Engagement
IDENTIFY AND ASSESS RISKS
 Identify process-level
risk scenarios
 Define process-level
risks
 Evaluate impact and
likelihood of risks
 Understand
management’s risk
tolerance
Engagement
IDENTIFY KEY CONTROLS
 Approving
 Calculating
 Documenting
 Examining
 Matching
 Monitoring
 Restricting
 Segregating
 Supervising
Engagement
Engagement
Engagement
ALLOCATE RESOURCES
 Budgeting
◼ Hours needed to complete the engagement
◼ Other costs
 Allocating human resources
 Scheduling
◼ Availability of key personnel
◼ Availability of engagement resources
◼ Availability of outside resources
◼ Availability of key reviewers
Engagement
Engagement
EVALUATE EVIDENCE AND
REACH CONCLUSIONS
 Are the key controls designed adequately?

 Are the key controls operating effectively, that is, as they are
designed to operate?
 Are the underlying risks being mitigated to an acceptable level?
 Overall, do the design and operation of the key controls support
achievement of the objectives for the process or area under
review?
Engagement
Engagement
Engagement
SUMMARY
 There are different reasons for conducting assurance

engagements
 Engagements must define objectives and scope
 Information is gathered and the process documented
 Risk are identified and assessed
 Key controls are identified
 Resources are allocated, testing is completed, evidence is
evaluated, and conclusions reached
 All steps are documented in a risk and control matrix

Chapter 13 PPT 4th Edition

Uploaded by

Copyright:

Available Formats

Chapter 13 PPT 4th Edition

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter 13 PPT 4th Edition

Uploaded by

Copyright:

Available Formats

4 T H EDITION

Internal Auditing: Assurance &Internal

Conducting the Assurance

Internal Auditing: Assurance &Internal

◼ Design different types of testing

 Identified in the annual audit plan

 Engagement objectives – what  Information to be Gathered

 Financial statement errors or misclassifications within financial accounts,

 Process maps - depict the broad inputs,

 Are the key controls designed adequately?

 There are different reasons for conducting assurance

You might also like