MZUMBE UNIVERSITY

(MU)
MBEYA CAMPUS COLLEGE
FACULTY OF COMMERCE
A RESEARCH REPORT ON:

AN ASSESSMENT OF THE CONTRIBUTION OF INTERNAL AUDIT’S ROLES

AND FUNCTIONS IN ACHIEVING ORGANIZATION GOALS.

A CASE STUDY OF CRDB BANK PLC

KIJITONYAMA BRANCH
DAR ES SALAAM,

BY
HERRY KALAWA

BAF III

A RESEARCH REPORT SUBMITTED IN PARTIAL FULFILMENT OF THE

REQUIREMENT FOR THE AWARD OF BACHELOR OF ACCOUNTANCY AND
FINANCE IN BUSINESS SECTOR

2017/2018
ii
 TABLE OF CONTENTS

Declaration................................................................................................................................II

Dedication.................................................................................................................................II

Copy right.................................................................................................................................II

List of tables..............................................................................................................................II

List of appendices.....................................................................................................................II

Abbreviations............................................................................................................................II

Definition of terms....................................................................................................................II

Acknowledgement....................................................................................................................II

Abstract.....................................................................................................................................II

CHAPTER ONE
INTRODUCTION, PROBLEM DEFINITION AND OBJECTIVES

1.0 Introduction..........................................................................................................................2

1.1 Historical Background of the Problem................................................................................2

1.2 Statement of the Problem.....................................................................................................2

1.3 Research Objectives.............................................................................................................2

 CHAPTER TWO
LITERATURE REVIEW

2.0 Introduction..........................................................................................................................2

2.1 An Auditor...........................................................................................................................2

2.2 Internal Auditing..................................................................................................................2

2.2.1 Nature of the internal audit activity..................................................................................2

2.2.2 Scope and Objectives of Internal Auditing.......................................................................2

2.2.3. Key Functions and Roles of Internal Audit.....................................................................2

2.2.4 Roles of Internal Auditing in General...............................................................................2

2.2.5 The Functions of Internal Audit.......................................................................................2

2.2.6 Internal Control System and the Internal Audit of the Organization...............................2

2.3 Outsourcing of Internal Audit Functions.............................................................................2

2.3.1 Option of outsourcing.......................................................................................................2

2.4 Internal Audit Function Guidelines.....................................................................................2

2.4.1 Board and Senior Management Responsibilities..............................................................2

2.4.2 Audit Committee...............................................................................................................2

2.4.3 Corporate Governance and Internal Controls..................................................................2

2.4.4 Reporting relationship among Internl Auditors, Management and the Audit commitee. .2

2.5 Independence.......................................................................................................................2

2.6 Developing the Plan of Engagements..................................................................................2

2.7 Best practices in Internal Auditing......................................................................................2

2.8 Research Questions..............................................................................................................2

CHAPTER THREE
 RESEARCH METHODOLOGY

3.0 Introduction..........................................................................................................................2

3.1 Area of Study.......................................................................................................................2

3.2 Research Design..................................................................................................................2

3.3 Research Techniques............................................................................................................2

3.4 Study Population..................................................................................................................2

3.5 Sample Size.........................................................................................................................2

3.6 Data Collection Methods.....................................................................................................2

3.6.1 Primary data collection.....................................................................................................2

3.6.1.1 Questionnaires...............................................................................................................2

3.6.1.2 Interviews......................................................................................................................2

3.6.1.3 Personal Observation.....................................................................................................2

3.6.2 Secondary data collection.................................................................................................2

3.7 Data Analysis.......................................................................................................................2

3.7.1 Quantitative data Analysis Strategy..................................................................................2

3.7.2 Qualitative data Analysis Strategy....................................................................................2

3.8 Drawing Conclusion............................................................................................................2

CHAPTER FOUR
RESEARCH FINDINGS AND DATA ANALYSIS

4.0 Introduction..........................................................................................................................2

4.1 Discussion and Interpretation of the findings......................................................................2

4.1.1 Presentation of the Findings under the study....................................................................2

4.1.1.1 Internal Audit strategic position to contribute to Business performance.......................2
4.1.1.2 Internal Audit’s processes in enabling and its dynamic position in meeting Business
needs…………………………………………………………………………………………2
4.1.1.3 Coordination and Communication of Risks and Activities within the organization by
internal audit functions........................................................................................……………2
4.1.1.4 The working environment in Guaranteeing free Assurance and Consultancy.............2
 CHAPTER FIVE
CONCLUSION AND RECOMMENDATIONS

5.0 Introduction..........................................................................................................................2

5.1 Conclusion...........................................................................................................................2

5.2 Recommendations................................................................................................................2
 DECLARATION

I, Herry kalawa do here by declare to the senate of Mzumbe University that the work
presented here is my original work, and it has never been submitted for the award of
Bachelor Degree in any other University.

…………………………………………. …………………………….

Signature Date

Supervisor’s name: …………………………………..

……………………………………… ………………………………

Signature Date

Internal Supervisor’s name: ………………………………

………………………………………… ………………………………
 Signature Date

DEDICATION
I dedicate this report to my beloved parents Kalawa Mwatumbo, and Mrs. Helena Kalawa,
with due concern of my beloved sisters Happy Kalawa for their tireless support they gave me
to accomplish this report; my beloved friend Edson Salvatory, whose tender loving, care and
affection have always been a perfect driving force behind my self-actualization.
 COPY RIGHT

No part of this dissertation may be reproduced, stored in any retrieval system, or transmitted
in any form or by any means without the prior written permission of the author or Mzumbe
University in that behalf.

© Herry Kalawa
2018
All rights reserved.
 LIST OF TABLES

Table 1 Rate of Responses from different groups

Table 2 Key highlights of Crdb Bank plc performance over the past five years
 LIST OF APPENDICES

Appendix 1 General Questionnaire for Crdb Bank staffs

Appendix 2 Questionnaire for Audit and Accounts staffs

Appendix 3 CRDB- Internal Audit departmental structure.
Appendix 4 Views on the internal audit strategic position to contribute to business
performance.
Appendix 5 Views on Internal Audit’s processes in enabling, and its dynamic
Position in meeting business needs

Appendix 6 Views regarding coordination of the activities and communication of risks to.
appropriate areas of the organization
Appendix 7 views on internal audit working environment in guaranteeing free assurance and
Consultancy.
 ABBREVIATIONS

BAF - BACHELOR OF ACCOUNTING AND FINANCE

CRDB - COOPERATIVE RURAL AND DEVELOPMENT BANK

CPA - CERTIFIED PUBLIC ACCOUNTANTS

I.A - INTERNAL AUDIT

IC - INTERNAL CONTROL

ICS - INTERNAL CONTROL SYSTEM

IIA - INSTITUTE OF INTERNAL AUDITORS

MU - MZUMBE UNIVERSITY

NBAA -NATIONAL BOARD OF ACCOUNTANTS AND AUDITOR

 DEFINITION OF TERMS

Efficiency
According to Mhilu (2002) Efficiency shows the relationship between inputs and
outputs that is how much has been achieved in terms of quantity and quality for a given level
of input in terms of quantity and quality. The auditor is concerned with matching the quality
of output or rising output with a given one input. An efficient operation is the one which
produces highest output or return at minimum cost, lesser resource or at one unit of input.

Effectiveness
Refers to the achievement of the goals and objectives of a certain operation or activity.
It shows the relation between output and planned objectives. It measures the extent to which
the output produced or acquired and the use of policies and procedures has achieved the
stated goals and objectives of the entity. From Mhilu (2002).

Fraud
Any behavior by which one person intends to gain dishonest over another. Furthermore,
frauds can be defined as those international distortions of financial statements and other
records, which carried out to conceal the misappropriations oaf assets on otherwise for gain.
It can be theft, forgery and conspiracy .The risk areas for fraud are debtors, cash, payroll,
revenue contracts and expenses, stocks, cheques drawn by the origin, creditors’ payments,
petty cash, overtime and extra employee claims and allowances.

Risk
Refers to events and circumstances that may occur and adversely affect an entity’s ability to
reach performance targets.

Corporate Governance
According to ACCA Study Text
Is the system by which companies are directed and controlled. It is the key area for auditors
to understand since this now provides impetus to the role of external and internal audit.
Failure to meet corporate governance may result in a major risk to a company’s reputation.

Internal Control System

ISA 315 Understanding the Entity and its Environment and Assessing the risk of Material
Misstatement defines I.C.S as the process designed and effected by those charged with
governance, management and other personnel to provide reasonable assurance about the
achievement of the entity’s objectives with regard to the reliability of financial reporting,
effectiveness and efficiency of operations and compliance with applicable laws and
regulations.
 ACKNOWLEDGEMENT

First and foremost, I would like to express my gratitude, honor and heartiest thanks to
Almighty God for giving me good health and strength throughout my field work, which gave
me comfort to work well.

I am indebted to so many people and institutions that it is not possible to accord there all due
to credit. However, I would like to extend my sincere and grateful thanks to my supervisor
Mr. Rocky Alex for his constructive ideas and directions, which led me through my field
work to come up with this research report.

My grateful thanks are also extended to CRDB BANK management especially Mr. Lucas
Buzigazi (Branch Directors), Mr.Onesmo Kimath (controller) and Mrs. Benedicta
Boniface(Manager Customer Services) for their trust and concern to allow me to undertake
the field practical work and collect data for my report writing.

My thanks also go to Mr. Selemani Ponda, Mr.Musa Mwachaga and Mr. Issa Masoud-
Certified Public Accountants and my internal supervisors, for their valuable continued
assistance during my field attachment at Crdb Bank-Kijitonyama Branch, Dar es salaam.
Moreover, my thanks are extended to all Crdb staffs who in one way or another contributed
to the success of my field work.

Lastly, I would like to appreciate the support given to me by all my classmates, friends,
brothers and sisters. May God fill success and joy in their living.
 ABSTRACT

The research was carried out at Crdb Bank-Kijitonyama Branch, Dar es Salaam to assess the
contribution of Internal Audit in achieving organizational goals. The motive in undertaking
the study based on the researcher’s observation on the growth and extension of services by
large multinational and local companies as well as small organizations which needed an
effective mechanism that will ensure the smooth control and management of the operations.
Therefore, there was the need to have effective internal audit functions as the mechanism for
the performance evaluation, control, the mirror to highlight weaknesses and guide for
improving services delivery.

Data were collected by using various methods including questionnaires, interviews,

documentary reviews and participatory observations. The approach used in drawing the
representative samples for the study was simple random sampling technique.

The study revealed that the Internal Auditors at Crdb Bank play a very important role in
helping the Bank to achieve its goals, and their functions have enabled the Bank to realize
goals fulfillment by adhering to all accounting and auditing standards, and to comply with
the bank directives towards goals attainment as provided in the audit and other bank manuals.
Furthermore, the study revealed that internal audit has enabled the Bank to attain its
objectives by maintaining high degree of objectivity and integrity, Independent and
Professional Competency in undertaking its responsibilities.

However, the study further recommends that, for the organization to continue accruing the
benefits if its Internal Audit department and at the same time realizing its goals, some steps
needs to be taken by the management. That management should provide Internal Auditors
with opportunities to attend to various trainings and seminars, so that they remain informed
with the changes taking place in the business environment, also management should increase
the size of the internal audit department to make it cope with the workload. Finally,
researcher recommends that, management should place its staffs in the department with due
regard to their professions so as to ensure efficiency and effectiveness of its operations.
 CHAPTER ONE

INTRODUCTION, PROBLEM DEFINITION AND OBJECTIVES

1.0 Introduction

Internal audit is primarily driven by management’s desires to have an internal resource that
focuses attention on organizational processes and ensures accuracy, efficiency, and
effectiveness of operations.
Since internal auditing is a profession and activity involved in advising organizations
regarding how to better achieve their objectives. Internal auditing involves the utilization of a
systematic methodology for analyzing business processes or organizational problems and
recommending solutions. Professionals called internal auditors are employed by
organizations to perform the internal auditing activity. The scope of internal auditing within
an organization is broad and may involve internal control matters such as the efficacy of
operations, the reliability of financial reporting, deterring and investigating fraud,
safeguarding assets, and compliance with laws and regulations. Internal auditing frequently
involves measuring compliance with the entity's policies and procedures.
However, internal auditors are not responsible for the execution of company activities; they
advise management and the Board of Directors (or similar oversight body) regarding how to
better execute their responsibilities to realize their objectives. As a result of their broad scope
of involvement, internal auditors may have a variety of higher educational and professional
backgrounds.
Thus on taking a close view on internal audit work, the subject of this research was to asses
the contribution of internal audit roles and functions in achieving organization
goals/objectives. The research was carried out at the Crdb Bank, Kijitonyama Branch, Dar es
Salaam, Tanzania. Crdb Bank Plc is a Public Commercial Bank operating in Tanzania serving
corporate and retail customers. Crdb’s major shareholder, the Crdb Bank is already operating
in other African countries namely: Kenya, Uganda and Burundi with further plans of
expanding..
1.1 Historical background of the problem
According to KPMG, 2007, in today’s volatile business environment, organizations face a
wide range array of complex business risks. These risks come in form of many issues:
regulatory compliance, legal action, competitive markets pressures, changing technology,
investor demands, corporate governance, business ethics, and accountability. Including
changing risks facing most organizations such as those associated with globalization,
entering new markets and acquisitions.

Internal Audit services thus deliver approaches that help organizations manage strategic risks
and identify best practices and cost reduction and profit improvement opportunities. However
internal audit faces a number of challenges like;
 To build consensus between management and the board about its role should evolve.
 To refine its skill sets and risk assessment and audit planning process. Also, enhance
significantly its use of technology and continuous auditing techniques.
 To maintain its focus on its assurance role, and make sure the value it adds is
demonstrative.
 To balance the expectations of shareholders and the impact of the different work
requirement on internal audit’s role.
 To evolve its risk assessment and the audit plan continuously to keep them aligned
with developing risks and to ensure that those risks are addressed in a timely basis.
The lack of effective internal auditing systems results in ineffective and inefficiency in
administering most of the organization’s operations, leading in failure to meet the foresaid
challenges above, hence difficult to achieve organizational goals.
For long period there have been criticisms and merging questions on the performance of
many organizations. Taking the look on the corporate governance; That Governance has been
and continues to be the subject of lively debate in Europe, Asia, Australia, South Africa and
North America. A recent series of crises and collapses of reputable companies together with
evidence of large-scale corporate malpractice have shaken public trust and invigorated the
debate, leading to increasing legislation, regulation and other codifications of what comprises
good governance.
Common features of descriptions of good governance are that the board has a major
responsibility for governance and that the board has to apply high ethical standards; to guide
strategy and risk policy; to monitor corporate performance; and to ensure that appropriate
systems of control are in place, in particular, systems for risk management, financial and
operational control.
A professional internal audit activity will play an active role in supporting an organization’s
board in achieving these elements of good governance. The activity will periodically assess
the state of the ethical climate of the organization and will test the effectiveness of the
processes in place to achieve the desired level of ethical compliance. It will also review and
provide objective assurance on the systems of control, including risk management and
operational and financial control.
However maximizing the value and effectiveness of the internal audit function requires an
understanding of an organization’s objectives, risks, risk management priorities, control
framework, regulatory environment, and the diverse needs of critical stakeholders.
Ultimately these needs determine the risk profile of the organization and the strategic focus,
organization, resources, and practices required of its internal audit department
According to Crdb Bank, the over increasing demand of services to its customers (ranging
from multinational companies , government institutions, non government organization, small
business and individual ) all over the country, caused the organization to extend its services
by increasing its range of corporate and retail banking products and services; including
Current Accounts, Serving Accounts, Deposits Accounts, Foreign Exchange, International
Trade, Loans and Overdrafts, together with extending its network by having the total of
seven branches currently, with the intention of opening more branches in the country. The
purpose of the organization is to serve its customers with efficiency and courtesy, where by
contributing to the development of its stakeholders.
Thus, this growth and extension of services needed an effective mechanism that will ensure
the smooth control and management of the operations. Therefore there was the need to have
effective internal audit functions as the mechanism for the performance evaluation, control
the mirror to highlight weaknesses and guide for improving services delivery.

1.2 Statement of the problem

Audit is an important element in any organization. Both internal and external auditors are
needed as they differ in their objectives, scope, approach and responsibility. However
effective Internal Audit is an important tool for any organization to attain its goals and
objectives. This is due to the fact that internal audit starts with evaluating internal figures and
systems, ending by expressing professional opinion relating to the reliability of financial
systems and the information produced, while external auditors starts with accounts to be
published and finishes with expressing professional opinion relating to a set of financial
accounts.
But most of the organizations fail to coordinate and use internal audit functions effectively in
order to attain their objectives. The numerous corporate and organizational failures have
provoked an extraordinary degree of interests in the role and quality of internal audit, and the
obligations and responsibilities of directors, audit committees and external auditors, hence
the question of corporate governance.
Many organizations are responding to these corporate failures by revisiting their risk
management frameworks and challenging the manner in which internal audit and other
assurance functions are operating. Thus, there is a need of close link between corporate
governance and the practice of internal auditing. Work related to corporate governance is
fundamental to the basic practice and performance of internal auditing function. Thus internal
auditing departments have little choice but to make corporate governance a high priority and
recommit themselves to the corporate governance attitude of their operating characters.
Therefore, on taking the above into consideration the study objective was to assess and
understand on how the internal audit roles and functions contribute to Crdb Bank in
achieving its goals.

1.3 Research Objectives

General Objectives
The main objective of this study is to assess on how the internal audit roles and functions can
assist the Crdb Bank Plc and other firms in the same industry to meet the challenges of
quality, volatility of business environment, optimum productivity and efficiency of its
operations. Also how it can enable informed decisions to be made and actions to be taken for
the best of the organization in realizing its goals.

Specific Objectives
The specific objectives of this study included;
 To asses the critical success factors for internal audit functions in contributing to
business performance and business needs.
 To asses the effectiveness of internal audit functions in coordinating the activities and
communicate information among the audit committee, external auditors, management
and to appropriate areas of the organization.
 To determine how internal audit maintain its independence and objectivity in its due
course of providing assurance and consultancy.

CHAPTER TWO
LITERATURE REVIEW
2.0 Introduction
This chapter reviews different theories, concepts, issues and researches done in different
areas that various authors and scholars have put forward in relation to internal audit for the
purpose of adding knowledge and being familiar with the relevant information about the
problem to be studied.

2.1 An Auditor
Auditor; Is an accountant usually certified by National Professional Association of
Accountants, if one exist in the country, or certified by another country’s recognized
National Association of Accountants. In the case of Tanzania an auditor is an Accountant
Certified by the National Board of Accountants and Auditors (NBAA).Auditors may be
external Auditors or Internal Auditors.

2.2 Internal auditing.

An internal audit is one conducted by an employee of the business into any aspects of its
affairs. Internal audit is an independent appraisal function established within an organization
to examine and evaluate its activities as a service to the organization management. Internal
audit is the independent appraisal activity within an organization for the review of the
operations as the basis for the protective and constructive services to the management. It is a
type of control, which functions by measuring and evaluating the effectiveness of other types
of controls. It deals primarily with the accounting and financial matters but it may also
properly deal with matters of an operating nature (Gupta, 1990).

Internal audit is also defined as “an independent appraisal function established by the
management of an organization for the review of the internal control system as the service to
the organization. It objectively examines, evaluates and reports on the adequacy of internal
control as a contribution to the proper, economic, efficient and effective use of resources”
(A.H.Millichamp , 6TH Ed, pg 445).

Key phrases from the definition are;

 Carried on by independent personnel. Internal auditors are employees of the firm and
thus independence is not always easy to achieve. However it can be assisted by:
 1. Having the scope to arrange its own priorities and activities
2. Having unrestricted access to records ,assets and personnel
3. Freedom to report to higher management and where it exists to an audit
committee
4. Internal Audit personnel with an objective frame of mind
5. Internal Audit personnel who have no conflicts of interests or
6. any restrictions placed upon their work by management
7. Internal Audit personnel having no responsibility for line work or for new
systems. A person cannot be objective about something he/she has taken
responsibility for. On the other hand the I.A should be consulted on new or
revised systems.
8. Internal Audit personnel who have no non-audit work.

 An appraisal function .The internal auditor’s job is to appreciate the activity of others,
not to perform a specific part of data processing. For example, a person who spent his
time checking employee expense claims is not performing an internal audit function.
But an employee who spent some time reviewing the system for checking employee
expense claims may well be performing an internal audit function.
 As a service to the organization. The management requires that;

1. Its policies are fulfilled

2. The information it requires to manage effectively is reliable and complete.
This information is not only that provided by the accounting system.
3. The organization’s assets are safeguarded
4. The internal control system is well designed
5. The control system works in practice

The internal auditor’s activities will be directed to ensuring that these

requirements are met. The internal auditor can be seen as the eye of the board
within the enterprise.
According to The Institute of Internal Auditors (The IIA; 1999) defined internal audit as “an
independent, objective assurance and consulting activity designed to add value and improve
an organization’s operations. It helps the organization accomplish its objectivities by bringing
a systematic, disciplined approach to evaluate and improve the effectiveness of: risk
management, control and governance processes”

2.2.1 Nature of the internal audit activity

Based on a risk assessment of the organization, internal auditors, management and oversight
Boards determine where to focus internal auditing efforts. Internal auditing activity is
generally conducted as one or more discrete projects. A typical internal audit project involves
the following steps:

 Establish and communicate the scope and objectives for the audit to appropriate
management.
 Develop an understanding of the business area under review. This includes objectives,
measurements, and key transaction types. This involves review of documents and
interviews. Flowcharts and narratives may be created if necessary.
 Identify control procedures used to ensure each key transaction type is properly
controlled and monitored.
 Develop and execute a risk-based sampling and testing approach to determine
whether the most important controls are operating as intended.
 Report problems identified and negotiate action plans with management to address
the problems.
 Follow-up on reported findings at appropriate intervals. Internal audit departments
maintain a follow-up database for this purpose.

By analyzing and recommending business improvements in critical areas, auditors help

the organization succeed.

2.2.2 Scope and Objectives of Internal Auditing

According to ISA 610 Considering the work of Internal Audit

  The scope and objectives of Internal Audit vary widely and depend on the size and
structure of the entity and the requirement of its management. Ordinarily, internal
auditing activities/functions include one or more of the following;
 Monitoring of internal control. The establishment of adequate Internal Control is a
responsibility of management which demands proper attention on a continuous basis.
Internal Audit is ordinarily assigned specific assignment by management for
reviewing controls, monitoring their operation and recommending improvement
thereto.

 Examination of financial and operating information. This may include review of the
means used to identify measure, classify and report such information and specify
inquiry into individual items including detailed testing of transaction, balances and
procedures.

 Review of the economy, efficiency and effectiveness of the operations including non
financial controls of the entity.

 Review of compliance with laws, regulations and other external requirements and
management policies and directives and other internal requirements.

2.2.3. Key Functions and Roles of Internal Audit

The mandate of audit and evaluation is to support senior management in attaining strategic
objectives of the department by providing them with the objectives, independent, an
evidence-based information, assurance, and advice on the effectiveness and efficiency of
departmental programs, policies, and operations. The roles and responsibilities of audit and
evaluation are grouped under the following five key functions: Audit, evaluation, special
reviews, management advice and liaison activities (Iane, 2007).

The implementation of these functions to the organization, ultimately can improve

management capacity and program delivery,
  Audit can provide managers of the organization with objective assessments about the
design and operation of management practices, control systems and information. The
organization policy on Internal Audit reposition the audit services as a provider of
assurance services to departmental senior management Assurance provided by the
internal auditor, through audit engagement, give management confidence on the
soundness of management processes within the organization.
 To ensure that departmental management of the organization also receives timely,
strategically, focused objective and evidence-based information on the policies,
programs and initiatives of the department.

 Special reviews on matters on implementation of such policies as internal disclosure

of information concerning wrongdoing in the workplace, values and ethics code for
workers.

 On demand basis, expert management advice and services are provided in the area of
management practices for the implementation in the organization initiatives, these
include areas such as the financial information strategy, modern controllership, and
evaluation frameworks and logic models.

 Audit and evaluation can assist the departmental managers in responding to petitions
and liaising with other government departments such as National Audit Office,
NBAA, etc.

2.2.4 Roles of Internal Auditing in General

The roles of internal auditing are discussed under the following subheading

 Role in internal control

 Role in risk management
 Role in corporate governance

From E:\Internal audit - Wikipedia, the free encyclopedia.htm

Role in internal control

Internal auditing activity is primarily directed at improving internal control which is broadly
defined as a process, affected by an entity's board of directors, management, and other
personnel, designed to provide reasonable assurance regarding the achievement of objectives
in the following categories: effectiveness and efficiency of operations, reliability of financial
reporting, compliance with laws and regulations.

Internal auditors evaluate the effectiveness of controls relative to the achievement of strategic
objectives. Internal auditors take a broad view of internal control that includes business
strategy and direction, ethical values, consistency in meeting goals, performance measures,
and much more. Frameworks such as COSO (US), COCO (Canada), and Cadbury (UK)
provide guidelines for effective internal control implementation and monitoring.

Today, a broad array of successful internal control practices is available for practitioners who
want to stay on the leading edge of the profession. Working alongside management to make
organizational controls more effective, internal auditors use practices like control self-
assessment (CSA) to identify gaps in control and offer cost-effective solutions to prevent
disasters in the future.

"Modern internal Audi ting’s role in internal control is essential," says Tina Jansen, CACIA,
internal assurance manager with the Provincial Health Services Authority. "Working in
collaboration with management and key personnel, the internal audit function can be
invaluable to every aspect of the organization."

Role in risk management

Internal auditing professional standards require the function to monitor and evaluate the
effectiveness of the organization's risk management processes. Risk management relates to
how an organization sets objectives, then identifies, analyzes, and responds to those risks that
could potentially impact its ability to realize its objectives. Some of the key risk assessment
activities in organizations include: marketing planning, strategic planning, incentive payout
determination, credit authorization, and capital planning, each of which can be audited in one
or more projects.

In larger, more complex organizations, major strategic initiatives are implemented to achieve
objectives and drive changes.

Internal auditors may help companies establish and maintain Enterprise Risk Management
processes. In this area, internal auditors typically are part of the project team in an advisory
role.

Role in corporate governance

Internal auditing activity as it relates to corporate governance is generally informal,

accomplished primarily through participation in meetings and discussions with members of
the Board of Directors. Corporate governance is a combination of processes and
organizational structures implemented by the Board of Directors to inform, direct, manage,
and monitor the organization's resources, strategies and policies towards the achievement of
the organizations objectives. Internal auditing is often considered one of the "four pillars" of
corporate governance, the other pillars being the Board of Directors, management, and the
external auditor.

A primary focus area of internal auditing as it relates to corporate governance in helping the
Audit Committee of the Board of Directors (or equivalent) perform its responsibilities
effectively. This may include reporting critical internal control problems, informing the
Committee privately on the capabilities of key managers, suggesting questions or topics for
the Audit Committee's meeting agendas, and coordinating carefully with the external auditor
and management to ensure the Committee receives effective information.

2.2.5. The Functions of Internal Audit

From Crdb Bank internal audit manual
The main objectives of the Internal Audit department within the Bank are to ensure, through
various fields of interventions, that:
 The Bank assets are correctly accounted for;
The rules of the Profession, as well as those imposed by the Central Bank and the
various regulatory entities (Tax, international trade, foreign exchange…), are
complied with.
Indeed, Banks and Financial Institutions tend to maintain an Internal Control system,
whose objectives are:
 To check that operations, internal organization and operational procedures are in
compliance with legal and statutory measures, with deontological and professional
norms and customs, and with the general guidance of the Executive Body;
 To check that limits fixed in terms of credit risk, foreign exchange risk and interest
rate risk, are strictly respected;
 Monthly reporting to the Group General Inspection of the planned work as per the
Control Charts, as well as immediate reporting of any fraud occurrence or any
difficulties encountered in completing assigned audit missions.
 To check that accounting and financial information is reliable and available.
Moreover, the Bank has to add to its internal procedures an updated document,
which defines the organization and objectives of the Internal Audit department, as
well as the means deployed to fulfil this function.
In the Crdb Bank structure, Internal Audit reports to General Management, and is
responsible for the smooth functioning of Internal Control operation, through which
any internal or external factor, which is likely to jeopardize the completion of
objectives fixed by General Management, has to be identified and addressed.
Internal Audit is also by essence, the main contact for the other Control Bodies, in
particular:
 The Crdb Bank Group General Inspection, which is responsible for supervising,
coordinating and training the Internal Audit structures;
 The Bank Auditors and other external audit structures;
 Official Authorities in charge of the implementation of International Trade and
Foreign Exchange regulations;
  Tax Administration (in terms of backing up Accounting Managers).
Internal Audit can’t remain static, and has to follow the Bank size and activities
evolution (new products, Information Technology developments, structures or
changes in procedures…).
Internal Audit operation can be assimilated to a real “Profession”, which implies a
perfect command of technique from one part, and a perfect knowledge of regulations
and banking particulars on the other part.
It is obvious that such a varied function can only be assumed by a team who not only
has the necessary technical competences, but also possesses an irreproachable
morality and specific qualities which come with practice: psychology, communication
abilities, power of persuasion and training abilities.
In order to allow Internal Audit to remain independent, credible and efficient, it is
also essential that it does not get involved into day to day operations, hence an
incompatibility with marketing, operational or administration functions; within the
strict respect of the segregation of duties principle, which is the corner stone of a
good internal control system.

The work of Internal Audit is often difficult and ungrateful, since its action can be
perceived as repressive, authoritarian not to say police like.
Internal Audit can bring its interlocutors to a more positive perception of its work,
without giving up any of its responsibilities by:
 Having to pass on a critical judgment, it will point out not only department
weaknesses, but also its strong points. As far as weaknesses or errors and anomalies
are concerned, it will have to be objective (minor errors or anomalies should not be
given a greater importance than what they deserve in a report, for example).
 Through the frequency of its interventions, Internal Audit will favour prevention, thus
avoiding extreme situations which could lead to sanctions.
 Any polemic mind must be banned from its reports; only situations and facts must be
reported, without implicating persons directly. Should this become necessary, it would
have to report the issue in a separate and confidential report for the attention of
General Management.
  Any error record or deviation from established rules must imply corrective actions
proposals or advices. In extreme cases, Internal Audit will be able to (sometimes will
have to) get personally involved in order to help a department out.
Internal Audit action must always be constructive in order to fulfil its mission within the
Bank. The responsibilities of Internal Audit can be summed up in three words: to prevent,
to inform, to cure

2.2.6. Internal Control System and the Internal Audit of the Organization

The Organizational of Controls

There is no place for improvisation in order to ensure a complete coverage of the fields
which require Internal Audit action. It is therefore essential:
 That Internal Audit action be planned in order to spread over the year and according
to the pre defined periodicities, the verifications having to be performed (hence the
necessity to draft a planning at the end of the year, for the year to come, with General
Management agreement.
 That controls be as much as possible organized, using manuals, procedures and check
lists, specifically designed for each type of control.

The Control “Tools”

Without being restrictive, the following can be mentioned:
 The chart of accounts (for which one must have a perfect knowledge or at least
maintain a permanent copy);
 General Instructions, procedures and memos (amongst which the credit lending
policy);
 Powers of attorney (in particular for credit lending purposes);
 Authorized signatories deposited with Official Bodies, Banks and Correspondents;
 Legal and Statutory documentation (Banking Act, Central Bank and Banking
Commission circulars, usurious rate, government controlled tariffs, fiscal,
International Trade and Foreign Exchange regulations, etc…);
 Tariffs and applicable conditions booklet;
  Organization chart for executives and heads of departments, and their powers of
attorney;
 Internal audit check lists by department or activity type.

The Compulsory Conditions for an efficient Internal Audit

 Functional independence, which does not mean a lack of interest from the business
concern‘s heads.
 On the contrary, Internal Audit action will be unproductive if not sustained by:
- General Management;
- Complete support from the operational heads.
 An Information Technology system which takes into account safety and control
issues.
 As far as procedures are concerned, Internal Audit should be consulted as a pre
requisite to their implementation or modification.
The achievement of the above conditions will largely depends on Internal Audit persuasion
abilities, as well as the demonstration of its efficiency.
Internal Audit Ethics
It goes without saying that an Internal Auditor must be spotless, and set himself/herself up as
an example for those she/he controls and assists. One will expect a lot of qualities from
him/her, amongst which: Competence and availability, to be initiative, analysis and judgment
minded, to have communication abilities and to be strictly sworn to professional
confidentiality.
Infact an Internal Auditor will be requested to be efficient and constructive.

2.3. Outsourcing of Internal audit Functions.

Chronic skills shortages, coupled with a lack of adequate technology capacity, inhibits the
efficacy of internal audit function. In order to maximize returns, many companies are
exploiting their competitive advantage by outsourcing and co-sourcing most aspects of their
non core business, including the internal audit functions. This can be limited to helping
internal audit staff in assignment for which they lack expertise. Institutions often outsourcing
vendors for audits of areas requiring more technical expertise, such as electronic data
processing, capital markets activities, and so on. Such uses are referred to as ‘internal audit
assistance’ or ‘audit co-sourcing’.

Outsourcing and co-sourcing affords the client the luxury of having access to global expertise
and cutting edge technology, a factor that eliminates day-to-day administrative tasks
associated with assignment management (Ernst & Young 2005).

The number of organization outsourcing internal audit and regulatory compliance has
increased dramatically in the past few years. This trend is due, in part; to the increased skill
sets expected of the risk management staffs and management desire to have these individual
functions as business consultants. Economics also plays a big role in outsourcing decision,
with many companies reducing overall audit and compliance costs through outsourcing
(Cherry et –al, 2004-2007).

2.3.1. Option of Outsourcing.

 Full outsourcing

With this option the organization decides to hire the entire internal audit function from
outside to undertake all its audit works. Some of the advantages the organization can
experience by outsourcing include industry expertise, cost savings and a reduction of risk to
the organization. It is difficult for a small staff to maintain the appropriate knowledge base
for all facets of their industry. A specific organization can eliminate the cost of salaries,
benefits, vacations, holidays, social time, training and supervision and pay for professional
services only. Outsourcing can identify the compliance issues and internal audit areas that
represent the highest risk to the organization and focus detailed testing in these areas.

 Co-Outsourcing

This approach involves an integrated formal partnership between the in house internal audit
and the external advisors, with each party sharing and contributing complementary
knowledge, skills and experiences. The co-sourcing can enable the audit team of the
organization, to have a control and responsibility for internal audit and calls on external
advisors for additional support and specialist skills when required.

2.4. Internal audit function guidelines

The internal audit function is responsible for evaluating the adequacy, effectiveness and
efficiency of the company’s system of internal controls and the quality of ongoing operations.
The company is to have one person designated as the Senior Auditor, who shall have
adequate technical training and proficiency to manage the internal audit function.

2.4.1. Board and Senior Management Responsibilities

Management

Directors and Senior Management should ensure that the outsourced internal audit function is
competently managed. Organization should employ/poses sufficient competent staff
members in the internal audit department to assist the manager of internal audit in overseeing
the audit issues. These competent staffs enable the organization to improve its efficiency
capacity and ability to manage risks that may hinder organization to achieve its objectives

Structure

Carefully thought should be given to the placement of the audit function in the institution‘s
management structure. The internal audit function should be positioned so that the board has
confidence that the internal audit function will perform its duties with impartiality and not be
unduly influenced by managers of day-to-day operations

2.4.2 Audit committee

The sound audit committee can help organizations to achieve its goals and objectives due to
the facts that the purpose for establishing internal audit committee is to oversee the
accounting and financial reporting processes and the audit of the financial statements of the
company. However this can be achieved only if members to internal audit committee possess
reasonable qualities as required by relevant authorities (Monroe Bancorp et-al)

2.4.3 .Corporate governance and internal controls

Companies with strong corporate governance structures and policies are valued more among
investors and enjoy better terms in trade. Simply stated, good corporate governance makes
very good business sense. Strong Governance structure and policies of the organization
increases confidence and trustfulness among its members which can lead to smooth operation
of its activities. There will be the proper direction and control of the organization and risk
management; (Southern Education et al).

2.4.4. Reporting relationship among Internal Auditors, Management and the Audit
committee

Effective reporting relationship among the said team above, contributes to the achievement of
audit objectives. To properly carry out their responsibilities for internal control, directors and
senior management should foster forthright communications and critical examination of
issues to better understand the importance and severity of internal control weaknesses
identified by the internal auditors and operating management’s solutions to these weaknesses.

Internal Auditors should report internal control deficiencies to the appropriate level of
management as soon as they are identified. Significant matters should be promptly reported
directly to the board of directors (or its audit committee) and senior management.

Thus, the key role of internal audit in corporate governance is to assist the board and/or its
audit committee in discharging its governance responsibilities by delivering;

 A review of the organization’s control culture, especially ‘the tone at the top’.
 An objective evaluation of existing risk and internal control framework.
 Systematic analysis of business processes and associated controls.
 Review of the existence and value of assets
 A source of information on major frauds and irregularities.
  Ad hoc reviews of other areas of concern, including unacceptable levels of risks
 Reviews of the compliance framework and specific compliance issues.
 Reviews of operational and financial performance.
 Recommendation for more effective and efficient use of resources.
 Assessments of accomplishment of corporate goals and objectives.
 Feedback on adherence to the organization’s values and code of conduct/ code of
ethics.

However in attempting to adequately discharge their responsibilities, internal auditors often

finds themselves in an anomalous position. They report to senior management within the
organization, yet are expected to objectively review management’s conduct and effectiveness.
The only satisfactory solution to this problem is for internal audit to report primarily and
directly to the board and its audit committee rather than to senior management.

2.5. Independence
This allows internal auditors to carry out their work freely and objectively, it is achieved
through organizational status and objectivity. Internal auditors need to be independent of the
activities they audit, which means to report issues prevailing in the organization in its reality
without any fear. Once in the organization there is independence of internal audit unit, it can
provide independent and objective advice on risk management, control and governance. It
also provides value for money and related matters, subject to the resource constraints. The
head of the audit unit shall have right of access to the chief executive director (Northwest
State University)

2.6. Developing the plan of engagements

Internal Audit standards require the development of a plan of audit engagements (projects)
based on a risk assessment, updated at least annually. The input of senior management and
the Board is typically included in this process. Many departments update their plan of
engagements throughout the year as risks or organizational priorities change.
This effort helps ensure the audit activity is aligned with the organization’s objectives, by
answering two key questions: First, what goals is the organization trying to accomplish in the
upcoming period? Second, how can the Internal Audit Department assist the organization in
achieving these goals?

Internal auditors often conduct a series of interviews of senior management to identify

potential engagements. Changes in people, processes, or systems often generate audit project
ideas. Various documents are reviewed, such as strategic plans, financial reports, consulting
studies, etc. Further, the results of prior audits and resolution of open issues are considered.
For example, even if a business area is important, prior audit work and the nature and status
of open issues may render further audit effort unnecessary. If the organization has a formal
Enterprise Risk Management (ERM) program, the risks identified therein help limit the
amount of separate risk assessment performed by Internal Audit.

The preliminary plan of engagements is documented and prioritized. Audit resources and
expertise are then considered and a final plan is presented to senior management and the
Audit Committee. The presentations vary based on the needs of the stakeholders but typically
include the following:

 Summary of key goals, risks and corresponding major audits, to illustrate alignment;
 Brief description of critical projects identified;
 Projects requested but not planned for execution due to prioritization and resources;
 Required co-sourcing effort, typically where outside expertise is required or during
peak periods; and

Appendix materials, such as planning approach, assumptions (e.g., days per auditor and
staffing level) and brief descriptions of all planned audits and related prioritization.

2.7. Best Practices in Internal Auditing

Measuring the Internal Audit Function

Internal audit functions are primarily evaluated based on the quality of counsel and
information provided to the Audit Committee and top management. However, this is
primarily qualitative and therefore difficult to measure. “Customer surveys” sent to key
managers after each audit project or report can be used to measure performance, with an
annual survey to the Audit Committee. Scoring on dimensions such as professionalism,
quality of counsel, timeliness of work product, utility of meetings, and quality of status
updates are typical with such surveys.

Quantitative measures can also be used to measure the function’s level of execution and
qualifications of its personnel. Key measures include:

Plan completion: This is a measure of the degree to which the annual plan of engagements is
completed, measured at a point in time. This may be measured using the number of projects
completed, weighted by the planned size of each project, with estimates for projects in-
progress. Measured throughout the year, it is compared against the percentage of the year
elapsed.

Report issuance: This is a measure of the time elapsed from completion of testing to
issuance of the final audit report, including management’s action plans. This can be measured
in average days or percentage of reports issued within a certain standard, such as 30 days.
Establishing expectations for the timing of management’s response to report
recommendations is critical. In addition, the scope and degree of change involved in the
report’s action plans are key variables. For example, a report for a single retail store requiring
only the store manager’s action might take 3-5 days to issue. However, a report consolidating
findings from 20 retail stores, with action plans with national implications determined by top
management, may take 30-60 days in complex organizations.

Issue closure: Reported audit findings are often called “issues” or “deficiencies.”
Professional standards require audit functions to track reported findings to resolution, which
effectively requires the maintenance of an issues follow-up database. The number of days
that reported issues remains open, or open after their agreed-upon closure date, are key
measures. In addition, reporting database statistics such as the number of issues open
(unresolved), closed (resolved), and issues opened/closed during a given period are useful
statistics.

Staff qualifications: This can be measured through the percentage of staff with professional
certifications, graduate degrees, and overall years of experience.

Staff utilization rate: This is measured as the percentage of time spent on projects, as
opposed to administrative time such as training or vacation. Many internal audit departments
track time by audit project. This is typically captured in a database or spreadsheet.

Staffing level: The number of positions filled relative to the authorized staffing level. Due to
the challenge of finding qualified staff, departments may have rotational programs to bring in
management to complete tours in the function or be "guest" auditors. Audit departments also
"co-source," meaning they obtain contract auditors from service providers.

Reporting of critical findings

Internal Audit typically reports the most critical issues to the management quarterly, along
with progress towards resolving them. Critical issues typically have a reasonable likelihood
of causing substantial financial or reputation damage to the company. For particularly
complex issues, the responsible manager may participate in the discussion. Such reporting is
critical to ensure the function is respected, that the proper "tone at the top" exists in the
organization, and to expedite resolution of such issues. It is a matter of considerable
judgment to select appropriate issues for the management attention and to describe them in
the proper context.

2.8. Research Questions

 Is Internal Audit strategically positioned to contribute to business performance?

 Are Internal Audit’s processes (functions) enabling and dynamic in meeting business
needs?
 How do the activities and risks being coordinated and communicated respectively in
the organization?
  Does the working environment guarantee the free assurance and consultancy?

CHAPTER THREE
RESEARCH METHODOLOGY

3.0 Introduction

Having defined the research problem, and reviewed the related literature, this chapter then
describes the research design, methods of collecting data and materials used in this study. It
also explains about the sampling procedures, sample size as well as data analysis techniques.

3.1 Area of study

The study was conducted at Crdb Bank Plc. The site was selected due to the fact that the
bank has grown in status to be regarded as one of the key players contributing to the
Corporate and Small and Medium Enterprises sectors in the country1.

1
http:// www.crdbbank.net
3.2 Research design
Case study design was used to carry out this study. The criteria of using this design was
based on the fact that it; it uses of variety of methods of data collection, time effective, cost
effective, and it permits the little study of social unit2.

3.3 Research techniques

The researcher uses both quantitative as well as qualitative research techniques; however the
qualitative research techniques was given priority in obtaining and interpreting data
pertaining the technical issues under the study.

3.4 Study population

The population chosen for this study comprises of four (4) groups’ viz. Accounts and finance
department staffs, customer services department staffs, credit department staffs, operation
and administration department staffs. These groups were chosen because they have been
identified as the main implementers of the organizational goals and objectives on one hand,
and on the other hand they ensure that the controls in place are followed and maintained to
ensure that the organizational objectives are achieved as planed. The respondents were
randomly selected from each group.

3.5 Sample size

In any research, determination of sample size is very important. Good sample size may serve
to achieve the objectives. Sample size should be optimum; according to Kothari,2004; an
optimum sample is the one, which fulfills the requirement of efficiency, representative,
reliability and flexibility. Under this study a researcher selected a sample of 36 respondents
so that could be able to gather appropriate and valid data. Details of responses obtained are
presented in Table 1.
Table 1: Rate of Responses from different groups
Population Number of Number of % of persons responded over
category respondents persons responded expected to respond
expected to

2
Kothari, 2004
 respond
Customer
services 12 8 66%
Accounts and
Finance staffs 9 9 100%
Operations
department
staffs 3 2 67%
Credit
department
staffs 5 5 100%
Administration
department
staffs 7 4 55%
Total 36 28 77%

Source: field study, 2018

3.6 Data collection methods

These are the ways of obtaining information about the research study. Several methods were
employed for data collection during this study for both primary and secondary data so as to
obtain adequate information for the study3.

3.6.1 Primary data collection

These include structured questionnaires, unstructured interviews, and personal observation

3
Procter 1997 define primary data as those collected afresh and for the first time and thus
happen to be original in character, and secondary data are those which have been collected by
someone else and which have passed through the statistical process (Kothari, 2004).
3.6.1.1 Questionnaires

There were two sets of structured questionnaires, one set for the audit and accounts
department’s staffs and the other set for all Crdb Bank staffs (Appendix 1). These
questionnaires, which were prepared in both hard and electronic copies, were distributed in
December 2018.

3.6.1.2 Interviews

Interview with crdb bank staffs was of great importance as far as the study was concerned in
obtaining primary data. Although the mail questionnaire provided a wealth of quantitative
data, unstructured interviews were undertaken to complement and enhance the information
obtained from questionnaire. The sample of respondents interviewed was restricted to a sub-
sample of those to whom the questionnaire was sent. That is two heads of departments (from
finance and administration department) representing the four groups were selected. The
selection of only two heads to represent the four groups was based on the reality that it was
difficult to arrange with all the informants from the four groups. The method is useful and
effective as it enabled the researcher to have control over the audience as well as getting
quick response from the interviewees.

3.6.1.3 Personal Observation

This was done through participating in several engagements in different department at Crdb
Bank, namely; Accounts and Finance department from October 2017 to December 2017,
Administration department from December 2017 to January 2018, credit January 2018 and
customer services department February 2018. The researcher used this method to learn and
observe how procedures were executed by internal auditors and accountants and try to figure
out what the situation would be if at all internal auditors and accountants were doing their
work effectively.

3.6.2 Secondary data collection

These were extracted from various relevant documents; audit manuals, accounts manuals,
financial statements, from financial reports, from investigation reports, from electronic
sources and other publications.

3.7 Data Analysis

Both qualitative and quantitative data analysis strategies have been used to analyze the data
gathered by the researcher to come up with sound analytical clarity for the purpose of study,
and draw conclusion4.

3.7.1 Quantitative data analysis strategy

This makes use of the mathematical techniques to analyse the data, for this research,
percentage have been arrived at basing on the responses from various groups as obtained by
the researcher. Tables have also been used to explain some relationships.

3.7.2 Qualitative data analysis strategy

These are factual and logical statements made to analyse the data gathered. They basically
include various explanatory phrases of what was obtained from the field, through personal
field observation and comments from the respondents.

3.8 Drawing conclusion

In drawing conclusion, the researcher has decided to evaluate and measure data gathered in
the field in terms of numbers and percentage apart from factual and logical statement used to
come up with decision and conclusion on whether or not that the internal audit functions are
practiced at Crdb Bank, and if contributes to the achievement of bank’s goals and objectives.
The researcher decided to take77% or above as the decision criteria basing on the number of
persons responded over those expected to respond on the questionnaire provided to them,
meaning that the positive outcome from the respondents of at least equal or greater than 77%

4
Data analysis refers to ways of sorting the data so as to establish statistical patterns and identification of
relationships
were used to draw conclusion that role and functions of internal auditors contributes in
assisting the Bank to achieve its goals.

CHAPTER FOUR
RESEARCH FINDINGS AND DATA ANALYSIS
4.0 Introduction
This chapter represents an overview of the general research findings based on what was
observed by the researcher in the field and on the field responses, as well as the statistics
gathered from the quantitative/qualitative analysis of the data/information.
The findings of this study were based on the research questions, which were used as a guide
during the actual research work.
4.1 Discussion and Interpretation of the Findings
This particular section is indeed one of the most decisive areas of the study due to the fact
that detailed and critical analysis of the research findings, discussions as well as
interpretation of the same is carried out herein.
Thus, during the conduct of the field research, the researcher was placed for an internship at
Crdb Bank, Kijitonyama Branch, Dar es Salaam and participated on various Audit and
Accounts and Finance activities of the bank. This provided the researcher with the
understanding of what was actually taking place in the whole organization processes by
participant observation and documentary review.
As mentioned earlier in the first chapter that the purpose of this report was to asses the
contribution of internal audit roles and functions in achieving organizational goals, the
researcher basically carried out the study and analyzed the data collected within the limit of
research investigative questions with the close view of the research objectives.

4.1.1 Presentation of the Findings under the study

4.1.1.1 Internal audit Strategic Position to Contribute to Business performance
The question was specifically aimed at assessing the following key issues below to come up
with the clear understanding of the strategic position of Internal Audit in contributing to
business performance. To assess if;
  The internal audit mission and roles are clearly defined within the wider governance
framework and are effectively communicated.
 The internal audit structure in relation with the promotion of objectivity, consistency
and business understanding.
 The internal audit contributes value to the business as defined by appropriate success
criteria.
Internal Audit mission, structure and size
From the above objectives, questions were set and various opinions were obtained from the
respondents.
Respondents were required to express their views as to whether internal audit’s mission and
role is clearly defined within the wider governance framework and if effectively
communicated. The closed ended questions were asked, the response summary is as
presented in Table 1. (Refer appendix 4). From the results, it is clearly seen that 87.5% of
respondents had responded positively that internal audit’s mission and role is clearly defined
within the wider governance framework, where as only 12.5% of respondents indicated that
they are not familiar with issue at hand. Thus, the results imply that the internal audit mission
and role is clearly defined and communicated to various categories of staffs at Crdb Bank.

On the other hand, respondents were also asked to express their perception on the structure of
internal audit if it promotes objectivity, consistency and business understanding, and to
identify if the department size and structure is adequate to meet its established objectives.
Response summary as presented in Table 1. (refer appendix 4).The results portrayed that 84%
of the respondents are in agreement with the current structure of internal audit in promoting
objectivity, consistency and business understanding. Where as about 8% of the respondents
said they are not familiar and only 8% of the respondents said that the structure of internal
audit is not conducive. Since majority of about 84% responded positively and only about
16% responded negatively, it implies that, though the structure of internal audit promotes
objectivity, consistency and business understanding according to the view of the majority, but
some issues need to be looked at from the structure itself so as to eliminate the doubts of
some (about 16% of respondents) regarding its sufficiency.
In identifying whether or not do the department size and structure is adequate, about 66% of
respondents said that the internal audit size is adequate, where as 17% of the respondents said
they are not sure of its adequacy and the remaining 17% of the respondents said the structure
is not adequate. Results are shown in table 1 (refer appendix 4). The implication from the
findings indicates that, there are still doubts for some staffs (about 34% of respondents)
regarding the appropriate size for internal audit department for it to play its role effectively.
Some respondents added comments on the size;
Accountants: “I have no doubt about the structure of the Audit department, but audit
personnel should be increased –professional ones.”
Thus, the results from table 1 of appendix 4, indicates that generally on average about 84.4%
of respondents are in favor that Internal Audit strategic position contributes to business
performance, Where as only 15.6% are not sure of the strategic position of Internal Audit in
contributing to business performance.

Apart from the observation above, respondents were also asked to indicate their views on the
contribution of Internal Audit activities in adding value to business. Averages of about
93.75% of the respondents agreed that, there is a great value added by the Internal Auditors
to business (refer table 2, appendix 4). They also gave some reasons as to why they are
convinced with the contribution of internal audit services in adding value to business, They
said that internal auditor do;
 Increase employees’ accountability and responsibility,
 Bring about integrity among staffs,
 Necessities professionalism toward stakeholders,
 Minimize risks, especially operational risks,
 Detect errors immediately and recommends corrective action,
 Remind organizations policies and procedures which lead to achieving of the
objectives.
Staffing and audit quality
According to the personnel department, it showed that currently the internal audit department
is having two (3) staff who are experts in accounting field, both are Certified Public
Accountants (CPA) with the experience in the field of not less than 3 years of working
experiences as internal auditors. The face-to face interview with the Head of the personnel
department portrayed that, always it is the duty of Head of internal audit department to
oversee the staff assigned to perform audit work. The researcher observed that the audit
department is also faced with the high workload, due to the rapid expansion of the bank
network in terms of branches, and the same was confirmed by the head of the audit
department in his interview with the researcher. The following has also been noted from the
interview with the head of audit department and from personal observation, that, the size of
internal audit department is very important in undertaking responsibilities, as internal audit
department is vested with the responsibility of engineering and supervising audit functions
which are the key guides in identifying some of the risk inherent in the organization
operations and to make an assessment as to whether internal controls are effective, if any
weakness detected, if it is to be communicated to head of areas that seem to experience the
problems. This awareness helps the managers responsible to work on the weakness at its
early stage, hence corrections are made promptly. This helps in improving performance.
Despite the fact that the number of Internal audit staffs needs to be increased to curb the
workload facing the department, there is a great need of providing the internal audit
personnel with the Continuous Professional Education (CPE) to equip them with up to date
information, together with incorporating the internal audit staffs with knowledge from other
disciplines such as banking. This will help the internal auditors to play their role effectively.

4.1.1.2 Internal Audit’s processes in enabling and its dynamic position in meeting
business needs
Under this question researcher aimed at assessing if;
 Internal Audit has strong risk identification and planning methodology and delivers
a high quality services
 Technology is used appropriately to enhance the provision of Internal Audit services.
 Internal Audit develops and manages appropriate relationships with its key
stakeholders.

Risk identification, technology and auditors relation with key stakeholders

Response summary from table3. of appendix 5. indicates that; The internal audit seem to
have clear and strong risk identification and planning methodology for delivering a high
quality service as on average about 89% of the respondents replied ‘YES’ to the question on
the Internal Audit planning, Where as views regarding technical competence has shown that
on average about 84% of the respondents are satisfied with the usage of technology by
Internal Audit in undertaking their responsibilities. And about 75% of the respondents are
satisfied that Internal Auditors develops and manages appropriate relationships with its key
stakeholders. Thus it can be concluded that, about 89% of the respondents accepts that,
Internal Audit functions is enabling and its dynamic position helps in meeting business needs,
whereas only 11% of respondents do not accept.

Standard for professional Practice of Internal Audit

Much emphasis of Internal Audit Functions is on the use of professional practices and
standards, which addresses independence, professional proficiency, scope of work,
performance of audit work, management of internal audit and quality assurance reviews.
Thus, according to face-to-face interview with the head of internal audit department, there
are various instruments that were important in promoting ethics and values which in turn
assist in achieving objectives. The instruments include;
 Financial regulations
 Auditing manuals
 Accounting manuals
 Staff regulations
 Scheme of services
In making sure that procedures are followed and all necessary attachment related to the
particular transaction are assessed, Internal Audit department is responsible for reviewing
the documents before they are passed for either cancellation, reversal, amendments, single
entry. The procedures include;
 To asses if the documents are filled completely and correctly.
 Verification of the validity of the transaction.
 To check the proper authorization of the documents.
However, the purpose behind insisting the use and follow up on procedures and standards in
financial transaction is to do away with;
 Errors in transaction forms
 Incompleteness of the forms
 Improper or Fraudulent Practices.
Thus, the outcome of the strictness in the use of auditing manual, accounting manual and
adherence to financial regulations. The audited financial reports of the Crdb Bank 2004-
2008, has shown that the bank performance over the past five (5) years has improved to a
greater extent, such that the bank has been able to recover its returns from the loss of about
Tshs 326 mill in 2004 to a profit of about Tshs 242 mill. in 2005, from 2005 the profit kept
on growing up to Tshs 1.2 bill in 2008.On the other hands assets safety has improved and its
value increased from Tshs 24 bill in 2004 up to Tshs 121 bill in 2008.Customer deposits
trends portray the good picture as the increase from Tshs 20 billion in 2004 to Tshs 103
billion in 2008 is the good indicator. The above successes have lead to the increase in
shareholders equity from Tshs 2 billion in 2004 to Tshs 12 billion in 2008, also during the
year 2008 the BANK has increased its authorized share capital to Tshs 15 billion from Tshs
10 billion in 2007 .Results are presented in table 2 below.

TABLE 2.KEY HIGHLIGHTS OF CRDB BANK TANZANIA PERFORMANCE OVER

THE PAST FIVE YEARS

YEAR END 2008 2007 2006 2005 2004

000'TZS 000' TZS 000' TZS 000' TZS 000' TZS
89,485,646.0 68,164,580.0 46,884,213.0 24,752,740.0
Assets 121,022,466 0 0 0 0
103,041,08 73,065,196.0 55,642,283.0 39,263,552.0 20,356,780.0
Deposits 1 0 0 0 0
Shareholders'
equity 11,751,814 7,079,533.00 6,117,883.00 5,438,306.00 2,805,889.00
Profit after (326,033.0
tax 1,236,073 961,650.00 679,577.00 242,020.00 0)
Number of
branches 7 4 2 2 2

Source: Audited financial

 reports

4.1.1.3 Coordination and communication of risks and activities within the organization
by internal Audit Functions
Respondents were asked to indicate their views on how Internal Audit helps in coordination
of the activities and communication of risks to appropriate areas of the organization. The aim
was to assess if;
 Internal Control System in place is understood, adequate for the organization’s
operations and is effective.
 Internal Audit prepares reports with recommendations for effective actions by
management and the board of directors.
 The management or board of directors’ respond timely and take quick actions for
recommendation provided by Internal Auditors.
Internal Control System, Audit reports and directors responsibilities
From (table 4, appendix 6) the results indicates that on average about 88.3% of the
respondents are in favor of internal audit role in coordinating the activities in the presence of
adequate and effective internal control, where as only 11.7% are not in favor. As respondents
have shown that the Internal Audit reports are issued on timely basis (indicated by 84% of
the respondents) and report issued cover almost every important aspects of the activities
and risks (indicated by 92% of the respondents) of the organization for the effective action
by the management or board of directors. Findings show that about 100% of the respondents
are in satisfaction with the actions taken by the management and board of directors towards
recommendations and comments made by Internal Auditors.
The level of performance of internal audit work towards organizational goals fulfillment was
also assessed, the responses summary (refer table 5, appendix 6) indicated that 75 % of the
respondents believe that Internal Audit’s contribution towards organization goals fulfillment
is very good, while the remaining about 25% also believe but not incredible due to some
minor errors which seldom occurs undetected. Given the decision criteria being 65%, It is
evident that Internal Audit level of performance towards organizational goals fulfillment is
very good.

Controls in Practice
According to Crdb Bank, Internal Audit functions is considered to be the main instrument
of controlling the resources .It is the duty of the management to ensure that administrative
activities, services delivery activities and other expenditures follow up, policies and
regulations. The researcher studied the controls in place, and took some sample voucher for
payment, activation, cancellation, and accounts amendment. The 20 random selected
payment vouchers for two (2) consecutive years 2007-2008 (10 vouchers in each year) which
were tested showed that they were properly authorized by the head of accounts department
and well stamped. The interview with the Head of Accounts & Finance department revealed
that there is no amendment /cancellation/activation of accounts to be effected if not
authorized by the audit department. The 12 random sample of cancellation forms selected for
the year 2008 (one for each month) showed that they were checked and authorized by the
audit department before being processed by accounts department. The effectiveness of the
Internal Control System is also indicated by the highlights of Crdb bank performance over
past five years as presented in Table 2 above.
Planning and budget control
Audit department exercises continuous monitoring of the plans and budget, control and
evaluation of the ongoing Crdb Bank activities in order to provide a closer supervision on the
work programs (Crdb bank internal audit manual). The assessment is done in order to
identify achievement and threats versus the expectations. In this, it is stressed that all staffs
should adhere to Crdb bank policy and regulations, preparing the reasonable activity to
achieve the goals, making constant performance evaluation and controlling expenditure as
provided by the Crdb bank.
The researcher obtained views from the respondents regarding the clarity of the bank
objectives and communication of the same to its employees for the purpose of assessing if
there is a clear direction on risks assessment and control issues. Thus respondents were asked
to indicate if the bank objectives relate to plans and its measurable targets indicators.
Summary of the findings (refer Table 10, appendix 8), indicated that about 100% of
respondents seem to be clear with the plans, objectives and its performance measurement
indicators. This portrays that the bank’s set forth objectives are well communicated by the
higher management to its lower levels, which is the indication of the awareness of the staffs
on what should be done in order to ensure that the set forth objectives are attained. Thus
makes it easy for Audit department to exercises continuous monitoring of the plans and
budget.

4.1.1.4 The working environment in guaranteeing free assurance and consultancy

The aim of this question was to assess the independency, integrity and objectivity of internal
auditors in performing their role.

Integrity and objectivity

In this part respondents were asked to indicate their views about the extent to which they are
satisfied with how the Crdb Bank internal auditors carry out their duties .Majority of
respondents revealed that they are satisfied with the performance of the internal auditors.
They believe that the internal audit function helps the bank to implement its strategic plans,
which ensures organizational goals fulfillment (appendix 7)
Respondents were asked to express their opinion if the internal auditors at Crdb Bank are
performing their duties independently taking in mind the structure of internal audit, the
response summary is shown in Table 7 of appendix 7.According to the results one can say
on average about 93.2.% of the respondents concurred that Crdb bank Internal Auditors
exercise their duties independently, where 6.8% of the respondents were not convinced that
the internal auditors are independent taking in mind the current structure of the audit
department.

Authority and Power of Internal Audit

Internal Audit has no limitation in the course of undertaking their duties. Always they
perform their work based on the criteria best for the performance of the organization. The
Bank’s senior management gives the internal audit department the right of initiative and
authorizes it to have direct access to and communicate with any member of the staff, to
examine any activity or any entity of the bank, as well as to access any records, files or data
of the consultative and decision –making bodies , whenever relevant to the performance of
its assignment (as provided in the Crdb bank internal audit manual).

Independence
To perform their role effectively, Internal Auditors requires organizational independence
from management to enable unrestricted evaluation of management activities and personnel.
To ensure independence, Head of internal audit department report directly to the Board of
Directors and also has direct access to the Board on matters considered of significant
importance to the functioning of the Bank. As shown by the internal audit structure in
Appendix 3.
 CHAPTER FIVE
CONCLUSION AND RECOMMENDATIONS
5.0. Introduction
This chapter summarizes the research report findings as indicated and explained on chapter
four. It gives conclusion remark and recommends the approaches and strategies that can be
adopted in order to ensure that internal audit roles and functions do contribute effectively in
organizational goals fulfillment.
5.1. Conclusion
The aim of this study was to assess the contribution of internal audit roles and functions in
achieving the organizational goals. The study was conducted at Crdb Bank, Kijitonyama
Branch Dar es Salaam. The study revealed the following apart from some few weaknesses
identified, that; internal audit roles and functions was among the key components towards the
success of the Crdb Bank on its operation as a business unity. The high contribution was
measured to the following areas:
The assessment of the critical success factors for internal audit functions revealed that;
Internal Audit is strategically positioned to contribute to business performance as its roles,
mission, structure, do promote business understanding, objectivity, consistency under
appropriate success criteria on one hand, and on the other hand its functions are enabling and
dynamic in meeting business needs under the current business dynamic environment, which
is fully faced with a number of business risks..
On top of that, an assessment of coordination and communication of the activities and risks
to appropriate areas of the organization revealed that internal audit roles and activities do
help the bank in attaining its goals through effective Internal Control System (designing and
follow up), efficient planning and budgetary control, adequate Audit reports and proper Audit
planning and recommendations made which in turn are effected by management and the
board of directors.
Lastly, the contribution of internal audit activities as assurance providers and consultants in
assisting Crdb Bank in achieving its goals is evidenced by the possession of proper power
and authority by the internal auditors, and the reporting relationship the department has,
which indicates that the department has high degree of independence though not perfect,
which enables it to performs its roles and functions with integrity and objectivity.
5.2 Recommendations
With reference to Crdb bank Plc, the analysis has so far proved that Internal Audit roles and
functions have contributed in achieving its goals. However, to maintain and improve their
roles and functions effectively some actions should be taken to enable the internal audit’s
contribution towards goal attainment effective. Following such situation, the researcher
would like to give recommendations on the following areas;

Training
Financial institutions (including Crdb Bank) are operating in a complex business
environment, thus are faced with a number of business risks, and challenges. This require
internal audit staffs with wider and broader minds which is obtained through experience,
attending seminars, training, and Continuing Professional Education (CPE) apart from
educational background attained. Therefore Crdb Bank management should provide its
personnel in audit department with opportunities to attend at various Training and Seminars,
especially those offered by the professional bodies such as the National Board of Accountants
and Auditors (NBAA), as this will increase and improve their contribution to the attaining of
organizational goals.

Staffing level
For the internal audit to perform their responsibilities and play their role of ensuring that the
organization’s goals are achieved, the size of the department in relation to the work load is an
important factor to consider. Since the Bank is expanding its network, in terms of Branches,
the internal audit size should also be looked at by increasing the number of staffs, to ensure
that the size of the department is adequate to curb the workload which is about to come. This
will help the bank to continue enjoying the good services of its internal audit department.

Professionalism
For any success of the organization, clear understanding of business, its goals, mission and
vision is a very crucial factor. The right people in the right department enable that. Thus the
researcher recommends that necessary steps should be taken by the management to place its
human resource into their right professions as this will ensure efficiency of operations.
BIBLIOGRAPHY

ACCA (1992), “Auditing and Investigations”, Longman Group, Uk Ltd

Brink, Victor 2. (1982)” Modern Internal Auditing-Appraising Operations and Controls”, 4TH
Ed, John Wiley and Sons, New York

Basel committee on Banking Supervision, (2002) “Internal Audit in Banks and the
supervisor’s Relationship with Auditors”, A Survey

Crdb Bank Posters (mission and vision, goals and objectives of the organization), Audit
manuals and Accounting manuals.

Deloitte & Touche LLP and affiliated entities, Ernest & young 2005, Cherry,Bekaert &
Holland 2004-07.”Outsourcing of internal audit functions”

Iane.G .www.ecgc. “Roles and key functions of Internal Audit”.

IFAC ,(2005), “Handbook of International Auditing, Assurance and Ethics Pronouncement”.

KPMG,”Critical Success Factors for an internal audit”, http//: www.kpmg.com.sg

KPMG Flash report 03FR-006(2003):”Principles of good Corporate Governance and Best

practices Recommendations”

Monroe Bancorp and Monroe Bank. Cairril.com. sound audit committee

Millichamp A.H,(6TH Edition), “Auditing”, D.P.Publications, London.

Mhilu F.M.H (2002), “Advanced Auditing and Investigation”, NBAA-Tanzania

Woolf, E; (Latest Edition) , “Auditing Today”, Englewoodcliffs.

Mwisho, A.M. (2004), “The Basic of Auditing”, VL 1, Mzumbe University, Tanzania..

NBAA’s Study Manual in Auditing.

APPENDIX 1.General Questionnaire for BOA staffs

Dear respondent,

Right in your hands is a set of questions waiting for your response. The questions are
purely for academic purposes and not otherwise, taking in mind that this study is a partial
fulfillment of my bachelor degree at Mzumbe University. The study aims to assess the
contribution of internal audit roles and functions in achieving organizational goals.

Could you please try as much as you can to respond to the questions provided below. I
sincerely thank you in advance for your readiness and positive response. Upon completion of
this questionnaire you may return to me in hand or via the following address;

Herry Kalawa

Crdb Bank Tanzania,

BOX .

Dar es Salaam.

Email:kaherry21@gmail.com

Please answer as per QUESTION REQUIREMENT. TICK where appropriate!

1. What is your profession? .....................................................................

2. For how long have you been practicing the field? ..................................
3. What is your role in your respective unit at Crdb Bank?
A. Decision Maker ( )
B. Head of department ( )
C. Support Staff ( )

4. Does the Bank has clear objectives and have been communicated so as to provide
effective direction to employees on risk assessment and control issues? For example do
objectives and related plans include measurable performance targets and indicators? Tick
only one answer.
A. Yes ( )
B. No ( )

5. Is there a clear understanding by management and others within the Bank of what risks
are acceptable to the board? Tick only one answer.
A. Yes ( )
B. No ( )

6. Do the organization’s culture, code of conduct, human resource policies and performance
reward system support the business objectives, risk management and internal control
system? Tick only one answer
A. Yes ( )
B. No ( )

7. Does senior management demonstrate through its actions as well as policies the necessary
commitment to competence, integrity and fostering the climate of trust within the
organization? Tick only one answer.
A. Yes ( )
B. No ( )

8. How can you rank the level of performance of internal audit work towards organizational
goals fulfillment? Tick only one answer.
 A. Very Good ( )
B. Good ( )
C. Bad ( )

9. What is the level of Crdb bank employees in complying with the policies and procedures
of the entity? Tick only one answer.
A. Very Good ( )
B. Good ( )
C .Bad ( )

10. Authority, responsibility and accountability should be defined clearly such that
decisions are made and actions taken by appropriate people, this implies effective internal
control. Is this taking place at Crdb bank?

A. I agree ( )
B. I disagree ( )
C. Not familiar ( )

11. Is there a necessity of internal audit if the internal control system works well and external
audit perform their duties well? Tick only one answer.
A. Yes ( )
B. No ( )
C. I don’t know ( )

12. Internal audit is an independent, objective assurance and consulting activity

designed to add value and improve an organization’s operations. Do you think that
internal auditors at Crdb Bank base on that?

A. Yes ( )
B. No ( )
13. Do you agree or disagree that the presence of internal audit in your organization has
brought some improvements in performance?

If agree, what are those improvements?

(i) …………………………………………………………………………

(ii)…………………………………………………………………………

14. Do you think that in the long term internal auditing will bring any benefits to Crdb Bank?
Yes  No 

If yes, spell out any:

(i)……………………………………………………………………………

(ii)……………………………………………………………………………

15. On your own judgment .Do you think that internal auditors real help the Bank to meet its
objectives?
Yes  No 
If yes, spell out any/how!

(i)……………………………………………………………………………

(ii)……………………………………………………………………………

16. Auditors are required to be objective, independent, and act with integrity in undertaking
their responsibility .In the best of your knowledge, do you think that internal auditors at
Crdb Bank execute their work independently, with integrity and objectivity?
Yes  No 
 If no; spells out why!

(i)……………………………………………………………………………

(ii)……………………………………………………………………………

Thanks so much! Your time devoted into filling this questionnaire is highly appreciated.

APPENDIX 2. Questionnaire for Audit and Accounts staffs

Dear respondent,

Right in your hands is a set of questions waiting for your response. The questions are
purely for academic purposes and not otherwise, taking in mind that this study is a partial
fulfillment of my bachelor degree at Mzumbe University. The study aims to assess the
contribution of internal audit roles and functions in achieving organizational goals.

Could you please try as much as you can to respond to the questions provided below. I
sincerely thank you in advance for your readiness and positive response. Upon completion of
this questionnaire you may return to me in hand or via the following address;

Herry Kalawa

Crdb Bank Tanzania,

BOX .

Dar es Salaam.

Email:kaherry21@gmail.com

Please answer as per QUESTION REQUIREMENT. TICK where appropriate!

1. What is your professional? ........................................................................................

2. For how long have you been in the field? .................................................................
3. What department are you working with currently? ..................................................
a. Audit ( )
b. Accounts & Finance ( )
4. What is your role in your respective unit at Crdb Bank?
a. Head of department ( )
b. Support Staff ( )
5. Does the department appear to be using its time and resources effectively and
efficiently?
a. Yes ( )
b. No ( )
c. Not sure ( )
6. Is the department’s size and structure adequate to meet its established objectives?
a. yes ( )
b. no ( )
c. not sure ( )
7. Does internal audit structure promotes objectivity, consistency and business
understanding.

a. Yes ( )
b. No ( )
c. not sure ( )
8. On your own experience, does internal audit department appear to be objective?
 a. Yes ( )
b. No ( )
c. Not sure ( )
If NO why?
…………………………………………………………………………………
9. Is the technical knowledge of the department members sufficient to ensure that duties
are performed appropriately?
a. Yes ( )
b. No ( )
c. Not sure ( )
10. Are there audit department members with sufficient information systems, auditing
expertise to address the level of technology used by the organization?
a. Yes ( )
b. No ( )
c. Not sure ( )
11. Is the audit department work planned appropriately?
a. Yes ( )
b. No ( )
c. Not sure ( )
12. Does planning include written audit plan and programs?
a. Yes ( )
b. No ( )
c. Not sure ( )
13. Does internal audit strategic plan assess risks and ensure reliable reporting and
compliance with laws and regulations?
a. Yes ( )
b. No ( )
c. Not sure ( )
14. What types of reports are issued by the internal audit department and for whom?
…………………………………………………………………………………….
15. Are the internal audit report issued on timely basis?
 a. Yes ( )
b. No ( )
c. Not sure ( )
16. Do the internal audit reports include sufficient detail for effective action by
management and/or the audit committee?
a. Yes ( )
b. No ( )
c. Not sure ( )

17. Does the management respond in an appropriate and timely fashion to significant
recommendations and comments made by the internal auditors?
a. Yes ( )
b. No ( )
c. Not sure ( )
18. Do internal audit procedures encompass both operational as well as financial areas?
a. Yes ( )
b. No ( )
c. Not sure ( )
19. Is the department’s work concentrated in areas of high risk, judgment, and sensitivity?
a. Yes ( )
b. No ( )
c. Not sure ( )
20. Internal Audit standards require the development of a plan of audit engagements
(projects) based on a risk assessment, updated at least annually, to ensure that audit
`activity is aligned with the organization’s objectives Does this take place in your
organization?
a. Yes ( )
b. No ( )
If NO; spells out why!
 (i)……………………………………………………………………………

(ii)……………………………………………………………………………

21.On your own view, what could be done in the future to maximize the department’s
effectiveness and efficiency?
…………………………………………………………………………………….

22. I will also appreciate if you supply any other general opinion below if any.
……………………………………………………………………………………
……………………………………………………………………………………

THANKS FOR YOUR MUXIMUM COOPERATION!

 APPENDIX 4
A. Views on the internal audit strategic position to contribute to business performance.
Table 1.
Not Total
TEST Yes % No % familiar % respondents
Views on the Clarity of the Internal Audit roles
and mission 7 87.5% 0 0% 1 12.5% 8
Do Internal Audit structure promotes objectivity,
consistency and business understanding 10 84% 1 8% 1 8% 12
Is the size Internal Audit structure adequate to
meet its objectives 8 66% 2 17% 2 17% 12
Do theobjectives and related plans include
measurable performance targets indicators? 8 100% 0 0% 0 0% 8
Averages
Internal audit strategic position contributes to business performance
Yes=(87.5%+84%+66%+100%)/4=84.4%
No=(0%+8%+17%+0%)/4=6.3%
Not familiar= (12.5%+8%+17%+0%)=9.3%

Table 2.Views on the contribution of Internal Audit activities , in adding value to the business.

Total
Test Agree % Disagree % respondents
Views on the contribution of Internal Audit
activities , in adding value to the business 8 100% 0 0% 8
views on whether the presense of internal audit
in BOA has brought some improvement 7 87.5% 1 12.5% 8

Averages
Contribuion of internal audit activities in adding value to the business
agree=(100%+87.5%)/2=93.75%
Disagree= (0%+12.5%)/2=6.25%

APPENDIX 5
Table 3. Views on Internal Audit’s processes in enabling , and its dynamic position in meeting business
needs

Not Total
Test Yes % No % familiar % respondents
a. Proper planning of internal audit work 11 92% 0 0% 1 8% 12
b .Presence of written internal audit plan and
programs 10 84% 1 8% 1 8% 12
c. Sufficiency of Internal Audit strategic plan in
assessing risks and reliable reporting and compliance
with laws & regulations 11 92% 0 0% 1 8% 12
d. Internal Audit's work concentration in areas of high
risk, judgment and sensitivity. 12 100% 0 0% 0 0% 12
e. Development of a plan of audit engagement
(project) based on risks assessment, and assurance of
its up to date. 11 92% 1 8% 0 0% 12
f. Sufficiency of technical knowledge of the Internal
Audit staffs in ensuring that duties are performed
appropriately 10 84% 0 0% 2 16% 12
g. The presence of audit staffs with sufficient
information system, auditing expertise in addressing
technological level used by the Organization. 10 84% 0 0% 2 16% 12
h. The ability of Internal Audit staffs in developing
and managing the relationship with its key
stakeholders. 9 75% 1 8% 2 17% 12
i. Do you think in the long term internal audit will
bring the benefits to BOA Bank? 7 87.5% 0 0% 1 12.5% 8
j.Do you think that internal Auditors real help the
bank to meet ita objectives? 8 100% O 0% 0 0% 8

Averages
Internal Audit functions in enabling and its dynamic position in meeting business needs
Yes= (92%+84%+92%+100%+92%+84%+84%+75%+87.5%+100%)/10=89%
No= (0%+8%+0%+0%+8%+0%+0%+8%+0%+0%)/10=2.4%
Not familiar= (8%+8%+8%+0%+0%+16%+16%+17%+12.5%+0%)/10=8.6%
 APPENDIX 6

C. Views regarding coordination of the activities and communication of risks to appropriate areas of the
organization.
Table 4.
Not Total
Test Yes % No % familiar % respond
a. To support if Internal Control System is in line
with organization culture, code of conduct, human
resources policies and performance reward system. 6 75% 0 0% 2 25%
b. Effectiveness of Internal Control System as
supported by clear definition of authority,
responsibility and accountability. 7 88% 0 0% 1 12%
 c. The need of Internal Audit in the presence of
effective Internal Control System and External
Auditors. 6 75% 1 12.5% 1 12.5%
d. Issue of the Internal Audit report on timely
basis 10 84% 1 8% 1 8%
e. Adequacy of the Internal Audit reports 11 92% 1 8% 0 0%
f. Do internal audit procedures encompass both
oprational as well as financial areas? 11 92% 0 0% 1 8%
g.Appropriate and timely response by management
towards recommendations and comments made by
Internal Audit 12 100% 0 0% 0 0%
h.Views on the clarity of the bank objectives and
plans in relation to its measurable performance
indicators 8 100% 0 0% 0 0%

Averages
Proper coordination and communication of activities and risks to appropriate areas
yes= (75%+88%+75%+84%+92%+92%+100%+100%)/8=88.3%
No= (0%+0%+12.5%+8%+8%+0%+0%+0%)/8=3.6%
Not familiar=(25%+12%+12.5%+8%+0%+8%+0%+0%)/8=8.1%

Table 5.
Very Total
good % good % bad % respond
i.Level of BOA employees in complying with the
policies and procedures 6 75% 2 25% 0%

APPENDIX 7

D. Does the working environment guarantee the free assurance and consultancy?
Table 7.Test if the internal audit working environment guarantee free assurance and consultancy.
 Not Total
Test Yes % No % familiar % respondents
a).Does I.A department appears to be objective? 11 92% 1 8% 0 0% 12
b).Do you think that I.A execute their work independently
with integrity and objectvity? 8 100% 0 0% 0 0% 8
c).I.A is an independent, objective assurance and
consulting activity, designed to add value and improves
organization's operations.Does internal audit practice that? 7 87.5% 0 0% 1 13 8

Averages
internal auditors working environment guarantee free assurance and consultancy
Yes = (92%+100%+87.5%)/3= 93.2%
No = (8%+0%+0%)/3=2.7%
Not sure= (0%+0%+12.5%)=4.1%