Emphasis on Risk Approach 

The primary role of internal audit function is to  support an organization in achieving its  objectives. By definition, the internal audit  function provides a systematic approach to  evaluate and improve the effectiveness of risk  management and governance processes.  

The mission of internal audit is to protect and  increase organizational value. This is done by  providing risk based and objective assurance,  insight and advice. The Core Principles of Internal Auditing as listed by the Institute of  Internal Auditors include, inter alia, providing  risk-based assurance and aligning internal  audit activity with the strategies, objectives  and risks of the organization.  

Risk Assessment and Audit Planning 

Internal Audit is expected to evaluate the  organization’s governance, risk management  and control processes using a systematic and  risk-based approach.  

While evaluating the risk management  processes, the internal auditor should  determine if 

1) The organization’s objectives align with  their mission  

2) Significant risks are identified and assessed 

3) the response to identified risks are  appropriate, given the level of risk appetite of  the organization. 

The internal auditor is also expected to evaluate the potential for fraud risk in the  organization and also the efforts taken by the  organization to manage such risks. 

Evaluation of Controls 

While performing internal audit engagement  field work, the auditor should evaluate if  adequate controls exist to mitigate the risks  identified. And such controls must be designed  and operating effectively.  

Reporting and Follow Up: 

While reporting on the findings of the audit, the  internal auditor should highlight the risks that  arise out of the issues being reported. The  auditor should also indicate the impact to the  organization due to the risk exposure and lack  of adequate controls. The report should also  include recommendations detailing the  course of action to mitigate the risk for each  such finding. 

During follow up process, the internal auditor  should evaluate if action has been taken  by the management on the findings and  recommendations. If the management does  not implement the required action plan to  implement the recommendations in a timely  manner, the risk remains unmitigated  exposing the organization to strategic, financial, legal risks etc.

For enquires call @ +971 45 570 204 / Email Us : [email protected]

Related posts:

Approved auditer HFZAApproved Auditors in HFZA DMCCDMCC Approved Auditors 2023 JafzaJAFZA Approved Auditors 2023 Top Audit Firms in Dubai, UAETop Audit Firms in Dubai, UAE 2023 Guide to Internal Audit in UAEGuide to Internal Audit in UAE: What You Need to Know.