1 / 16

Top 10 Global Impacts of SOX on Internal Auditing

Top 10 Global Impacts of SOX on Internal Auditing. Back to Basics: Risk, Controls, Governance.

denton-moss
Download Presentation

Top 10 Global Impacts of SOX on Internal Auditing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Top 10 Global Impacts of SOX on Internal Auditing

  2. Back to Basics: Risk, Controls, Governance Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations.  It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Fostering Enterprise Risk Management Re-engaging Internal Controls Facilitating more effective corporate governance

  3. #10: Incentive Compensation Should internal auditing and more specifically, the chief audit executive (CAE), participate in incentive compensation award systems, based on performance of the organization’s bottom line?

  4. #9: Access to Information Is the CAE positioned within the organizational structure to have access to and involvement in emerging decisions by senior executives; and to have a “seat at the table” when key business strategies are being developed?

  5. #8: Reporting Relationships Does the internal audit activity properly report within the organization directly to the audit committee for oversight and to the CEO for organizational interface?

  6. #7: Are MD&A Disclosures Accurate? Does the internal audit department perform tests to ensure the accuracy, completeness, and appropriateness of the information contained in the management discussions and analysis (MD&A) portion of the annual report?

  7. #6: Quality Assessment International Standards for the Professional Practice of Internal Auditing require an external quality assessment every five years, plus an ongoing quality program to ensure the outputs of the internal audit department are in accordance with expectations.

  8. #5: Control Assessment • Entity-wide assessment of key controls in business processes that feed the general ledger and hence the overall financial statements • Process ownership • Certification of internal control over financial reporting • Linkage to COSO’s Internal Control Framework, including entity-wide control component assessment

  9. #4: Fraud • Awareness of potential fraud risks and appropriate responses • Fraud prevention and detection program • Forensic auditing during financial audits • Increased fraud consideration in the internal audit department’s audits

  10. #3: Governance • Audit committee changes to charter and scope of work • Audit committee financial expert • Audit committee member independence and financial competency • Oversight of fraud, risk, internal auditing, and external auditing • Self-assessment

  11. Board of Directors Effective Governance External Auditing Internal Auditing Senior Management

  12. #2: Ethics • Hotline operations • Compliance programs • Training • Culture – encourage disclosures • Investigative process coordination • Handling complaints and documentation • Whistleblower protection

  13. #1: Risk • ERM • Risk model • Risk event identification • Risk assessment techniques • Probability • Impact • Risk response • Risk-based audit approaches

  14. COSO’s ERM-Integrated Framework • Entity objectives: four categories • Strategic • Operations • Reporting • Compliance • ERM considers activities at all levels of the organization • Enterprise-level • Division or subsidiary • Business unit processes Source: COSO Enterprise Risk Management Framework

  15. Today’s Top 10 • Risk • Ethics • Governance • Fraud • Control Assessment • Quality • Management Discussion & Analysis • Reporting Relationships • Access to Information • Incentive Compensation

  16. For more information • Visit www.theiia.org • Call +1-407-937-1111 • E-mail custserv@theiia.org

More Related