Scribd
Upload
114 views23 pages

Implementing The COSO 2013's New 17 Principles in Audit

1) The document discusses implementing the updated COSO 2013 framework with its new 17 principles for internal controls through a pilot program at the Asian Development Bank. 2) It describes the implementation cycle which included using an internal control questionnaire, peer-to-peer learning with other multilaterals, and two phases of pilot testing from 2015-2016. 3) The pilot found that using an assessment tool like the internal control questionnaire was key to systematically evaluate controls according to the COSO principles, though it took time and effort to complete. The pilot provided lessons for refining the process before a full rollout.

Uploaded by

tunlinoo.067433
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
114 views23 pages

Implementing The COSO 2013's New 17 Principles in Audit

1) The document discusses implementing the updated COSO 2013 framework with its new 17 principles for internal controls through a pilot program at the Asian Development Bank. 2) It describes the implementation cycle which included using an internal control questionnaire, peer-to-peer learning with other multilaterals, and two phases of pilot testing from 2015-2016. 3) The pilot found that using an assessment tool like the internal control questionnaire was key to systematically evaluate controls according to the COSO principles, though it took time and effort to complete. The pilot provided lessons for refining the process before a full rollout.

Uploaded by

tunlinoo.067433
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 23

Implementing the COSO 2013’s

New 17 Principles in Audit


Contents

 Background
 Pilot
 Moving
Implementation Forward
 Actual Case

2
A. Background
• Release of the updated Internal Control—Integrated Framework
(COSO 2013 with new 17 principles)
2013
http://www.coso.org/

• OAG formed an internal COSO 2013 Working Group


2014 (WG)

• ADB Pilot implementation


2015-2016

3
B. Implementation Cycle
Full Roll-Out
Industry
Knowledgebase
Protiviti
OAG Pilot OAG Refined
Ernst & Young ICQ ICQ
ISACA
Feedback
ADB Internal Interview/Online Survey
Attestation Team
Phase 1 Pilot Phase 2 Pilot
Peer-to-Peer Learning with Multi-laterals

2015 2016
Pilot Primary Considerations
What tool do we How to fit into the
use? existing Audit
Methodology?
1. Assessment Tool:
Why Do We Need a Questionnaire?
• The COSO Assessment Template
Principle

Points of
Focus

Assessment

6
6
Assessment Tool:
Protiviti Internal Control Questionnaire (ICQ)

7
Assessment Tool:
The Pilot ICQ

Points to
Consider

Principle
Evaluation
8
8
2. High Level Audit Process
Annual Audit Audit
Plan Engagement

PLANNING

FIELDWORK

REPORTING
2. The Current Audit Planning Process
Annual Audit Audit
Plan Engagement

AUDIT PLANNING PHASE


Controls Risk Assessment
ACTIVITIES

Understand Build Risk Design Finalize


Information
Business and Testing Planning
Gathering
Processes Controls Approach Memo

TESTING
PHASE
DOCUMENT

Business Risk & Testing Final


Process Control Strategy Planning
Flow/Narrative Matrix Memo
KEY OUTPUT

Key Controls
to Test
2. The Proposed Audit Planning Process
Annual Audit Audit
Plan Engagement

AUDIT PLANNING PHASE


Gather Preliminary Information Controls Risk Assessment
ACTIVITIES

Identify Understand Build Risk Design Finalize


Information Complete & Controls Testing
Preliminary Business

TESTING PHASE
Gathering ICQ Planning
Risks Processes Map to Approach Memo
COSO
DOCUMENT

Business Risk & Testing Final


Self-
Process Control Strategy Planning
Assessment ICQ
Flow/Narrative Matrix Memo
KEY OUTPUT

Principles Deficiencies
Key Controls
Assessment in Principles
to Test
3. P2P Learning Initiative with
Multi-laterals
 Early adoption stages
World Bank
UN
 Discussion points include:
 Client involvement
AfDB OECD  Tool
 Audit Management System
support
ITU
ADB  COSO Training Considerations

12
C. Pilot Case: Accomplishing the ICQ
Audit Engagement Pilot Case # 1

Team Effort
 Past audits
 Consultation with OAG Colleagues
 Strategy papers, programs , operations results
shared by clients
 Client Inquiry

Level of Details
Information
Risk Control Monitoring
Control and
Assessment Activity
Environment Communication
Audit subject Audit subject Audit subject
Entity-Level Audit subject specific
specific specific
specific

13
Accomplishing the ICQ
Audit Project 1 Audit Project 2
Control Activity: Principle 10

14
Accomplishing the ICQ

15
15
Accomplishing the ICQ

16
ICQ Link to Planning Memo

17
Link to Risk & Control Matrix

18
Linkages Summary

19
D. Feedback Summary
Benefits Challenges
Systematic method Level of perspective

Added confidence Impact on Timeline

Drives discipline
E. Pilot Take-Aways
• Assessment Tool is key
• Refine/Tailor the Questionnaire

Ready for Phase 2 Pilot!

21
Resources Link
References Used
COSO www.coso.org Internal Control—Integrated
Framework

Executive Summary

Framework and Appendices

COSO Illustrative Tools for Assessing


Effectiveness
IIA www.theiia.org International standards for the
professional practice of internal
auditing
Protiviti www.knowledgeleader.com Internal Control Questionnaire
Ernst & Young http://www.ey.com Internal Control Questionnaire
ISACA www.isaca.org COSO-COBIT Mapping

22
Knowledge
Sharing

23

You might also like