Training Program

Internal Audit



Audit Committee
Governance
Organization

 
Audit Process

Planning
Fieldwork
Reporting
Follow Up
Audit Files
Audit Plan

 

Responsibilities
Quality Assurance
  
 
Training
 
Services Provided
 
  
Administration

 

On-Line Internal Audit Manual
For non-subscribers, to gain limited access to YourIAM, click CONTENT at top of the page, then enter Guest & Guest for Username & Password

 

 

 

 
Other Training Resources
  Standards

 

 Your
Training 		Additional
Training
   
Organization

Organizational Chart:

Who should the Chief Audit Executive (CAE) report to?

Name at least six topics that should be reported on to senior management and the board.

What are some factors you can review when evaluating organizational independence?

What is the distinction between functional and administrative reporting lines?

How often should the CAE meet with the Audit Committee/Governing Authority?

Charter:

Name at least six topics that should be included in the Charter.

What should an evaluation of the purpose, authority and responsibility IAD consider?

What are some activities IAD can take to promote a strong & effective working relationship with audit committee?

What information should be reported to the Audit Committee?

What should the IAD's role be in the organizations risk management process?

What should the Charter include relevant to IAD records? Follow up procedures?

Audit Policies & Procedures:

Is a Department Policy & Procedure manual required?

 

 

 

 

 

 

  

 

 

 

To Index

 

 
Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Governance

Definition:

What is the definition of governance?

What evidence would you examine when evaluating governance?

Responsibilities Internal Audit:

What are the responsibilities for auditing governance?

At a minimum, what should you assess?

What do you evaluate when reviewing the Privacy Policy?

 


    

 

To Index

 

 
Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Services Provided

Internal Auditing:

Name the two primary objectives of internal audit.

What is the definition of internal auditing?

Code of Ethics:

What is the purpose of the Code of Ethics?

What are the four key principles of the Code of Ethics?

Services Provided:

What is the purpose of the Standards?

What are the three types of Standards?

Assurance & Consulting Services:

Describe two differences between consulting and assurance engagements.

For consulting services, what special considerations have to be made for purpose, authority and responsibilities?

Outside Services - Using:

When should consideration be given to "bringing in" outside service providers for assistance?

How do you determine if the outside service provider is qualified?

How do you assess the independence and objectivity of the service provider?

How do you evaluate their scope of work?

What do you consider when selecting an outside service provider?

 




    

 

To Index

 

 
Other Training Resources
  Standards   Your
Training		 Additional
Training
   
Professional Responsibilities

Independence & Objectivity:

Independence & objectivity require no interference relative to what three major internal audit activities?

Can internal auditors assess operations they were previously responsible for?

Name at least three factors that should be considered in exercising due professional care.

When are you considered independent?

What are the requirements for organizational independence?

Name at least five factors that should be considered when evaluating objectivity.

Does performance of non-audit work impair independence and/or objectivity?

Fraud:

What are the fraud responsibilities of the internal auditor?

What is the definition of fraud?

What are some examples of fraud being perpetrated to the detriment of the organization? To the benefit of the organization?

What is the principal mechanism for deterring fraud?

What should you do when you suspect wrongdoing?

What should your fraud investigation procedures involve?

What are your fraud reporting responsibilities?

Conflict of Interest:

Should impairments to independence & objectivity be disclosed, and if so, to whom?

Supervision:

Name two purposes of supervision during audit engagements.

When does supervision begin?

What does supervision include?

What factors determine extent of supervision needed?

Skills:

What should internal audit do if the staff lacks the skills to perform a consulting engagement?










   

 

To Index

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Audit Planning - MACRO/Global

Audit Planning - MACRO/Global:

How frequently should department audit plans be developed?

Name at least two conditions under which consulting engagements should be accepted.

Name at least three factors which should be communicated to senior management and the audit committee when presenting the department audit plan.

What does the audit planning process involve?

What factors should be considered when preparing a work schedule?

Why should the audit plan be flexible?

Audit plan should be designed to ensure coverage from what two perspectives?

Coordination:

What is the purpose of coordination and who should be involved?

Risk Assessment:

Name at least two objectives when evaluating the risk management process?

Name at least two areas that should be examined when evaluating risk exposures relating to governance, operations and information systems.

Based on the results of the risk assessment, what should the internal auditor do next?

What should be done if the level of risk assumed by management is unacceptable?

What should be considered when developing the audit universe and how often should it be reviewed?

What should your role be in the risk management process?

What are the five key objectives that should be addressed by the organizational risk management process?

What should you do if the organization does not have a risk management process?

Staffing:

What should staffing be based on when determining resources need to accomplish the audit plan?

On what basis should human resources be allocated for an audit engagement?

Resource Management:

Name at least two factors which should be evaluated when determining if resources are appropriate for the completion of the audit plan.

What should be considered when developing a department human resources program?

Approval - Audit Plan:

Who should review and approve the audit plan?

Reporting Plan to Executive Management/Board:

What information should be communicated to the board and senior management when presenting the audit plan?

How frequently should activity reports be submitted to senior management and the board?

What information should be included in the activity report?

 



 

    

 

To Index  

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Audit Process - Planning

Audit Plan:

What should be considered when establishing the audit objectives for an engagement?

What four subjects should be clearly defined in the audit engagement plan?

Name at least three items that should be considered when developing the engagement audit plan.

What should be considered when determining if the scope is sufficient to satisfy the audit objectives?

When determining the resources required for the audit, what considerations should be given to staffing?

What should be documented in writing when planning an audit for outside parties?

What should be defined when planning a consulting engagement?

What should be considered when determining resource needs for the audit engagement?

During planning, what should be included in the audit program?

What background information should be accumulated?

What is the purpose of a survey?

What does a survey during planning involve?

Scope of Work:

Name at least three issues that should be considered when determining the scope of work.

What should the scope of work include for an ethics audit?

What should be included in the scope of work when the audit objective is to evaluate organizational goals and objectives?

What defines scope of work?

What are the primary objectives of the management process?

What should be reviewed when evaluating regulatory compliance programs?

What should the scope of work involve for consulting engagements?

What should be included in the scope of work when evaluating the risk management process?

What three determinations should be made when assessing the overall effectiveness of the control process?

What should the scope of work include when evaluating governance?

What would be included in the scope of work when evaluating business continuity?










   

 

To Index

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Audit Process - Fieldwork

Working Papers:

What is the primary purpose of recording relevant information during the audit?

Who can authorize the release of audit files to the external auditor?

What approval is required before releasing audit records to parties outside the organization, other than the external auditor?

How long should audit files be retained?

What audit evidence should be included in the audit file for an engagement?

What should the audit evidence indicate about audit supervision?

What should the department policies include relevant to working papers?




   

 

To Index

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Audit Process - Reporting

Assurance Engagements:

What information should be included in the audit report?

What is required before releasing audit results to parties outside the organization?

What is required if the audit report contains errors or omissions?

If non-compliance with the Standards impacts the engagement, what needs to be disclosed in the audit report?

In the audit report, what should the Purpose include?

What should the Scope description in the audit report include?

What attributes should observations and recommendations be based on?

What is the purpose of the Conclusion(s) in the report?

Are report summaries required?

Background information required in the report?

Is it ever appropriate to issue "separate" reports?

What is the purpose of an interim report?

What should be considered before releasing a report outside the organization?

What procedures are acceptable when reporting sensitive information?

Is whistle blowing action ever appropriate?

Consulting Engagements:

How is the reporting requirements for consulting engagements different than for assurance engagements?

What should the report format include?

Conducted in Accordance with the Standards Statement:

What conditions must be met before a statement can be made in the report that the audit was "... conducted in accordance with the Standards ..."

Report Distribution:

For assurance engagements, who should receive the audit report?

      

 

To Index

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Audit Process - Follow Up

Follow Up:

Name two purposes of a follow up system.

What are the follow up requirements for consulting engagements?

What should follow up procedures include?

 

    

 

To Index

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Audit Files

Controlling & Retention:

How long should audit files be retained?

Who should control access to audit files?

What should working paper policies include?

 

    

 

To Index 

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Reporting - Audit Committee

Senior Management & Audit Committee:

What additional information is provided the Audit Committee and senior management when reporting the audit plan for review and approval?

What information should be reported periodically to the Audit Committee and senior management?

Who should the Chief Audit Executive (CAE) report to?

What is the difference between functional and administrative reporting?

How often should the CAE meet with the Audit Committee/Governing Authority?

How frequently should activity reports be submitted to senior management and the Audit Committee?

What information should be included in the activity reports submitted to senior management and the Audit Committee?

External of Organization:

What should the CAE (Chief Audit Executive) do before reporting information to parties outside the organization?

What should be included in organizational policies for reporting outside the organization?

What should be considered when reporting outside the organization?


   

 

To Index

 

  Other Training Resources
  Standards   Your
Training		 Additional
Training
   
Quality Assurance

Quality Assurance & Improvement Program:

What are the objectives of a quality assurance & improvement program?

What information should the quality assurance & improvement program focus on?

Internal Assessments:

What do internal assessments include?

What specifically may an internal assessment evaluate?

To whom are the review results reported?

External Assessments:

How often are external assessments required?

What is included in the scope of an external assessment?

What are the requirements of an external reviewer?

To whom are the final results reported?

Assessment With Independent Validation:

Does an internal assessment with independent validation qualify as an "external" assessment?

What are the reporting requirements?

 

    

 

To Index 

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Training

Policy:

What is the general purpose of a training program?

What are the key elements of a department training program?


   

 

To Index

 

  Other Training Resources
  Standards

 

 Your
Training		 Additional
Training
   
Administration

 



   

 

To Index

 
Audit Services Tel:615-790-9858 Fax: 775-256-4946
PO Box 681387, Franklin, TN 3706
Email: roger@auditservices.com
©2009 Audit Services