VIEWS: 16 PAGES: 5 POSTED ON: 4/14/2010
A ROLE OF INTERNAL AUDITOR & AUDIT COMMITTEE Compiled by: Muhammad Faisal Siddiqui Internal Audit Officer Brookes Pharmaceutical Laboratories (Pakistan) Limited Stage: P-I Institute of Cost & Management Accountants of Pakistan If silence is golden, speech is platinum. It bears testimony to this fact and for that matter spreads wisdom, dispels ignorance, ventilates our own country is a classic example of it. grievances, stimulates curiosity, lightens the spirits and lessens the fundamental loneliness Requirement of Internal Auditor of the soul. according to CCG As per CCG ―There shall be an internal audit A ABJECT function in every listed company. The head of U ULTERIOR internal audit shall have access to the chair of the D DISCREPANCY Audit Committee. All listed companies shall I IS ensure that internal audit reports are provided for T THROWN AWAY the review of external auditors. The auditors shall discuss any major findings in relation to the With increasing attention to financial reporting - reports with the Audit Committee, which shall by legislators, regulators, security analysts, report matters of significance to the Board of institutional investors, and others – the roles of Directors". boards of directors, audit committees, corporate management, and external and internal auditors Appointment & Qualification of are changing. The relationships between these entities are being reshaped by legislation and Internal Audit regulations. The process of identifying emerging There is a weakness in CCG that the principles, practices, and tools for the internal qualification of Internal Auditor is not auditor's role in internal controls over financial mentioned so can any one be Internal Auditor? reporting is defined by Securities and Exchange The answer is no. Then who are eligible for this Commission of Pakistan (SECP) as Code of post? The eligible ones are the qualified Corporate Governance (CCG). members of ICMAP, IIA, ICAP and other accounting bodies’ members. Code of Corporate Governance (CCG) Governance is a buzz word today. At times, Audit Committees though, it may not precisely be understood. For a Audit committees and internal auditors have common understanding, it may be the process common goals. A good working relationship which is employed to run government state with internal auditors can assist the audit affairs encompassing entire spectrum of committee in fulfilling its responsibility to the activities, they may be administrative, legal, board of directors, shareholders, and other religious, socio-political, economic or others. outside parties. This position statement summarizes the appropriate relationship between In the contemporary political thought, it is audit committees and internal auditing. Audit governance process which leads to overall committee responsibilities encompass activities national development, in particular, economic which are beyond the scope of this statement, development. Economic development is and in no way intends it to be a comprehensive unimaginable and cannot even be dreamed off description of audit committee responsibilities. without there-being 'good governance' in place. It is such an essential ingredient that without it Every public company have an audit committee even the on-going development process would organized as a standing committee of the board get retarded. Contemporary political history of directors. The establishment of audit committees in other organizations is encouraged, Composition of Audit Committee including not-for-profit and governmental According to CCG ―The Board of Directors of bodies. every listed company shall establish an Audit Committee, which shall comprise not less than The primary responsibilities of the audit three members, including the chairman. Majority committee should involve assisting the board of of the members of the Committee shall be from directors in carrying out its responsibilities as among the non-executive directors of the listed they relate to the organization's accounting company and the chairman of the Audit policies, internal control, and financial reporting Committee shall preferably be a non-executive practices. The audit committee should establish director. The names of members of the Audit and maintain lines of communication between Committee shall be disclosed in each annual the board and the company's independent report of the listed company‖. auditors, internal auditors, and financial management. Frequency of Meetings The Audit Committee of a listed company shall The audit committee should expect internal meet at least once every quarter of the financial auditing to examine and evaluate the adequacy year. These meetings shall be held prior to the and effectiveness of the organization's systems approval of interim results of the listed company of internal control and the quality of by its Board of Directors and before and after performance in carrying out assigned completion of external audit. A meeting of the responsibilities. Internal auditing may be used as Audit Committee shall also be held, if requested a source of information to the audit committee by the external auditors or the head of internal on major frauds or irregularities as well as audit. company compliance with laws and regulations. Attendance at Meetings To ensure that internal auditors carry out their As described in CCG ―The CFO, the head of responsibilities, the audit committee should internal audit and a representative of the external approve and periodically review the internal auditors shall attend meetings of the Audit audit charter, a management-approved document Committee at which issues relating to accounts which states internal audit's purpose, authority, and audit are discussed. and responsibility. The audit committee should Provided that at least once a year, the Audit review annually the internal audit department's Committee shall meet the external auditors objectives and goals, audit schedules, staffing without the CFO and the head of internal audit plans, and financial budgets. The director of being present. internal auditing should inform the audit Provided further that at least once a year, the committee of the results of audits, highlighting Audit Committee shall meet the head of internal significant audit findings and recommendations. audit and other members of the internal audit The audit committee should also determine function without the CFO and the external whether internal audit activities are being carried auditors being present‖. out in accordance with the CCG. To help assure independence, the director of Authority internal auditing should have direct The audit committee has authority to conduct or communication with the audit committee. The authorize investigations into any matters within director should attend audit committee meetings its scope of responsibility. It is empowered to: and meet privately with the audit committee at Appoint, compensate, and oversee the least annually. Independence is further enhanced work of any registered public accounting when the audit committee concurs in the firm employed by the organization. appointment or removal of the director of Resolve any disagreements between internal auditing. management and the auditor regarding financial reporting. Pre-approve all auditing and non-audit services. Retain independent counsel, accountants, approach. Where there are gaps, the two or others to advise the committee or approaches should be creatively reconciled. assist in the conduct of an investigation. Perhaps the same audit projects, but with Seek any information it requires from modified tools/techniques, would do the job. employees — all of whom are directed to Perhaps a few lower-risk audits can be replaced. cooperate with the committee's requests Or there may be other options. — or external parties. -Audits performed in the recent past or planned Meet with company officers, external for the near future can be taken into auditors, or outside counsel, as consideration. Everything does not have to be necessary. covered every year, as long as the overall assurance is reasonable. Responsibilities Of IA & AC -Some of the categories will be more important • Consider an Annual Opinion on Internal than others for a given organization and a given Control point in time. If the HIA chooses to give an Internal audit should be the CEO and CFO’s best opinion on all three Objectives, for example, this source of assurance about internal control. If does not mean devoting 1/3 of audit time to these officers must stand behind an entity-wide Operations, 1/3 to Finance, and 1/3 to opinion, it only makes sense that they ask for the Compliance. It means giving enough coverage to HIA opinion. each Objective and Component—based on the HIA who want to form an entity-wide opinion real-world risks facing the organization—to might want to consult this study, which goes into enable the year-end opinion on internal control. more depth than we can here. The audit plan, of course, changes throughout The first step is to base the annual audit plan on the year, as risks and audit resources change. the control model. This should not replace a risk- • Consider Audits of Specific Financial based audit plan. The organization’s major risks Control Processes should always be the primary driver of internal The audit department might want to do annual audit activities. Rather, it should come after the audits of specific processes that are central to risk assessment, to ensure that audit coverage financial reporting and disclosure. What these will support an opinion on control for the processes are will vary from organization to organization as a whole. The basic steps are: organization. Examples are Inventory, Accounts 1. Use the existing risk assessment process to Receivable, Accounts Payable, the Closing identify the organization’s major risks. Process, Sales, Purchases, and Authorizations. 2. Identify audits and other assurance projects to Consider the effectiveness of the company's address the risks. internal control system, including 3. Identify the Objectives and Components that information technology security and control. will be covered in these audit projects, and to Understand the scope of internal and external what extent each will be covered. Depending on auditors' review of internal control over the organization, this might be done informally, financial reporting, and obtain reports on or by writing the names of projects, or by coding significant findings and recommendations, at a more detailed level. together with management's responses. 4. Based on this analysis, estimate the extent of Review with management and the chief audit coverage for each cell (e.g., heavy, moderate, executive the charter, plans, activities, light, none) staffing, and organizational structure of the 5. Re-think potential assurance projects. Will the internal audit function. coverage support an opinion on internal control Ensure there are no unjustified restrictions or at the end of the year, with legitimate audit limitations, and review and concur in the evidence for each category that falls within the appointment, replacement, or dismissal of organization’s chosen scope? If not, how can the the chief audit executive. plan be modified to provide the needed Review the effectiveness of the internal audit coverage? function. In performing this analysis, several things should On a regular basis, meet separately with the be kept in mind: chief audit executive to discuss any matters -The approach should not override the risk-based that the committee or internal audit believes should be discussed privately. Corporate Governance The responsibility of audit committees in the As far as Audit Committees are concerned they area of corporate governance is to provide generally exercise responsibility in three assurance that the corporation is in reasonable important areas: compliance with pertinent laws and regulations, Financial reporting. is conducting its affairs ethically, and is Corporate governance. maintaining effective controls against employee Corporate control conflict of interest and fraud. The specific steps involved in carrying out this Financial Reporting responsibility include: The responsibility of audit committees in the Reviewing corporate policies relating to area of financial reporting is to provide compliance with laws and regulations, assurance that financial disclosures made by ethics, conflict of interest, and the management reasonably portray the company's: investigation of misconduct and fraud. 1) financial condition; 2) results of operations; Reviewing current/pending litigation or and 3) plans and long-term commitments. regulatory proceedings bearing on The specific steps involved in carrying out this corporate governance in which the responsibility include: corporation is a party. Recommending the independent Reviewing significant cases of employee accountants. conflict of interest, misconduct, or fraud. Overseeing the external audit coverage, Requiring the internal auditor to report in including: writing annually the scope of the reviews Auditor engagement letters. of corporate governance and any Estimated fees. significant findings. Timing of auditor visits. Coordination with internal CORPORATE CONTROL auditing. The responsibility of audit committees for Monitoring of audit results. corporate control includes an understanding of the company's key financial reporting risk area Review of auditor performance. and system of internal control. The committee Review of non audit services. should monitor the control process through Reviewing accounting policies internal auditing. and policy decisions. "The scope of the internal audit should Examining the financial statements, encompass the examination and evaluation of including: the adequacy and effectiveness of the Interim financial statements. organization's system of internal control and the Annual financial statements, quality of performance in carrying out assigned auditors' opinion, and responsibilities." The internal auditing is management letters. required to: Other reports requiring approval Review the reliability and integrity of by the board of directors prior to financial and operating information and submission to the Securities and the means used to identify, measure, Exchange Commission or other classify and report such information. government agencies. Review the systems established to ensure With respect to the review of accounting policies compliance with those policies, plans, and policy decisions, a useful approach would be procedures, laws, and regulations which to require from the chief accounting officer a could have a significant impact on concise summary of all significant accounting operations and reports. policies underlying the financial statements. This Review the means of safeguarding assets summary should be updated as necessary and and, as appropriate, verify the existence reviewed by both the independent accountants of such assets. and the internal auditor. Appraise the economy and efficiency with which resources are employed. Review operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned. Significant Development in CCG There are two significant developments in CCG which made Internal Auditors more Powerful: Internal Auditor functionality reports to Chairman of Audit Committee - which is composed of Board of Directors. Chief Executive can not force Internal Auditor to pass any thing rather he has to comply with Internal Auditor. Now Internal Auditor not only has to check Accounts but also he has to keep an eagle eye on CFO, CEO, Secretary and Board of Directors regarding their workings, policies and decisions. He also has to verify the implementation of the policies. The second significant development is that now it has become mandatory to present the Internal Audit report to the External Auditors for review. Then it is qualified. If there is any weakness or malfunctioning carried on in an organization so it will not be concealed any more and will be taken in account and will be accounted. Conclusion The tasks, responsibilities, and goals of audit committees and internal auditing are closely intertwined in many ways. Certainly, as the magnitude of the "corporate accountability" issue increases, so does the significance of the internal auditing/audit committee relationship. The audit committee has a major responsibility in assuring that the mechanisms for corporate accountability are in place and functioning. Clearly, one of these mechanisms is a solid, well-orchestrated, cooperative relationship with internal auditing.
Pages to are hidden for
"The Role of Internal Auditor _ Audit Committee - Welcome to ICMAP "Please download to view full document