Vous êtes sur la page 1sur 4


O. S

NIM : 041411333066



Internal auditing is a broader and often more interesting field. An

internal auditor independently reviews and assesses operations in a
wide variety of areas, such as accoutning office procedures or
manufacturing quality processes.
The IIA defines the practice of internal auditing in this way:
Internal auditing is an independent appraisal function established
within an organization to examine and evaluate its activities as a
service to organization.
The term auditing include all range of levels of service, such as
detailed checking to the higher level appraisals. And the term
internal defines works carried on witthin on enterprise; by its own
The reminder of the IIAs definiton of internal auditing covers a
number of important terms that apply to the profession:
Independent : Used for auditing, that is free
of any restrictions that could significantly limit
the scope and effectiveness of any internal
auditor review.
Appraisal : Confirms that the need for an
evaluation that is the thrust of internal auditors.
Established : Confirms that internal audit is a
formal, definitive function in the modern
Examine & Evaluate: Describes the active roles
of internal auditors.
Its activities : Confirms that the board
jurisdictional scope of internal audit work that
applies to all of the activites of the modern
Service : Reveals that the help and assistance
to the management, audit committee, and other
member of enterprise, is the end product of
internal auditing work.
To the organization : Confirms that internal
audits total service scope pertains to the entire


A Common Body of Knowledge described as the major or common

knowledge requirements of todays modern internal auditor.
Some of these (COBK) are areas where an internal auditor must
have a strong knowledge and understanding. Others are area where
an internal auditor should develop a goodl general awareness.
A CBOK focuses on the minimal knowledge needed by any
professionsl in that discipline to perform effectively. A knowledge or
understanding is an important internal audit skill, wheter it is
planning a comprehensive plan of internal audits over the year or
outlining the requirements and tasks for a specific audit.
For internal audit, a CBOK will cover a wide variety of internal audit-
specific practice areas but must also be linked with general
management knowledge and practice disciplines as well as
application knowledge areas.
The IIA Research Foundations (IIARF) launched a major effort to
develop such a CBOK for the internal audit profession. Its
preliminary result, published in mid-2007, describe the state of
internal auditing professional practices throughout the world
The knowledge and skills that internal audit possess
The skill and organizationl levels used for the practice of
internal auditing work
The actual duties perfomed by interal audtiors
The structure of internal audit organizations
The types of industries which practice internal audit
The regulatory environment of various countries
For all internal auditors, materials such as Committee of Sponsoring
Organizations (COSO) framework for internal controls, or discussion
of planning and performing internal audits, and the IIA internal audit
standards, are essentials.
More expererienced internal auditors generally specialize in some
areas and have a greater levels of specific industry knowledge.


The Sarbanes-Oxley Act (SOx) is a US law enacted in 2002 to

omprove financial reporting audit processes and to mandate new
board of director, public accounting, and other enterprise
governance practices. It has had a major impact on businesses first
in the US and now worldwide.
Sox became a law in the US as a response to a series of accouting
misdeeds and financial failures at several once-major corporations
such as Eron and WorldCom.
Internal auditors should be particularly aware of the requirements
for Sox Section 404 review.
The Sox requirements, on Section 404 for reviews of internal
accounting, have caused much toil and turmoil in corporations. In
Section 404, an enterprise is made responsible for reviewing,
documenting, and testing its own internal accounting controls, with
those review results passed on the enterprises external audtiors
who are charged with then reviewing and attesting to that work as
part of their audit of the reported financial statements.
Sox Section 404 requires the preparation of annual internal control
report as part of an enterprises SEC-mandated 10K annual report.
Section 404 requirements call for two information:
1. A formal management statement acknowledging the
enterprises responsibility for establishing and maintaining
and adequate internal control structure and procedures for
financial reporting.
2. An assessment, as of the end of the most recent fiscal year, of
the effectiveness of the enterprises internal control structure
and procedures for financial reporting.
Simply put, management is required to report on the quality of its
internal controls, and its public accounting firm must audit or attest
to that management developed internal controls report in addition
to the normal financial statement audit.
Internal audits role in Section 404 reviews can take three forms:
1. Internal auditors can act as internal consultants for the
enterprise by identifying key processes, documenting their
internal controls, and performing appropriate tests of those
controls. This review work would be subject to management
approval for subsequent attention by external audit.
2. Internal auditors can review and test internal control
processes similiar to their normal internal audit reviews but
acting as assistants or contractors for extenral auditors.
3. Internal auditors can work and help other corporate resources,
either internal or external, that are performing the Section 404
reviews but not get directly involved with those reviews. This
approach allows internal audit to devote more time and
resources to other internal audit projects.