AC 2360 – Principles of Internal Auditing
Course Project – 15 Marks
This Project is divided into two pieces, Part A and Part B. In Part A you are the manager of a company and must do a risk assessment on your business objectives. In Part B you are the Internal Auditor and must provide assurance on the risk management work done by the company.
This Project is worth 15 % of your overall course mark.
It should contain; a cover sheet, table of contents, details and schedules as laid out in Part A and B below. The Project is due to me no later than April 1, 2018. If it is late, marks will be deducted.
You should bring your work to class, and we will review each section of the Project in class.
Good Luck with this, I hope you enjoy it!
Here is the marking scheme for this project;
- Presentation / Format ( 5 % )
- Cover Page
- Table of Contents
- Bibliography
- Format
- Part A – Management’s Risk Assessment ( 65 % )
- Description of the business
- Description of the business objectives
- Description of the risks to the business objectives
- Explanation of the controls to manage the risks
- Assessments (assertions) on risk management status
- Preparation of schedules / templates
- Part B – Internal Audit Assurance ( 30 % )
- Review of each risk and control
- Audit opinion of each control
- Audit summary and conclusions of risk management work done
PART A – MANAGEMENT’S RISK ASSESSMENT
This part is written narrative;
- First you should give a brief description of your business so that I have an idea of what your business is, and what it is trying to achieve.
- Next you need to establish your business objectives (things you want to achieve). You need one Strategic Objective, two Operational Objectives, two Reporting Objectives (internal / external), and one Compliance Objective. (six objectives in total)
- Now you need to determine and explain one risk for each of the six objectives.
- Then you need to explain what controls you need to put in place to manage these risks.
- Next you need to assess each objective / risk based on impact and likelihood, on a scale of 1 – 5.
- Now make management assertions (statements) on your ability to achieve each of you six business objectives, based on your assessments.
This next part is filling in the templates and risk matrix;
- Complete the attached Managing Risk Worksheet – Schedule 1.
- Complete an Identification of Critical Risks Graph – Similar to Schedule 2.
PART B – INTERNAL AUDIT ASSURANCE
This part is written narrative.
- First you should provide a review (test) of each of the six risks and controls.
- Next you should prepare an opinion of each control. Does it reduce the risk to an acceptable level?
- Now provide an Audit Summary and conclusions on the risk management work done by the business. What level of assurance can you provide senior management and the Audit Committee that the risks are being managed to their expectations?
This next part is filling in the template;
- Complete the Internal Audit Review of Controls Worksheet – Schedule 3
SCHEDULE 1. MANAGING RISK WORKSHEET
OBJECTIVE RISK CONTROL ASSESSMENT (1-5)
- ——————— ———————— Impact / Likelihood
- ——————— ————————- Impact / Likelihood
- ———————- ————————- Impact / Likelihood
- ______________ ________________ Impact / Likelihood
- _______________ ________________ Impact / Likelihood
- _______________ ________________ impact / Likelihood
SCHEDULE 2. IDENTIFICATION OF CRITICAL RISKS (L/M/H)
IMPACT
0
5 | |||||
4 | |||||
3 | |||||
2 | |||||
1 | |||||
1 | 2 | 3 | 4 | 5 |
LIKELIHOOD
SCHEDULE 3. AUDIT REVIEW OF CONTROLS WORKSHEET
MANAGEMENT AUDIT OPINION
RISK CONTROL ASSESSMENT AGREE / DISAGREE
1.
2.
3.
4.
5.
6.