A Step By Step Guide: How to Perform Risk Based Internal Auditing for Internal Audit Beginners , livre ebook

eBookIt.com - RAZLY ZAKARIA

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

65 pages

English

Vous pourrez modifier la taille du texte de cet ouvrage

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

A propos
Informations
Extrait

Description

This book provides new internal auditors with step by step guide in performing risk based internal auditing. Summarised in 5 easy-to-follow simple steps, the author shares his experience in performing an effective and comprehensive internal audit exercise.

Methodology and complex techniques are available. Not to deny that all these available information is good, but it would be too complicated for internal audit beginners to understand and to apply those information immediately into a guide in their first task.

Therefore, this book has been written to provide a simple yet comprehensive guides with examples that can be immediately applied!

Sujets

Auditing

Economie gestion

Economics

Business

Informations

Publié par	eBookIt.com
Date de parution	13 mars 2014
Nombre de lectures	1
EAN13	9781456621650
Langue	English

Informations légales : prix de location à la page 0,0500€. Cette information est donnée uniquement à titre indicatif conformément à la législation en vigueur.

Extrait

A Step By Step Guide:
How to Perform Risk Based Internal Auditing for Internal Audit Beginners

by
RAZLY ZAKARIA

Copyright 2014 RAZLY ZAKARIA,
All rights reserved.

Published in eBook format by eBookIt.com
http://www.eBookIt.com

ISBN-13: 978-1-4566-2165-0

No part of this book may be reproduced in any form or by any electronic or mechanical means including information storage and retrieval systems, without permission in writing from the author. The only exception is by a reviewer, who may quote short excerpts in a review.
ABOUT THE AUTHOR
Razly Zakaria is actively involved in the provision of internal audit outsourcing services. He is also active in conducting risk awareness trainings, facilatating risk assesment workshops as well as handling many projects with regards to the establishment of enterprise risk management framework for public listed companies and government agencies. He has been leading many major assignments in Malaysia, Thailand, Singapore and Bahrain.
Razly’s certifications & professional memberships include the followings:
• Association of Chartered Certified Accountants, UK (ACCA)
• Certified Internal Auditor, USA (CIA)
• Certification in Risk Management Assurance, USA (CRMA)
• Malaysian Institute of Accountants (MIA)
• Chartered Member of Institute of Internal Auditors Malaysia (CMIIA)
He gained commercial & consulting experience during his employment with few public listed companies and private entities as well as international audit firms namely KPMG, BDO & Grant Thornton, before heading an Internal Audit & Risk Management Department in a utility company.

He is currently the Managing Director of a training company and a shareholder and Executive Director of a reputable consulting company, providing business advisory services which include Business Valuations, Financial Due Diligence for Mergers & Acquisitions, Enterprise Risk Management, Internal Audit Outsourcing and Governance Review.

During his employment with commercial organisations, he has been exposed to Corporate Planning, Securities Market Operations, Financial Management, Office Administration as well as Investment Analysis.

Besides commercial experience, he was exposed to consulting activities while serving the above-mentioned international audit & consulting firms. He has been involved in Corporate Recovery & Insolvencies, Internal Audit, Investigative Audit, Enterprise Risk Management, Development of SOPP, Financial Due Diligence and Business Valuation assignments covering private and public entities in various industries namely construction, property/ hotel management, utilities, manufacturing, plantation, heavy engineering, trading, food & beverages, transportation & logistics, investment holding and government-linked corporations.
PREFACE
I started my journey as an internal auditor in a big 4 international accounting firm. My very first assignment started on my second day at the firm. I was assigned to perform risk-based audit on Procurement, Finance and Strategic Management Departments. I was totally lost and the only reference that I had were working files from the previous audit which actually covering different processes.
I was flipping through the previous working files when my superior told me, “ In 15 minutes, we are going to see the Head of Procurement Department, get your Information Request List ready….”. I was never involved in auditing before, I was doing accounting, costing, administration and corporate planning in my previous employments. I remembered I scribbled few basic documents that I know and passed it to the Vice President of Procurement Department. Definitely I got tonnes of review points when my Manager review my working papers, because it is far from complete. 
I took my own effort to go through the so called “advanced” and the best methodology in the firm’s database. If I look at the methodology now, yes, I would say that the methodology is good and comprehensive. But at that time, as a beginner, of course I would say that it is too complicated. I need to start my assignment immediately, so I need something simple and easy-to-follow as a guide to start my assignment. I don’t have a simple step by step guide which can assist me to immediately audit a process or a department. So, I have to struggle to complete my assignment and learnt through the hard ways.
Based on my past experience, I started drafting a simple step by step guide when I became Head of Internal Audit & Risk Management Services in one of a medium-sized consulting firm. This has been done in view to give a simple and understandable guide to my Internal Audit staff so that they can start to perform their job immediately at an acceptable standard.
This e-book is developed to serve the same purpose, to provide beginners in internal audit profession with a step by step guide to effectively carried out their risk-based audit without going through the hard ways as I did before.
I have developed 5 simple and easy-to-understand steps for readers to learn. By reading and learning from this guide, readers would be able not only to understand the internal audit process, but to deliver a better quality works from what would be expected from beginners.
SO, KEEP READING THE BOOK AND….ALL THE BEST! 
Special thanks to my mother, wife and daughter, for being very supportive in whatever move that I made and for being there with me in all situations and challenges. I may not be what I am today without your support and patience. To my mother, my wife and my daughter….you’re my strength, you’re my motivation. THANK YOU!
STEP 1:
BUSINESS & PROCESS UNDERSTANDING

STEP 1: BUSINESS & PROCESS UNDERSTANDING
Introduction
When you are given a task or an assignment, before you start doing anything, you MUST understand the nature of the business as well as processes that you are required to audit.
I always stressed to my team, please do your RESEARCH & READING! Why I include the word READING?! Because some people are very good in doing research, but they keep the research materials in their working file without reading and understanding the research materials.
This “RESEARCH & READING” step is what distinguished internal auditors from other professionals. Internal Auditors are forced to read and understand multiple business processes in multiple industries in a limited time frame. That requires your focus and commitment but it is worth it considering your bright future.
WHY should I do this? Is it necessary?
Some internal auditors did not perform this step, but GOOD internal auditors definitely would consider this step as necessary. This process gives you an overall understanding of the business and organisation structure. This process would be helpful as it creates the following advantages:
Understanding of environmental factors and business process
Information obtained through this step would assist you to perform a more complete and relevant risk assessment and process analysis (this will be discussed in detail in Step 2: Risk Assessment Process).
Enhance communication with auditee
It helps you to communicate well with your auditee. Remember, as an internal auditor, it is a norms to deal with head of departments and senior people within the organisation. Internal Auditors are no longer “Compliance Officer” who just tick and complete the checklist. We are a consultant. Therefore, basic knowledge on the organisation, the industry and current issues with regards to their business is important to illustrate that we are knowledgeable and fit to advise them. This would enhance the co-operation level of your auditee. FIRST IMPRESSION COUNTS!
Practical solutions & recommendation
One of the challenge to come out with an internal audit report which is considered as a good report, is to include a practical and suitable recommendation which not only to resolve the problem, but to effectively resolve the problem using the recommendation that suits your company/ client’s business nature, financial ability as well as organisational culture and behaviour.
SO what to do? Where shall I start?

How to Understand Auditee’s Business/ Process?
Business Understanding
At this stage, there is no particular focus area to stress on, unless you are focussing on certain specific issue under any ad-hoc or special assignment. Otherwise, it should be a general understanding process of your company/ client’s business and organisation structure. You may consider the following areas of understanding:
What is their business? What products they are selling or what type of services are they offering?
Who are their customers? Their target group or market segmentation?
Who are their competitors?
Who are their suppliers?
How large is their organisation? How many people do they have?
Who is managing the organisation? How they structure the organisation? How many departments do they have?
Where the company is heading? What does it want to achieve?
The industry outlook of the auditee (if available). What would be current or future challenges to the industry?
How much was their annual revenue for the previous year? Is it a profitable business?
Any current issues/ latest news with regards to the organisation and/or its industry.

Process Understanding

Opposite to the business understanding step above where you only have to understand the overview of the business, this step requires you to study in-depth and really understand about the targeted processes. Targeted processes or auditable processes are the processes that you have plan to audit during the visit. The example of processes may be procurement process, manufacturing process, project management process or human resource management.

It is COMPULSORY for you to understand specific processes that you are going to audit. This is an important step that will affect your overall internal audit job from p