Boynton SM Ch.21

CHAPTER 21 INTERNAL, OPERATIONAL AND GOVERNMENTAL AUDITING Learning Check  21-1 21-1..

a.

 b.

21-2 21-2.. a.

 b.

Inte Intern rnal al audit auditin ing g is is a mana managem gemen ent, t, rath rather er than than an accou account ntin ing, g, func functi tion on.. Inte Intern rnal al auditing is an important part of the monitoring component co mponent of an entity's internal controls established by management. It is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization. he scope of internal auditing extends to all of an entity's activities. he primary primary  beneficiary of internal auditing is the entire organization. o beco become me a cert certif ifie ied d int inter erna nall aud audit itor or !"I# !"I#$, $, an indi indivi vidua duall mu must st pass pass the the "I# "I# examination and have a minimum of two years of experience as an internal auditor or the e%uivalent. o retain retain the certificate, the "I# must comply with the Institute of Internal Internal #uditor's #uditor's !II#$ practice standards and code of ethics and meet continuing professional education re%uirements.

21-& 21-&.. a.

he ob he obec ecti tive ve of inte intern rnal al audi auditi ting ng is to assi assist st memb member erss of of an an org organ aniz izat atio ion n in in the the effective discharge of their responsibilities. his includes promoting effective control throughout the organization at reasonable cost.

 b.

(isagree. he scope of internal auditing includes all of the following that encompasses compliance and operational audits as well as financial statement audits) • *eviewing the reliability and integrity of financial and op erating information and the means used to identify, measure, classify, classify, and report such information. • *eviewing the systems established to ensure compliance with those policies,  plans, procedures, laws, and regulations that could have a significant impact on operations and reports, and determining whether the organization is in compliance. • *eviewing the means of safeguarding assets and, as appropriate, verifying the existence of such assets. • #ppraising the economy and efficiency with which resources are employed.

+olutions anual to Modern Auditing: "opyright © 2, /ohn 0iley 0iley and +ons, Inc.

21-1

*eviewing operations or programs to ascertain whether results are consistent with established obectives and goals and whether the operations or programs are  being carried out as planned. wo pri prima mary ry sets sets of stan standar dards ds in the the new new II# II# rof rofes essi sion onal al rac racti tice cess 3ra 3rame mewo wor4 r4 are) are)  Attribute Standards that address the characteristics of organizations and individuals performing internal audit services.  Performance Standards that describe the nature of internal audit services and  provide %uality criteria against which the performance of these services can be measured.

•

21- 21-.. a.





In addition, detailed Implementation Standards that explain how to apply the attribute and performance standards to specific types of services !e.g., a compliance audit, a fraud investigation, a control self-assessment proect$.  b.

here are four categories of attribute standards as follows) • Purpose, Authority, and Responsibility: he purpose, authority, and responsibility of the internal audit activity should be formally defined in a charter, consistent with the +tandards, and approved by the board the board.. • Independence and Objectivity: he internal audit activity should be independent, and internal auditors should be obective in performing their wor4. • Proficiency and ue Professional Care: 5ngagements should be performed with proficiency and due professional care. • !uality Assurance and I"prove"ent Progra": he chief audit executive should develop and maintain a %uality assurance and improvement program that covers all aspects of the internal audit activity and continuously monitors its effectiveness. his program includes periodic internal and external %uality assessments and ongoing internal monitoring. monitoring. 5ach part of the program should  be designed to help the internal auditing activity add value and value and improve the organization6s organization6s operations and to provide assurance that the internal audit activity is in conformity conformity with the the +tandards and the "ode of 5thics. here are seven categories of performance standards as follows) executive should • #anaging the Internal Audit Activity: he chief audit executive should effectively manage the internal audit activity to ensure it adds value to value to the organization. an d contribute to %ork: he internal audit activity should evaluate and • $ature of %ork: the improvement of ris4 management, control, and governance processes using a systematic and disciplined approach& • 'ngage"ent Planning: Internal auditors should develop and record a plan for each engagement, including the scope, obectives, timing and resource allocations. • Perfor"ing the 'ngage"ent: Internal auditors should identify, analyze, evaluate, and record sufficient information to achieve the engagement's obectives.

+olutions anual to Modern Auditing: "opyright © 2, /ohn 0iley 0iley and +ons, Inc.

21-2

• • •

Co""unicating Results: Internal auditors should communicate the engagement results. #onitoring Progress: he chief audit executive should establish and maintain a system to monitor the disposition of results communicated to management. #anage"ent(s Acceptance of Risks: 0hen the chief audit executive believes that senior management has accepted a level of residual ris4 that may be unacceptable to the organization, the chief audit executive should discuss the matter with senior management. If the decision regarding residual ris4 is not resolved, the chief audit executive and senior management should report the matter to the board for resolution.

21-. he II#'s II#'s concept of independe independence nce differs differs from the the #I" #I"#' #'ss because interna internall auditors auditors are employees of the companies they audit. Independence for the internal auditor is achieved through organizational status and obectivity. Independence is enhanced when the director o f  internal auditing !1$ is responsible to an individual with sufficient authority to ensure broad audit coverage and ade%uate consideration of audit recommendations and !2$ has direct communication with the board of directors or audit committee. 21-7. a.

#gree. 8perational auditing is a systematic process of evaluating an organization's effectiveness, efficiency, efficiency, and economy econo my of operations under un der management's control and reporting to appropriate persons the results of the evaluation along with recommendations for improvement.

 b.

his is true in that the scope pertains to the organization's organization's operations or activities.  9ormally,  9ormally, however, operational auditing pertains to a nonfinancial activity activity such as matching, production, and so on.

21-:. 21-:.

a.

 b.

21-; 21-;.. a.

he phases phases of an operati operationa onall audit audit are) are) !1$ select selecting ing the audit, audit, !2$ planni planning ng the audit, audit, !&$ performing the audit, !$ reporting the findings to management, and !$  performing follow-up. he principal differences between an operational audit and a financial statement audit are Phase Operational Audit )inancial *tate"ent Audit Initial +elect auditees #ccept client *eporting o management o stoc4holders ost-reporting erform follow up 9 on e he audi he audito tor' r'ss res respo pons nsib ibil ilit ity y in in sele select ctin ing g the the audi audite teee is is to to iden identi tify fy the the activ activit itie iess tha thatt have the highest h ighest audit potential for improving the effectiveness, efficiency, and economy of operations. he auditor discharges this responsibility through a  preliminary study !or survey$ that includes • *eviewing bac4ground file data on each audited. ouring uring the auditee's facilities to ascertain how it accomplishes its obectives. • o

+olutions anual to Modern Auditing: "opyright © 2, /ohn 0iley 0iley and +ons, Inc.

21-&

•

• • •

 b

+tudying relevant documentation about the auditee's operations such as policies and procedures manuals, flowcharts, performance and %uality control standards, and ob descriptions. Interviewing the manager of the activity !often called the entry interview$ about specific problem areas. #pplying analytical procedures to identify trends and unusual un usual relationships. "onducting mini audit probes !or tests$ to confirm or clarify the auditor's understanding of potential problems.

he auditor's responsibility in reporting the findings is is to issue an audit report that contains • # statement of the obectives and scope of the audit. • # general description of the wor4 done in the examination. • # summary of the findings. • *ecommendations for improvement. • "omments of the auditee. he auditor's findings should basically result in constructive criticism.

21-nder the the +ingl +inglee #udi #uditt #ct #ct,, the the audi audito torr is re%ui re%uire red d to dete determ rmin inee whet whether her the the organization has complied with laws and regulations that !1$ may have a material effect on its financial statements and !2$ pertain to each maor a nd such additional nonmaor federal nonmaor  federal financial assistance programs as re%uired to cover at least   percent of the total federal financial assistance program expenditures.

 b.

!1$ 3or each maor federal financial assistance program, the auditor has the responsibility to test compliance with nine general re%uirements. !2$ 3or nonmaor  programs, the responsibility for testing testing is limited to transactions selected by the auditor as part of the procedures applied a pplied to obtain an understanding of the internal control structure, test controls, and assess control ris4.

Cases 21-2