Example of risk management essay

– . The Institute of Internal Auditors””? (IIA””? s) Code of Ethics and International Standards for the Professional Practice of Internal Auditing (Standards) [Chapter 2]
One of the fundamental roles of internal auditing is to ensure that ethical behavior is promoted among the internal auditors. The ethics outline the principles and expectations that an internal auditor should possess while conducting internal auditing to improve the effectiveness of risk management. Ethics explain the principles that an internal auditor should follow while carrying out auditing. It also outlines the qualities that an internal auditor should possess. The standards put in place help an internal auditor to carry out quality internal assessment of the books of account. (Reding, Sobel, Anderson, Head, Ramamoorti, Salamasick, Riddle. 2009)
– Inherent Risk versus Residual Risk [Chapter 4]
– Inherent risks are those risks that can be measured in terms of the likelihood and impacts without necessary first taking into account any risk response which the organization may have already in place. On the other hand, residual risk is the risks that are measured in terms of the impacts and the likelihood only after taking into account various risk management responses which the organization may have already in place.
– Risk response is the way the organizations react to a particular risk within the work force. Allowing more part-time and telecommunicating; this will entice the older workers to stay and extend their careers with the organization. The organization will still be able to benefit from the vast knowledge and experience of the old hence minimizing high employee turnover.
Increasing the retirement age; the organization may increase the retirement age for the workforce that is already available in the organization. This will reduce the high employee turnover.
Moving from pay systems that are seniority based to performance based; this will help to attract more workers who are young and performers hence the aging population may not affect the productivity of the organization. More workers will be attracted even as the older ones retire because pay is based on performance and not age.
– Assurance versus Consulting Services [Chapters 1, 2, 9, 12, and 15]
– Difference
Assurance focuses the reliability of information that has been provided by the auditor. Assurance depends on the nature and the accuracy of procedures used by the auditor in his/her work while consulting refers to the giving out of professional advice by the auditor after carrying out his auditing work. It involves making judgements about a given situation which can be relied on by the user of the consultant’s advice

Similarities

Both are terminologies used by auditors in their work hence can be used to solve the problems that might be available in the organization such as bad management. Both are used during the auditing process of planning, performing and management in order to ensure that the auditing process is carried out efficiently and effectively.
– This is because they believe consulting might hinder their objectivity hence interfering with the process of auditing which should be independent.
– Integrity; he should be straightforward, honest and sincere in his approach to his professional work such as consulting
– Competence; should be able to carry out his work with due care and skill in conformity with professional and ethical standards provided.
– Confidentiality; the advice given should be confidential and should not be exposed to the third parties.
– Making recommendations; the auditor may recommend on certain recommendation as how the management can be improved. This might impact positively on the goods and services offered by the organization hence attracting more clients and qualified employees. When management is good, qualified employees may be attracted to join the organization.
Give advice about financial issues in the organization; internal auditor may provide advice about the best procedures and reporting standards that should be applied to ensure accuracy and transparency of the accounting system. This might help to prevent financial frauds that come as a result of application of outdated reporting standards.
– Roles and Responsibilities of a Chief Audit Executive [Chapters 2 and 9]According to (Jones
– 1999), chief audit executive has two fundamental roles
– Examining and evaluating the organization’s systems of internal control
– Being familiar with the goals, policies and the processes of the organization in order to fully and perfectly exercise his duties
– The chief audit executive reports directly to the management and the audit committee.
– He has the responsibility for producing annual assessment about the effectiveness of the organization’s risk management and the control processes as defined by the board of governance.
– I will ensure that I define the boundaries of my roles clearly as chief auditor executive and then handle the roles separately and effectively.
– Risks, Controls, and Audit Tests [Chapters 4, 5, 6, and 13]Significance in order
– Helping individual acquire Jobs; this is the most significant because it enables individuals from the community to earn a living and be independent citizens who can also help other members from their families
– Increasing Job skills of individual through training; this enables them to acquire Jobs
– Identification of individuals eligible for specific training
– Determining whether individuals need both general and specific training or not.

RISK

– HIGH
Being infected by diseases; organization is made up of different people from different background. One might attract diseases such as H. I. V and AIDS while in the work place, one can respond by accepting to live with the virus. I have classified it as high risk because once one is infected he/she cannot be cured. This might be a big set back to the organization in terms of its productivity (Pickett 2011).
– MEDIUM
Injuries while on duty; an individual might get serious injuries while at work; the manager should ensure that first aid kits are available and safety apparatus are in place.
– LOW
Layoff as a result of organization restructuring and downsizing; this might lead to the loss of Job. An individual may respond by searching for Job elsewhere or doing self employed Jobs such as entrepreneur. Improving production to reduce the rate of layoff

IMPACT

– HIGH
Experienced workers may be lost further reducing productivity. It is classified as high because once the worker has attracted the Virus, then it is certain that he/she might not proceed with the Job especially when the virus is at advanced stage. This lowers productivity.
– MEDIUM
Injuries might lower morale of the worker hence reducing productivity. Classified as medium because the injured workers can be treated then brought back to work. The productivity reduction will be for a short term effect.
– LOW
May affect the morale of the other remaining employees. This might also reduce productivity. it is classified as low because layoffs are very rare in the organization

PROBABILITY

– HIGH
The probability of success following injuries of a worker while on duty is still high. This is because, the worker may be treated and then he/she continues to work.
– MEDIUM
Where most employees have been laid off, the probability of success is a half because it is not certain that the organization will get workers with the same knowledge and skills.
– LOW
Where the organization loses workers because of being infected by HIV, the probability of success may be very low. This is because, the experienced and most skilled workers may be lost from the organization.

All the control activities mentioned will undergo the following auditing procedures

– Planning
Here the auditor conduct a risk workshop in order to identify key risks and then carry out risk awareness and then draft an audit plan after which he schedule a meeting.
– Opening meeting

Here the scope of the risk is discussed

– Field work

Here the auditor talk with staff, reviewing procedures and then finding out whether the organization comply with relevant regulatory standards.

– Communication

Involve communication of the identified risks and the possible solutions.

– Report drafting

Here the auditor draft a report as regards to the findings on the field work.

– Management response

Here the management response is sort as to whether they agree with the findings

– Closing meeting

Discussion of the audit report in order to find out its usefulness

– Report distribution

Audit report is then distributed to the relevant members

– Follow up
Follow up is made on the risk identified and the guidance put in place to reduce the occurrence of the risk
– Consideration of Fraud in an Internal Audit [Chapter 8]
– According to the (Bik 2010), professional skepticism can be defined as attitudes which include a questioning mind, being alert to conditions which may indicate possible misstatement because of error or fraud and the critical assessment of the audit evidence. Professional skepticism requires the auditor to plan and perform an audit with professional skepticism bearing in mind that certain circumstances might cause the financial statement to be materially misstated.
It is important because it plays a fundamental role in the process of audit because it forms an integral part of the auditor’s skill. It enables the auditor to make proper judgement which is key to audit quality. For instance, it enables the auditor to be aware of the nature, timing and the extent of the audit procedures that is to be performed.
– The time budget had been cut from the previous year, and the audit team was under pressure to finish the engagement. The availability of creditors and the staying away of the staff auditors created a good opportunity for the manager to commit fraud. He took the advantage of the situation to steal the money customers had initially made on credit.
– When the auditors were reviewing the analytical procedures performed by the staff auditor and noted that the gross margin percentage at the Wichita store was significantly lower than the gross margin at the main store in Kansas City. Wichita store had booked a year-end adjustment in excess of US $100, 000 a debit to sales and a credit to accounts receivable.
– Senior auditor thought the adjustment was proper since the general ledger balance was in agreement with the subsidiary ledger.
– Tests of Controls and Attribute Sampling [Chapter 11]
Internal control aims at providing reasonable assurance regarding the achievement of the objectives such as effectiveness and efficiency of the operations. I will test the operating effectiveness by reconciling the vendor’s monthly statements to the accounts payable. I will also match the receiving reports to the vendor’s invoices by vouching a sample of vendor’s payment made during the month to the supporting reports. Apart from this I shall also review the client’s documentation of the reconciliations and supplement the evidences by inquiries of the client’s personnel as pertains to the performance of the reconciliation during the year.
The appropriate sample size should be twenty. The sample must have been underestimated and that was why the three items had no purchase. It is therefore appropriate that the sample size be calculated once again.
The sample I obtained was small and therefore lacked representation of the whole population. This might have led to finding three items that had no purchase order. The action I should take is to increase the sample size so as to capture representation of the whole population.
– Elements of an Audit Observation [Chapters 12, 13, and 14]

The following elements were not covered in the observation

Criterion; the initially set criteria was that the employees saving plan was to be matched to the contribution made by the participating employee. However, this criterion was not observed because a number of non-participating employees ended up receiving contribution even after seizing to be members of the organization.
Condition; The condition for giving out contributions was never observed. Condition was that for an individual to receive contributions, and then he ought to be an active member. The Effect; effect of not observing the condition was that the organization runs at a loss of about $85, 000 and therefore the organization is now finding ways of recovering the lost money.

Causes

The cause of the effect was as a result of negligence. Despite the company setting out criterion and the condition for giving out contribution, the company fails to observe the conditions because of negligence. This makes the company to lose unfairly $85, 000 because of giving contribution to members who had seized to be the members of the company long time ago.

References

Reding, K. F, Sobel, J. P Anderson, L. U Head, J. M Ramamoorti, S Salamasick, M Riddle. (2009). Internal Auditing: Assurance & Consulting Services. Altamonte Springs: The IIA Research Foundation.
Bik O, P. (2010). The Behaviour of Assurance Professionals. Eburon: Eburon Uitgeverij B. V.
Jones P. C.(1999). Statistical Sampling in Risk Analysis. U. S. A: Gower Publishing.
Pickett S.(2011). The Essential Guide to Internal Auditing. U. S. A: John Wiley & Sons.