Lessons of an Auditor Introduction Management''s View Section 1: Lessons Learned Introduction Lesson 1: Clarify/Define Management Expectations for Internal Audit Lesson 2: Balance Management Expectations with the International Institute of Auditors Standards Lesson 3: Validate the Internal Audit Charter Is Fact and Not Fiction Lesson 4: Clarify the Purpose and Execution of Risk-Based Auditing Lesson 5: Define "Independent Risk Assessment" in Relation to the Audit Plan Lesson 6: Add Value while Maintaining Independence Scenario: When the CAE Is Expected to Be a Yes Man/Ma''am Lesson 7: Serve the Audit Committee Verbal Communication Lesson 8: Communication of Issues When Management Objects Lesson 9: Understand How the CAE Role and Audit Department Are Viewed Lesson 10: Gaining a "Seat at the Table" Section 2: Is It Legal or Is It Ethical?--The CAE''s Dilemma Introduction Everyone Is Responsible Tone at the Top Is Essential Honesty Is Still the Best Policy Integrity Can Be a Measure of Ethics Corporate Responsibility and Communications Must Be Prevalent Silence Is Not Acceptable Summary Defining the Purpose of the Internal Audit Function Introduction Section 1: Understanding the Definition and Purpose of Internal Audit Challenge 1: Independence and Objectivity Challenge 2: Assurance and Consulting Activity Challenge 3: Add Value and Improve an Organization''s Operation Challenge 4: Disciplined Approach to Evaluate and Improve the Effectiveness of Risk Management, Control, and Governance Processes Summary: Internal Audit Definition Challenges Scope of Internal Audit Professional Standards--Principles for Internal Auditor Effectiveness Section 2: The Internal Charter--Reality or Fiction? Introduction Challenge 5: Internal Audit Charter Challenge 6: Positioning and Authority Section 3: Internal Audit versus Quality Assurance Functions Introduction Internal Audit versus Quality Assurance--The Reality Mini-Audit Functions Scenario: "Mini-Audit" Process Challenge 7: Internal Audit versus Quality Assurance Section 4: Management Expectations versus Standards Introduction Management Expectations and the Standards Certified Internal Auditor Challenge 8: Attribute Standards Integrity and Ethical Values Challenge 9: Attribute Standards Proficiency and Due Care Challenge 10: Attribute Standards Quality Assurance and Improvement Section 5: Performance Standards Introduction Challenge 11: Performance Standard 2000 Section 6: Standards and Report Writing Introduction Challenge 12: Performance Standard 2400 Communicating Results Section 7: Realities of Embracing Risk-Based Auditing Introduction Challenge 13: Risk-Based Auditing Section 8: Internal Audit as Governance Pillar Introduction Challenge 14: Internal Audit''s Role in Governance Summary Building an Internal Audit Team Introduction Team First and the Leader Within Section 1: Internal Audit Resourcing, Staffing, and Building a Team Challenge 15: Internal Audit Team Structure Challenge 16: Department Sourcing Methods Challenge 17: Resourcing to Address Significant Risks Section 2: Skills Requirements for an Effective Internal Auditor Introduction Technical versus Soft Skills Balanced Skill Set Challenge 18: Defining the Required Skill Set for Internal Auditors Section 3: Internal Audit as a Management Training Ground Introduction Challenge 19: Internal Audit as a Management Training Ground Section 4: Outsourcing, Co-sourcing, and In-sourcing Introduction Challenge 20: Outsourcing Challenge 21: Co-sourcing Challenge 22: In-sourcing Summary Section 5: Internal Audit Skill Sets and Knowledge Introduction Challenge 23: Maintaining Appropriate Skill Sets Summary Audit Plan Introduction Section 1: Developing an Independent Audit Plan Introduction Challenge 24: Audit Plan Time Frame Challenge 25: Audit Plan Resource Allocation Challenge 26: Audit Plan Development Approach Challenge 27: Audit Plan Results Section 2: The Risk Assessment Approach Introduction Challenge 28: Enterprise Risk Management Assessment Challenge 29: Executing the Enterprise Risk Management Process Challenge 30: Enterprise Risk Management Reporting versus Internal Audit Reporting Executing Internal Audit Responsibilities Introduction Section 1: Aligning the Concept of Risk-Based Auditing Introduction Step 1: Understand the Process Challenge 31: Audit Planning Phase Step 2: Identify the Control Structure Challenge 31 Potential Actions: Audit Planning Phase Challenge 32: Individual Audit Area Control Environment Challenge 33: COSO as Part of the Risk-Based Audit Process Step 3: Understand, Identify, and Assess the Risks Challenge 34: Understanding, Identifying, and Assessing Risk Step 4: Measuring the Risk Impact Challenge 35: Risk Tolerance versus Risk Appetite Risk Appetite Step 5: Summarizing Results and Identifying Risk- Mitigating Actions Challenge 36: Summarizing Results and Identifying Risk-Mitigating Actions Section 2: Internal Audit''s Role in Corporate Governance Introduction Challenge 37: Evaluating the Board of Directors Board and Internal Control Summary Section 3: Internal Audit''s Role in Fraud Processes Introduction Pre-Sarbanes-Oxley Issues Post-Sarbanes-Oxley Challenge 38: Internal Audit''s Role in Fraud Awareness Challenge 39: Internal Audit''s Role in Fraud Risk Assessment Challenge 40: Internal Audit''s Role in Fraud Investigation Summary Section 4: Performing Consulting Engagements Introduction Challenge 41: Internal Auditors as Consultants Internal Audit Reporting and Communication Introduction Section 1: Internal Audit Reporting Methods Introduction Challenge 42: Internal Audit Reporting Format Challenge 43: Internal Audit Report Writing Challenge 44: Management Action Plans versus Management Response Challenge 45: Providing an Overall Internal Audit Opinion Challenge 46: Management Representation at the Audit Committee Meeting Section 2: Functional and Administrative Reporting Lines Introduction Challenge 47: Reporting to CFO or CLO Challenge 48: Reporting to the CEO Challenge 49: Reporting to the Audit Committee and Keys to Building Relationships Section 3: Legal, Regulatory, and Discovery Concepts Introduction Challenge 50: Understanding the Legal Privilege Section 4: When Adequate Management and Audit Committee Support Is Lacking Challenge 51: Management and the Audit Committees'' View of Internal Audit Are Extremely Different from the Standards and Those of the CAE Chapter 7 Final Word Introduction Ten "Potential" Commandments for Auditors BR>Section 2: Is It Legal or Is It Ethical?--The CAE''s Dilemma Introduction Everyone Is Responsible Tone at the Top Is Essential Honesty Is Still the Best Policy Integrity Can Be a Measure of Ethics Corporate Responsibility and Communications Must Be Prevalent Silence Is Not Acceptable Summary Defining the Purpose of the Internal Audit Function Introduction Section 1: Understanding the Definition and Purpose of Internal Audit Challenge 1: Independence and Objectivity Challenge 2: Assurance and Consulting Activity Challenge 3: Add Value and Improve an Organization''s Operation Challenge 4: Disciplined Approach to Evaluate and Improve the Effectiveness of Risk Management, Control, and Governance Processes Summary: Internal Audit Definition Challenges Scope of Internal Audit Professional Standards--Principles for Internal Auditor Effectiveness Section 2: The Internal Charter--Reality or Fiction? Introduction Challenge 5: Internal Audit Charter Challenge 6: Positioning and Authority Section 3: Internal Audit versus Quality Assurance Functions Introduction Internal Audit versus Quality Assurance--The Reality Mini-Audit Functions Scenario: "Mini-Audit" Process Challenge 7: Internal Audit versus Quality Assurance Section 4: Management Expectations versus Standards Introduction Management Expectations and the Standards Certified Internal Auditor Challenge 8: Attribute Standards Integrity and Ethical Values Challenge 9: Attribute Standards Proficiency and Due Care Challenge 10: Attribute Standards Quality Assurance and Improvement Section 5: Performance Standards Introduction Challenge 11: Performance Standard 2000 Section 6: Standards and Report Writing Introduction Challenge 12: Performance Standard 2400 Communicating Results Section 7: Realities of Embracing Risk-Based Auditing Introduction Challenge 13: Risk-Based Auditing Section 8: Internal Audit as Governance Pillar Introduction Challenge 14: Internal Au.