Transcript Organizational Governance, Embracing Internal Audit's Role
Organizational Governance
Embracing Internal Audit’s Role
www.theiia.org
Presentation Objectives
• The meaning of good governance • The IIA’s governance model • Participants and players • Specific Internal Auditing activities • Steps for embracing Internal
Audit’s role
www.theiia.org
What is Organizational Governance?
Policies, processes, and structures used by an organization to direct and control its activities, to achieve its objectives, and to protect the interests of its diverse stakeholder groups in a manner consistent with appropriate ethical standards.
www.theiia.org
In Other Words…
It (governance) is essentially a function of leadership and direction within an organisation; appropriate risk management and control over its activities; and the manner in which meaningful disclosure relating to its activities is made to shareholders and other stakeholders.
King II Report, 2002 South Africa
www.theiia.org
Governance Ensures The Organization:
− Complies with society’s legal & regulatory
rules
− Satisfies the generally accepted business
norms, ethical precepts, and social expectations of society
− Provides overall benefit to society and
enhances interests of stakeholders
− Reports fully and truthfully to its owners,
regulators, other stakeholders, and general public to ensure accountability for its decisions, actions, conduct , and performance
www.theiia.org
The IIA Corporate Governance Model
Effective
Governance www.theiia.org
Sound Governance Requires Synergy!!!
–Boards of Directors –Management –External Auditors –Internal Auditors www.theiia.org
Board Responsibilities
• Establishes the “tone at the
top”
• Focal point for all governance
activities
• Ultimate accountability • Oversees all organizational
activities, but does not directly manage any of them
www.theiia.org
Senior Management
• Establishes strategic direction and
an entity’s value system (with board oversight)
• Provides assurance of risk
management process, operations monitoring, measurement of results, and implementation of timely corrective actions
www.theiia.org
Operating Management
• Deploys strategy, enforces internal
control, and provides direct supervision for areas under its control
• Accountable to executive management
and ultimately the board for implementing and monitoring the risk management process and establishing effective and appropriate internal control systems
www.theiia.org
External Auditing
• Provides independent
assurance on the financial statement preparation and reporting activities in accordance with applicable regulations and accounting principles
www.theiia.org
Internal Auditing
• Performs assessments to provide
assurance the governance structures and processes are properly designed and operating effectively
• Provides advice on potential
improvements to governance structures and processes
www.theiia.org
What is Internal Auditing’s Role?
• Assessor • Advisor • Advocate • Catalyst www.theiia.org
Standard 2130
IA should assess and make recommendations for improving the governance process:
– Promoting appropriate ethics & values – Ensuring effective performance
management
– Effective communication of risk & control
information
– Effective coordinating of activities &
communication between Board, External Auditors, Internal Auditors & Management
www.theiia.org
Internal Auditing Governance Maturity Model
Consideration of best practices and adaptation to the specific organization – focus on optimization of governance practices and structure Provide advice with focus on governance structure to meet compliance requirements and basic risks of organization Less Structured Perform audits of design and effectiveness of specific governance related processes More Structured
www.theiia.org
Specific Internal Auditing Activities
• Consider assessing the following: – Board Structure, Objectives, and
Dynamics
– Board Committee Functions – The Board Policy Manual – Processes for Maintaining Awareness
of Governance Requirements
www.theiia.org
IA Activities (continued)
• Consider assessing the following: – Education of the Board – Proper Assignment of Accountabilities
and Performance Management
– Communication and Acceptance of
Ethics Policies and Codes of Conduct
– Ethics Investigations and Related
Employee Discipline
– Management Evaluation and
Compensation
www.theiia.org
IA Activities (continued)
• Consider assessing the following: – Recruitment Processes for Senior
Management and Board Members
– Employee Training – Governance Self-assessments – Comparison with Governance Codes or
Best Practices
– External Communications – Oversight of External Audit www.theiia.org
Other Considerations
• Internal Audit’s role in governance
may impair its independence and should be evaluated and if necessary communicated to management and the board.
• If impaired internal audit should
not perform audits or assessments related to this role.
www.theiia.org
Other Considerations (continued)
• Organizational strategies
usually not questioned by the internal auditor may need to be if observed to be inadequate, conflicting or negatively impacting the organization or its stakeholders.
www.theiia.org
Other Considerations (continued)
• Internal auditing must assess
the “big picture” of governance.
www.theiia.org
Other Considerations (continued)
• Governance is changing rapidly
and requires the internal auditor to monitor these changes and evaluate how they impact the role of internal auditing in the future.
www.theiia.org
Other Considerations (continued)
• Internal auditor skills and
competencies should be evaluated before undertaking audits in the governance area.
www.theiia.org
Possible Next Steps
• Discuss options for expanding
internal auditing’s role with the chairman of the board and/or executive management.
• Discuss with other key
stakeholders.
• Develop a broad framework of the
governance structure in the organization, identifying potential areas of weakness or concern.
www.theiia.org
Possible Next Steps (continued)
• Develop a multi-year plan to
develop internal auditing’s role.
• Perform a pilot audit in one of
the previously mentioned activities.
www.theiia.org
IIA Resources
To review the IIA’s Position Paper on Governance and other topics visit The IIA Website at www.theiia.org
. (click on “guidance”).
www.theiia.org