Norma 2000 Administración de la Actividad de Auditoría Interna y Norma 2010 Planificación
Sign inUSAID
The director of internal audit is responsible for managing the internal audit activity effectively to ensure it adds value to the organization.
2016 · 88 pages

Abstract
This involves administering the activity in a way that ensures the work of internal audit meets the general purposes and responsibilities described in the Statute, approved by the highest authority or audit committee. The director of internal audit is responsible for managing the internal audit activity in a way that ensures the work of internal audit meets the general purposes and responsibilities described in the Statute, approved by the highest authority or audit committee. This includes ensuring that the resources of the internal audit activity are used efficiently and effectively. Effective management of the internal audit activity includes planning, communication and approval of the plan, administration of resources, policies and procedures, coordination, and reporting to the highest authority or audit committee. The director of internal audit must establish plans based on risks to determine the priorities of the internal audit activity. These plans must be consistent with the organization's goals. The internal audit plan must be based on a risk assessment, conducted at least annually. This process must take into account comments from senior management and the board. The director of internal audit must consider the acceptance of consulting work that is proposed, based on the potential of the work to improve risk management, add value, and improve the organization's operations. Those works that have been accepted must be included in the plan. The planning of the internal audit activity must be consistent with its Statute and the organization's goals. The planning process involves establishing objectives of audit/audit activities, work programs (plan and schedule of work), personnel and operational budget plans, and activity reports. When planning the audit, the internal audit director must identify the relevant risks of the activity under review. The work objectives must reflect the results of this evaluation. Objectives of the internal audit activity must be achievable within the operational plans and budgets specified, and, where possible, must be measurable. The goals must be accompanied by measurement criteria and estimated completion dates. The work programs must include the following: what activities will be performed, when they will be performed, and the estimated time required, taking into account the scope of the planned work and the nature and extent of the work performed by others. The aspects that must be considered when establishing the priorities of the work program include: dates and results of the last work, updated risk evaluations, and the effectiveness of risk management and control processes, requests from the board of directors and senior management, current topics related to the organization's governance, significant changes in the business, operations, programs, systems, and controls of the company, opportunities to achieve operational benefits, and changes and capabilities of the internal audit staff. The work programs must be flexible enough for the internal audit activity to respond to unforeseen requests. A model for risk-based planning involves identifying audit activities, determining risk factors, weighing the risk factors, determining a scale for the risk factors, evaluating, and developing audit activities.
Connected topics
Classification