Essential Guide to Internal Auditing

Read more

Informationen zum Autor K.H. Spencer Pickett has an international reputation as a leading author on the subject of internal auditing and specializes in the development of E-learning resources. Klappentext In recent years the field of internal auditing has undergone significant changes. Auditors no longer spend all of their time preparing detailed reports on low-level problems for junior operational managers; instead they focus on the high-level risks to organizations and present their findings to executive boards and audit committees. They are expected to work with and alongside busy managers to enable them to identify and manage risks to their organizations, while retaining a degree of independence so as to ensure the professional scepticism so essential to the audit role.Previously published as The Essential Handbook of Internal Auditing, this book has been completely revised to comply with the Institute of Internal Auditor's (IIA) International Standards for the Professional Practice of Internal Auditing, released during 2009. Drawing on his extensive experience of internal audit, K.H. Spencer Pickett clarifies the new audit context and shows how this context fits into the wider corporate governance, risk management and internal control arenas, providing a comprehensive guide to the theory and practice of internal auditing.KEY FEATURES* Covers the new standards for internal audit issued by the IIA.* Defines the new role of auditors in corporate governance, risk management and internal controls.* Provides practical advice on the essentials of auditing, including professional standards, different audit approaches, the management of internal audit, planning, performance and reporting audit work and specialist areas such as fraud and information system (IS) auditing.* Is supported by a book companion web site at www.wiley.com/go/pickett Zusammenfassung The 2nd edition of The Essential Handbook of Internal Auditing is a condensed version of the highly successful Internal Auditing Handbook . It shows the reader how to understand the audit context and how this context fits into the wider corporate agenda. Inhaltsverzeichnis List of Abbreviations xi 1 Introduction 1 Introduction 1 1.1 Reasoning behind the Book 2 1.2 The IIA Standards and Links to the Book 3 1.3 How to Navigate around the Book 4 1.4 The Essential Guide as a Development Tool 7 1.5 The Development of Internal Auditing 7 Summary and Conclusions 11 Endnotes 12 2 Corporate Governance Perspectives 13 Introduction 13 2.1 The Agency Model 14 2.2 Corporate Ethics and Accountability 17 2.3 International Scandals and Their Impact 20 2.4 Models of Corporate Governance 26 2.5 The Institute of Internal Auditors 31 2.6 The External Audit 33 2.7 The Audit Committee 39 2.8 Internal Audit 42 2.9 The Link to Risk Management and Internal Control 43 2.10 Reporting on Governance, Risk and Internal Controls 44 2.11 New Developments 48 Summary and Conclusions 53 Endnotes 56 3 Managing Risk 59 Introduction 59 3.1 What is Risk? 60 3.2 The Risk Challenge 61 3.3 Risk Management Process 63 3.4 Mitigation through Controls 66 3.5 Risk Registers and Appetites 69 3.6 The Risk Policy 74 3.7 Enterprise-Wide Risk Management 79 3.8 Control Self-Assessment 81 3.9 Embedding Risk Management 82 3.10 The Internal Audit Role in Risk Management 82 3.11 New Developments 86 Summary and Conclusions 89 Endnotes 92 4 Internal Controls 95 Introduction 95 4.1 Why Controls? 96 4.2 Control Framework - COSO 104 4.3 Control Framework - CoCo 109 4.4 Other Control Models 111 4.5 Links to Risk Management 113

List of contents

List of Abbreviations.
 
1 Introduction.
 
Introduction.
 
1.1 Reasoning behind the Book.
 
1.2 The IIA Standards and Links to the Book.
 
1.3 How to Navigate around the Book.
 
1.4 The Essential Guide as a Development Tool.
 
1.5 The Development of Internal Auditing.
 
Summary and Conclusions.
 
Endnotes.
 
2 Corporate Governance Perspectives.
 
Introduction.
 
2.1 The Agency Model.
 
2.2 Corporate Ethics and Accountability.
 
2.3 International Scandals and Their Impact.
 
2.4 Models of Corporate Governance.
 
2.5 The Institute of Internal Auditors.
 
2.6 The External Audit.
 
2.7 The Audit Committee.
 
2.8 Internal Audit.
 
2.9 The Link to Risk Management and Internal Control.
 
2.10 Reporting on Governance, Risk and Internal Controls.
 
2.11 New Developments.
 
Summary and Conclusions.
 
Endnotes.
 
3 Managing Risk.
 
Introduction.
 
3.1 What is Risk?
 
3.2 The Risk Challenge.
 
3.3 Risk Management Process.
 
3.4 Mitigation through Controls.
 
3.5 Risk Registers and Appetites.
 
3.6 The Risk Policy.
 
3.7 Enterprise-Wide Risk Management.
 
3.8 Control Self-Assessment.
 
3.9 Embedding Risk Management.
 
3.10 The Internal Audit Role in Risk Management.
 
3.11 New Developments.
 
Summary and Conclusions.
 
Endnotes.
 
4 Internal Controls.
 
Introduction.
 
4.1 Why Controls?
 
4.2 Control Framework - COSO.
 
4.3 Control Framework - CoCo.
 
4.4 Other Control Models.
 
4.5 Links to Risk Management.
 
4.6 Control Mechanisms.
 
4.7 Importance of Procedures.
 
4.8 Integrating Controls.
 
4.9 The Fallacy of Perfection.
 
4.10 The Complete Control Model.
 
4.11 New Developments.
 
Summary and Conclusions.
 
Endnotes.
 
5 The Internal Audit Role.
 
Introduction.
 
5.1 Defining Internal Audit.
 
5.2 The Four Main Elements.
 
5.3 The Audit Charter.
 
5.4 Audit Services.
 
5.5 Independence.
 
5.6 Audit Ethics.
 
5.7 Police Officer versus Consultant.
 
5.8 Managing Expectations through Web Design.
 
5.9 Audit Competencies.
 
5.10 Training and Development.
 
5.11 New Developments.
 
Summary and Conclusions.
 
Endnotes.
 
6 Professionalism.
 
Introduction.
 
6.1 Audit Professionalism.
 
6.2 Internal Auditing Standards.
 
6.3 Due Professional Care.
 
6.4 Professional Consulting Services.
 
6.5 The Quality Concept.
 
6.6 Supervision.
 
6.7 Internal Review.
 
6.8 External Reviews.
 
6.9 Marketing the Audit Role.
 
6.10 Creating the Audit Image.
 
6.11 New Developments.
 
Summary and Conclusions.
 
Endnotes.
 
7 The Audit Approach.
 
Introduction.
 
7.1 The Risk-Based Systems Approach.
 
7.2 Control Risk Self-Assessment (CRSA).
 
7.3 The CRSA Process.
 
7.4 Integrating Self-Assessment and Audit.
 
7.5 Fraud Investigations.
 
7.6 Information Systems Auditing.
 
7.7 Compliance.
 
7.8 Value for Money (VFM).
 
7.9 The Consulting Approach.
 
7.10 The 'Right' Structure.
 
7.11 New Developments.
 
Summary and Conclusions.
 
Endnotes.
 
8 Setting an Audit Strategy.