QUALITY ASSURANCE AND IMPROVEMENT PROGRAM Standards 1300 – 1322 Presentation by SBA’s Office of Internal Audit
Topic pics Introduction 1. Quality Assurance & Improvement Program 2. Internal Assessments-Ongoing Monitoring 3. Internal Assessments-Periodic Self-Assessments 4. External Assessments 5. New IPPF 6. 2
SBA Functional Org Chart 3
SBA Functional Org Chart 4
Of Office o of In Inte ternal Aud udit 5
Of Office o of In Inte ternal Aud udit 6
Of Office o of In Inte ternal Aud udit Standard of of Pr Practice: : The Institute of Internal Auditors' (The IIA) International Professional Practices Framework (IPPF). IPPF mandatory elements consisting of: Core Principles, Definition of Internal Auditing, Code of Ethics, and the International Standards for the Professional Practice of Internal Auditing (Standards) 7
State te A Agencies Section 20.055(6)(a), Florida Statutes ….the director of auditing shall perform the functions listed in this subsection. (a) Such audits shall be conducted in accordance with the current International Standards for the Professional Practice of Internal Auditing as published by the Institute of Internal Auditors, Inc., or, where appropriate, in accordance with generally accepted governmental auditing standards. All audit reports issued by internal audit staff shall include a statement that the audit was conducted pursuant to the appropriate standards. 8
Prim imary O y Objectiv tive of QAI QAIP The primary objective of QAIP is to promote continuous improvement. QAIP presumes that quality is built into the structure of the internal audit activity. 9
Con onformance Built I ilt Into t the Struc uctur ture OIA Manual 10
Con onformance Built I ilt Into t the Struc uctur ture OIA Manual Table of Contents 11
Con onformance Built I ilt Into t the Struc uctur ture OIA Manual 12
Con onformance Built I ilt Into t the Struc uctur ture 13
Con onformance Built I ilt Into t the Struc uctur ture 14
Con onformance Built I ilt Into t the Struc uctur ture 15
Con onformance Built I ilt Into t the Struc uctur ture 16
Con onformance Built I ilt Into t the Struc uctur ture 17
Con onformance Built I ilt Into t the Struc uctur ture 18
Con onformance Built I ilt Into t the Struc uctur ture 19
IIA S A Stan andards 1 1300 00 to 132 322 130 1300: Q Qual ality Assu ssuran ance an and Improve vement P Program am 1310: Requirements of the Quality Assurance and Improvement Program 1311: Internal Assessments 1312: External Assessments 1320: Reporting on the Quality Assurance and Improvement Program 1321: Use of “Conforms with the International Standards for the Professional Practice of Internal Auditing” 1322: Disclosure of Nonconformance 20
Responsible ible for or Q QAIP St Stan andard1 d1300: Qu Qual ality A Assu ssurance an and d Improv ovement Prog Progra ram The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. 21
Requ equirem emen ents o of th the e QAIP IP Inte nterna nal a assessment nts - comprised of two interrelated 1. 1. parts: ongoing monitoring an and a. periodic self-assessments b. 2. Ex Extern ernal assessments nts – can be in the form of: 2. A full external assessment, or or a. A self-assessment with independent external b. validation 22
Key Challenges Faced by Small Audit Shops Adequacy of Resources Retention of Qualified Staff or Subject Matter Experts Independence 23
Key Challenges Impact on Conformance with the Standards 24
INTER ERNAL A ASSESSMEN ESSMENT - ONGOING MONITORING Internal Assessments must include ongoing monitoring of the performance of the internal audit activity
Internal A l Assessment t – Ongoing M Monitori ring Practice Advisory 1311-1 interpretation of ongoing monitoring: Day-to-day supervision, review, and measurement of the internal audit activity Routine policies and practices used to manage the internal audit activity Processes, tools, and information considered necessary to evaluate conformance with the Definition of Internal Auditing, the Code of Ethics, and the Standards 26
Internal A l Assessment t – Ongoing M Monitori ring Per Practice Advisory ongoing Examples of SBA OIA monitoring achieved by: ongoing monitoring: • Standard working practices • Assess the progress of the OIA Annual Audit Plan • Engagement planning • Maintain an updated OIA • Supervision procedure manual • Assessing the audit engagement • Perform engagement-specific action plan prior to fieldwork quality assurance assessments and • Using checklists or automation related verifications tools to provide assurance on • Review working papers and audit compliance with established reports practices and procedures • Maintain a database of • Working paper procedures and recommendations/action plans and signoff by engagement supervisors related status • Review of reports and supporting • Complete required continuing documentation for comments professional education 27
Engage gagement-Spec ecif ific ic Q QA Assessmen sment Examp mple le 28
Engage gagement-Specific Q QA Assessment t Examp mple le ( (Continued ed) 29
Engage gagement-Specific Q QA Assessment t Examp mple le ( (Continued ed) 30
Engage gagement-Spe Speci cific Q QA Assessment V t Verificati tion on 31
INTER ERNAL A ASSESSMEN ESSMENT - PERIODIC MONITORING Internal Assessments must include periodic self-assessments or assessments by other persons within the organization with sufficient knowledge of internal audit practices
Internal A l Assessment t – Periodi dic M Monitori ring Assessment may: Assess conformance with: Be a self-assessment, or an • The Standards assessment by a CIA (or • Definition of Internal other competent Auditing professional) from a different department • Code of Ethics Encompass a combination • Internal audit’s charter, of self-assessments plans, policies, Include interviews and procedures, practices, surveys and applicable Serve to facilitate & reduce legislative/regulatory the cost for an external requirements assessment 33
How do does es t the he OI OIA per perform per periodic moni nitori oring ng? Annually review the OIA Charter. Annually perform a self-assessment of the internal audit activity. 34
Rating M Metho hodo dology Generally Conforms (GC) Partially Conforms (PC) Does Not Conform (DNC) Conformance vs. Compliance 35
Confo form rmance v vs. C . Compl pliance Conformance with standards is a technical term borrowed from the quality management discipline. It is not about complying with the letter of the standard. Someone who is in conformance with a standard is expected to achieve the spirit of the standard. This is consistent with a principles-based approach of the IPPF 36
Annual S Self-Assessm ssessmen ent E Example 37
Annual S Self-Assessm ssessmen ent E Example 38
Annual S Self-Assessm ssessmen ent E Example 39
Qual ality I ity Initia tiati tives Opportunities for improvement identified during the self- assessment Does not indicate nonconformance 40
EXTERNAL A ASSESSME SESSMENT External assessments must be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the organization
External A Asses essmen ments Frequency, Scope & OIA’s Frequency, Form per Standard: Scope & Form • Once every 5 years Once every 5 years • All aspects of internal All aspects of internal audit activity audit activity, i.e., audit • Form and consulting work as -full external prescribed in the OIA assessment, or or charter -self-assessment with Self-assessment with independent external independent external validation validation 42
Qualifications of External Validator • No Conflict of interest • Integrity • Objectivity • Competence • Technical expertise 43
OIA Se Self-assessment t with th E External V Validati tion on External Assessor CAE oversees work of the self- assessment team that: Validates through: Review of assessment • Completes planning planning documentation documentation Re-perform assessment • Performs work programs work program steps for a sample of reports/wps • Evaluates conformance selected, analyze survey with The IIA’s Definition results, and conduct of Internal Auditing, Code interviews with key of Ethics, and Standards stakeholders Assess the conformance • Produces report assessing conclusion reported by the the conformance self-assessment team conclusion 44
OIA OIA s sel elf-assessme ment with e h extern rnal v valida dation 45
OIA S A Self lf- Asse ssessm sment nt with E th External V Validati tion 46
Example of Internal Audit Process Planning Guide – A4 47
Recommend
More recommend
