Basic Principals Governing Internal Audit (SIA-2)

156 Page Views
Basic Principals Governing Internal Audit (SIA-2)
  • Integrity, Objectivity and Independence: The internal auditor should be straightforward, honest and sincere in his approach to his professional work.
  • Confidentiality: The internal auditor should maintain the confidentiality of the information and should not disclose such information to a third party, including the employees, without the specific authority of client or unless there is a legal or a professional responsibility to do so.
  • Due Professional Care, Skills and Competence: Due professional care signifies that the internal auditor exercises reasonable care in carrying out the work entrusted to him in terms of deciding on materiality of the matters subjected to internal audit, assessment of risk management, control and governance processes and cost benefit analysis etc.
  • Work Performed by Others:
    • The internal auditor should carefully direct, supervise and review the work delegated to assistants.
    • Similarly, if he uses the work performed by other auditors or experts, he should exercise adequate care evaluating, analysing and using the results of the work performed by the experts.
  • Documentation: The internal auditor should document matters, to support his findings or the report submitted by him (compliance with SIA).
  • Planning: Internal audit plan would normally cover aspects such as
    • Obtaining the knowledge of the legal and regulatory framework of entity
    • Obtaining the knowledge of the entity’s accounting and internal control’s
    • Determining the effectiveness of the internal control’s adopted by the entity;
    • Identifying and allocating staff to each of the above activities;
    • Determining the nature, timing and extent of procedures to be performed;
    • Setting the time budget for each of the above activities;
    • Identifying the reporting responsibilities; and
    • Benchmark of results, actual time spent, the cost incurred would be measured.
  • Evidence: The internal auditor should obtain sufficient appropriate evidence to enable him to draw reasonable conclusions therefrom on which to base his opinion or findings.
  • Internal Control and Risk Management Systems: While the management is responsible for establishment and maintenance of same, the role of the internal auditor is to suggest improvements to those systems. For this purpose, the internal auditor should:
    • Obtain an understanding of the risk management and internal control framework established and implemented by the management.
    • Perform steps for assessing the adequacy of the framework developed in relation to the organisational set up and structure.
    • Review the adequacy of the framework.
    • Perform risk-based audits on the basis of risk assessment process.

Reporting: The internal auditor should carefully review and assess the conclusions drawn from the audit evidence obtained, as the basis for his findings contained in his report and suggest remedial action.

©2018 TaxGuruPRO


Log in with your credentials


Forgot your details?


Create Account