内部审计与外部审计的作用课件

1、 Role of Internal and External Audit内部审计与外部审计的作用Federal Reserve System1Outline of the Discussion提纲 Specific roles of internal and external audit 内部审计与外部审计的作用Interaction with external audit 与外部审计的互动Effectiveness of the internal audit function 内部审计的有效性Analysis of the quality of audit work 审计质量分析Levera

2、ging off internal and external audit 充分发挥内部审计与外部审计的作用2Role of Internal Audit 内部审计的作用Independent review assessment of the effectiveness of internal controls 对内部审计的有效性进行独立评估Detail oriented approach based on sufficient transaction testing 以充分交易测试为基础的细节检查Audit coverage is based on entity-wide and busine

3、ss line risks 审计内容应以公司整体风险和业务环节风险为基础3Role of External Audit外部审计的作用Opines on the appropriateness of financial statements 对财务报表是否适宜发表意见Macro level approach 宏观的方法Emphasis on an analysis of financial risk and financial condition 重点是金融风险分析和财务状况分析Legal requirements will impact the type of audit work perfo

4、rmed 法定要求会影响审计工作的类型4Role of External Audit, cont.外部审计的作用（续）Sample types of statements produced for financial institutions 给金融机构出具的各种审计报告样本Audited financial statements - holding company or bank or individual branch or balance sheet only 经审计的财务报表控股公司、银行、分行或资产负债表Directors audit 董事审计Management letter 致管

5、理层的信Statement on internal controls 对内部控制的意见5Evaluation of Internal Audit 内部审计评估Determination of the overall effectiveness of the internal audit function 内部审计部门整体效能的确定Independence 独立性Mission 职责Resources/qualifications/skills 人力/资格/技能Interaction with Senior Management 与高级管理层的交流7Audit Committee审计委员会 Ne

6、w rules on experience of Audit Committee members (qualified financial professional) and supervision of the audit department 对审计委员会成员的资历（合格的财务专业人员）及对审计部门的监管的新要求8Independence独立性Key factor in evaluating independence - reporting line 独立性评估的关键因素报告渠道Domestic - Audit Committee of the Board of Directors国内银行

7、董事会的审计委员会US branches and agencies of foreign banks - head office audit department 外资银行在美国的分行和代理行总行审计部门 Administrative reporting line to Senior Management 向高级管理层报告的行政渠道10Independence, cont.独立性（续）Ways to evaluate audit independence 评估审计独立性的方法Role of the Audit Committee 审计委员会的作用approves the annual plan

8、, salary, budgets and sign-off on annual appraisal of the auditor 批准年度计划、工资、预算，签署对审计师的年度考核regularly meets with General Auditor 定期与总审计师会面Role of management 管理层的作用provide all relevant documents 提供所有相关文件keep audit informed of major issues 让审计人员了解所有重要事件ensure that audit is invited to all major committee

9、 meetings 确保审计人员参加委员会的所有重要会议11Required CEO and CFO Certifications首席执行官和财务总监必须申明的事项CEO and CFO must certify annual and quarterly reports and attestations include 首席执行官和财务总监必须保证年报和季报以及证明中：There are no material misstatements or omission 材料真实完整Controls over financial reporting were reviewed within 90 da

10、ys and are effective 对财务报告管理的评估完成的时间在90天内，目前依然有效Any significant deficiencies or material weaknesses in internal controls or fraud were disclosed to CPA firm and Audit committee 内部控制中的重大缺陷或欺诈行为都已告知注册会计师事务所和审计委员会All material off-balance sheet transactions and other relationships with unconsolidated af

11、filiates or persons were disclosed 所有重要的表外交易及与未整合的附属机构的关系都已得到披露12Audit Resources审计的人力资源管理Sufficiency of resources 人员充足Qualifications of staff 人员的资格条件sufficient staff with expertise in technical areas 充足的人员，具备足够的专业知识Appropriate skill level and training 良好的技能水平与培训recommended one week of training per y

12、ear for each auditor 建议所有审计人员每年接受1个星期的培训14Interaction with Senior Management与高级管理层的交流Level within the organization commensurate with risk 职位应与风险相称Appropriate interaction with Senior Management 与高级管理层进行恰当的交流Prompt resolution of issues by management 管理层迅速解决问题critical component 非常关键15Selected Types of

13、Audit Coverage审计范围的类型Full scope audits 全面审计Limited scope - 部分审计Target/spot/risk audits 专项审计/现场审计/风险审计Surprise audits 突击审计Conversion/system development audits 转换审计/系统开发审计Data center and application reviews 信息中心与应用评价Specific audit reviews would be supplemented by continuous monitoring 审计检查将辅以持续监控17Int

14、ernal Audit Approach内部审计方法Establish auditable entities 确定审计对象 - e.g. identify all legal entities, departments, corporate functions, geographic locations, committees 如：确定所有的法人实体、部门、职能部室、各地机构、各委员会Analyze the risk of all auditable components using established risk factors 运用已确定的风险因子分析各审计对象的风险Determine

15、the appropriate risk 恰当地评定风险程度 - 1-very low risk 很低; 2-low risk 低; 3- medium risk 一般; 4-high risk 高; 5-very high risk 很高18Risk Assessment Methodology风险评估方法Identification of key risks within the institution separate from management 独立于管理层，识别机构的主要风险Format of the methodology 主要方法:Risk-based 风险为本Qualita

16、tive/quantitative factors 定性/定量因素Combination of risks and other factors 综合考虑风险和其他因素19Sample Factors Risk Assessment风险评估因素例举BASIC RISKS 基本风险Credit risk 信用风险Market risk 市场风险Liquidity risk 流动性风险Operations risk 操作风险Reputational risk 信誉风险Legal risk 法律风险Fraud risk 欺诈风险Trading risk 交易风险Credit and sales ris

17、k 信贷与销售风险Control environment 控制环境Reporting risk 报告风险Revenue or expense volatility 收入或支出的波动性Error impact 差错影响Nature of process 程序的性质20Transactional values/volumes 交易价值/交易量Quality of management 管理质量Reliance on data 对数据的依赖度Access to physical assets实物资产的有权使用Economic or political trends 经济或政治趋势Staff qual

18、ity and changes 人员素质与变动Degree of management judgment and quality of supervision 管理层判断能力与监管质量Product changes 产品变化Legal/regulatory impact 法律/监管影响Sample Factors Risk Assessment风险评估因素例举21Annual Audit Plan年度审计计划Based upon the risk assessment methodology 以风险评估方法为基础Normally part of a multi-year cycle - thr

19、ee to five years 通常是多年周期（3到5年）的一部分Approved by the Audit Committee or head office audit department annually with updates approved quarterly 每年由审计委员会或总行审计部门批准，更新调整每季审批justification for delaying or eliminating audits 推迟或取消审计的理由 22Audit Programs审计程序Detailed programs for each auditable area 针对所有审计领域制定详细审

20、计程序Completed during the first audit and subsequently updated 在整个审计过程中不断完善Coverage of key risks and controls in the area 应涵盖该领域的主要风险和控制措施24Audit Documentation审计文件Planning memo 准备备忘录Scope document 审计范围文件Summary of issues 问题总结Report to management 向管理层报告25Audit Work Papers 审计工作底稿record of work performed

21、 记录所做工作proper documentation and cross-referencing 准确记录及交叉引用analysis including sample methodology 分析工作方法retention requirements 保留要求Audit Reports and Work Papers审计报告与工作底稿27Audits Exception Follow-up审计特例跟踪Tracking system or method - mainly spreadsheet or automated 跟踪系统或方法主要采用电子表格或自动化方法May identify issu

22、es by high, medium or low 对问题的确定采用高、中、低三档Significant items cleared in a timely manner (30-60 days) 及时解决重要问题（30-60天）Importance of management response or lack of a response 管理层反馈的重要性28Audit Outsourcing审计的外包The performance of internal audit activities by an external party such as a CPA firm. 内部审计活动由公司外

23、部人士进行，如注册会计师事务所Other terms used: cosourcing, contracting 其他常用术语：外包、签约Issues 问题：Independence, conflict of interest, control of the work, understanding of the corporate culture,& continuity 独立性、利益冲突、工作控制、对公司文化的理解、连续性29Overall Evaluation of Internal Audit内部审计的总体评价Positive evaluation - can rely upon the work of internal audit in the risk-focused examination process 正面评价在风险为本的监管过程中，内部审计的工作值得信赖Internal Audit Issues - included in the examination report 内部审计问题在检查报告中已经论述Annual basis - analyze changes in audit including risk assessment a