4

Device
Chapter5PPT4thedition.pptx
Home>Business & Finance homework help>Accounting homework help>4

Internal Auditing: Assurance & Advisory Services

4th edition

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

BUSINESS PROCESSES AND RISKS

Chapter 5

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Learning Objectives

Understand how organizations structure their activities to achieve their objectives.

Identify key business processes in an organization.

Obtain an understanding of a given business process and be able to document it.

Understand basic types of business risks organizations face.

Identify and assess the key risks to an organization’s objectives and how they are linked to business processes.

Develop an audit universe for an organization and determine an annual internal audit plan based on key business risks.

Understand how to use risk assessment techniques within assurance engagements.

Obtain an awareness of the new risks that arise when an organization outsources some of its key processes.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Standards relevant to business processes and risks

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Business processes

How organizations structure their business to implement strategies and achieve their business objectives

Set of coordinated activities

Types of business processes

Operating processes

Management and support processes

Projects

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Managing Risk

Acceptance: No action is taken. Organization is willing to accept the risk rather than spend valuable resources to control it.

Avoidance: A decision is taken to divest from the risk activities and avoid it.

Pursuit: Exploit the risk if it advantageous to the organization.

Reduction: Necessary controls are implemented to reduce its impact.

Sharing: Necessary insurance is taken against the risk to share its impact with others.

Chapter 5: Business Processes and Risks

Types of business processes

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Levels of process description

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Documenting

processes

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Documenting processes

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Documenting processes

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Approaches to understanding the business process

Top Down

Start at entity level with organization’s objectives

Identity key processes critical to success

Match the key process to achieving the objective

Bottom Up

Start with processes at the activity level

Then aggregate across the organization

Works well for smaller organizations

Strategic

Business Process

Risk Factor / Audit Universe Approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Strategic approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Strategic approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Strategic approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Business Process approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Business Process approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Risk factor/audit universe

approach

Definition of audit universe

Audit universe: the activities that the internal auditing function has identified as auditable subjects, activities, units or functions.

Things to consider:

audit charter

mandatory coverage

organization's formal structure

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Risk factor approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Risk factor approach

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Example

Risk Control Matrix

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

example

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

example

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Tools to use

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Tools to use

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Chapter 5: Business Processes and Risks

Tools to use

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.

Internal Auditing: Assurance & Advisory Services, 4th Edition © 2017 by the Internal Audit Foundation.