INTERNAL AUDIT DEPARTMENT POLICIES & PROCEDURES

 

Insert Your P&P Manual Here

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

3 Your Internal Audit Department Charter. 4

Insert your Charter

XYX Organization

Charter
Internal Audit 

Purpose:

Internal Audit is an independent and objective assurance and consulting activity guided by a philosophy of adding value and improving operations of XYZ Organization.  Internal Audit accomplishes its objectives by bringing a systematic and disciplined approach to evaluating and improving of the organization’s risk management, control, and governance processes. 

The independent and objective services provided by Internal Audit include evaluating and promoting the accomplishment of the goals and mission of XYZ Organization in:

(Insert Goals & Mission of XYZ Organization)

Practices: Internal Audit practices are governed by:

• International Standards for the Professional Practice of Internal Auditing
  
• Code of Ethics, The Institute of Internal Auditors
• etc.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Corporation Audit Committee Charter 57

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Internal Audit Department Vision

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

Internal Audit Roles and Responsibilities

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

Independence And Objectivity - Insert Your Position

Independence:

All internal audit activities shall remain free of influence by any element in the organization relative to matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of an independent and objective mental attitude necessary in reporting.   .........................

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Impairment

Insert Your Position ...

Any impairments to independence and objectivity are to be reported to the XYZ Organization CEO and the Audit Committee.  Internal Auditors do not assume management responsibilities nor have direct ..................

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Skills And Competence

Insert your requirements ..........

Example:

................ should possess knowledge, skills, and other competencies needed individually and collectively possess or obtain the knowledge, skills, and other competencies needed

• apply internal auditing standards, procedures, and techniques.
• proficiency in accounting principles and techniques – if doing financial audits.
• understand management principles ........

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Subject Matter Experts

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Reasonable Professional Care

Insert your requirements ... Engagements should be performed with proficiency and due professional care.

• responsibility of CAE and each auditor
• CAE to ensure persons assigned to audit have necessary knowledge, skills, and other competencies .......

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Confidentiality

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Standards of Audit Practice ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Audit Methodology

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Types of Engagements

The scope of Internal Audit encompasses the examination and evaluation of the adequacy and effectiveness of the organization’s governance, risk management process, system of internal control structure, and the quality of performance in carrying out assigned responsibilities to achieve the organization’s stated goals and objectives.  It includes:

Insert Scope of Audit Activities)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Assurance Services

XXXXXXXXXXXXXXXXXXXXX

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Consulting Services

XXXXXXXXXXXXXXXXXXXXXXXX

 

 

 

 

 

 

 

 

 

 

 

 

 

ASSURANCE SERVICES

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Selecting Audits etc.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Control Self Assessments

xxxxxxxxxxxxxxxxxxxxxx

 

Planning the Audit

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

Contact List

xxxxxxxxxxxxxxxxxxxxxxxxxxxxx

EXHIBIT:

 

Audit Planning Steps

xxxxxxxxxxxxxxxxxxxxxxxxx

 

Audit Tracking

xxxxxxxxxxxxxxxxxxxxxxxxxx

 

Preliminary Survey

  xxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Evaluation of Internal Control

xxxxxxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxxxxxxxx

Fraud Awareness

EXHIBIT:

 xxxxxxxxxxxxxxxxxxxxx

 

Determine Audit Objectives, Procedures, and Scope

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Obtain an Understanding of the Auditable Entity

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Meeting Notes

xxxxxxxxxxxxxxxxxxxxxxxxxxx  

 

Analytical Procedures and Computer Assisted Auditing Techniques

xxxxxxxxxxxxxxxxxxxxxxxxxxxx

Audit Planning Memorandum

xxxxxxxxxxxxxxxxxxxxxxxxxxx

Audit Program

xxxxxxxxxxxxxxxxxxxxxxxxxxx

Audit Budget

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Audit Engagement Letter

xxxxxxxxxxxxxxxxxxxxxx

Audit Entrance Meeting

xxxxxxxxxxxxxxxxxxxxxxx

Fieldwork

xxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Use of Analytical Procedures and CAATs during Fieldwork

xxxxxxxxxxxxxxxxxxxxxxx

Data Request Log

xxxxxxxxxxxxxxxxxxxxx

General Guidelines for the Preparation of Work Papers

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Status Reporting

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Engagement Supervision

xxxxxxxxxxxxxxxxxxxxxxx

Work Paper Review Notes

xxxxxxxxxx

 

Exit Conference

xxxxxxxxxxxxxxxxxxxxxxxxxxx

Written Communication

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Dissemination of Internal Audit Work Product

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Disagreement with Client’s Risk Appetite

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Wrap Up

xxxxxxxxxxxxxxxxxxxxxxxxxxxx

Project Wrap Up Steps

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Client Feedback Survey

xxxxxxxxxxxxxxxxxxxxxxxxxxx

Audit Staff Evaluations

xxxxxxxxxxxxxxxxxxxxxx

Record Retention Policy

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

Follow-Up

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Consulting Services

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Quality Assessment and Improvement Program

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

External Review

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Self Assessment with Independent Validation

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Internal Assessment

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx