Internal Audit & Enterprise Risk Management
Audit Committees and management are seeking more value from Internal Audit, to improve business operations in addition to routine compliance and control attestation.
Overview
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of the organization's processes.
The Institute of Internal Auditors (Australia’s) white paper on the Internal Audit Service Catalogue confirms that internal auditing has evolved to include more dynamic and flexible service offerings.
In summary:
- Internal Audit provides both assurance and consulting (advisory) services; and
- the scope of internal audit work now ranges from controls assurance to effectiveness of risk management and governance.
Services
Internal Audit Engagements
Internal Audit Engagements
Internal Audit Engagements
The traditional method used to perform audit work. The objective is to provide an independent opinion on the quality and effectiveness of governance processes of the area being audited, backed by evidence. Engagements are performed in the phases of planning, fieldwork and reporting.
Assurance Advisory
Internal Audit Engagements
Internal Audit Engagements
Assurance advisory services differ from traditional internal audit engagements and may involve advisory work around governance, risk management and control matters.
Acquisition Assurance
Internal Audit Engagements
Management Requested Services
We can assist with the due diligence process for acquisitions. This includes:
- Investigating material future matters
- Help answering key questions around buying, structuring and paying
- Investigating company policies, processes and practices
- Assist an acquisition decision through valuation and shareholder value analysis.
Management Requested Services
Business Unit Control Advisory
Management Requested Services
We can offer ‘on demand’ services in areas where business issues may occur or emerging risks arise. The assessed level of risk, availability of resources, and endorsement of the Audit Committee are important factors in this space.
Business Unit Control Advisory
Business Unit Control Advisory
Business Unit Control Advisory
A review of business unit controls can determine whether a control environment is operating effectively and risks are being mitigated. These reviews encompass business unit activities, focusing on higher-risk activities.
Health Checks
Business Unit Control Advisory
Business Unit Control Advisory
A health check of a part of a business unit helps to establish and assess the state of an area’s governance, risk and control environment.
Multi-Stage Audits
Preliminary Reviews
Preliminary Reviews
One successful audit method is multi-stage auditing. This is best for auditing projects and business improvement initiatives which will be planned and implemented over a period of time. A life-cycle audit approach through ‘short and sharp’ audits at key stages provides assurance, as well as immediate feedback as the implementation progresses, allowing areas requiring remedial action to be addressed at the time.
Preliminary Reviews
Preliminary Reviews
Preliminary Reviews
Should a detailed audit not be required at the time, a preliminary review can take place. This is a concise review of key business unit or program elements. It is an independent review to work in partnership with management to review risks and controls, not a comprehensive audit. The outcome is a brief roadmap and recommendations for improvement.
One-week Reviews
Preliminary Reviews
One-week Reviews
Should resources be limited, a limited assurance service through one-week reviews is suggested. These provide high-level assurance through a ‘short and sharp’ review of a business area. They may take a few days to complete, with planning and reporting taking the elapsed time to one week. Reviews of this nature provide a snapshot of risks and controls in a business area, with improvement suggestions.
Project Assurance
Procurement Advisory
Procurement Advisory
We are able to provide assurance services for major projects to:
- Provide an assurance link between a project and the steering committee
- Review governance arrangements from project inception to completion
- Provide reports over the life of a project to report and highlight the quality of governance arrangements
- Recommend improvements where identified.
Project assurance work generally focuses on effectiveness of governance, risk management, scope, schedule, cost, quality, and artefact alignment to the project management methodology.
Procurement Advisory
Procurement Advisory
Procurement Advisory
These processes must be fair, open, transparent to all parties, and defensible. Procurement advisory services through the life of major procurement activities helps to assure:
- Compliance with laws and policies
- Effective management of conflicts of interest
- Fairness and impartiality
- Security and confidentiality
- Open and competitive procurement process
- Transparency of process
- Proactive mitigation of probity risks.
Anchoram’s role may be as probity advisor (to the client) or probity auditor (to the client and third parties).
Continuous Auditing
Forensic & Fraud Reviews
Forensic & Fraud Reviews
Continuous auditing can take place over more stable and mature controls within the business, with sufficient transaction volumes to justify the investment.
Automating data analysis for continuous auditing can result in:
- Improved financial and operating controls
- Rapid decision-making and business improvement
- Real-time response to real-time issues
- Implementing automated detective controls.
As Internal Audit becomes embedded within an organization, continuous auditing for corporate and operational ICT systems can be considered.
This initiative can reduce the internal audit footprint for business units, deliver greater audit coverage and provide timely exception reporting. Ideally, a pilot project is tried first, with a possible full roll-out over time.
Forensic & Fraud Reviews
Forensic & Fraud Reviews
Forensic & Fraud Reviews
A forensic review is a detailed and focused examination of an issue or issues, dealing with actual or anticipated disputes or litigation. ‘Forensic’ means ‘suitable for use in a court of law’, and it is to that end that forensic reviews are performed. In most organizations, forensic reviews will be initiated in response to allegations of fraud or corruption. Anchoram has extensive experience in this field.
Categories of financial forensic engagements may include:
- Fraud and corruption
- Economic damages calculations, whether suffered through tort or breach of contract
- Post-acquisition disputes such as breaches of warranties
- Computer forensics.
Cookie Policy
This website uses cookies. By continuing to use this site, you accept our use of cookies.