Phil Griff i ths
Why Doesn’t Anyone Like Auditors?The webinar will commence shortly
Agenda
• Welcome
• Housekeeping notes
• Session starts
• Q&A
• End of webinar
House Keeping• Slides will be available on our SlideShare page, link will be
emailed to you
• Recording of the webinar will be available to download, link will be emailed
• Take the time to complete post-webinar survey that will pop up at the end
• You can type your questions throughout the session
• Time will be allocated in the end for the speaker to address your questions
About Your Speaker
Phil Griffiths is Founder and Managing Director of Business Risk Management Ltd. A Chartered Accountant, he has over 25 years’ experience in risk management, internal audit and fraud prevention as a practitioner, professional adviser, facilitator and trainer. He has held top management positions with a number of international groups, in roles embracing finance, IT and general management.
.
The dilemma for auditors• Why is it that the internal audits,
compliance reviews, quality audits and health and safety assessments are rarely welcomed?
• Is it because the roles are not really understood?
• Or is it because these reviews usually focus on looking for problems?
• Or is it because they all cause disruption?• Or is it because there are too many of
these ‘audits’?
What does it mean to be an Auditor?
Explaining the role
• If asked could you easily explain the role of your function?
• How confident would you be that the messages you gave were consistent?
• Do you have an agreed statement to ensure this?
MisconceptionsAuditors are there to• Increase controls• Identify weaknesses• Identify fraud• Find management out• Assess the abil ity of staff /
management• Point out problems• Tell management what to do
Frequently asked questions
• What is Internal Audit?
• What are Internal Audit’s responsibil i t ies
• Why do we need IA?• What l ine
management responsibil i ty does the function have?
Develop FAQ’s
• Are Internal Auditors professionals?
• What right of access does the function have?
• Can I request an audit?• Wil l I receive advance
notice of an audit?• What can I do to
facil i tate the audit?
More FAQ’s
• How does IA decide what to do?
• Are Audit observations a question of judgement?
• How are the results of the audit reported?
• Will IA offer solutions to problems?
• How does IA differ from other audit functions?
Explain the audit process to your customers
• Power point presentation
• Brochure• Outl ine approach
to be used• Focus on
collaboration• Explain how
disruption wil l be minimised
Marketing of IA
• Intranet for IA• Appropriate information
included – Audit plans– Testimonials– Achievements– Information e.g. fraud
awareness– Best practice ideas– KPI performance
Marketing measures• Brochure (with Chief
Exec forward)• Presentations at
management meetings• IA included in induction
programme • Page on main web site• Newsletter• Face to face meetings
with senior management
Focus on the key risks
• Internal audit is being asked to provide much greater assurance to senior management than ever before.
• The IIA believes that the only way to provide such objective assurance is by means of Risk Based Auditing
Risk Based Audit
• Determine Business objectives
• Consider threat to achievement
• Understand the risk appetite
• Assess how well such risks are being managed
The need to coordinate the assurance roles
• IIA Standard 2050• The chief audit executive should share
information and coordinate activit ies with other internal and external providers of assurance to ensure proper coverage and minimise duplication of effort
Coordinating activit ies with other assurance bodies
• Compliance• Health and Safety• Security• Risk Management• Environmental Audit• Quality Assurance• Insurance• External Audit
The need for a collaborative and consultative approach
• Do you get together and share your plans?
• Do you coordinate visits to keep disruption to a minimum?
• Do you share your reports?• Are your objectives
synchronised?• Do you have consolidated
reports for the Board?
What else can be done?
• Allocate points of contact with Board members and heads of departments
• Meet with them once a month or so
• Be available
Course dates
Risk based auditing Next week & Oct
Advanced audit techniques May & Nov
Leading the IA function June & Dec
Essentials of IA SepFraud and the audit role May &
Nov
Questions and comments