1 / 17

PwC

Role of Internal Audit in Corporate Governance. September 2010. Tumin Gültekin, Partner. PwC. Contents. Section Page Determining the role of internal audit 3 Transforming the role regarding corporate governance 11 Questions 24. Determining the role of internal audit. Overall structure.

gayle
Download Presentation

PwC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Role of Internal AuditinCorporate Governance September 2010 Tumin Gültekin, Partner PwC

  2. Contents Section Page Determining the role of internal audit 3 Transforming the role regarding corporate governance 11 Questions 24 Internal Audit transformation

  3. Determining the role of internal audit Internal Audit transformation

  4. Overall structure

  5. As companies move toward enterprise risk management, Internal Audit must also evolve – or risk a diminished value proposition 20th Century Internal Audit Model The Common Internal Audit Model The Risk-Centric Internal Audit Model Controls assurance based on a risk-based internal audit plan Controls assurance based on cyclical or routine audit plans Risk and control assurance based on the effectiveness of risk and control processes implemented by management If the view (among stakeholders) grows that all Internal Audit does is test controls, then resource levels will have to come down. Chief Audit Executive, Financial Services Industry Traditional internal auditing will probably diminish in value if the organization moves towards formal risk management. Senior Executive, Rating Agency Source: Internal Audit 2012 Determining the role of internal audit

  6. Aligning Internal Audit activity to corporate risks; strategic objectives; driving stakeholder value • Strategic, operational and business risks underlie 80% of the rapid declines in shareholder value. • Gaps exist between the current focus of many Internal Audit functions and the significant risks their organisations face. • Over the past five years, internal auditors have been concentrating on basic financial reporting and compliance risks. 60% 20% 15% 5% Strategic & business Operational Financial Compliance Source: PwC, composite of various studies of US and UK markets Determining the role of internal audit

  7. Internal Audit functions need to have a clear view of where they want to be positioned “Strategic/Operationalfocus” “Controls-focussed” Determining the role of internal audit

  8. Some of the typical gaps in the role of internal audit Gaps in coverage and inefficient processes are also driving a need for change Determining the role of internal audit

  9. Transforming the role regarding corporate governance Internal Audit transformation

  10. How internal audit can add value Organization • Board expectations • Dynamic mission vs. static / limited purpose • Organisational alignment • Flexibility Strategy Implementation • Enterprise strategy • Stakeholders’ expectations • Shareholders value drivers • Risk management alignment Strategy Organization People • Stature across enterprise • Achieve mission/objectives • Attract and retain talent • Source of talent • Successful progression to management roles in the organisation • Potential leaders of departments or business units Technology • Effective utilisation • Enhance risk-based approach • Leveraged to change process • Substitute for labor Technology People Process Process • Process efficiency • Willingness to change • Effective communication Transforming the role regarding corporate governance

  11. How internal audit can add value – Solvency II related Assessment and improvement of... • Risk management strategy • Stakeholders’ expectations • Policies • Investment • Reinsurance • Risk etc • ORSA • System of governance • Internal control system • Risk management system Strategy Organization • Solvency II project • Policy and procedures, documentation • Responsibilities • Proper resource and expertise • Data requirements • IT systems and architecture • Data quality and consistency • Model • Technical provisions • Systems security and controls Technology People Process • Reporting • Management • Internal • External Transforming the role regarding corporate governance 11

  12. An approach to transforming internal audit Strategy & Risk People Process Technology Strategic Objectives • Understand what the strategic objectives of the organisation are Stakeholder Value • Understand what drives/devalues stakeholder value within the organisation Strategic Risks • Understand what the strategic risks of the organisation are Capabilities Assessment • Inventory of existing skills • Conduct gap analysis • Determine adequacy of resources to respond to all key risks Talent Management • Use of internal and external resources • Consider implementing a rotational staffing model to attract and retain talent Audit Cycle Improvements • Align Internal Audit with organisation’s strategic objectives • Reduce audit cycle time by conducting more targeted audits • Increase value derived from focus on higher-risk areas • Improve communication to stakeholders through concise, impactful reports Optimisation of Technology • Reduce the labor content of audits by increasing the effectiveness of lower-risk audits • Provide real time monitoring of significant risks • Explore areas where technology can streamline or standardise a process • Test entire data populations electronically Transforming the role regarding corporate governance

  13. Value enhancement and efficiency This approach is focused on aligning the IA strategy with the value-producing processes and activities of the organisation, while streamlining the IA operations to drive efficiency Company Strategy / Shareholder Value Drivers/ Strategic Risks Value Enhancement Focus Internal Audit Strategy Organisation People Operating Strategy Improving Inefficiencies & Managing Costs Process Process Technology Technology Transforming the role regarding corporate governance

  14. Transformed vs. traditional risk assessment approach Identify Stakeholder Value Creating Activities Stakeholder Value Based Approach “Top-down” approach where coverage is driven by issues that directly impact shareholder value, with clear and explicit linkage to strategic issues of the organisation. Understanding Enterprise Risks (Strategic, Financial, Operations, Compliance) Evaluate Impact to Shareholder Value Audit plan Traditional Approach Traditional “bottom-up” approach based on stakeholder interviews and analysis. Focus is on coverage of identified risk areas, geography and business operations. Evaluate Impact of Risks within Audit Universe Identify Risks (financial operations, compliance) Define Audit Universe (eg geography, business unit) Transforming the role regarding corporate governance

  15. Some strategies for strengthening the role of internal audit in corporate governance What would be the greatest strategic value internal audit could and should contribute? How could do the companies manage the risks to shareholder value? Transforming the role regarding corporate governance 15

  16. Questions Internal Audit transformation

  17. PwC – enhancing the value delivered by internal audit © 2009 PricewaterhouseCoopers. All rights reserved. “PricewaterhouseCoopers” refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity. *connectedthinking is a trademark of PricewaterhouseCoopers LLP (US). Internal Audit transformation

More Related