Part 1 – Internal Audit Basics 內部審計基礎知識
125 questions | 2.5 Hours (150 minutes)
題量:125個問題,答題時間:2.5小時(150分鐘)
I. Mandatory Guidance (35-45%)
強制性指南(35-45%)
A. Definition of Internal Auditing
內部審計定義
1. Define purpose, authority, and responsibility of the internal audit activity
B. Code of Ethics
職業道德規范
1. Abide by and promote compliance with The IIA Code of Ethics
遵守和促進對國際內部審計師協會(IIA)《職業道德規范》的遵循
C. International Standards
國際標準
1. Comply with The IIA's Attribute Standards
遵守國際內部審計師協會的屬性標準
a. Determine if the purpose, authority, and responsibility of the internal audit activity are documented in audit charter, approved by the Board and communicated to the engagement clients
確定內部審計的宗旨、權力和職責是否在審計章程中加以說明,獲得董事會批準并通報審計業務客戶
b. Demonstrate an understanding of the purpose, authority, and responsibility of the internal audit activity
闡明內部審計的宗旨、權力和職責
2. Maintain independence and objectivity
保持獨立性和客觀性
a. Foster independence
加強獨立性
1. Understand organizational independence
理解內部審計部門在組織上的獨立性
2. Recognize the importance of organizational independence
認識內部審計部門在組織上保持獨立性的重要性
3. Determine if the internal audit activity is properly aligned to achieve organizational independence
確定內部審計部門是否正確設置以獲得其獨立性
b. Foster objectivity
加強客觀性
1. Establish policies to promote objectivity
制定政策以增進客觀性
2. Assess individual objectivity
評估個人的客觀性
3. Maintain individual objectivity
保持個人的客觀性
4. Recognize and mitigate impairments to independence and objectivity
識別并減輕對獨立性和客觀性的損害
3. Determine if the required knowledge, skills, and competencies are available
確定是否具備必要的知識、技能和勝任能力
a. Understand the knowledge, skills, and competencies that an internal auditor needs to possess
理解內部審計師需要具備的知識、技能和勝任能力
b. Identify the knowledge, skills, and competencies required to fulfill the responsibilities of the internal audit activity
識別履行內部審計職責所必需的知識、技能和勝任能力
4. Develop and/or procure necessary knowledge, skills and competencies collectively required by the internal audit activity
開發和/或取得內部審計部門整體所需的知識、技能和勝任能力
5. Exercise due professional care
運用應有的職業審慎
6. Promote continuing professional development
促進持續專業發展
a. Develop and implement a plan for continuing professional development for internal audit staff
為內部審計人員制定并實施持續專業發展計劃
b. Enhance individual competency through continuing professional development
通過持續專業發展提高個人能力
7. Promote quality assurance and improvement of the internal audit activity
促進內部審計活動的質量保證與改進
a. Monitor the effectiveness of the quality assurance and improvement program
監督質量保證與改進程序的效果
b. Report the results of the quality assurance and improvement program to the board or other governing body
將質量保證與改進程序的結果報告給董事會或其他治理機構
c. Conduct quality assurance procedures and recommend improvements to the performance of the internal audit activity
實施質量保證程序并建議改善內部審計業績
II. Internal Control / Risk (25-35%) – Awareness Level (A)
內部控制/風險(25-35%)——要求了解(A)
A. Types of Controls (e.g., preventive, detective, input, output, etc.)
控制類型(如:預防型、檢查型、輸入、輸出等)
B. Management Control Techniques
管理控制技術
C. Internal Control Framework Characteristics and Use (e.g., COSO, Cadbury)
內部控制框架特點和運用(如:COSO,Cadbury)
1. Develop and implement an organization-wide risk and control framework
建立和實施一個全組織的風險和控制框架
D. Alternative Control Frameworks
可選擇的控制框架
E. Risk Vocabulary and Concepts
風險的詞匯和概念
F. Fraud Risk Awareness
舞弊風險意識
1. Types of fraud
舞弊類型
2. Fraud red flags
舞弊危險信號
III. Conducting Internal Audit Engagements – Audit Tools and Techniques (28-38%)
開展內部審計業務——審計工具和技術(28-38%)
A. Data Gathering (Collect and analyze data on proposed engagements):
資料收集(收集和分析擬審計的業務資料):
1. Review previous audit reports and other relevant documentation as part of a preliminary survey of the engagement area
審核之前的審計報告和其他相關文檔,作為審計業務范圍初步調查的一部分
2. Develop checklists/internal control questionnaires as part of a preliminary survey of the engagement area
編制檢查清單/內部控制調查問卷,作為審計業務范圍初步調查的一部分
3. Conduct interviews as part of a preliminary survey of the engagement area
進行面談,作為審計業務范圍初步調查的一部分
4. Use observation to gather data
通過觀察搜集資料
5. Conduct engagement to assure identification of key risks and controls
開展審計業務,確保對關鍵風險和控制的識別
6. Sampling (non-statistical [judgmental] sampling method, statistical sampling, discovery sampling, and statistical analyses techniques)
抽樣(非統計抽樣方法,統計抽樣,發現抽樣,統計分析技術)
B. Data Analysis and Interpretation:
資料分析與解讀
1. Use computerized audit tools and techniques (e.g., data mining and extraction, continuous monitoring, automated work papers, embedded audit modules)
運用計算機審計工具和技術(如:數據挖掘與抽取,連續監測,自動化工作底稿,嵌入式審計模塊)
2. Conduct spreadsheet analysis
進行電子表格分析
3. Use analytical review techniques (e.g., ratio estimation, variance analysis, budget vs. actual, trend analysis, other reasonableness tests)
運用分析性復核技術(如:比率估計,變量分析,預算與實際相比較,趨勢分析,其他合理性測試)
4. Conduct benchmarking
進行基準比較
5. Draw conclusions
得出結論
C. Data Reporting
數據報告
1. Report test results to auditor in charge
向主管審計師匯報測試結果
2. Develop preliminary conclusions regarding controls
產生關于控制的初步結論
D. Documentation / Work Papers
文檔/審計工作底稿
1. Develop work papers
編制工作底稿
E. Process Mapping, Including Flowcharting
過程描述,包括流程圖
F. Evaluate Relevance, Sufficiency, and Competence of Evidence
評估證據的相關性、充分性和證明力
1. Identify potential sources of evidence
識別證據的潛在來源
編輯推薦:
(責任編輯:)