Codes and Ethics for Internal Auditing (Essay Sample)

Codes and Ethics for Internal Auditing
Discussion 1
Q1 Internal Auditing seeks to provide an unbiased and objective view regarding the operations and the governance of an organization. In other words, auditing professionals play an important role in bridging a gap between the board and the management. Companies highly regard internal auditing for various reasons including assessing the ethical climate, gauging the effectiveness of the operations, and ensuring that there are compliances with rules and regulations that govern the organization. Further, internal audits deal with issues that are fundamental to the prosperity and survival of any organization.
Q2 An internal auditor is an employee in a company/organization whose role is to objectively and independently evaluate the operations of a company. The purpose of an internal auditor is to collect objective and relevant information about the organization that they serve. There are different types of audits that an internal auditor is supposed to handle which includes information technology audits, operation audits, and performance audits. On the other hand, an external auditor is tasked with reviewing the financial information of a company and compiling a report on the same. The main objective of external auditors is to investigate financial statements for frauds and errors, performing audits on operations and compiling a report on the findings and also offering recommendations to the organization. Another difference between the two is that internal auditors are employed by the organization to educate management and staff on how to run the company well. On the other, external auditors are hired by shareholders to inspect accounting records and express their professional opinion.
Q3 Both the integrity and objectivity are essential principles of internal auditors. The two play a significant role in ensuring that internal auditors are able to meet the expectations of their employees. Objectivity means that internal auditors exhibits the highest level of professionalism when gathering, evaluating, and communicating information about the process being examined. In other words, internal auditors are not duly influenced by their interest or others when making their decisions. The rules that guide the objectivity of internal auditors include not participating in activities that may impair their unbiased assessment. Additionally, not accepting anything that may interfere with the process, and disclosing all materials and facts known to them than need disclosure for the transparency of the process add to make the process a success. On the other hand, integrity in internal auditing is a process that seeks to establish trust and reliance. Here, the internal auditors are supposed to handle their work with honesty, responsibility and diligence.
Discussion 2
Q1 Governance refers to processes and structures that are meant to ensure transparency, accountability, the rule of law, responsiveness, equity, stability, empowerment, and broad-based participation. A risk refers to the future uncertainty regarding the deviation from expected outcomes or earnings. There are different types of risks which include systematic risk, regulatory risks, interest rate risk, country risk, legal risk, competition, and many others. Risk appetite is the types and the amount of risks that an organization is ready and willing to take to meet its strategic objective. Some of the factors that influences risk appetite for organizations include culture, sector, and objectives. Lastly, risk management can be defined as the process of identifying, assessing, and controlling the threats that a business organization is likely to experience on its capital and earnings. A good and successful risk management should help an organization to avert any threats that might interfere with the operations of a business.
Q2 The COSO ERM framework has three components which include risk components, the objectives, activities and control components. The COSO ERM framework draws up a philosophy on risks and indicates the risk appetite of an organization. The control components include internal environment, setting objectives, identification of events, risk assessment, control measures, information and communication and monitoring.