ECPAs Activities during internal auditing process
Below are the key things ECPAs as an internal auditor does. Within these areas, it is important to think of the ECPAs as the organizations critical friend – someone who can challenge current practice, champion best practice and be a catalyst for improvement, so that the organization as a whole achieves its strategic objectives
- Evaluating controls & advising managers at all levels.
ECPAs Internal audit’s role in evaluating the management of risk is wide ranging because everyone from the mailroom to the boardroom is involved in internal control. The ECPAs internal auditor’s work includes assessing the tone and risk management culture of the organization at one level through to evaluating and reporting on the effectiveness of the implementation of management policies at another.
It is management’s job to identify the risks facing the organization and to understand how they will impact the delivery of objectives if they are not managed effectively. Managers need to understand how much risk the organization is willing to live with and implement controls and other safeguards to ensure these limits are not exceeded. Some organizations will have a higher appetite for risk arising from changing trends and business/economic conditions. The techniques of internal auditing have therefore changed from a reactive and control-based form to a more proactive and risk-based approach. This enables the ECPAs internal auditors to anticipate possible future concerns and opportunities providing assurance, advice and insight where it is most needed.
- Analyzing operations & confirm information
Achieving objectives and managing valuable organizational resources requires systems, processes and people. ECPAs Internal auditors work closely with line managers to review operations then report their findings. The ECPAs internal auditors are versed in the strategic objectives of their organization and the sector in which it operates in, so that they have a clear understanding of how the operations of any given part of the organization fit into the bigger picture.
- Working with other assurance providers
Providing assurance to executive management and the board’s audit committee that risks are being managed effectively is not the exclusive domain of ECPAs internal audit role. There are likely to be other assurance providers who perform a similar role. This can include:
- Risk management professionals
- Compliance officers
- Fraud investigators
- Quality managers
Security experts …etc.