Internal Audit’s role in Corruption Prevention (Part 1)
Internal Audit is defined as an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, controls, and governance processes.
The above definition clearly states what role internal audit plays in corruption prevention. It is worth noting that corruption is a risk which needs to be managed effectively. This can be done through effective risk management processes, adequate and effective internal controls, and good governance. All these are responsibilities of management.
Internal Audit Activity, therefore, must evaluate and contribute to the improvement of risk management within the organization, governance and control processes using a systematic and disciplined approach as prescribed by the Institute of Internal Auditor (IIA) International Professional Practice Framework (IPPF).
Internal Audit roles in the above are as follows:
1. Risk management
Internal Auditors must evaluate the effectiveness and recommend improvement of risk management processes. Determining whether risk management processes are effective is a judgment resulting from the assessment that:
• Organizational objectives support and align with the organization’s mission
• Significant risks are identified and assessed
• Appropriate risk responses are selected that align risks with the organizations risk appetite
• Relevant risk information is captured and communicated in a timely manner across the organization, enabling staff, management, and the Board to carry out their responsibilities.
This is any action taken by management, the Board and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Adequate control is present if management plans, organizes and directs the performance of sufficient actions to provide reasonable assurance that organization’s risks have been managed effectively and that the organizational objectives and goals will be achieved efficiently and economically.
The role of Internal Audit therefore, is to evaluate the whole management process of planning, organizing and directing to determine whether reasonable assurance exists that objectives and goals will be achieved. All business systems, processes, operations, functions, and activities within the organization are subject to the Internal Audit evaluations.
...Internal Audit’s role in Corruption Prevention (Part 2)
This is the combination of processes and structures implemented by the Board to inform, direct, manage, and monitor the activities of the organization towards the achievement of its objectives. Governance encompasses all organizational activities. Thus its processes provide overall direction for risk management activities, and internal control activities are a key element of risk management.
Internal Audit must therefore assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives:
• Promoting appropriate ethics and values within the organization;
• Ensuring effective organizational performance management and accountability;
• Communicating risk and control information to appropriate areas of the organization;
• Coordinating the activities of and communicating information among the Board, external and internal auditors, and management
Internal Audit may periodically assess the ethical climate of the organization and the effectiveness of its processes in achieving legal and ethical compliance. They may also have an active role in support of the organizational ethical culture, which may include Chief Ethics Officer, member of an Ethic Council or assessor of the ethical climate.
However, in some circumstances, the role of Chief Ethics Officer may conflict with the independence attribute of an internal audit activity, thus impairing Internal Auditors objectivity.
It is worth noting that since the Government of Botswana has identified corruption as a high risk and came up with strategies to manage corruption, the role of internal Audit as outlined above is of paramount importance. Directorate on Corruption and Economic Crime uses a three pronged strategy to combat corruption, which is Corruption Prevention, Public Education and Investigation.
Therefore, the effectiveness of this strategy and the processes involved therein can be assessed through internal auditing, and recommendations for improvement provided.
Furthermore, an effective Internal Audit Activity (firm or individual) will help the organization in preventing significant risks, which would if left to occur, have adverse impact on the achievement of the goals and objectives.
1. Institute of IIA International Professional Practice Framework, issued 1st January 2009, Florida, USA
2. IIA Website: www.theiia.org
3. Sawyer Internal Auditing: The Practice of Modern Internal Auditing by l. d. Sawyer, 2003
Prepared by: Banoti Butale, CIA
For more information you can visit the DCEC website: email@example.com or contact DCEC at:
TOLL FREE: 0800 700 100