KPMG in East Africa, News

News

Quality Assurance Review of the internal audit function

Are you getting the full benefit of your assessment?
Today, more than ever, there is increased demand for the internal audit function to add value to the organisation. Executive management is relying more on internal audit to identify, measure and control business risks. Audit committees are asking tough questions about the quality and effectiveness of their internal audit functions. The regulatory authority including Capital Market Authority, central government regulations and Central Bank of Kenya expect internal audit to be the eyes of the Audit Committees. There is increased scrutiny of the function.

The changing business environment and ever-changing stakeholders’ expectations are not making the work of the internal audit any easier. Globalisation, organisational down-sizing, new technologies, development of e-commerce and changes in executive management are a few examples of the forces driving change in internal audit.
Further, the scope of internal audit has expanded to include review of risk management and governance processes. Considering all these challenges, the demand to assess, benchmark and report on internal audit performance has increased.

Quality assurance review

The Institute of Internal Auditors (IIA) acknowledges the need for the internal audit activity to meet stakeholders’ expectations and provide value-added services to their organisations and has issued a standard on Quality Assurance and Improvement Programme.

This requires periodic internal and external quality assessments and ongoing internal monitoring to help internal audit departments and to provide assurance that the internal audit activity is in conformity with the Standards and the Code of Ethics. The standard also requires external assessments, such as quality assurance reviews, to be conducted at least once every five years by a qualified, independent reviewer or review team.

Quality Assurance Review should most importantly identify opportunities and offer ideas to the Chief Audit Executive and internal audit staff for improving their performance and that of the internal audit function.

Internal audit adding value?

There are a number of questions that can help you determine whether your internal audit function is adding value to your organisation, such as:

Is the internal audit plan risk-based? Does it cover the right risks, thus supporting the organisation in achieving its corporate objective? Is the function focused on a wide view of risks that go beyond business processes and focus on environmental factors (e.g. competitor, political, regulatory) for decision making?
Does the internal audit function operate efficiently? Is there an appropriate match between the skills of its auditors and the type of audit work it requires? What should the cost of internal audit be? Are there mechanisms in place to continuously improve the audit process? Does it have a training and development strategy that is aligned with audit’s strategic imperatives?
Is the function seen as the ‘first port of call’ for advice or resource in the event of a problem in a business area? Is it in demand as an internal consultant that can help improve processes and controls, and reduce costs?
Is the function perceived as a business partner – helping management achieve their objectives in a controlled manner?
Is internal audit appropriately sponsored to allow it to deliver the service required? Is it appropriately positioned on Management’s agenda?
Does the internal audit develop effective communication strategies which impel management and employees to take action?
Does internal audit report to an independent Audit Committee and is this done frequently?

Internal auditor

Internal auditors should adhere to the guidance set forth in the Code of Ethics and the Standards. They should pursue and achieve individual certification, conduct internal assessments, and ensure that their functions undergo an independent, external quality review to validate compliance.

A quality assurance and improvement programme that helps the internal audit function add value and comply with the Standards and the Code of Ethics should be developed.
It should cover all aspects of the internal audit activity and continuously monitor its effectiveness.

Johnson Kamau (johnsonkamau@kpmg.co.ke) is a manager in KPMG Kenya’s Internal Audit Services Unit. For further information contact him or David Leahy, Director - Internal Audit Services, on davidleahy@kpmg.co.ke or tel:
+254 – 20 – 2806142.

For a printer friendly version, click here.

quality_assurance_review.pdf, Size: 84.1 KB

<< back

© 2009 KPMG East Africa Limited, a Limited Liability Company and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved.

KPMG Online Privacy Statement and Disclaimer

KPMG Training Calendar

January to December 2009

At KPMG we turn knowledge into value for our clients; we are ready to share this knowledge with you through our training programs. Please Download our Training Calendar and the Course Reservation Form. Fill in the form, sign it and fax it to the attention of Agnes Ndegwa on Fax +254 20 2215695 or Tel +254 20 2806000 for more information.

KPMG Training Solutions

Training Calendar for 2009

Achieve all your goals this year. We have many programmes that can assist you towards meeting your organisational objectives.
Download calendar

Careers

Exciting Career Opportunities

As one of the worlds leading business advisers, we recognise that our success relies entirely on the resourcefulness, motivation and diversity of our people. Click here for more details

KPMG Information

KPMG Industries

KPMG member firms deliver a range of professional services to businesses around the world. Learn more now