...THE IMPACT OF INTERNAL AUDIT ROLE ON RISK MANAGEMENT IN UAE PHD proposal Presented to (Dr Puah Chin Hong) Faculty of Economics and Business University of Malaysia Sarawak Presented By Muhammad Usman Research Proposal for PHD Admission: Presented By Muhammad Usman Page 1 TABLE OF CONTENTS 1.0 2.0 INTRODUCTION BACKGROUND 2.1 2.2 2.3 2.4 3.0 4.0 A brief history of internal auditing The role of the internal auditor Role of the risk management function The internal auditor and the risk management process PROBLEM STATEMENT RESEARCH OBJECTIVES 4.1 Specific Research Questions 5.0 6.0 7.0 8.0 9.0 IMPORTANCE OF STUDY SCOPE OF STUDY RESEARCH DESIGN THE LITERATURE REVIEW DATA COLLECTION & SAMPLING 9.1 9.2 Survey by questionnaire and interviews Sample selection 10.0 11.0 DATA ANALYSIS REFERENCES Research Proposal for PHD Admission: Presented By Muhammad Usman Page 2 1.0 INTRODUCTION The audit function has been performed at least since the fifteenth century. However internal auditing has developed most rapidly throughout the twentieth century as a core tool of risk assessment. Today, in businesses worldwide, the internal audit function is becoming very important for achieving the objectives of organizations. In recent years, UAE market has recognized the importance of the internal audit function, which is why that function has been established in some public as well as private companies. These companies setup audit functions to deal with the assessment...
Words: 2567 - Pages: 11
...ADVANCING CREDIT RISK MANAGEMENT THROUGH INTERNAL RATING SYSTEMS At Bank for Investment and Development of Viet Nam JSC (Transaction office no.8 ) Table of Contents Foreword Part I : Overview of Bank Credit risk management and The theoretical basis of Internal rating systems 1. The activities of commercial banks 1.1. The concept of a commercial bank. 1.2. Operation and Performance of Commercial Banks 2. Managing Operational risk in banking 3. Definition of an Internal Rating System 4. Rating models 4.1. Outlines of Rating Models 4.2. Validation of Rating Models 4.3. Adjusting Rating Models 5. Uses of Internal Rating Systems 6. Benefits of Using an Internal Rating System Part II : Current situation of Credit activities and Internal rating systems at BIDV ( Transaction office no.8 ) 1. General introduction of Bank for Investment and Development of Viet Nam JSC ( BIDV ) 2. Current business status of BIDV 2.1. Socio-economic situation in the period of 2008-2012 2.2. Situation of BIDV business operations in the period of 2008-2012 3. Situation of BIDV Credit quality in the period of 2008 – 2012 3.1. Current situation of BIDV Credit quality 3.2. Achivement of BIDV Credit activities 3.3. SWOT analysis on Credit activities of BIDV branches 4. Current situation of Internal rating systems at BIDV 4.1. Current situation of Credit Risk Management at BIDV 4.2. Current situation of Customer rating systems at BIDV (Transaction office no. 8) ...
Words: 398 - Pages: 2
...换一个你的 School of Management, University of Glamorgan Research on Internal Audit Participate in Risk Management-Based on the ERM Framework of COSO By: Weichen Zhu Candidate no: 学号 September 2012 Supervised by: 你导师的名字 The dissertation is submitted as part of the requirement for the award of Masters of Science: 你专业的名字 Declaration This Dissertation has been prepared on the basis of my own work and that where other published and unpublished source materials have been used, these have been acknowledged. Word Count: Student Name: __________________ Signature: ______________________ Date of Submission:______________ Acknowledgement This is my first time to go aboard for studying. During different campus life in the UK, it is wonderful with deep impression. I learned how to use my internal power to make things happen and how to live my own life. All efforts contribute to my growth, but I cannot forget people who encourage and help me. Probably, I am not happy to study in my whole postgraduate time without support. Firstly, I would like to thank my supervisor 你导师的名字. He helps me develop the ideas and complete this dissertation. Especially, when I make a survey in China, I communicate with him through email. Sometimes, I am afraid that my timetable could have bad effects on him. However, he usually gives me feedback as soon as possible. Therefore, I only use 20 days to finish my survey. This kind of strong professional ethic is worth to learn...
Words: 20009 - Pages: 81
...Risk based internal auditing Background Over the last few years, the need to manage risks has become recognised as an essential part of good corporate governance practice. This has put organisations under increasing pressure to identify all the business risks they face and to explain how they manage them. In fact, the activities involved in managing risks have been recognised as playing a central and essential role in maintaining a sound system of internal control. While the responsibility for identifying and managing risks belongs to management, one of the key roles of internal audit is to provide assurance that those risks have been properly managed. We believe that a professional internal audit activity can best achieve its mission as a cornerstone of governance by positioning its work in the context of the organisation's own risk management framework. ________________________________________ What is risk based auditing? Our definition IIA defines risk based internal auditing (RBIA) as a methodology that links internal auditing to an organisation's overall risk management framework. RBIA allows internal audit to provide assurance to the board that risk management processes are managing risks effectively, in relation to the risk appetite. Is the organisation ready? Every organisation is different, with a different attitude to risk, different structure, different processes and different language. Experienced internal auditors need to adapt these ideas to the structures...
Words: 720 - Pages: 3
...Enterprise Risk Management — Integrated Framework Executive Summary September 2004 Copyright © 2004 by the Committee of Sponsoring Organizations of the Treadway Commission. All rights reserved. You are hereby authorized to download and distribute unlimited copies of this Executive Summary PDF document, for internal use by you and your firm. You may not remove any copyright or trademark notices, such as the ©, TM, or ® symbols, from the downloaded copy. For any form of commercial exploitation distribution, you must request copyright permission as follows: The current procedure for requesting AICPA permission is to first display our Website homepage on the Internet at www.aicpa.org, then click on the "privacy policies and copyright information" hyperlink at the bottom of the page. Next, click on the resulting copyright menu link to COPYRIGHT PERMISSION REQUEST FORM, fill in all relevant sections of the form online, and click on the SUBMIT button at the bottom of the page. A permission fee will be charged for th e requested reproduction privileges. Committee of Sponsoring Organizations of the Treadway Commission (COSO) Oversight COSO Chair American Accounting Association American Institute of Certified Public Accountants Financial Executives International Institute of Management Accountants The Institute of Internal Auditors Representative John J. Flaherty Larry E. Rittenberg Alan W. Anderson John P. Jessup Nicholas S. Cyprus Frank C. Minter Dennis L. Neider William G. Bishop...
Words: 3205 - Pages: 13
...29, 2004 The Role of Internal Auditing in Enterprise-wide Risk Management In conjunction with the newly released Committee of Sponsoring Organizations of the Treadway Commission (COSO) Enterprise Risk Management - Integrated Framework, The Institute of Internal Auditors (IIA), in coordination with its IIAUK and Ireland affiliate, has issued a position paper on The Role of Internal Audit in Enterprise-wide Risk Management. The paper's purpose is to assist chief audit executives (CAEs) in responding to enterprise risk management (ERM) issues in their organizations. The paper suggests ways for internal auditors to maintain the objectivity and independence required by The IIA's International Standards for the Professional Practice of Internal Auditing (Standards) when providing assurance and consulting services. Internal auditing's core role with regard to ERM is to provide objective assurance to the board on the effectiveness of an organization's ERM activities to help ensure key business risks are being managed appropriately and that the system of internal control is operating effectively Recommended Roles The main factors CAEs should take into account when determining internal auditing's role are whether the activity raises any threats to the internal auditors' independence and objectivity, and whether it is likely to improve the organization's risk management, control, and governance processes. The IIA's position paper indicates which roles internal auditing should and should...
Words: 3877 - Pages: 16
...Risk management In this section a summarized position of various risks facing DBBL while conducting its business and operations and steps taken by the Bank to effectively manage and mitigate such risks are discussed. RISK MANAGEMENT FRAMEWORK Risk is defined by DBBL as risk of potential losses or foregone profits that can be triggered by internal and external factors. Therefore, the objectives of risk management are identification of potential risks in our operations and transactions, in our assets, liabilities, income, cost and off-balance sheet exposures and independent measurement and assessment of such risks and taking timely and adequate measures to manage and mitigate such risks within a risk-return framework. In DBBL, only calculated risks are taken while conducting banking business to strike a balance between risk and return. Risk is clearly identified, mitigated or minimized and if possible eliminated to protect capital and to maximize value for shareholders. It is also ensured that on-balance sheet and off-balance sheet risks taken by the Bank are consistent with risk appetite and short term as well as long term strategic objectives of the Bank. A wide range of tools and techniques are used to address & mitigate all kinds of inherent and potential risks in banking operations. The Bank attaches highest priority to establish, maintain and upgrade risk management infrastructure, systems and procedures. In this regard, sufficient resources are allocated to improve...
Words: 2576 - Pages: 11
...Evaluating Internal Controls Lisa Cook ACC 544 October 31, 2011 Bret Mann Checklist for Evaluating Internal Controls Internal Control is to assist companies with reviewing and assessing its accountability within the organization. Internal controls are best practices for an organization that sets the tone and its main purpose is reducing business risk by controlling loss because of the misuse of the company’s assets. Fraud is sure to be detected through internal controls as well as help with the accuracy of its financial reporting. This analysis will provide a comprehensive checklist for evaluating internal controls and show how to apply the checklist to outline phases of the control evaluation. Evaluating Internal Controls Checklists The Committee of Sponsoring Organization (COSO) defines controls as the “process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following three categories: * Reliability of financial reporting. * Effectiveness and efficiency of operations. * Compliance with applicable laws and regulations. Internal control is designed to achieve objectives in various categories” (Louwers, et al, 2007, p. 149). The purpose for an internal control checklist is to analyze the efficiency of the organization’s controls in place, document the controls, and make recommendations and necessary improvements. Management is the responsibility...
Words: 785 - Pages: 4
...Internal control, internal audit and risk management Internal control is under the Board of Director's responsibility. Internal control's function is, among other things, to ensure the efficiency and profitability of operations, the reliability of information, and adhering to rules and regulations. Internal control is a part of day-to-day management and company administration. An essential part of internal control is the Internal Audit, which operates as a separate unit under the CEO and reports its observations to the Board of Directors. The Internal Audit supports the Group's/ Company’s management in directing operations by inspecting and evaluating the efficiency of business operations, risk management and internal control, and by producing information and recommendations to enhance efficiency. The Internal Audit also inspects the processes of business operations and financial reporting. Internal Audit's directive have to be approved by the Group’s / Company’s Board of Directors. The operations of the Internal Audit are guided by being risk-focused and emphasizing the development of business operations. Risk management The goal of risk management is to secure the Group's / Company’s earnings development and to ensure that the Group/Company operates without any disturbances by controlling risks in a cost efficient and systematic manner in all divisions/departments. The Board of Directors must approve the Group’s / company's risk management principles, which concern...
Words: 684 - Pages: 3
.......................................... 2 2. IT Governance Risks................................................................................................................................... 7 3. Aligning the Organization and IT — Key Considerations................................................................ 12 4. The Role of Internal Audit in IT Governance............................................................................ 15 Conclusion....................................................................................................................................................... 18 Authors and Reviewers.............................................................................................................................. 18 Appendix — IT Governance Risk Assessment/Engagement Planning Considerations............................................. 19 iv GTAG — Executive Summary Executive Summary To support the heightened importance of IT governance and the mandatory nature of the International Standards for the Professional Practice of Internal Auditing (Standards), this GTAG provides internal auditors with the foundational knowledge necessary to fulfill their responsibilities in providing both assurance and consulting services, applicable in the public and private sector. Some of the key areas of IT governance internal auditors should address are: As defined by The Institute of Internal Auditors’ (IIA’s)...
Words: 10762 - Pages: 44
...Enterprise Risk Management — Integrated Framework Executive Summary September 2004 Copyright © 2004 by the Committee of Sponsoring Organizations of the Treadway Commission. All rights reserved. You are hereby authorized to download and distribute unlimited copies of this Executive Summary PDF document, for internal use by you and your firm. You may not remove any copyright or trademark notices, such as the ©, TM, or ® symbols, from the downloaded copy. For any form of commercial exploitation distribution, you must request copyright permission as follows: The current procedure for requesting AICPA permission is to first display our Website homepage on the Internet at www.aicpa.org, then click on the "privacy policies and copyright information" hyperlink at the bottom of the page. Next, click on the resulting copyright menu link to COPYRIGHT PERMISSION REQUEST FORM, fill in all relevant sections of the form online, and click on the SUBMIT button at the bottom of the page. A permission fee will be charged for th e requested reproduction privileges. Committee of Sponsoring Organizations of the Treadway Commission (COSO) Oversight COSO Chair American Accounting Association American Institute of Certified Public Accountants Financial Executives International Institute of Management Accountants The Institute of Internal Auditors Representative John J. Flaherty Larry E. Rittenberg Alan W. Anderson John P. Jessup Nicholas S. Cyprus Frank C. Minter Dennis L. Neider William G...
Words: 3205 - Pages: 13
...| Internal Auditing in Not-For-Profit Organizations | TABLE OF CONTENTS ABSTRACT: 2 INTRODUCTION 2 SECTION I: CORPORATE GOVERNANCE 3 1. Corporate Governance Reforms Relevant to NPOs 3 2. Audit Committees of NPOs 4 SECTION II: RISK MANAGEMENT 6 1. Absence of Risk Management in NPO 6 2. Reasons for Risk Management in NPO 7 3. Process of Risk Management in NPO 9 SECTION III: INTERNAL CONTROLS 10 1. An illustrative example 10 2. Good Internal Controls 11 3. Strengthening Internal Controls 12 CONCLUSION 14 ABSTRACT: This paper discusses internal auditing in not-for-profit organizations (NPOs). Specifically, our goal is to identify the role of the internal audit in NPOs by focusing on key areas such as corporate governance, audit committees, risk management and internal controls in NPOs. We will look at corporate governance reforms relevant to NPOs, including provisions of the Sarbanes-Oxley Act that would be applicable to NPOs and some important attributes of the audit committee such as independence of members. We will highlight the role risk assessment plays in NPOs, the reasons to have a risk management function in NPO and the process of risk management. To finish, a focus will be made on internal controls as they are important for all organizations including NPOs for accountability motives. Strong internal controls can help NPOs achieve their mission. Overall, our findings conducted to the conclusion that internal auditing function is very important...
Words: 4024 - Pages: 17
...be successful, it is essential that the management team take steps to identify, access and manage risk. For many businesses, risk management has been identified as a way to thwart and reduce losses, as well as develop business performance. A collection of new tools have been introduced over the past few years to help measure enterprise risk. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has also played a major role in helping companies manage risk. COSO was formed in 1985 and is a U.S. private sector initiative whose major goal is to identify the different factors that lead to fraudulent activities such as fraudulent financial reporting and make recommendations to reduce the incidences. COSO established a variety of internal controls and criteria that companies and organizations can use to assess their control systems in order to manage risk. “In 2001, COSO initiated a project, and engaged PricewaterhouseCoopers, to develop a framework that would be readily usable by managements to evaluate and improve their organizations’ enterprise risk management” (COSO Executive Summary, 2004). Based on the many COSO recommendations of risk management, many companies and businesses have implemented enterprise risk management techniques within their organization. The goal of this paper is to summarize a plan to apply enterprise risk management for New Mexico Solutions. “The underlying principle of enterprise risk management is that every entity exists to provide...
Words: 1169 - Pages: 5
...Risk Management Planning Carvella Bennett Everest University Risk management planning is the process of developing options and actions to enhance opportunities and reduce threats to project objectives. Risk management implementation is the process of executing risk management actions. Effective crisis response begins with effective decision-making. Good initial decisions can make even a catastrophe manageable; bad decisions can fatally exacerbate an otherwise small problem. In both cases, the window of opportunity for initial decision making is extremely small and closes rapidly. Once the moment for decision making has gone, it does not come back. Proper crisis response is about developing a range of emergency management options that can be exercised and that focus on what could happen, not what will happen. This is achieved through practice, and lots of it. It is no easy task getting a crisis management team together for the first time during an unfolding emergency. In all cases, the best crisis management results are delivered on-site and in the same time zone. However centralized a company may be, when it comes to crisis management, even local staffs need to sharpen their crisis management skills because ultimately, those are the ones that will be used when disaster first strikes. When actually organizing a live run-through of the crisis management plan, the scenario should ideally be one in which a business system is disabled. It is better to act this out in a real...
Words: 1668 - Pages: 7
... The purpose of this brief report is to explain the need for the internal control system within the organization. When controls are in place with an insurance and portfolio approach. An internal control system in any organization is a way to regulate, to reduce lost, to minimize risks, and to accomplish the organizational goals and success (McCarthy, 2004). The majority of organizations depend on the insurance approach and the portfolio risk management approach. The company to manage a business risk is currently using these approaches. It is now being recommended that the company make a transition in order to capture the benefits of an internal control system. Explained below are the two types of currently used approaches, insurance and portfolio, that are used within the organization. Insurance approach The insurance approach is generally used to ensure the acquirement to transfer certain types of risks that could affect the business property, the business assets, and affect the employees (McCarthy, 2004). The insurance approach used as a tool to prevent business losses; in addition, it is more like a financial risk tool than management risk tool. This approach will diminishes the impact of the losses, protecting the business assets from potential losses, therefore, making the insurance approach more reactive, than proactive (McCarthy, 2004). Portfolio risk management The portfolio risk management is more structured and complex approach, which gives procedures and...
Words: 800 - Pages: 4