804:. Organizational independence is effectively achieved when the chief audit executive reports functionally to the board. Examples of functional reporting to the board involve the board: Approving the internal audit charter; Approving the risk based internal audit plan; Approving the internal audit budget and resource plan; Receiving communications from the chief audit executive on the internal audit activity's performance relative to its plan and other matters; Approving decisions regarding the appointment and removal of the chief audit executive; Approving the remuneration of the chief audit executive; and Making appropriate inquiries of management and the chief audit executive to determine whether there are inappropriate scope or resource limitations.
1154:
engagement or report can be used to measure performance, with an annual survey to the audit committee. Scoring on dimensions such as professionalism, quality of counsel, timeliness of work product, utility of meetings, and quality of status updates are typical with such surveys. Understanding the expectations of senior management and the audit committee represent important steps in developing a performance measurement process, as well as how such measures help align the audit function with organizational priorities. Independent peer reviews are part of the quality assurance process for many internal audit groups as they are often required by standards. The resulting peer review report is made available to the audit committee.
866:(ERM) Framework, an organization's strategy, operations, reporting, and compliance objectives all have associated strategic business risks – the negative outcomes resulting from internal and external events that inhibit the organization's ability to achieve its objectives. Management assesses risk as part of the ordinary course of business activities such as strategic planning, marketing planning, capital planning, budgeting, hedging, incentive payout structure, credit/lending practices, mergers and acquisitions, strategic partnerships, legislative changes, conducting business abroad, etc.
698:(IIA) is the recognized international standard setting body for the internal audit profession and awards the Certified Internal Auditor designation internationally through rigorous written examination. Other designations are available in certain countries. In the United States the professional standards of the Institute of Internal Auditors have been codified in several states' statutes pertaining to the practice of internal auditing in government (New York State, Texas, and Florida being three examples). There are also a number of other international standard setting bodies.
769:
practice advisories. Professional internal auditors are mandated by the IIA standards to be independent of the business activities they audit. This independence and objectivity are achieved through the organizational placement and reporting lines of the internal audit department. Internal auditors of publicly traded companies in the United States are required to report functionally to the board of directors directly, or a sub-committee of the board of directors (typically the audit committee), and not to management except for administrative purposes.
1184:
organization's objectives through well-reasoned audits, evaluations, and analyses of operational areas. He encouraged the modern internal auditor to act as a counsellor to management rather than as an adversary. Sawyer saw auditors as active players influencing events in the business rather than criticizing all degrees of errors and mistakes. He also foresaw a more desirable auditor future involving a stronger relationship with members of audit committee and the board and a divorce from direct reporting to the chief financial officer.
40:
871:
to manage risks entity-wide. For example, internal auditors can advise management regarding the reporting of forward-looking operating measures to the board, to help identify emerging risks; or internal auditors can evaluate and report on whether the board and other stakeholders can have reasonable assurance the organization's management team has implemented an effective enterprise risk management program.
1192:
information technology, facilities management, customer service, field operations, and program management. This approach helped catapult the chief audit executive into the role of a respected and knowledgeable adviser who was thought to be reasonable, objective, and concerned about helping the organization achieve the stated goals.
908:
activities, achieve objectives, and protect the interests of diverse stakeholder groups in a manner consistent with ethical standards. The internal auditor is often considered one of the "four pillars" of corporate governance, the other pillars being the board of directors, management, and the external auditor.
1100:. A key aspect of developing IA strategy is understanding the expectations of stakeholders, such as the audit committee and top management. This helps guide the IA function in its mission of helping the organization address the risks it faces. Specific topics considered in IA strategic planning include:
1191:
Sawyer helped make internal auditing more relevant and more interesting through a sharp focus on operational or performance auditing. He strongly encouraged looking beyond financial statements and financial-related auditing into areas such as purchasing, warehousing and distribution, human resources,
1108:
Portfolio of services: IA functions may provide traditional audit assurance across the risk spectrum as well as consulting project support in a variety of areas such as project management, data analysis, and monitoring of major company initiatives. Larger audit functions may establish specialty areas
1039:
Under the IIA standards, a critical component of the audit process is the preparation of a balanced report that provides executives and the board with the opportunity to evaluate and weigh the issues being reported in the proper context and perspective. In providing perspective, analysis and workable
870:
regulations require extensive risk assessment of financial reporting processes. Corporate legal counsel often prepares comprehensive assessments of the current and potential litigation a company faces. Internal auditors may evaluate each of these activities, or focus on the overarching process used
759:
of 2002, the profession's exposure and value was enhanced, as many internal auditors possessed the skills required to help companies meet the requirements of the law . However, the focus by internal audit departments of publicly traded companies on SOX related financial policy and procedures derailed
912:
audit committee's meeting agendas, and coordinating with the external auditor and management to ensure the committee receives effective information. In recent years, the IIA has advocated more formal evaluation of corporate governance, particularly in the areas of board oversight of enterprise risk,
874:
In larger organizations, major strategic initiatives are implemented to achieve objectives and drive changes. As a member of senior management, the chief audit executive (CAE) may participate in status updates on these major initiatives. This places the CAE in the position to report on many of the
675:
with laws and regulations. Internal auditing may also involve conducting proactive fraud audits to identify potentially fraudulent acts; participating in fraud investigations under the direction of fraud investigation professionals, and conducting post investigation fraud audits to identify control
911:
A primary focus area of internal auditing as it relates to corporate governance is helping the audit committee of the board of directors (or equivalent) perform its responsibilities effectively. This may include reporting critical management control issues, suggesting questions or topics for the
1112:
Competency development: The stakeholder expectations around scope and service portfolio determine what competencies the function needs, which drives decisions regarding hiring of specific skills and training programs. The internal audit function is often used as a "management training ground" to
839:
components of management control to help the organization achieve the four specific objectives listed above. Internal auditors perform audits to evaluate whether the five components of management control are present and operating effectively, and if not, provide recommendations for improvement.
768:
While internal auditors are hired directly by their company, they can achieve independence through their reporting relationships. Independence and objectivity are a cornerstone of the IIA professional standards; and are discussed at length in the standards and the supporting practice guides and
1187:
Sawyer often talked about "catching a manager doing something right" and providing recognition and positive reinforcement. Writing about positive observations in audit reports was rarely done until Sawyer started talking about the idea. He understood and forecast the benefits of providing more
1170:
quarterly, along with management's progress towards resolving them. Critical issues typically have a reasonable likelihood of causing substantial financial or reputational damage to the company. For particularly complex issues, the responsible manager may participate in the discussion. Such
745:
and public accounting professions, the theory of internal auditing was conceived primarily by
Lawrence Sawyer (1911–2002), often referred to as "the father of modern internal auditing"; and the current philosophy, theory and practice of modern internal auditing as defined by the International
1153:
approach. Internal audit functions are primarily evaluated based on the quality of counsel and information provided to the audit committee and top management. However, this is primarily qualitative and therefore difficult to measure. "Customer surveys" sent to key managers after each audit
1021:
Audit findings and recommendations may also relate to particular assertions about transactions, such as whether the transactions audited were valid or authorized, completely processed, accurately valued, processed in the correct time period, and properly disclosed in financial or operational
670:
The scope of internal auditing within an organization may be broad and may involve topics such as an organization's governance, risk management and management controls over: efficiency/effectiveness of operations (including safeguarding of assets), the reliability of financial and management
907:
has in the past been generally informal, accomplished primarily through participation in meetings and discussions with members of the board of directors. According to COSO's ERM framework, governance is the policies, processes and structures used by the organization's leadership to direct
838:
Management is responsible for internal control, which comprises five critical components: the control environment; risk assessment; risk focused control activities; information and communication; and monitoring activities. Managers establish policies, processes, and practices in these five
1183:
Some of the philosophy and approach of internal auditing is derived from the work of
Lawrence Sawyer. His philosophy and guidance on the role of internal audit was a forerunner of the current definition of internal auditing. It emphasized assisting management and the board in achieving the
996:
Internal auditors typically issue reports at the end of each audit that summarize their findings, recommendations, and any responses or action plans from management. An audit report may have an executive summary – a body that includes the specific issues or findings identified and related
1017:
The recommendations in an internal audit report are designed to help the organization achieve effective and efficient governance, risk and control processes associated with operations objectives, financial and management reporting objectives; and legal/regulatory compliance objectives.
820:
Internal
Control Framework, internal control is broadly defined as a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of the following core objectives for which all businesses strive:
966:
Identifying management practices in the five components of control used to ensure that each key risk is properly controlled and monitored. An internal audit checklist can be a helpful tool to identify common risks and desired controls in the specific process or specific industry being
760:
progress made by the profession in the late 20th century toward Larry Sawyer's vision for internal audit. Beginning in about 2010, the IIA once again began advocating for the broader role internal auditing should play in the corporate arena, in keeping with the IPPF's philosophy.
890:
processes. This process is highly valued by many businesses for establishing and implementing effective management systems and ensuring quality is maintained & professional standards are met
Internal auditors also play an important role in helping companies execute a
855:
activities. Risk management is the process by which an organization identifies, analyses, responds, gathers information about, and monitors strategic risks that could actually or potentially impact the organization's ability to achieve its mission and objectives.
1104:
Scope and emphasis: An IA function may be involved in addressing risks related to financial reporting, operations, legal and regulatory compliance, and the company strategy. There may also be special topics of interest to stakeholders that change considerably
940:
is typically proposed by the CAE (sometimes with several options or alternatives) for the review and approval of the audit committee or the board of directors. Internal auditing activity is generally conducted as one or more discrete assignments.
1323:, reports on the evolution of internal audit to react to changes. Disruptions examined include data analytics, agile processes, cloud computing, robotic process automation, continuous auditing, regulatory change, and artificial intelligence.
1310:
Internal audit plays a critical role maintaining effective control mitigating emerging risks. Businesses will increase risk or bypass opportunity if auditors do not address disruption-related risks. Michael G. Alles has discussed that
1208:, and internal audit, delineating how responsibilities should be divided; it is designed "to assure the effective and transparent management of risk", by making accountabilities clear. The terminology is analogized from the military "
1188:
balanced reporting while simultaneously building better relationships. Sawyer understood the psychology of interpersonal dynamics and the need for all people to receive acknowledgment and validation for relationships to prosper.
959:
Developing an understanding of the business area under review – this includes objectives, measurements & key transaction types and involves interviews and a review of documents – flowcharts and narratives may be created, if
1240:. This line of defence monitors and facilitates the implementation of effective risk management practices by the first line, providing "oversight and challenge"; and also assists the "risk owners" in producing and interpreting
1175:" exists in the organization, and to expedite resolution of such issues. It is a matter of considerable judgment to select appropriate issues for the audit committee's attention and to describe them in the proper context.
997:
recommendations or action plans, and appendix information such as detailed graphs and charts or process information. Each audit finding within the body of the report may contain five elements, sometimes called the "5 C's":
1224:
has "ownership, responsibility and accountability for directly assessing, controlling and mitigating risks". Its value is that it comes "from those who know the business, culture and day-to-day challenges" (see also
842:
In the United States, the internal audit function independently assesses management's system of internal control and reports its results to top management and the company's audit committee of the board of directors.
980:
Audit assignment length varies based on the complexity of the activity being audited and internal audit resources available. Many of the above steps are iterative and may not all occur in the sequence indicated.
1496:
Wood, David A. (September 2013). "A Descriptive Study of
Factors Associated with the Internal Audit Function Policies Having an Impact: Comparisons Between Organizations in a Developed and an Emerging Economy".
701:
Internal auditors work for government agencies (federal, state and local); for publicly traded companies; and for non-profit companies across all industries. Internal auditing departments are led by a
627:
activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the
944:
It should be adapted to the specific purpose of audit, and the selection of audit method must be adapted to its specific purpose. Otherwise, it will deviate from the purpose of the audit.
932:
of the organization, internal auditors, management and oversight boards determine where to focus internal auditing efforts. This focus or prioritization is part of the annual/ multi-year
1808:
1342:
860:
817:
1997:
2044:
2025:
1826:
Wood, David A. (November 2011). "The Effect of Using the
Internal Audit Function as a Management Training Ground on the External Auditor's Reliance Decision".
1775:
1557:
1116:
Technology: IA functions use a variety of technology tools/software to support audit process workflow, statistical analysis, and obtaining data from systems.
2021:
1358:
970:
Developing and executing a risk-based sampling and testing approach to determine whether the most important management controls are operating as intended.
933:
788:
to perform their role effectively. Although internal auditors are part of company management and paid by the company, the primary customer of internal
643:
processes. Internal auditing might achieve this goal by providing insight and recommendations based on analyses and assessments of data and business
1363:
2001:
1255:. Internal audit reviews and reports on both the first and the second lines of defence, providing objective and independent assurance, per
691:. As a result of their broad scope of involvement, internal auditors may have a variety of higher educational and professional backgrounds.
304:
1962:
976:
Following-up on reported findings at appropriate intervals. Internal audit departments maintain a follow-up database for this purpose.
1912:
1966:
1891:
1532:
1337:
289:
1745:
1263:
Under later iterations of the model, assurance from "external independent bodies" is seen as a fourth line of defence; here the
2076:
Michael G. Alles (2015) Drivers of the Use and
Facilitators and Obstacles of the Evolution of Big Data by the Audit Profession.
1092:
described in multi-year strategic plans. Professional guidance on building an
Internal Audit strategic plan was issued by the
2098:
1705:
1332:
294:
875:
major risks the organization faces to the audit committee, or ensure management's reporting is effective for that purpose.
603:
454:
158:
55:
1866:
1244:. Although separate from those responsible for delivery, it is not independent of the management chain. (See, re banking,
1986:
1619:
1113:
provide employees with a deeper knowledge of the company's operations before they are rotated into a management position.
773:
309:
299:
65:
2052:
1947:
1601:
361:
973:
Reporting issues and challenges identified and negotiating action plans with the management to address these problems.
489:
366:
1783:
895:. In these latter two areas, internal auditors typically are part of the risk assessment team in an advisory role.
892:
741:
and banking compliance activities. While some of the audit technique underlying internal auditing is derived from
314:
257:
851:
Internal auditing professional standards require the function to evaluate the effectiveness of the organization's
1390:
1268:
1213:
1040:
recommendations for business improvements in critical areas, auditors help the organization meet its objectives.
985:
398:
1421:
1353:
695:
351:
679:
Internal auditors are not responsible for the execution of company activities; they advise management and the
984:
In addition to assessing business processes, specialists called information technology (IT) auditors review
746:
Professional
Practices Framework (IPPF) of the Institute of Internal Auditors owes much to Sawyer's vision.
956:
Establishing and communicating the scope and objectives of the audit to appropriate members of management.
1580:
1004:
Criteria: What is the standard that was not met? The standard may be a company policy or other benchmark.
688:
1664:
1013:
Corrective action: What should management do about the finding? What have they agreed to do and by when?
2126:
887:
863:
632:
1378:
1295:
717:(In the United States this reporting relationship is required by law for publicly traded companies).
1299:
1226:
1220:
Under the first line of defence, risks are managed and controlled day-to-day. Here customer-facing
596:
403:
39:
2116:
1025:
Following are the steps about how continuous improvement can be achieved through audit findings.
714:
237:
113:
1079:
The report should be released promptly immediately after the audit is concluded, within a month.
1010:
Consequence: What is the risk/negative outcome (or opportunity foregone) because of the finding?
1434:
Wood, David A. (May 2012). "Corporate
Managers' Reliance on Internal Auditor Recommendations".
1035:
Maintain steady and healthy relation with suppliers, vendors, users, auditors and audit bodies.
755:
529:
464:
188:
1316:
1233:
1163:
742:
702:
672:
514:
252:
118:
60:
1982:
1373:
1121:
1089:
904:
640:
564:
103:
8:
1221:
589:
554:
549:
524:
519:
459:
388:
346:
328:
281:
262:
193:
98:
23:
1536:
1271:, provide assurance and insights to the Board and are "clearly seen to be independent".
1514:
1478:
1291:
1252:
1150:
1129:
1125:
867:
801:
726:
710:
680:
656:
620:
393:
228:
183:
1753:
1200:
The "Three Lines of Defence Model" is a framework outlining the relationship between
963:
Describing the key risks facing the business activities within the scope of the audit.
2121:
2094:
2048:
1943:
1867:"IIA-GAIN Study-Knowledge Report—Measuring Internal Audit Performance—September 2009"
1701:
1518:
1482:
1404:
1275:
1232:
The second line of defence consists of the independent functions of Risk Management,
738:
734:
660:
574:
569:
148:
123:
1835:
1693:
1506:
1470:
1443:
1348:
1279:
1264:
1237:
1055:
The comments and opinions expressed in the report should be objective and unbiased.
883:
813:
644:
636:
356:
242:
1685:
1697:
1510:
1209:
1205:
1172:
1167:
929:
913:
852:
797:
730:
706:
444:
408:
198:
178:
163:
108:
93:
50:
1474:
1870:
937:
652:
417:
128:
1623:
1461:
Wood, David A. (July 2009). "Internal Audit Quality and Earnings Management".
1201:
2110:
1283:
1245:
1241:
1133:
628:
559:
422:
341:
336:
173:
2063:
Pett, J., Kristall, M., & Mack, D. (2017). Opportunity from disruption.
1171:
reporting is critical to ensure the function is respected, that the proper "
1032:
Train users or employees to develop effective audit processes or procedures.
663:
as an objective source of independent advice. Professionals called internal
1287:
923:
494:
233:
1692:, Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 547–552, 2008,
878:
The internal audit function may help the organization address its risk of
667:
are employed by organizations to perform the internal auditing activity.
380:
1839:
1447:
1251:
The third line of defence is internal audit, reporting directly to the
793:
781:
777:
725:
The internal auditing profession evolved steadily with the progress of
684:
624:
484:
168:
31:
1809:"Pages – Developing the Internal Audit Strategic Plan Practice Guide"
648:
1892:"PWC-2012 State of the Internal Audit Profession Survey-March 2012"
1368:
1312:
785:
952:
A typical internal audit assignment involves the following steps:
664:
267:
247:
153:
1854:
A Balanced Scorecard Framework for Internal Auditing Departments
1644:
1343:
Committee of Sponsoring Organizations of the Treadway Commission
729:
after World War II. It is conceptually similar in many ways to
1727:
812:
Internal auditing activity is primarily directed at evaluating
413:
88:
1229:); at the same time, however, this Line may lack independence.
886:. Internal auditors may help companies establish and maintain
1286:
even if substantial and unexpected losses are incurred"; see
1149:
The measurement of the internal audit function can involve a
879:
789:
436:
218:
83:
2089:
Christ, Margaret H.; Marc Eulerich and David A. Wood, 2019,
1319:
that auditors must incorporate in practice. A 2019 study,
1067:
The information contained in the report should be accurate.
784:
of management activities and personnel and allows internal
223:
1856:. IIA Research Foundation. Altamonte Springs, FL.: 2002
1166:(CAE) typically reports the most critical issues to the
1144:
16:
Independent, objective assurance and consulting activity
2026:
Institute of Chartered Accountants in England and Wales
1061:
The language used should be simple and straightforward.
1998:
Internal audit: three lines of defence model explained
2091:
Internal Auditors' Response to Disruptive Innovation.
1088:
Internal audit functions may also develop functional
1001:
Condition: What is the particular problem identified?
1558:"The IIA-History and Evolution of Internal Auditing"
1359:
International Auditing and Assurance Standards Board
1321:
Internal Auditors' Response to Disruptive Innovation
1274:
The "last line of defence" against risk is that of
1043:
796:of management's activities. This is typically the
1120:Building the IA strategy may involve a variety of
828:Reliability of financial and management reporting.
2039:III.A.3, in Carol Alexander, ed. (January 2005).
1256:
1157:
882:via a fraud risk assessment, using principles of
2108:
1803:
1801:
1746:"Internal Audit Checklists of various processes"
1364:International Register of Certificated Auditors
898:
720:
2002:Institute of Chartered Accountants of Scotland
924:Audit project selection or "annual audit plan"
763:
1798:
597:
1728:"Internal audit – Risk based – Introduction"
1436:AUDITING: A Journal of Practice & Theory
1098:Developing the Internal Audit Strategic Plan
903:Internal auditing activity as it relates to
687:body) regarding how to better execute their
1933:
1931:
1929:
1725:
947:
917:
825:Effectiveness and efficiency of operations.
807:
305:International Financial Reporting Standards
1963:Position paper: The three lines of defence
846:
604:
590:
1195:
1096:in July 2012 via a Practice Guide called
991:
676:breakdowns and establish financial loss.
2041:The Professional Risk Managers' Handbook
2035:
2033:
2017:
2015:
2013:
2011:
2009:
1967:Chartered Institute of Internal Auditors
1926:
1869:. Theiia.org. 2000-01-01. Archived from
1752:. internalauditexpert.in. Archived from
1338:Chartered Institute of Internal Auditors
1305:
1029:Develop CAPAs to address quality issues.
1300:Going concern § Management's plans
1282:"ensures that a firm can continue as a
1227:Internal control § Operating staff
713:, with administrative reporting to the
2109:
1978:
1976:
1974:
1940:Sawyer's Internal Auditing 5th Edition
1937:
1535:. Eciia.eu. 2013-06-25. Archived from
655:, internal auditing provides value to
2030:
2006:
1333:Certified Information Systems Auditor
1145:Measuring the internal audit function
831:Compliance with laws and regulations.
295:Generally-accepted auditing standards
1825:
1645:"ECAAS Certification & Training"
1495:
1460:
1433:
792:activity is the entity charged with
1987:Association of Corporate Treasurers
1971:
1913:"Peer Review: IIA, GAGAS and ISSAI"
1257:§ Role in corporate governance
1178:
705:(CAE) who generally reports to the
310:International Standards on Auditing
13:
1942:. Institute of Internal Auditors.
1620:"Role of Internal Auditing in ERM"
1109:to handle their service portfolio.
1022:reporting, among other elements.
14:
2138:
1915:. projectauditors.com. 2012-01-01
1776:"Format of Internal Audit Report"
1124:concepts and frameworks, such as
1007:Cause: Why did the problem occur?
367:Notes to the financial statements
1665:"IIA Article "Getting a Leg Up""
1044:Quality of internal audit report
893:SOX 404 top-down risk assessment
315:Management Accounting Principles
38:
2083:
2070:
2057:
1991:
1956:
1905:
1884:
1859:
1846:
1819:
1768:
1738:
1719:
1678:
1657:
1637:
1533:"UK and Ireland Certifications"
1139:
986:information technology controls
749:With the implementation in the
1686:"Management of Internal Audit"
1612:
1594:
1573:
1550:
1525:
1489:
1454:
1427:
1415:
1354:Institute of Internal Auditors
1158:Reporting of critical findings
1094:Institute of Internal Auditors
696:Institute of Internal Auditors
1:
1384:
1073:The report should be concise.
918:§ Three lines of defence
619:is an independent, objective
290:Generally-accepted principles
1983:Three Lines of Defence Model
1698:10.1007/978-3-540-70887-2_35
1511:10.1080/14683849.2013.833019
899:Role in corporate governance
721:History of internal auditing
7:
2093:Internal Audit Foundation.
1583:. na.theiia.org. 2000-01-01
1581:"Internal Auditor Magazine"
1475:10.2308/accr.2009.84.4.1255
1326:
1083:
774:organizational independence
764:Organizational independence
10:
2143:
888:Enterprise Risk Management
864:enterprise risk management
2022:The four lines of defence
1938:Sawyer, Lawrence (2003).
1405:Resources in your library
1379:Risk-based internal audit
1296:Financial risk management
159:Constant purchasing power
56:Constant purchasing power
948:Internal audit execution
808:Role in internal control
647:. With commitment to
490:Accounting organizations
478:People and organizations
2080:: June 2015 pp. 439-449
1690:Internal Audit Handbook
1424:'s definition of audit.
847:Role in risk management
715:chief executive officer
238:Amortization (business)
1780:internalauditexpert.in
1242:risk-related reporting
1222:operational management
1212:" (and the concept of
1196:Three lines of defence
992:Internal audit reports
916:, and fraud. See also
834:Safeguarding of Assets
1894:. Pwc.com. 2012-03-20
1828:The Accounting Review
1750:Internal Audit Expert
1463:The Accounting Review
1317:disruptive innovation
1306:Disruptive innovation
1164:chief audit executive
800:, a committee of the
780:enables unrestricted
743:management consulting
703:chief audit executive
362:Management discussion
1374:Operational auditing
1122:strategic management
905:corporate governance
329:Financial statements
282:Accounting standards
2078:Accounting Horizons
1756:on 13 December 2013
1602:"Pages – Standards"
555:Earnings management
525:Positive accounting
399:Double-entry system
389:Bank reconciliation
194:Revenue recognition
2045:PRMIA Publications
1840:10.2308/accr-10136
1786:on 7 December 2013
1667:. Findarticles.com
1448:10.2308/ajpt-10234
1292:Regulatory capital
1280:sufficient quantum
1253:Board of directors
1202:business functions
1151:balanced scorecard
1130:strategic thinking
1126:strategic planning
802:board of directors
756:Sarbanes–Oxley Act
731:financial auditing
727:management science
711:board of directors
681:board of directors
530:Sarbanes–Oxley Act
465:Sarbanes–Oxley Act
394:Debits and credits
229:Cost of goods sold
184:Matching principle
2127:Types of auditing
2099:978-1-63454-062-9
1732:internalaudit.biz
1726:David Griffiths.
1707:978-3-540-70886-5
1391:Library resources
934:annual audit plan
739:quality assurance
735:public accounting
661:senior management
617:Internal auditing
614:
613:
575:Two sets of books
570:Off-balance-sheet
212:Selected accounts
149:Accounting period
2134:
2101:
2087:
2081:
2074:
2068:
2065:Internal Auditor
2061:
2055:
2037:
2028:
2019:
2004:
1995:
1989:
1980:
1969:
1960:
1954:
1953:
1935:
1924:
1923:
1921:
1920:
1909:
1903:
1902:
1900:
1899:
1888:
1882:
1881:
1879:
1878:
1863:
1857:
1850:
1844:
1843:
1834:(6): 2131–2154.
1823:
1817:
1816:
1805:
1796:
1795:
1793:
1791:
1782:. Archived from
1772:
1766:
1765:
1763:
1761:
1742:
1736:
1735:
1723:
1717:
1716:
1715:
1714:
1682:
1676:
1675:
1673:
1672:
1661:
1655:
1654:
1652:
1651:
1641:
1635:
1634:
1632:
1631:
1622:. Archived from
1616:
1610:
1609:
1598:
1592:
1591:
1589:
1588:
1577:
1571:
1570:
1568:
1567:
1562:
1554:
1548:
1547:
1545:
1544:
1529:
1523:
1522:
1493:
1487:
1486:
1469:(4): 1255–1280.
1458:
1452:
1451:
1431:
1425:
1419:
1349:Fraud deterrence
1265:external auditor
1238:Operational Risk
1214:defence in depth
1179:Audit philosophy
914:corporate ethics
884:fraud deterrence
814:internal control
689:responsibilities
657:governing bodies
606:
599:
592:
42:
19:
18:
2142:
2141:
2137:
2136:
2135:
2133:
2132:
2131:
2107:
2106:
2105:
2104:
2088:
2084:
2075:
2071:
2067:, 74(3), 57–60.
2062:
2058:
2038:
2031:
2020:
2007:
1996:
1992:
1981:
1972:
1961:
1957:
1950:
1936:
1927:
1918:
1916:
1911:
1910:
1906:
1897:
1895:
1890:
1889:
1885:
1876:
1874:
1865:
1864:
1860:
1852:Frigo, Mark L.
1851:
1847:
1824:
1820:
1807:
1806:
1799:
1789:
1787:
1774:
1773:
1769:
1759:
1757:
1744:
1743:
1739:
1724:
1720:
1712:
1710:
1708:
1684:
1683:
1679:
1670:
1668:
1663:
1662:
1658:
1649:
1647:
1643:
1642:
1638:
1629:
1627:
1618:
1617:
1613:
1600:
1599:
1595:
1586:
1584:
1579:
1578:
1574:
1565:
1563:
1560:
1556:
1555:
1551:
1542:
1540:
1531:
1530:
1526:
1499:Turkish Studies
1494:
1490:
1459:
1455:
1432:
1428:
1420:
1416:
1411:
1410:
1409:
1399:
1398:
1394:
1387:
1329:
1308:
1210:Line of defence
1206:risk management
1198:
1181:
1173:tone at the top
1168:audit committee
1160:
1147:
1142:
1086:
1046:
994:
950:
930:risk assessment
926:
901:
853:Risk management
849:
810:
798:audit committee
766:
723:
707:audit committee
671:reporting, and
633:risk management
610:
581:
580:
579:
544:
536:
535:
534:
509:
501:
500:
499:
479:
471:
470:
469:
439:
429:
428:
427:
383:
373:
372:
371:
331:
321:
320:
319:
284:
274:
273:
272:
213:
205:
204:
203:
199:Unit of account
179:Historical cost
164:Economic entity
143:
135:
134:
133:
78:
70:
51:Historical cost
17:
12:
11:
5:
2140:
2130:
2129:
2124:
2119:
2117:Internal audit
2103:
2102:
2082:
2069:
2056:
2053:978-0976609704
2029:
2005:
1990:
1970:
1955:
1949:978-0894135095
1948:
1925:
1904:
1883:
1858:
1845:
1818:
1797:
1767:
1737:
1718:
1706:
1677:
1656:
1636:
1611:
1593:
1572:
1549:
1524:
1505:(3): 581–606.
1488:
1453:
1442:(2): 151–166.
1426:
1413:
1412:
1408:
1407:
1401:
1400:
1396:Internal audit
1389:
1388:
1386:
1383:
1382:
1381:
1376:
1371:
1366:
1361:
1356:
1351:
1346:
1340:
1335:
1328:
1325:
1307:
1304:
1261:
1260:
1249:
1230:
1197:
1194:
1180:
1177:
1159:
1156:
1146:
1143:
1141:
1138:
1118:
1117:
1114:
1110:
1106:
1085:
1082:
1081:
1080:
1074:
1068:
1062:
1056:
1053:Objectivity –
1045:
1042:
1037:
1036:
1033:
1030:
1015:
1014:
1011:
1008:
1005:
1002:
993:
990:
978:
977:
974:
971:
968:
964:
961:
957:
949:
946:
925:
922:
900:
897:
868:Sarbanes–Oxley
848:
845:
836:
835:
832:
829:
826:
809:
806:
765:
762:
722:
719:
653:accountability
612:
611:
609:
608:
601:
594:
586:
583:
582:
578:
577:
572:
567:
562:
557:
552:
546:
545:
542:
541:
538:
537:
533:
532:
527:
522:
517:
511:
510:
507:
506:
503:
502:
498:
497:
492:
487:
481:
480:
477:
476:
473:
472:
468:
467:
462:
457:
452:
447:
441:
440:
435:
434:
431:
430:
426:
425:
420:
418:General ledger
411:
406:
401:
396:
391:
385:
384:
379:
378:
375:
374:
370:
369:
364:
359:
354:
349:
344:
339:
333:
332:
327:
326:
323:
322:
318:
317:
312:
307:
302:
297:
292:
286:
285:
280:
279:
276:
275:
271:
270:
265:
260:
255:
250:
245:
240:
231:
226:
221:
215:
214:
211:
210:
207:
206:
202:
201:
196:
191:
186:
181:
176:
171:
166:
161:
156:
151:
145:
144:
141:
140:
137:
136:
132:
131:
126:
121:
116:
111:
106:
101:
96:
91:
86:
80:
79:
76:
75:
72:
71:
69:
68:
63:
58:
53:
47:
44:
43:
35:
34:
28:
27:
15:
9:
6:
4:
3:
2:
2139:
2128:
2125:
2123:
2120:
2118:
2115:
2114:
2112:
2100:
2096:
2092:
2086:
2079:
2073:
2066:
2060:
2054:
2050:
2046:
2042:
2036:
2034:
2027:
2023:
2018:
2016:
2014:
2012:
2010:
2003:
1999:
1994:
1988:
1984:
1979:
1977:
1975:
1968:
1964:
1959:
1951:
1945:
1941:
1934:
1932:
1930:
1914:
1908:
1893:
1887:
1873:on 2012-03-08
1872:
1868:
1862:
1855:
1849:
1841:
1837:
1833:
1829:
1822:
1814:
1810:
1804:
1802:
1785:
1781:
1777:
1771:
1755:
1751:
1747:
1741:
1733:
1729:
1722:
1709:
1703:
1699:
1695:
1691:
1687:
1681:
1666:
1660:
1646:
1640:
1626:on 2013-09-05
1625:
1621:
1615:
1607:
1603:
1597:
1582:
1576:
1559:
1553:
1539:on 2013-08-20
1538:
1534:
1528:
1520:
1516:
1512:
1508:
1504:
1500:
1492:
1484:
1480:
1476:
1472:
1468:
1464:
1457:
1449:
1445:
1441:
1437:
1430:
1423:
1418:
1414:
1406:
1403:
1402:
1397:
1392:
1380:
1377:
1375:
1372:
1370:
1367:
1365:
1362:
1360:
1357:
1355:
1352:
1350:
1347:
1344:
1341:
1339:
1336:
1334:
1331:
1330:
1324:
1322:
1318:
1314:
1303:
1301:
1297:
1293:
1289:
1285:
1284:going concern
1281:
1277:
1272:
1270:
1266:
1258:
1254:
1250:
1247:
1246:Middle office
1243:
1239:
1235:
1231:
1228:
1223:
1219:
1218:
1217:
1215:
1211:
1207:
1203:
1193:
1189:
1185:
1176:
1174:
1169:
1165:
1155:
1152:
1137:
1135:
1134:SWOT analysis
1131:
1127:
1123:
1115:
1111:
1107:
1105:year-to-year.
1103:
1102:
1101:
1099:
1095:
1091:
1078:
1075:
1072:
1069:
1066:
1063:
1060:
1057:
1054:
1051:
1050:
1049:
1041:
1034:
1031:
1028:
1027:
1026:
1023:
1019:
1012:
1009:
1006:
1003:
1000:
999:
998:
989:
987:
982:
975:
972:
969:
965:
962:
958:
955:
954:
953:
945:
942:
939:
935:
931:
928:Based on the
921:
919:
915:
909:
906:
896:
894:
889:
885:
881:
876:
872:
869:
865:
862:
857:
854:
844:
840:
833:
830:
827:
824:
823:
822:
819:
815:
805:
803:
799:
795:
791:
787:
783:
779:
775:
772:The required
770:
761:
758:
757:
752:
751:United States
747:
744:
740:
736:
732:
728:
718:
716:
712:
708:
704:
699:
697:
692:
690:
686:
682:
677:
674:
668:
666:
662:
658:
654:
650:
646:
642:
638:
634:
630:
629:effectiveness
626:
622:
618:
607:
602:
600:
595:
593:
588:
587:
585:
584:
576:
573:
571:
568:
566:
563:
561:
560:Error account
558:
556:
553:
551:
548:
547:
540:
539:
531:
528:
526:
523:
521:
518:
516:
513:
512:
505:
504:
496:
493:
491:
488:
486:
483:
482:
475:
474:
466:
463:
461:
458:
456:
453:
451:
448:
446:
443:
442:
438:
433:
432:
424:
423:Trial balance
421:
419:
415:
412:
410:
407:
405:
404:FIFO and LIFO
402:
400:
397:
395:
392:
390:
387:
386:
382:
377:
376:
368:
365:
363:
360:
358:
355:
353:
350:
348:
345:
343:
342:Balance sheet
340:
338:
337:Annual report
335:
334:
330:
325:
324:
316:
313:
311:
308:
306:
303:
301:
298:
296:
293:
291:
288:
287:
283:
278:
277:
269:
266:
264:
261:
259:
256:
254:
251:
249:
246:
244:
241:
239:
235:
232:
230:
227:
225:
222:
220:
217:
216:
209:
208:
200:
197:
195:
192:
190:
187:
185:
182:
180:
177:
175:
174:Going concern
172:
170:
167:
165:
162:
160:
157:
155:
152:
150:
147:
146:
139:
138:
130:
127:
125:
122:
120:
117:
115:
112:
110:
107:
105:
102:
100:
97:
95:
92:
90:
87:
85:
82:
81:
74:
73:
67:
64:
62:
59:
57:
54:
52:
49:
48:
46:
45:
41:
37:
36:
33:
30:
29:
25:
21:
20:
2090:
2085:
2077:
2072:
2064:
2059:
2040:
1993:
1958:
1939:
1917:. Retrieved
1907:
1896:. Retrieved
1886:
1875:. Retrieved
1871:the original
1861:
1853:
1848:
1831:
1827:
1821:
1812:
1788:. Retrieved
1784:the original
1779:
1770:
1758:. Retrieved
1754:the original
1749:
1740:
1731:
1721:
1711:, retrieved
1689:
1680:
1669:. Retrieved
1659:
1648:. Retrieved
1639:
1628:. Retrieved
1624:the original
1614:
1605:
1596:
1585:. Retrieved
1575:
1564:. Retrieved
1552:
1541:. Retrieved
1537:the original
1527:
1502:
1498:
1491:
1466:
1462:
1456:
1439:
1435:
1429:
1417:
1395:
1320:
1309:
1288:Risk capital
1273:
1262:
1199:
1190:
1186:
1182:
1161:
1148:
1140:Other topics
1119:
1097:
1093:
1087:
1077:Timeliness –
1076:
1070:
1064:
1058:
1052:
1047:
1038:
1024:
1020:
1016:
995:
983:
979:
951:
943:
927:
910:
902:
877:
873:
858:
850:
841:
837:
816:. Under the
811:
771:
767:
754:
750:
748:
724:
700:
693:
683:(or similar
678:
669:
616:
615:
495:Luca Pacioli
449:
416: /
236: /
234:Depreciation
142:Key concepts
114:Governmental
1760:12 December
508:Development
485:Accountants
381:Bookkeeping
300:Convergence
258:Liabilities
189:Materiality
77:Major types
2111:Categories
1919:2014-03-26
1898:2013-09-04
1877:2013-09-04
1813:theiia.org
1790:3 December
1713:2020-11-14
1671:2013-09-04
1650:2015-06-16
1630:2013-09-04
1606:theiia.org
1587:2013-09-04
1566:2013-09-04
1543:2013-09-04
1385:References
1269:and others
1234:Compliance
1090:strategies
1065:Accuracy –
960:necessary.
938:audit plan
859:Under the
782:evaluation
778:management
673:compliance
641:governance
625:consulting
543:Misconduct
169:Fair value
119:Management
61:Management
32:Accounting
1519:145381015
1483:154999202
1071:Brevity –
1059:Clarity –
794:oversight
685:oversight
649:integrity
645:processes
621:assurance
565:Hollywood
445:Financial
347:Cash-flow
104:Financial
2122:Auditing
1369:IS audit
1327:See also
1313:Big Data
1084:Strategy
1048:Source:
967:audited.
786:auditors
665:auditors
550:Creative
520:Research
450:Internal
437:Auditing
253:Goodwill
248:Expenses
99:Forensic
24:a series
22:Part of
1278:, as a
1276:capital
920:below.
753:of the
737:firms,
709:of the
637:control
515:History
409:Journal
268:Revenue
154:Accrual
2097:
2051:
1946:
1704:
1517:
1481:
1393:about
1345:(COSO)
1298:, and
1259:above.
1236:, and
1132:, and
936:. The
460:Report
414:Ledger
357:Income
352:Equity
263:Profit
243:Equity
219:Assets
124:Social
89:Budget
1561:(PDF)
1515:S2CID
1479:S2CID
1315:is a
880:fraud
790:audit
776:from
455:Firms
84:Audit
2095:ISBN
2049:ISBN
1944:ISBN
1792:2013
1762:2013
1702:ISBN
1162:The
861:COSO
818:COSO
694:The
659:and
651:and
639:and
623:and
224:Cash
109:Fund
94:Cost
1836:doi
1694:doi
1507:doi
1471:doi
1444:doi
1422:IIA
1216:).
733:by
631:of
129:Tax
66:Tax
2113::
2047:.
2043:.
2032:^
2024:,
2008:^
2000:,
1985:,
1973:^
1965:,
1928:^
1832:86
1830:.
1811:.
1800:^
1778:.
1748:.
1730:.
1700:,
1688:,
1604:.
1513:.
1503:14
1501:.
1477:.
1467:84
1465:.
1440:31
1438:.
1302:.
1294:,
1290:,
1267:,
1248:.)
1204:,
1136:.
1128:,
988:.
635:,
26:on
1952:.
1922:.
1901:.
1880:.
1842:.
1838::
1815:.
1794:.
1764:.
1734:.
1696::
1674:.
1653:.
1633:.
1608:.
1590:.
1569:.
1546:.
1521:.
1509::
1485:.
1473::
1450:.
1446::
605:e
598:t
591:v
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
