Adjusting SOX with Risk Based Audit Planning

1839 days ago, 691 views
PowerPoint PPT Presentation

Presentation Transcript

Slide 1

Adjusting SOX with Risk Based Audit Planning The Institute of Internal Auditors March 9, 2004 Dave Richards, CIA, CPA Director, Internal Auditing FirstEnergy Corporation

Slide 2

Balancing SOX with Risk Based Audit Planning Introduction & Overview Dave Richards, FirstEnergy Finding the Balance Brian Appleton, National Penn Bancshares Year 2 Audit Planning Carl Balderson, Pinnacle West Capital Balancing Issues for Large Shops Peg Weir, United States Postal Service Break Q & A

Slide 3

Key Balancing Issues 1. Inclusion in SOX 404 Work 2. Desires of AC & Sr. Mgt 3. Hazard Model Impacts 4. Accentuation on Financial Audits 5. Expanded IT General Controls Topics 6. Utilizing 404 Results to Drive Audits 7. Managing SOX Issues 8. Affect on External Auditor Relationship & Work Support

Slide 4

Key Balancing Issues 9. Utilizing 404 Model for Operational & Compliance Topics 10. Staff Productivity Enhancements 11. IAD Tools for Control Assessments 12. Turn of Audit Topics??? 13. Expanding on SOX 404 Work 14. IAD Customer Relationships 15. Affect on Audit Contingency 16. Interior Control Opinions in Audits

Slide 5

Finding the Balance Brian T. Appleton, CIA, MBA,CDP Executive Vice President Director of Internal Audit National Penn Bancshares

Slide 6

Overview of Company Size Audit Division Client Focused Philosophy Process Owner Class

Slide 7

Status of 404 Tone at the top How 404 is actualized has any kind of effect High level hazard appraisal finished Documentation stage in advance

Slide 8

Balance Identify the organizing plan Complement, not supplement Be adaptable and innovative Focus your extension Standardize the documentation Take a more critical take a gander at circumstances Management Audit

Slide 9

Impact on Internal Clients Creates a more modern demographic Fosters consistency in structure Increases responsibility for results Promotes prepare proprietorship by administration

Slide 10

Impact on Audit Approach Enhance evaluator learning Career development opportunity Role of inspectors as facilitators Expansion of expertise set to instructor Springboard impact Operational and consistence reviews Control Self Assessment Enterprise Risk Management

Slide 11

Benefit to Audit Committee Stronger affirmation of controls Create new measurements Published responsibility through sign-offs

Slide 12

Summary Identify the progressions, discover an adjust Allocate assets early Sell the advantage to the organization Find and distribute the positives Think of SOX 404 as supplementing review scope

Slide 13

Year 2 Audit Planning Carl Balderson, CIA, CPA, CFE Director of Audit Services Pinnacle West Capital Corporation

Slide 14

Re-adjusting is proceeded with development Changed review board of trustees desires Changed administration desires Driving Change

Slide 15

Increase administration familiarity with interior controls Audit client responsiveness Greater accentuation on IT examining Verify quarterly survey for IC changes Impacts of SOX

Slide 16

Risk based arranging with pre-SOX strategy What we Think is required for SOX Follow-up open issues Test changed process documentation Test Key controls Integrate to stay away from duplication Alternate profundity of endeavors with future years Allocate accessible assets Planning Steps

Slide 17

Automated Work Papers Productive Time Targets Emphasize Project Budgets In-house and Local Training Productivity Initiatives

Slide 18

Small number of hours unallocated Renewed accentuation on "Stop & Go" evaluating Administrative right hand/secretary versus para-proficient evaluator Be more particular in what we address Contingency Planning

Slide 19

Integrate SOX consistence and hazard administration forms Examine chance administration forms for effectiveness Documentation of new frameworks Integrate SOX documentation with business resumption arranges Utilize documentation for preparing Driving Long-Term Value

Slide 20

Balancing Issues for Large Shops Margaret (Peg) Weir Manager, Internal Control Group United States Postal Service

Slide 21

Independent government element Self-maintaining Annual working income +/ - $70B Second biggest regular citizen boss 38,000 Post Offices Office of Inspector General United States Postal Service

Slide 22

Internal Control Group CFO vision Established ICG association Complements OIG work "End-to-end" handle Looks for efficiencies and dangers of wasteful aspects

Slide 23

Internal Audit-Internal Control "Approach versus Prepare" Internal Audit - Financial Statements decently speak to operations Monies Expenses Work hours Assets Internal Control - Reasonable Assurance – accomplishment of major business objectives Reliability Exist, compelling, productive Compliance with laws/directions

Slide 24

Internal Control Group Identify chance through information and process examination Partner with process proprietor to moderate organized hazard Analyze patterns and markers Conduct inward control surveys Develop enhanced controls to meet objectives and destinations

Slide 25

Sarbanes-Oxley Act Voluntarily receiving parts of Section 404 Makes great marketing prudence

Slide 26

Internal Control Group Senior administration gives guidance and oversight Focus in view of: Guidance Risk investigation Risk prioritization Resources bolster command

Slide 27

Internal Control Group all inclusive from corporate to nearby Interdependencies versus stovepipes Partnership with process proprietors Data driven Targeted surveys Standardized approach utilizing COSO structure Root sources Meaningful suggestions to enhance controls Reasonable affirmation objectives & goals will be met

Slide 28

Internal Control Group Status Implemented preparatory exercises of COSO system Adjusted as lessons scholarly Developing extra preparing Enhancing the investigative & reporting device

Slide 29

Internal Control Group Internal Control Group supplements inside review handle Internal Control Group bolsters execution based culture Internal Control Group sets up establishment for long haul venture wide upgrades and efficiencies Internal Control Group is alterable & advancing

Slide 30

Conclusions SOX 404 WILL IMPACT what we do What affect it has must be overseen Upfront drivers for effect must be comprehended Changes in approach, scope, & comes about desires must be conveyed AC, Sr. Mgt. & IAD Customers must perceive the effect on distinguishing & performing work IAD must be more gainful to meet this test External Auditor relationship must be overseen

Slide 31

Next Webcast April 13, 2004 " Strategies for Internal & External Relationships " See you at our next webcast!