1 / 15

Internal Audit opinion on Adequacy of Control Processes (IPPF 2130)

Internal Audit opinion on Adequacy of Control Processes (IPPF 2130). Internal Audit Seminar CHU Ministry of Finance OECD/SIGMA, Joop Vrolijk Zagreb 24 November 2011. IPPF 2130 - what is it about?. Objective of IPPF 2130 The internal audit activity assist the

nedra
Download Presentation

Internal Audit opinion on Adequacy of Control Processes (IPPF 2130)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internal Audit opinion on Adequacy of Control Processes (IPPF 2130) Internal Audit Seminar CHU Ministry of Finance OECD/SIGMA, Joop Vrolijk Zagreb 24 November 2011

  2. IPPF 2130 - what is it about? Objective of IPPF 2130 The internal audit activity assist the organisation in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement

  3. What is role of Management? • Role senior management is to oversee the establishment, administration, and assessment of the system of risk management and control processes • Responsibility of line managers is the assessment of the control processes in their respective areas.

  4. What is role of CAE? The Chief Audit Executive (CAE) has to form an overall opinion about the adequacy and effectiveness of the control processes. Basisof such an opinion • Sufficient audit evidence obtained through completion of audits • Reliance on the work of other assurance providers.

  5. How to obtain sufficient evidence (1)? The CAE has to develop an Internal Audit plan. This plan should include: • audit engagements and/or other procedures about all major operating units and business functions to be assessed, and • a review of the major control processes operating across the organization. The plan should be flexible and give special consideration to those operations most affected by recent or unexpected changes.

  6. How to obtain sufficient evidence (2)? The plan describes also relevant work • performed by others who provide assurances to senior management; • audit work of the external auditor; • management's own assessments of its risk management process, controls, and quality improvement processes.

  7. Sufficient evidence in audit plan? The CAE should evaluate breadth of coverage of audit plan to determine whether scope is sufficient to enable expression of an opinion about organization's risk management and control processes. The CAE should inform senior management and the board of any gaps in audit coverage.

  8. Key challenge execution Audit Plan? Key challenge is to evaluate effectiveness of organization's control processes based on the aggregation of many individual assessments!

  9. Reporting on Adequacy of Control Processes • Once a year by CAE • States critical role of control processes • Describes nature and extent of work of IA and reliance on work of others

  10. Opinion on Adequacy of Control Processes in practice? In private and public sector: seldom!!!

  11. Why seldom an opinion on effectiveness of control processes? In private and public sector no full coverage of audit universe in annual audit plan: • no sufficient evidence • no liability by Internal Auditors

  12. What reported about effectiveness of control processes? In public sector: • Opinion on design of system • Opinion on design of system with negative opinion on functioning • Opinion on procedures which led to IC statement of Management

  13. Fiscal Responsibility Statement in Croatia The Fiscal Responsibility Statement is an annual statement whereby heads of budget etc. Confirm that he/she has ensured • a legal, earmarked and purposeful spending of resources, • an efficient and effective functioning of the financial management and control system within framework of resources determined in the budget, i.e. the financial plan

  14. Consequences for Internal Auditors? The Internal Auditors have to give an opinion on the Financial Management and Control system based on their audits performed for the year of the FR statement

  15. THANK YOU FOR YOUR ATTENTIONJOOP.VROLIJK@OECD.ORGWWW.SIGMAWEB.ORG

More Related