KnowledgeLeaderSM provides tools, articles and resources to help you to:
- Improve your internal audit process
- Provide more valuable internal audit reporting and recommendations
- Develop audit programs, checklists and internal control questionnaires
- Discover best practices from other internal auditing leaders
Below you will find just a few examples of the KnowledgeLeader materials for Internal Audit:
Accounts Receivable & Credit Internal Audit Work Program -- Segregation of Duties
Accounts receivables processing between sales order entry to collections can create significant risk to cash flow from aging receivables and cash handling. Internal audit teams can utilize the following work program designed to focus upon segregation of duties and general control concerns. Combined with the segregation of duties matrix this work program will assist internal audit team to evaluate management internal control assertions.
Audit Committee Charter - Example 5
Audit committees assist the board in monitoring the integrity of the financial statements, external auditor qualifications, performance of the internal audit function and external auditors, and company’s compliance with regulatory requirements.
Audit Committee Self-Assessment Questionnaire
The self-assessment process is an important exercise for audit committees to complete as they are responsible for important activities such as the quality and integrity of a company’s accounting practices and controls and compliance with legal and regulatory requirements. This is a sample self-assessment questionnaire for audit committees to use when evaluating their current involvement in a company’s control environment.
Audit Department Charters
Developing an audit charter is the first step in creating an internal audit function. This guide provides an example of the language and structure of an internal audit charter. These charters discuss topics such as independence, audit planning and reporting, and responsibilities of an internal audit department.
Bank Branch Internal Audit - Cash Audit Work Program
The purpose of this work program is to provide the general steps used to perform a cash audit at a bank branch. This document provides audit procedures for counting cash funds, preparing a proof of available ATMs, counting of petty cash, reviewing coin and currency logs, and many other processes.
Chief Audit Executive IT Control Checklist
Chief Audit Executives can use this checklist to examine their IT control framework to ensure the organization has addressed all control elements. The checklist can help the CAE understand the issues and plan for full internal audit coverage of the control areas.
Close the Books Audit Work Program (Sample 2)
The preface to this sample audit program discusses general audit procedures, other considerations, and management controls to review in auditing the close the books process.
Corporate Governance Policy: Relationship with Internal Auditors
The purpose of this policy is to establish reporting relationships for the internal auditors of the company. Both internal and external auditors, by the nature of their work, have a special relationship with the board of directors. This policy spells out particular reporting relationships to ensure that appropriate governance can be applied.
Controls Monitoring Quarterly Assessment Audit Work Program
This work program provides steps to perform a quarterly assessment of management’s monitoring of company-level controls. Specific objectives of this work program include: evaluate the effectiveness of management’s controls monitoring process; assess management’s progress with respect to the implementation of action plans designed to address deficiencies; provide management with an internal audit framework to use in monitoring key controls on an ongoing basis and evaluate whether those controls are operating as designed.
Entity Level Internal Audit Methodology
The entity level business process audit methodology focuses on understanding and analyzing the business. This understanding is primarily used to identify the target processes and risks during the audit planning process. Tools are provided to help with each phase is the process.
Expenditure Cycle Audit Work Program
This internal audit work program looks at expenditure cycle activities and tests purchasing, accounts payable, travel and entertainment charges, and payroll.
Human Resources Process and Compliance Review Internal Audit Report - Sample
This sample human resources process and compliance internal audit report focuses on time reporting, payroll, recruiting, hiring, and termination. This report contains process maps of the HR process, including associated risks and controls.
Internal Audit Client Satisfaction Questionnaire
This questionnaire is intended to be sent to relevant departments upon completion of work performed by internal audit. This tool contains a sample email providing instruction on completing the questionnaire. The questionnaire contains drop-down menus with pre-populated answers to assist in the questionnaire reporting process.
Internal Audit Plan - Sample
This document details an internal audit plan for a specific period and the related projects that are planned to be delivered to the organization. Further details on the scope of these projects are provided in relation to planned internal audit activities.
Internal Audit Planning Memorandum – Sample Template
This internal audit planning memorandum documents the audit approach and administrative details for each audit. This memorandum should be completed as part of the initial audit planning process and is meant to enhance audit efficiency.
Internal Audit Post Engagement Debrief Template - Sample
Use this template upon completion of an audit to have team members discuss the audit and to provide feedback on audit execution, lessons learned, best practices, and future audit considerations. Sections include names of audit team members, performance against budget, lessons learned, internal process improvement suggestions, and future audit considerations.
Internal Audit Quality Assurance Review Methodology
This methodology outlines a process for performing a quality assurance review of the internal audit function. It allows the QAR team to gain insight into performance gaps and operations of the internal auditing department. Also included are links to tools, surveys and other resources to help accomplish a quality assurance process.
Internal Audit Report To Audit Committee: Plan Status - Sample
This sample report to the audit committee presents a logical, easy-to-follow summary of audit projects completed, in-progress, and scheduled. The report demonstrates the use of reporting elements such as progress bar charts, color-coded ratings on the effectiveness of controls, and a scorecard style approach to reporting recommendations and status.
Internal Audit Reporting: Impact and Clarity: Guide and Example
Effective Internal Audit reports and communications are a critical aspect of the audit process. Strong reporting is more than just appearance, and should be a reflection of the audit approach, performance, and organizational governance objectives. This guide provides practical advice for audit reporting, and includes an example report to the Audit Committee.
Job Description: Internal Audit Manager
These samples job descriptions can be used by those looking to fill the position of Internal Audit Manager. The job descriptions should be customized to meet detailed company criteria.
Process Level Internal Audit Methodology
Once a process has been identified for an audit or review, this methodology provides guidance and tools for the phases to be performed during the review process. Process level reviews should focus on business risks and on improving process performance. This tool addresses The IIA Standards, information technology, and fraud.
Risk Assessment Checklist
The questions in the checklist can be considered prior to process reviews or operational internal audits. They can be used in facilitated self-assessment sessions, risk assessment workshops or questionnaires, basic auditing work programs, and auditing interviews.
Segregation of Duties: Assessment Form for Accounting Applications - Sample
Segregation of duties is an integral part of the internal control environment. The following assessment form and guide will assist in understanding a function’s segregation of duties and related internal control effectiveness. Sales, accounts receivables, related cash collections are included.
Strategic Internal Audit Plan
This document is a template to be used by Internal Audit when developing an annual audit plan. This sample template provides areas to document the planning approach; major projects and associated timelines; and project sponsors.
10 Big Things for Small Audit Departments
Internal auditors face a problem common to many others in the business world: bigger responsibilities–but not-so-big resources. This is especially true in smaller internal audit departments, where resources are already sparse and growing responsibilities can stretch them dangerously thin. In this article, Joel Kramer, from the MIS Training Institute, discusses common mistakes made by small audit shops and provides suggestions on how they can do things right, using resources more efficiently.
2009 Internal Audit Capabilities and Needs Survey
Protiviti’s second annual survey, found that internal auditors are looking more seriously at technological solutions, including Computer-Assisted Audit Techniques (CAATs). These help to automate activities such as ongoing monitoring of certain internal controls and free the internal audit team to lend their expertise to their organizations in other ways. The survey was designed to gauge how internal audit professionals perceive their present capabilities, where they currently see need for improvement, and how they prioritize those needs.
Addressing Internal Controls In Your ERP Implementation
As “Y2K” era systems near the end of their useful lives, many companies are now launching new ERP implementation projects and conducting major upgrades to keep up with the rapid pace of technology and business change. This article describes how the knowledge gaps in internal controls may lead to budget issues, project delays and compliance risks, which further complicate an ERP implementation project. It also explores the implications of the significant ERP project risk and provides useful guidance to ensure compliance issues are addressed throughout.
Achieving High Performance in Internal Audit
Protiviti and the Institute of Internal Auditors – Australia, conducted research with chief audit executives from over 150 organizations exploring how organizations enable their internal audit function to advance good corporate governance. The research found a significant number of internal audit functions lack the appropriate framework to operate independently and objectively; an excessive level of influence is exercised by executive management over audit committee activities and the oversight and management of the internal audit function; and the majority of internal audit functions are unable to demonstrate compliance with the International Standards for the Professional Practice of Internal Auditing.
Assessing and Developing Internal Auditors’ Skills at Raytheon Co.
Today’s corporations and organizations confront the critical challenge of ensuring that internal auditors maintain knowledge and skills in the face of constant and rapid change. Auditors must explore new technologies, identify and help mitigate emerging risks, and develop solutions to complex business challenges in a global business environment. In part one of this article series, Larry Harrington, vice president of internal auditing, and Kathryn Bingham, a Six Sigma Master Expert and Raytheon Learning Champion, highlight the practices Raytheon Co. uses to develop an effective internal audit training and development program. The discussion concludes in part two with Harrington and Bingham describing how an external capabilities and needs assessment benefited the internal audit training program.
Best Practices for the Use of Data Analysis in Audit
Over the past 20 years, data analysis has become an essential part of the audit process for the vast majority of audit organizations. Using data analysis in an audit (generally referred to as “audit analytics”) has already provided significant benefits for audit organizations of all sizes across a broad range of industries, but there is still much progress that can be made by optimizing the audit analytics process. In this publication, ACL describes how to successfully use audit analytics.
Changes to The IIA Standards: What Board Members Need to Know
On January 1, 2009, The IIA formally released its revised International Standards for the Professional Practice of Internal Auditing. In this white paper, Protiviti provides a summary of the new and revised Standards, focusing on key areas that are believed to have the most significant impact on IA functions based on our knowledge and experience gained from working with organizations around the globe. Also provided are suggested actions on how IA functions can comply with these changes.
Covering Risks in a Shifting Economy
If you have shifting expectations and fewer internal audit resources, how do you adequately cover risk, especially the emerging risks suggested by our current economic conditions? In this article, the author encourages internal audit departments to leverage leading practices so they contribute to the organization’s ability to weather the economic storm and take advantage of opportunities in the future. Now, what internal auditor wouldn’t want to do that?
Executive Presence: Increase audit effectiveness, build leadership potential
While choosing the right suit can help build a person’s confidence, it takes more than that to build credibility, authority, and trust – all qualities vital to effective internal auditors. It demands a combination of external and internal qualities that can be characterized as "executive presence." In this article, Ann Butera, from The Whole Person Project, Inc., describes the qualities that increase executive presence and its lasting value.
External Auditor Considerations
This section of Protiviti's "Guide to Internal Audit" addresses common questions concerning the use of external auditors. Some of the topics covered are: Can we use our external auditors to perform internal audit work? And, do all internal audit reports need to be reviewed by the external auditor?
Improving Internal Audit Through Technology
A number of studies show that internal audit functions are looking more seriously at technology as a way to improve productivity and the organization’s risk management process. The reality is that internal audit cannot successfully meet all looming expectations and perform at a new level without doing things differently and technology – or, more accurately, the very efficient and effective use of technology – is essential for internal audit to succeed in its evolving mandate. This article discusses how to start integrating technology into the audit process, sell its value proposition to executive management, and overcome the related challenges.
An Integrated Approach to Managing Operational Risk – Breaking down the organizational barriers
The operational audit function can be considered an extension of internal audit, where auditors focus on issues that may not have a direct impact on financial reporting such as compliance with company operating policies and procedures or safety, labor or health regulations. In decentralized organizations, communication is important to address operational audit issues and the associated risks. This article discusses how technology can help manage operational audits.
Global Technology Audit Guide (GTAG) 11: Developing the IT Audit Plan
As technology becomes more integral to the organization’s operations and activities, a major challenge for internal auditors is how to best approach a company-wide assessment of IT risks and controls within the scope of their overall assurance and consulting services. As pointed out in this GTAG, auditors need to understand the organization’s IT environment; the applications and computer operations that are part of the IT infrastructure; how IT applications and operations are managed; and how IT applications and operations link back to the organization.
High Value Audits: An Update on Information Technology Auditing
Recently, Protiviti conducted a survey in which it asked chief audit executives, internal audit directors, managers, and other professionals, to determine how they perceive their departments’ capabilities concerning internal auditing, where they currently see a need for improvement, and how they prioritize those needs. Respondents rated auditing skill sets around IT change management, security, computer operations, program development and business continuity lowest.
Internal Auditing Around the World:
Protiviti’s publication Internal Auditing Around the World - Volume V continues to detail internal audit best practices, processes and strategies being employed at some of the world’s most successful companies. These 11 companies represent different regions, industries and markets. They are highly successful international companies undergoing significant changes, such as restructuring, mergers and acquisitions, and industry transformation. As detailed in this publication, these organizations have not only adapted successfully, but that they also have uncovered many untapped opportunities.
The Keys to Expediting Audit Report Delivery
Auditors are increasingly pressured to bring current and relevant issues to the attention of decision makers, placing a greater premium on accelerating audit report issuance. In this article, Ann Butera, President of The Whole Person Project, addresses how auditors can successfully merge the need to deliver reliable audit reviews and analyses with the increasing “need for speed.” In addition, Butera highlights how following simple principles can help internal auditors consistently achieve these dual goals.
Moving Internal Audit Back into Balance - A Post-Sarbanes-Oxley Survey
Protiviti conducted its fourth annual internal audit rebalancing survey in late 2009 to continue monitoring progress made towards rebalancing the internal audit function and how the landscape has changed. It has now been two years since the SEC and PCAOB made significant SOX-related announcements. The survey consisted of a series of questions grouped into two divisions: “Rebalance Strategy” and “Internal Audit Organization and Focus.” One of the most interesting trends emerging is an apparent drop among organizations in activities and perceived benefits relating to PCAOB AS5 and the SEC’s Interpretive Guidance.
The Process of Internal Auditing
This third section of Protiviti's "Guide to Internal Audit" addresses commonly asked questions concerning the process of internal auditing. Some of the topics covered are: How is internal audit work actually performed? What types of IT audit skills should be included in an internal audit department? What is control self-assessment? And, are internal auditors required to follow COSO?
Setting the 2009 Audit Committee Agenda
Since we published Issue 1 of Volume III of The Bulletin, Setting the 2008 Audit Committee Agenda, a year ago, the world has changed – dramatically. This issue of The Bulletin provides observations and ideas for boards and their audit committee regarding matters they should consider to get through the trying times in the year ahead. In addition to the unfinished business, we see several additional mandates on the minds of members on audit committees. These eight items on the list are discussed further in this issue.
Why Adopting the Quality Standard is Important for Internal Auditors
Now, more than ever, leading organizations are recognizing the importance of maintaining an effective internal audit function. Given the extensive regulatory developments and increased liability in today’s business environment, audit committees and company management, among other stakeholders, have placed greater emphasis on the need for enhanced governance, transparency and sound internal controls within their organizations. A quality internal audit function is a critical component in achieving this goal.
American Institute of Certified Public Accountants (AICPA) - The AICPA is the premier national professional association for CPAs in the USA. This site features accountancy news briefs, detailed AICPA product information, accounting, and auditing standards, technical documents, and selected full-text articles from AICPA magazines and newsletters.
Association of College and University Auditors - This site contains information about ACUA and provides links to document libraries and other useful Web sites
Association of Credit Union Internal Auditors - The Association of Credit Union Internal Auditors (ACUIA) is an international professional organization dedicated to the practice of internal auditing in credit unions.
Association of Healthcare Internal Auditors - The Association of Healthcare Internal Auditors (AHIA) promotes excellence in the healthcare internal audit profession. This site features membership information, position papers, and selected articles from the association journal, New Perspectives.
AuditNet - This site features a comprehensive directory of links, articles relating to use of the Internet by auditing professionals, a glossary, links to internal audit best practices, references to Internet-related books, a collection of audit programs contributed by auditors worldwide, and much more.
Financial Accounting Standards Board (FASB) - The FASB establishes and improve standards of financial accounting and reporting for the guidance and education of the public, including issuers, auditors, and users of financial information. This site features a collection of resources covering the FASB, its activities, and its pronouncements. Users can access summaries and status updates on all statements, exposure drafts, Emerging Issues Task Force reports, and a number of additional resources.
Financial Executives International (FEI) - The FEI is a professional organization representing senior level financial executives. FEI provides peer networking opportunities, emerging issues alerts, personal and professional development, and advocacy services to CFOs, VPs or Finance Controllers, Treasurers, Tax Executives, Finance and Accounting Professors in academia. This site features information about FEI events and committees as well as descriptions of publications and research.
Frequently Asked Questions (FAQs) About the Internal Audit Professions - Gain a better understanding of the internal audit profession with these FAQs from The IIA. These key concepts can be used in presentations to upper management and audit clients. They can also help you answer the question, "So you're an internal auditor ... what's that?"
Governmental Accounting Standards Board (GASB) - The mission of the GASB is to establish and improve standards of state and local governmental accounting and financial reporting that will result in useful information for users of financial reports and guide and educate the public, including issuers, auditors, and users of those financial reports.
Information Systems Audit and Control Association - The Information Systems Audit and Control Association and Foundation (ISACA) is a global professional association representing information systems (IS) auditing, control, and security practitioners worldwide.
Institute of Chartered Accountants in Australia (ICAA) - The ICAA represents the Australian accounting profession and sets the technical and ethical standards for members along with current accounting and auditing standards. This site features full text accounting and auditing standards as well as technical documentation on business law, tax, and workers compensation.
Institute of Chartered Accountants in England & Wales (ICAEW) - The Institute is the UK’s premier accountancy body, and the largest in Europe, with over 124,000 members working in business and public practice in 142 different countries. The Institute's qualification is recognised around the world as a prestigious professional business qualification. Members of the Institute are entitled to the description Chartered Accountant and to the designatory letters ACA or FCA.
Institute of Chartered Accountants of Ontario - The Institute of Chartered Accountants of Ontario is the regulatory body of Ontario's Chartered Accountants and CA students. The Institute protects the public interest through the CA profession's high standards of qualification and its enforcement of the profession's rules of conduct. This site provides information about the Institute, information on accreditation, directories to other Canadian accounting organizations, and full-text of selected articles of the current issue of the journal Checkmark.
Institute of Internal Auditors - The Institute of Internal Auditors (IIA) is an international professional association dedicated to the promotion and development of internal auditing.
Institute of Internal Auditors UK and Ireland Online - The Institute of Internal Auditors UK and Ireland is the primary body in the UK and Ireland representing, promoting, and developing the practice of internal auditing. This site features selected full text articles from Internal Auditing magazine, a catalog of publications, and information on membership and activities.
Institute of Management Accountants (IMA) - The IMA is the leading professional organization devoted exclusively to management accounting and financial management. This site offers selected full text articles from a number of IMA publications including Management Accounting, Syndicated News, and others. Users can also access information on certification, continuous education, and a set of links to local chapters and councils.
Internal Audit Service (IAS) of the European Commission - The IAS exists to help the Institution to make the best possible use of the taxpayer's €uro. The IAS believes that its job should also extend to promoting better understanding of the Commission's internal control landscape - such as the fact that management of up to 90% of the funds for which the Commission is accountable is actually managed by others.
Internal Auditing Standards Board - IASB develops practice standards and advisories for the internal audit profession that include the Code of Ethics, nature of internal audit activities, key components of a charter and an annual plan of activities, ways of conducting an engagements and communicating results, and criteria for evaluating the performance of the services.
>> Sign up now for a
30-day free trial or an
annual subscription.
Find out more about our
subscription prices and group discounts.
If you have any questions please
contact us.