Abut this bk The CIA certificatin has 4 parts. The CCSA exam and the CGAP exam are single part specialty exams. The CIA exam parts are: PART 1 THE INTERNAL AUDIT ACTIVITY S ROLE PART 2 CONDUCTING THE INTERNAL AUDIT ENGAGEMENT PART 3 BUSINESS ANALYSIS AND INFORMATION TECHNOLOGY PART 4 BUSINESS MANAGEMENT SKILLS D nte that many f the CIA/CCSA/CGAP knwledge areas are verlapped (even thugh they are differently labeled). My suggestin is that yu g thrugh ALL TOPICS befre taking any f the individual exam mdules. D NOT study n a per mdule basis. Instead, treat all f them as a whle - this will guarantee that yu dn t get tripped up when similar questins shw up n different exam parts. And knw the IPPF inside and ut. Many crrect answers cme ut frm the IPPF. The IPPF NOW we are dealing with the Internatinal Prfessinal Practices Framewrk (IPPF), which is the cnceptual framewrk that rganizes authritative guidance prmulgated by the IIA. Yu just need t memrize it. The entire cntent can be viewed nline via this lcatin (we cannt reprint the IPPF dcuments here due t cpyright restrictins): http://www.theiia.rg/guidance/standards-and-guidance/ Study Psychlgy & Exam Tactics Always plan ahead! Always maintain a psitive attitude. Prepare systematically using ExamReview Pr materials. Ensure yu have enugh sleep! Health is essential fr maintaining a fighting spirit. 8
Arrive at the test center in time t have a margin f safety. Dress yurself in a manner with emphasis n cmfrt. Always have a cat ready just in case the A/C is way t pwerful. Read the exam instructins carefully befre answering the first questin. The Internal Auditing Prcess Yu need t knw the fundamentals f internal auditing. Mst CIA PART ONE study text bks in the market fail t give a cmplete and clear picture f the auditing prcess as a whle. We will fill this gap here. What is auditing? What abut Internal Auditing? An audit is a management instrument which can identify the imprvement ptential f business prcesses (prcess audit) r f the management system as a whle (system audit). At the same time, audits allw the supervisin f already started measures. Audits therefre help t imprve the effectiveness f management systems and cnsequently the whle cmpany rganizatin 1. An audit: cmpares yu actual prcess against yur dcumented prcess reprts t what extent yu are fllwing yur dcument prcess. acts as a verificatin exercise - if yu think yu are fllwing yur dcumented prcess but yu d nt verify this with an audit, there is a very gd chance that yu are nt actually fllwing yur wn prcesses. the audit prcess is nt a prcess f criticizing anyne r anything in any way in fact ne may find it beneficial t request fr an audit. Fr example, an audit can review administrative prcedures t assess whether internal cntrls in a business unit are adequate. It is als beneficial t assess the system cntrls and mdified ffice prcedures when new systems are put in place. The gal f Internal Auditing is t supprt executive management and the bard f directrs in carrying ut crprate gvernance. In a brader sense, the bjective f internal auditing can be seen as assisting members f the rganizatin in the effective discharge f their respnsibilities. T achieve such purpse, internal auditing furnishes them with analyses, appraisals, recmmendatins, cunsel, and infrmatin cncerning the activities reviewed. 1 http://www.experteam.de/starte/leistungen/themen/swqualitaetsmanagement/auditierung.html 9
The typical gals f Internal Auditing may include: Evaluating the sundness and adequacy f the internal cntrl structure. Assessing cmpliance with plicies, plans, prcedures, laws, and regulatins. Verifying the existence f assets and ensuring that they are prperly accunted fr and safeguarded frm lsses f all kinds. Cnducting special examinatins and reviews requested by management including investigating reprted ccurrences f fraud, embezzlement, theft, waste, etc., and recmmending cntrls t prevent r detect such ccurrences. Evaluating the ecnmy and efficiency with which resurces are emplyed, and recmmending imprvements in peratins. Evaluating the reliability and integrity f management data by reviewing general cntrls and cmputer security prcedures ver data prcessing. Determining the extent t which established bjectives and gals fr peratins r prgrams are being accmplished. Internal cntrl audit bjectives are ften related t management s plans, methds, and prcedures expected t meet its missin, gals, and bjectives. Internal cntrl includes and nt limits t thse prcesses and prcedures fr planning, rganizing, directing, and cntrlling prgram peratins, and the system that has been put in place fr measuring, reprting, and mnitring prgram perfrmance. Sme examples f these audit bjectives include: Organizatinal gals, and bjectives are achieved effectively and efficiently Resurces are used in cmpliance with laws, regulatins, r ther requirements, and are safeguarded against unauthrized acquisitin, use, r dispsitin Management infrmatin and reprts that are prduced are cmplete, accurate, and cnsistent t supprt perfrmance and decisin-making Security ver cmputerized infrmatin systems can truly prevent r detect unauthrized access Cntingency planning can prevent unwarranted disruptin f activities Internal Audit functin in the mdern days Internal Audit's primary activity shuld be the cnduct f a prgram f regular audits f the rganizatin's business peratins. Hwever, as the business envirnment has evlved ver time, it is quite cmmn fr the audit functin t be expanded t include certain additinal activities: 10
Internal Audit may need t cnduct investigatins int suspected financial irregularities whether reprted by whistleblwers, uncvered in the curse f regular audits, r based upn cncerns cnveyed by management. Internal Audit may need t prvide advisry services, which encmpasses a brad array f activities beynd regular audits. These additinal activities are ften practive r preventive in nature and are ften fcused n: Internal Cntrl & Accuntability Special Prjects and Cnsultatins Systems Develpment and Reengineering Other needs The internal audit department shuld have a prject management system in place which captures the fllwing infrmatin: Type f audit prject Line f business invlved Hurs budgeted Actual hurs expended Draft reprt issuance date Final reprt issuance date Types f Internal Audit Auditable activities may include and may nt be limited t the fllwing: Plicies, prcedures and practices Cst centers, prfit centers and investment centers General ledger accunt balances Infrmatin systems 11
Cntracts and prgrams Organizatinal units Essential business functins and prcesses Transactin systems Financial statements Laws and regulatins The general categries f internal audit reviews may include: FINANCIAL AUDITS, which address questins f accunting, recrding, and reprting f financial transactins. COMPLIANCE AUDITS, which seek t determine if departments are adhering t Federal, State, and rganizatin rules, regulatins, plicies, and prcedures. OPERATIONAL AUDITS, which examine the use f resurces t determine whether thse resurces are being utilized in the mst efficient and effective way. This kind f audit may include elements f a cmpliance audit, a financial audit, and an infrmatin systems audit. INVESTIGATIVE AUDITS, which are perfrmed as needed, with a fcus n alleged vilatins f federal and state laws and f rganizatin plicies and regulatins. This kind f audit may result in prsecutin r disciplinary actin. INFORMATION SYSTEMS AUDITS, which address the internal cntrl envirnment f autmated infrmatin prcessing systems and hw these systems are being used. NOTE: An peratinal audit is a full analysis f every prcess r task that drives, impacts and r influences yur business. Yu may want t have a full peratinal audit dne at least nce every five years, althugh usually it wuld be the easiest t maintain if the interim audits fcus n a business unit r specific task area that will impact results. Financial audits are cncerned with prviding reasnable assurance n whether financial statements are presented fairly in all material respects in cnfrmity with the generally accepted accunting principles (GAAP) assuming the audits take place in the US. Sme ther bjectives f financial audits may include prviding special reprts fr specified elements, accunts, r items f a financial statement; reviewing interim financial infrmatin; reprting n the prcessing f different transactins; auditing cmpliance with regulatins relating t federal award expenditures and ther gvernmental financial assistance etc. Attestatin engagements deal primarily with examining, reviewing, r perfrming agreed upn prcedures n a subject matter and reprting n the results. The subject matter can take many frms, such as histrical r prspective perfrmance r 12