Types of Engagements
Reviews of financial and operating activities, and related systems, as a service to management. Subjects of internal audits are based on risk assessment. Internal audits focus on achievement of the organization’s strategic objectives; reliability and integrity of financial and operational information; effectiveness and efficiency of operations and programs; safeguarding of assets; and compliance with laws, regulations, policies, procedures, and contracts. Internal audits typically equate to assurance services, which the Institute of Internal Auditors defines as an objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the organization. Examples may include financial, performance, compliance, system security, and due diligence engagements.
Reviews to monitor and ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action. Timing and depth of reviews are consistent with the materiality and significance of the issues involved.
Custom-designed requested reviews that offer considerations for improving the efficiency and effectiveness of operating areas and assisting management in the successful accomplishment of their objectives. Formal reporting is limited to internal recipients. Consultative in nature. Advisory services typically equate to consulting services, which the Institute of Internal Auditors defines as advisory and related client service activities, the nature and scope of which are agreed with the client, are intended to add value and improve an organization’s governance, risk management, and control processes without the internal auditor assuming management responsibility. Examples include counsel, advice, facilitation, and training.