August 2013
Intermediate to advanced
304 pages
7h 3m
English
Content preview from Audit Planning: A Risk-Based Approach
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
8
A HOLISTIC APPROACH TO RISK-BASED AUDIT PLANNING
The audit work performed during the year should obtain sufficient information to enable an evaluation of the system of controls and the formulation of an opinion.
—IIA Practice Advisory 2120.A1-1
INTRODUCTION
This final chapter attempts to summarize and draw together all the material we have discussed in the previous chapters. In this way, we can formulate a holistic approach to risk-based audit planning and use this to feed into appendix A where we provide a best practice checklist. It is a good idea to repeat the definition of internal auditing before we draft the first stage of our final model:
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.1
A risk-based approach to audit planning simply means that the audit resource is focused on those aspects of the business that are key to its success. This is a concept that is aimed at shifting the audit process onto the boardroom's agenda and so allows the auditors to audit new horizons.
HOLISTIC RISK-BASED AUDIT PLANNING MODEL: PHASE ONE
Our first model looks as in Figure 8.1.
Each aspect of the model is described in the following paragraphs.
Corporate Governance Arrangements
The organization's governance ...