Details

<p>List of Abbreviations xi</p> <p>Foreword to Second Edition xv</p> <p>Acknowledgements xvii</p> <p><b>1 Introduction 1</b><br /> Introduction 1<br /> 1.1 Reasoning behind the Book 2<br /> 1.2 The IIA Standards and Links to the Book 3<br /> 1.3 How to Navigate around the Book 4<br /> 1.4 The Handbook as a Development Tool 7<br /> 1.5 The Development of Internal Auditing 7<br /> Summary and Conclusions 19<br /> References 21</p> <p><b>2 Corporate Governance Perspectives 23</b><br /> Introduction 23<br /> 2.1 The Agency Concept 24<br /> 2.2 Corporate Ethics and Accountability 29<br /> 2.3 International Scandals and their Impact 39<br /> 2.4 Models of Corporate Governance 47<br /> 2.5 Putting Governance into Practice 73<br /> 2.6 The External Audit 87<br /> 2.7 The Audit Committee 120<br /> 2.8 Internal Audit 136<br /> 2.9 The Link to Risk Management and Internal Control 141<br /> 2.10 Reporting on Internal Controls 142<br /> 2.11 New Developments 146<br /> Summary and Conclusions 159<br /> Assignment Questions 161<br /> Multi-choice Questions 161<br /> References 168</p> <p><b>3 Managing Risk 173</b><br /> Introduction 173<br /> 3.1 What Is Risk? 175<br /> 3.2 The Risk Challenge 176<br /> 3.3 Risk Management and Residual Risk 179<br /> 3.4 Mitigation through Controls 182<br /> 3.5 Risk Registers and Appetites 186<br /> 3.6 The Risk Policy 192<br /> 3.7 Enterprise-wide Risk Management 203<br /> 3.8 Control Self-assessment 213<br /> 3.9 Embedded Risk Management 218<br /> 3.10 The Internal Audit Role in Risk Management 221<br /> 3.11 New Developments 230<br /> Summary and Conclusions 236<br /> Assignment Questions 237<br /> Multi-choice Questions 238<br /> References 242</p> <p><b>4 Internal Controls 245</b><br /> Introduction 245<br /> 4.1 Why Controls? 245<br /> 4.2 Control Framework – COSO 255<br /> 4.3 Control Framework – CoCo 264<br /> 4.4 Other Control Models 267<br /> 4.5 Links to Risk Management 272<br /> 4.6 Control Mechanisms 274<br /> 4.7 Importance of Procedures 285<br /> 4.8 Integrating Controls 287<br /> 4.9 The Fallacy of Perfection 289<br /> 4.10 Internal Control Awareness Training 292<br /> 4.11 New Developments 299<br /> Summary and Conclusions 301<br /> Assignment Questions 302<br /> Multi-choice Questions 303<br /> References 309</p> <p><b>5 The Internal Audit Role 311</b><br /> Introduction 311<br /> 5.1 Why Auditing? 311<br /> 5.2 Defining Internal Audit 313<br /> 5.3 The Audit Charter 325<br /> 5.4 Audit Services 334<br /> 5.5 Independence 340<br /> 5.6 Audit Ethics 355<br /> 5.7 Police Officer versus Consultant 363<br /> 5.8 Managing Expectations through Web Design 382<br /> 5.9 Audit Competencies 386<br /> 5.10 Training and Development 393<br /> 5.11 New Developments 403<br /> Summary and Conclusions 410<br /> Assignment Questions 412<br /> Multi-choice Questions 412<br /> References 420</p> <p><b>6 Professionalism 421</b><br /> Introduction 421<br /> 6.1 Audit Professionalism 421<br /> 6.2 Internal Auditing Standards 429<br /> 6.3 Due Professional Care 453<br /> 6.4 Professional Consulting Services 457<br /> 6.5 The Quality Concept 459<br /> 6.6 Defining the Client 469<br /> 6.7 Internal Review and External Review 470<br /> 6.8 Tools and Techniques 478<br /> 6.9 Marketing the Audit Role 483<br /> 6.10 Continuous Improvement 491<br /> 6.11 New Developments 494<br /> Summary and Conclusions 495<br /> Assignment Questions 497<br /> Multi-choice Questions 497<br /> References 502</p> <p><b>7 The Audit Approach 505</b><br /> Introduction 505<br /> 7.1 The Systems Approach 506<br /> 7.2 Control Risk Self-assessment (CRSA) 523<br /> 7.3 Facilitation Skills 531<br /> 7.4 Integrating Self-assessment and Audit 539<br /> 7.5 Fraud Investigations 543<br /> 7.6 Information Systems Auditing 586<br /> 7.7 Compliance 636<br /> 7.8 VFM, Social and Financial Audits 642<br /> 7.9 The Consulting Approach 653<br /> 7.10 The ‘Right’ Structure 669<br /> 7.11 New Developments 675<br /> Summary and Conclusions 677<br /> Assignment Questions 677<br /> Multi-choice Questions 678<br /> References 694</p> <p><b>8 Setting an Audit Strategy 697</b><br /> Introduction 697<br /> 8.1 Risk-based Strategic Planning 698<br /> 8.2 Resourcing the Strategy 714<br /> 8.3 Managing Performance 722<br /> 8.4 Dealing with Typical Problems 737<br /> 8.5 The Audit Manual 745<br /> 8.6 Delegating Audit Work 758<br /> 8.7 Audit Information Systems 761<br /> 8.8 Establishing a New Internal Audit Shop 771<br /> 8.9 The Outsourcing Approach 778<br /> 8.10 The Audit Planning Process 789<br /> 8.11 New Developments 802<br /> Summary and Conclusions 807<br /> Assignment Questions 810<br /> Multi-choice Questions 811<br /> References 825</p> <p><b>9 Audit Field Work 827</b><br /> Introduction 827<br /> 9.1 Planning the Audit 827<br /> 9.2 Interviewing Skills 839<br /> 9.3 Ascertaining the System 858<br /> 9.4 Evaluation 864<br /> 9.5 Testing Strategies 877<br /> 9.6 Evidence and Working Papers 896<br /> 9.7 Statistical Sampling 909<br /> 9.8 Reporting Results of the Audit 920<br /> 9.9 Formal Presentations 953<br /> 9.10 Audit Committee Reporting 960<br /> 9.11 New Developments 964<br /> Summary and Conclusions 970<br /> Assignment Questions 973<br /> Multi-choice Questions 974<br /> References 1006</p> <p><b>10 Meeting the Challenge 1009</b><br /> Introduction 1009<br /> 10.1 The New Dimensions of Internal Auditing 1009<br /> 10.2 The Audit Reputation 1010<br /> 10.3 Globalization 1012<br /> 10.4 Examples 1014<br /> 10.5 Meeting the Challenge 1015<br /> Summary and Conclusions 1023<br /> Multi-choice Questions 1024<br /> References 1025</p> <p>Appendix A Induction/Orientation Programme 1027</p> <p>Appendix B CRSA Best Practice Guide 1029</p> <p>Appendix C A Poem by Professor Gerald Vinten 1033</p> <p>Appendix D Analytical Techniques by Sue Seamour 1037</p> <p>Appendix E Multi-choice Questions: Answer Guide 1041</p> <p>Index 1057</p>

<b>K H Spencer Pickett MSc FCCA MIIA</b> <b>FIIA CFE ASSOC.CIPD (London, UK)</b> is a course director specialising in internal audit, risk management and fraud awareness training. Spencer has authored 12 books published by John Wiley and Sons (Inc and UK). He is a member of ACCA Corporate Governance and Risk Management Committee, a member of ACCA Internal Audit Members Network, and is an executive committee member of the UK’s Control Risk Self Assessment Forum.

The first edition of <i>The Internal Auditing Handbook</i> received wide acclaim from readers and became established as one of the definitive publications on internal auditing. The second edition was released soon after to reflect the rapid progress of the internal audit profession. There have been a number of significant changes in the practice of internal auditing since publication of the second edition and this revised third edition reflects those changes. The third edition of <i>The Internal Auditing Handbook</i> retains all the detailed material that formed the basis of the second edition and has been updated to reflect the Institute of Internal Auditor’s (IIA) International Standards for the Professional Practice of Internal Auditing. Each chapter has a section on new developments to reflect changes that have occurred over the last few years. The key role of auditors in reviewing corporate governance and risk management is discussed in conjunction with the elevation of the status of the chief audit executive and heightened expectations from boards and audit committees. Another new feature is a series of multi-choice questions that have been developed and included at the end of each chapter. <p>This edition of <i>The Internal Auditing Handbook</i> will prove to be an indispensable reference for both new and experienced auditors, as well as business managers, members of audit committees, control and compliance teams, and all those who may have an interest in promoting corporate governance.</p>

GB