Internal Audit
Smith and Associates approach to internal audit starts with risk assessment. We have found that understanding the enterprise risk is the key component to developing a complete internal audit plan that is designed to help management mitigate the impact of the company’s risks.
Our internal audit plans hone in on the real issues that management face in today’s global economy. We avoid “check- the- box” auditing, and focus on value- added services. Our team strives to extend management and internal controls.
Our deployment model is flexible in that we can provide a resource team that balances the cost and benefits of the function while providing our clients with a variable cost that can “flex” with changes in the business.
Scope of work and approach
Smith and Associates uses a single, consistent service methodology to deliver internal audit services. This includes a four phase approach:
Risk assessment- At the outset we will conduct a risk assessment to identify the business processes with significant risks in order to determine areas for audit focus.
Audit plan- From the results of the risk assessment we will develop an annual audit plan. This plan is comprised of areas of audit focus that we intend to cover over the next twelve (12) months.
Execution- Once the plan is approved we will conduct periodic audits covering different areas of the plan. Our review will include various types of audits, including operational, compliance, financial, governance and Information technology (IT).
Although monthly or bi- monthly audits are recommended, the frequency of audits may be varied based on management’s request.
Reporting- On completion of our audits, we will prepare a draft for discussion with management and obtain management’s responses based on our findings. Our reports will outline the audit procedures performed, findings resulting from the performance of those procedures and recommendations for improvements in systems, processes and procedures, if applicable. Once management responses are obtained we will issue our final report through the designated client Liaison to be determined by management, who will then pass the report on the Audit Committee.