Agenda

Spotlight On: Internal AuditingBeta Alpha Psi and Accounting AssociationCSUEB April 12, 2007Charlie Mociak / Kris KumaranIIA - NCEB

Agenda • What is Internal Auditing? • Who are Internal Auditors and What Do they Do? • Audit Scope, CSA, and Types of audit • Why a career in Auditing? • Enterprise Risk Management and COSO • Sarbanes Oxley • Recent Salary Survey and IIA Resources • Information on the Northern California East Bay IIA Chapter

The IIA’s Definition of Internal Auditing Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplinedapproachto evaluate and improve the effectiveness of risk management,controls, and governance processes.

Corporate Governance • Healthy interdependence: • Internal Controls are strong • Reporting is accurate • Ethics are maintained • Oversight is effective • Risk is mitigated • Investments are protected

Internal Versus External Auditors

Who are Internal Auditors? • Come from diverse areas • Accounting • Finance • IT • Engineering • Stay abreast of business trends, update knowledge • Proactive, explorers, analysts, reporters • Provide independent, objective professional advice to all levels of management • Pave the path to continuous improvement

Internal Audit Functions • Evaluating Risks • Confirming Information • Assuring safeguards • Operational effectiveness and efficiency – Quality, Economy, Ethics • Reviewing Compliance • Recommending Controls • Communicating information and opinions with clarity and accuracy

Internal Audit Functions An Abundance of Frauds Source: Auditing & Assurance Services, TJ Louwers et al, 2006.

Audit Scope • Financial: Accounts payable, account reconciliations, credit / sales / receivables, pricing / discounts / rebates, production, work-in-progress / capital projects / fixed assets, inventory, cash and banking, human resources, payroll • Operational – Key processes and procedures, computer systems, human resources, transportation • Procurement – Purchasing / Contracting

Control Self-Assessment (CSA) What is CSA? Employee teams getting together with their managers and a facilitator: To analyze the strengths and obstacles which affect their ability to achieve their key business objectives, and To decide upon appropriate action. Types of CSA Stand-alone review In conjunction with an audit

Types of Audit • Financial • Operational • Sarbanes-Oxley (SOX) • Contractor, Non-Operated Joint Ventures • Control Self-Assessment (CSA) • Business Process and Application Auditing • Information Technology (IT) • Compliance • Consulting • Investigative

Professional Licenses / Certifications and Advanced Degrees We encourage: • CPA – Certified Public Accountant • CIA – Certified Internal Auditor • CISA – Certified Information Systems Auditor • CFE – Certified Fraud Examiner • CISSP – Certified Information Systems Security Professional • CCSA – Certification in Control Self-Assessment • MBA

Encompassing the World:The Profession of Internal Auditing • Allows for an expedient, high-level understanding of the organization and industry • Exposure to senior-level management • Transferable skills / disciplines • Networking opportunities • Expanding profession • Not just for accountants • Good starting salary • Great opportunities • Potential travel

Join Internal Auditing and See the Country and the World • Travel – Domestic and International • Weekend Side Trip Opportunities • Learning About Different Cultures • Meeting People and Sample Foods

COSO Commission • The National Commission on Fraudulent Financial Reporting conducted a study from 1985 through 1987. • The study was undertaken as a result of the many savings & loan and bank scandals of the 1980s. • The purpose was to identify causal factors that can lead to fraudulent financial reporting and steps to reduce its incidence. • The Integrated Control Framework, introduced in 1992, was a result of this study.

COSO - Fraudulent Financial Reporting Analysis • Control Environment: Top senior executives were frequently involved in the fraud. • 72% of cases involved the CEO • 43% of cases involved the CFO • Most audit committees only met once a year or had no audit committee. • Boards of directors were dominated by insiders and those with little experience. • Family relationships among directors and/or officers were fairly common.

Enterprise Risk Management COSO Control Model

The Five Components Under The COSO Framework • Information and Communication • Pertinent information identified, captured and communicated in a timely manner • Access to internal and externally generated information • Flow of information that allows for successful control actions from instructions on responsibilities to summary of findings for management action • Internal Environment /Objective Setting • Sets tone of organization-influencing control consciousness of its people • Factors include integrity, ethical values, competence, authority, responsibility • Foundation for all other components of control • Objective setting is a precondition to determining the success of a company • Risk Response - Control Activities • Risk avoidance, reduction, sharing, and acceptance • Policies/procedures put in place to ensure risk responses are carried out • Range of activities including approvals, authorizations, verifications, recommendations, performance reviews, asset security and segregation of duties • Event Identification/Risk Assessment • An event is an incident from internal or external sources that could affect achievement of objectives. • Risk assessment is analysis of relevant risks to achieving the entity’s objectives-forming the basis for determining control activities • Monitoring control system’s performance • Assessment of risk management components over time • Combination of ongoing and separate evaluation • Management and supervisory activities • Internal audit activities

Key Leanings From COSO • Importance of the organization’s control environment cannot be overstated. • The multi-period aspect of financial statement fraud, suggests the importance of interim financial statement preparation, as well as the benefits of continuous auditing strategies. • The nature of misstatements affecting revenues and assets recorded close to fiscal period end highlights the importance of cutoff and assetvaluation testing.

Overview of Sarbanes-Oxley Act of 2002 A Fundamental and Permanent Change to Business and the Accounting Profession.

Signed Into Law by Congress in 2002 • Legislation will fundamentally change the way that public companies do business and how the accounting profession performs its statutorily required audit function. • Establishes a comprehensive framework to modernize and reform the oversight of public company auditing, improve quality of reporting, and strengthen the independence of auditors.

SOX - A Fundamental andPermanent Change to Business and the Accounting Profession. • Creation of Independent Accounting Oversight Board • Auditor Independence • Audit Committee • Management Responsibility • New Disclosures Required • Analysts Conflicts of Interest • Fraud & Criminal Penalties • Summary

Creation of Independent Accounting Oversight Board • Empowered to set auditing, quality control, and ethics standards. • Will inspect registered accounting firms, conduct investigations, and take disciplinary actions.

Auditor Independence • Limits the scope of consulting services that auditors can offer their public company audit clients. • Act only applies to public companies.

Audit Committee • The act provides for a strong public company audit committee that will be directly responsible for the appointment, compensation, and oversight of the public company auditors. • Audit committee members must be independent from company management.

Management Responsibilities • CEOs and CFO will have to certify that company financial statements fairly represent the company’s financial condition. • Prohibits a company officer from attempting to mislead an auditor.

New Disclosures Required • Companies must report all off-balance sheet transactions and conflicts. • Accelerates the required reporting of all insider transactions. • Annual reports field with SEC must include a statement by management asserting it is responsible for internal controls and has assessed their effectiveness. This must be “attested to” by the external auditors.

Summary • The act will fundamentally change business and their relationships with the accounting profession. • The independent Accounting Oversight Board will have strong control and broad authority over auditing standards and public accounting firms. • CEO’s and CFO’s will be responsible to sign-off on all documents filed with the SEC and provide an annual report on the adequacy of internal controls. • Penalties and jail sentences have been greatly increased for corporate wrong-doing.

Salary Survey -2006 • CAE or Partner - $177,515 • Director – $126,798 • Manager – $97,041 • Supervising Senior - $79,907 • Senior – $72, 323 • Staff - $54,196 • Entry Level Apprentice - $47,647

Institute of Internal Auditors (IIA) Academic Resources • Internal Auditing Educational Partnership (IAEP): http://www.theiia.org/guidance/academic-relations/ • Essence: Partner Academic Institutions with the Institute of Internal Auditors and their Chapter Affiliates. • Internal Audit Academic Achievement Fund – scholarship fund setup to help fund the efforts. • IA Research Foundation: http://www.theiia.org/research/ • Purpose: The mission of The IIA Research Foundation (IIARF) is to expand knowledge and understanding of internal auditing by providing relevant research and educational products to advance the profession globally. • Celebrating 30 year anniversary.

NORTHERN CALIFORNIA EAST BAY (NCEB) CHAPTER • GOAL: is to partner with the area Academic Institutions to promote Internal Auditing. • HOW: (Answers the “What’s in it for Me” - Question) • Encourage Student Attendance at Chapter Meeting. • Meetings are the second Tues of each Month (Sept-May) from 1:45 to 4:00. • Sign Up: http://www.theiia.org/chapters/NCEB or Email: Jennifer Otto jo9351@att.com or tlanfranki@sbcglobal.net • Fee: Free! ($25 value) • Encourage Membership in IIA – NCEB Scholarship Program • Attend two meeting in our Chapter year and receive a membership in the IIA. ($30 value) • Limited to the first 30 students.

NORTHERN CALIFORNIA EAST BAY (NCEB) CHAPTER • FUTURE: ? • Establish a Student Chapter • Examples: University of Texas at Dallas: http://www.utdallas.edu/orgs/iia/ Pittsburg State University: http://www.pittstate.edu/acctg/EIAP/ Saint Mary’s College of California ? • Activities: • Vendor Forum: Atlanta Chapter • Enhancement of the NCEB Scholarship Program - Best paper on relevant IA topic • Other: - Site Visits, Day at the Ball Park, etc. • Contacts: • Any of the Panel Members. • NCEB Academic Relationship Program Coordinator: Mr. Kris Kumaran Kris.Kumaran@safeway.com

Talked about….. • What is Internal Auditing? • Who are Internal Auditors and What Do they Do? • Audit Scope, CSA, and Types of audit • Why a career in Auditing? • Enterprise Risk Management and COSO • Sarbanes Oxley • Recent Salary Survey and IIA Resources • Information on the Northern California East Bay IIA Chapter

Agenda

Agenda

Presentation Transcript

Agenda

Agenda

Agenda

Agenda

Agenda

Agenda

Agenda

Agenda

Agenda

Agenda

Agenda:

Agenda

Agenda

AGENDA