1 / 28

Audit Universe Risk assessment for strategic and annual internal audit plan

Audit Universe Risk assessment for strategic and annual internal audit plan. Yerevan 2013. Audit Universe. Internal Audit can audit all public entities: RA President’s Office, Administration of People’s Assembly, Government Administration, Ministries and agencies. Audit Universe.

efrem
Download Presentation

Audit Universe Risk assessment for strategic and annual internal audit plan

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Audit UniverseRisk assessment for strategic and annual internal audit plan Yerevan 2013

  2. Audit Universe Internal Audit can audit all public entities: • RA President’s Office, • Administration of People’s Assembly, • Government Administration, • Ministries and agencies.

  3. Audit Universe As well, internal audit can audit: • Public non-commercial entities, • Joint stock companies with public share of over 50%.

  4. Internal audit structure in RA • Audit units are set up only in public entities and city Prefects’ Offices. • The above units are obliged to carry out audits in non-commercial entities and closed joint-stock companies within the scope of these entities or prefects’ offices.

  5. Objects of Audit Objects of audit in Armenia are such business processes in an entity which are carried out in order to achieve its objectives.

  6. Procedure for Identification of Business Processes The audit unit identifies all ongoing processes in a unit and groups them into respective business processes Identification is done by employing horizontal, vertical and aggregate system.

  7. Classification of business processes The audit unit assigns individual ID code to each identified process. The ID code contains information about the manager of the process and who is responsible for its implementation (including the unit in charge).

  8. Models employed in risk assessment A number of risk assessment models are applied in Armenia, such as : • Model based on risk indicators, • Model based on criteria applicable to groups of organizations.

  9. Model based on risk indicators • Indicators are scenarios which, once they appear, we add scores to each of them, and the risk is assessed depending on the score • This model is used by Customs Authorities

  10. Model based on criteria applicable to a group of organizations. • Selection of organizations follows a number of criteria, for instance: annual turnover or budget financing, number of public contracts, etc. • This model is used by the Financial Control Inspection

  11. Model underlying the Guidelines for Internal Audit in the Republic of Armenia • The risk assessment relies on self-assessment of auditees

  12. Identification of Risks Entities or persons in charge of implementation and development of respective processes must submit their risk assessment per each process to the audit unit before the beginning of the reporting year, both from the point of view of eventual failure to implement this process and potential impact due to non-implementation of this process.

  13. Identification of risks Information on the nature of the risk is submitted along with the risk assessment to the internal audit unit Scores are applied from 1 to 4

  14. Actions undertaken by the auditors while reviewing risk indicators Having received information on risk assessment from auditees, the Internal Audit Unit applies review factors. Review factors are selected within range from 0.5 to 1.5. Risk indicator= A*a*b*…*n

  15. Review factors • Rate of financing • Complaints received • Incentives • Structural or other changes • other

  16. Risk Assessment

  17. Risk Groups

  18. Selection rates by risk groups

  19. Priorities in selection • While selecting for significant, medium and low risk groups, it is necessary to establish priorities, i.e. the processes to be selected for strategic and annual planning.

  20. Establishing priorities • These are established based on risk value in the previous 3 years. • To estimate the priority ratio, it is necessary to compare the risk value as obtained by the auditors with the risk value in each of the previous years. • The first ratio shall be determined depending on how the risk value has changed

  21. Estimate Ratio Matrix (R)

  22. Impact by years

  23. Priority Ratio (PR) Formula PR = (R1)x(PR1) + (R2)x(PR2) + (R3)x(PR3)

  24. Making a strategic plan After all these estimates all selected processes must be included in the straegic plan Yet, having prepared their strategic plan, the auditors must estimate technical and human resources required to carry out the respective audit tasks

  25. Estimates • Resources are estimated in order to identify what is needed to implement the audit tasks • If the resources are not sufficient for implementation of the annual plan, the audit unit shall attract additional resources, including experts.

  26. Table to Estimate of Available Resources

  27. An estimate of the required resource

  28. Thank you for attention! GrigorAramyan tel: +37491 40-70-67 e-mail: grigor.aramyan@minfin.am

More Related