- Compliance with legal or regulatory requirements
- Internal control assessment and reporting
- Enterprise risk management
- Quality initiatives
- Transparency and disclosure
- Governance structure and processes
The internal audit activity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives:
- Promoting appropriate ethics and values within the organization
- Ensuring effective organizational performance management and accountability
- Communicating risk and control information to appropriate areas of the organization
- Coordinating the activities of and communicating information among the board, external and internal auditors and management.
Maturity of the governance processes and structure affects internal audit function. Less matured environment would results audit functions performing:
- Discrete audits
- Providing advice regarding optimal structure and practices
- Comparing the current governance structure and practices against regulations and other compliance requirements
More matured environment:
- Evaluating the efficiency and effectiveness of company-wide governance components and whether they work together as expected.
- Analyzing the transparency and disclosure practices among parts of the governance structure
- Comparing governance best practices
- Identifying compliance with applicable statutory and regulatory regulations and governance codes.
It is important to understand that the internal audit activity cannot evaluate management decisions. However, they can serve as catalyst for change and advise or advocate improvements to enhance the organization's governance structure and practices.
Corporate values are generally defined as an organization's standards of behavior. They are small set of general guiding principles that are not to be compromised for financial gain or short-term expediency. The auditors are to promote appropriate ethics and values within the organization. This is accomplished through various assurance and consulting activities.
Corporate values are not typically assessed during routine risk and control evaluations. Instead, self-assessment methods and appropriate audit programs are generally used to measure the comprehension and preservation of corporate values.
In consulting engagement, internal auditors are prohibited from accepting any assignment that does not support the organization's values.
Example of Likert scale formats:
Strongly Disagree > Disagree > Neither agree nor disagree > Agree > Strongly Agree
No comments:
Post a Comment