Internal Audit and Risk Assurance Overview
The role of internal audit is to offer self-governing assurance so that a business's governance, risk supervision, and internal control procedures are functioning effectively. The internal audit process is essentially concerned with assessing an organisation’s administration risk. All associations face risks. For example, risk to an association’s repute if it treats clients wrongly, cyber security, risk of supplier failure, health and safety risk, risk associated with market failure, financial risks etc. The key to a business’s success is to tackle such risks efficiently – more effectually than competitors and as effectually as stakeholders demand. In order to assess how effectively risks are being managed, an internal auditor will evaluate the risk management process quality, corporate governance processes, and systems of internal control.

What is Risk?
Process risk treatment
Conclusion: Risk management process belongs to the management or Process Owner within an organisation and not with an auditor. An internal auditor can only recommend measures to avoid risk but final operation authority lies with management
What does an internal auditor check for process control?
- Controls are aimed at mitigating risks
- Auditor conducts a test for designed and operating efficiency of the control
- If the control is not considered, then there is a “Design GAP/Control GAP” in the procedure
- If the control is designed but discrepancies are noted while testing, then the control is not functioning efficiently
Internal Audit process
Each audit is exclusive. However, the audit process is comparable for most engagements and largely consists of 4 phases:
- Planning
- Field Work/Execution
- Reporting
- Follow-up
Audit Program
Particulars | W/P Reference | Auditor Sign-Off With Date |
---|---|---|
I. AUDIT INTENTIONS: | ||
1. All-inclusive policies and measures speaking about accomplishments that have been established and recognised | ||
2. HR department is in agreement with the recognised policies and controlling requests | ||
3. Access to records is restricted to official personnel | ||
4. Documents are properly organised, sanctioned and verified | ||
5. Recorded balances are repeatedly validated and reviewed | ||
II. PRELIMINARY WORK: | ||
1. Prepare an appointment memo to pronounce the audit | ||
2. Prepare Auditor’s Independence Declaration | ||
3. Obtain an understanding of the operations through investigation and meetings | ||
4. Carry out a general outline of the internal control situation and define the scope of the audit | ||
5. Develop suitable audit tests to offer assurance that management’s aims are being met | ||
III. AUDIT PROCEDURES & TESTING: | ||
1. General audit statement | ||
Payroll Processing Procedure | ||
New Hire Employees – based on skill-set | ||
Sacked Employees | ||
Access of Employee Master File | ||
IV. WORK PAPERS: | ||
1. Consolidate all applicable work papers in a logical manner | ||
2. Make a final index for the work-paper package | ||
3. Accumulate and protect current year audit files for reference | ||
V. AUDIT FINDINGS & REPORTING: | ||
1. Document synopses of all audit findings | ||
2. Recommend any appropriate adjustments, internal controle | ||
3. Determine whether to take into account each audit finding in final audit report, and the relative risk exposure | ||
4. Prepare the draft audit synopses for review | ||
5. Share tentative and preliminary audit report | ||
6. Assemble the final audit report with responses, and review for errors, and share it with the management | ||
Auditor Signature: |
||
Date: |
Our Internal Audit & Risk Assurance
Can a business, in the United Kingdom, establish the correct controls and safety measure if a little goes erroneous? As most of the businesses find such tasks difficult, and our firm, DNS Accountants, can help to address such queries through our internal audit team. Internal audit has turned out to be an ever more indispensable characteristic of performing business undertakings in both public and private sector, and hence, many more organisations are investing in internal audits. Whether an organisation is focusing on outsourcing its internal audit operations totally or requires to enhance its skills, our professional team can assist in achieving the desired results. Our team begins with evaluating the audit requirements, taking into consideration the size, nature, and complication of a business. From there, the team at DNS moulds its services and develops a bespoke strategy to meet the specific needs of a business. Our team will be constantly in touch with the business to persistently assess, benchmark and monitor the performance against other best practice methodologies and propose ongoing developments.