In: Accounting
What two types of services do internal auditors provide? Provide three examples of each type of engagement.
What steps are included in the planning phase of an assurance engagement?
What is the relationship between business objectives and business assertions?
What does "inherent risk" mean?
What elements do well-written observations include?
What is the difference between "negative assurance" and "positive assurance?"
What information must final assurance engagement communications include?
ques 1
Internal auditors provide two types of services: assurance services
and consulting services.
Three examples of assurance engagements:
a)Assess the design adequacy and operating effectiveness of
business process controls.
b)Assess the design adequacy and operating effectiveness of
information technology (IT) controls.
c)Directly assess business process performance.
Three examples of consulting engagements:
a)Provide advice to process owners about how they can streamline
their processes to gain operational efficiencies.
b)Facilitate process owners’ assessments of the risks threatening
their processes.
c)Conduct in-house training about fundamental governance, risk
management, and control concepts
Ques 2
The steps included in the planning phase of an assurance engagement
are:
a)Determine engagement objectives and scope.
b)Understand the auditee, including auditee objectives and
assertions.
c)Identify and assess risks.
d)Identify key control activities.
e)Evaluate adequacy of control design.
f)Create a test plan.
g)Develop a audit program.
h)Allocate resources to the engagement.
ques 3
Business objectives indicate what the auditee is striving to
achieve. Assertions are after thefact statements of what was
achieved
ques 4
Inherent risk is the combination of internal and external risk
factors in their pure, uncontrolled state,or, the gross risk, that
exists assuming there are no internal controls in place.
ques 5
Well-written audit observations contain the following
elements:
a)Condition — The factual evidence the internal auditor found; the
what is
b)Criteria — The standards or expectations used in making an
evaluation; the what should be.
c)Consequences (or effects) — the real or potential adverse effects
(or consequences) of the gap between the existing condition and the
criteria.
d)Causes — The underlying reasons for the gap between the expected
and actual condition,which lead to the adverse consequences
ques 6
An internal audit function is expressing negative assurance when
they conclude that nothing has come to their attention that
indicates, for example, that the auditee’s system of internal
controls is inadequately designed or is operating ineffectively.
Negative assurance also is referred to as limited assurance.
An internal audit function is expressing positive assurance when they conclude, for example, that the auditee’s control activities are designed adequately and operating effectively. Positive assurance, which also is referred to as reasonable assurance ia assurance that explains that all the internal control measures are working effectively or are in place
ques 7
Communications must include the engagement's objectives and scope
as well as applicable conclusions, recommendations, and action
plans
The Chef audit executive must communicate results to the
appropriate parties