|
General
Our
approach is that internal auditing, as an added value to the organization, is
an important organizational resource that has to be used efficiently for the
advantage of the organization, by focusing on conducting internal audits in
areas that are of the highest risk to the organization.
Our
firm embodies over twenty years of experience in the field of internal
auditing. We serve as the internal auditors of a number of international
corporations whose shares are traded on the Tel Aviv Stock Exchange and on
global exchanges, public companies, not-for profit organizations, and private
companies. Our client list in the field
of internal auditing includes the following: Matrix, Alvarion, DSPG, Magic
Software Industries, Attunity, Beit Berl College, Hagoshrim
Hotel, MTI, Emblaze, etc. In addition,
we render internal auditing services to internal auditors of companies,
including Amdocs, Mekorot, Migdal, etc.
The
internal audit is conducted in accordance with the provisions of the laws that
are relevant to the audited company and pursuant to generally accepted auditing
standards. In conducting the audit, we incorporate our experience in the field
of information systems, including the field of information systems auditing and
systems analysis and make use of advanced auditing techniques, including
computerized audit tools. In our
opinion, the combination of experience in internal auditing and information
systems auditing, together with information systems analysis, provides our
audit with added value which is to the benefit of the organization. This is reflected in, among other things,
implementation of methodologies from the field of information system analysis
that provides for a system wide view of the issues being audited and the
ability to analyze the processes of the organization in order to identify
control problems and failures.
The audit process
Risk assessment
We
perform a risk assessment, the goal of which is to determine the list of issues
for the organization-wide internal audit (including subsidiaries), and the
level of importance (the risk) of each issue from the perspective of the
audit. The level of importance of each
audit issue is determined on the basis of a risk assessment model. The result of the assessment is a multi-year
internal audit plan from which we derive the audit issues for the annual
plan. The assessment is updated
periodically.
Preparation of an annual audit plan
The
internal auditor, in coordination with Company Management, prepares a proposed
annual internal audit work plan. This
plan is based on the risk assessment and ad-hoc needs of the company and the
audit. The plan should include the
details of the proposed issues, and for each issue, a breakdown of the major
examinations, the budget and the deadline for submitting the audit report. The report is submitted for the approval of
audit committee (or the parties in charge of the audit at the organization).
Conducting the current audit
According
to our approach, the internal audit is a process that is supposed to check and
improve the control mechanisms of the Company.
As part of the audit, we check to see, among other things, whether any
given process contains appropriate controls, whether control cycles are closed,
whether the controls are effective, and whether the provisions of law and the
guidelines of management are adhered to.
The audit includes the following major phases:
·
Introductory
discussions with executives – The discussions are
held "top-down”, with a goal of obtaining an understanding of the audited issue
and the people involved therein, presenting the audit process to the audited
party, focusing and setting goals and the scope of the audit.
·
Planning the audit
– Conducting a risk assessment for the relevant audit and
identifying the major points of risk on which the audit will focus. On the
basis of this assessment, a detailed audit plan is prepared, including
prioritization of issues.
·
Field work –
Based on the audit plan, the field work includes, for example, use of
computerized audit tools that allow the audit team to efficiently examine large
quantities of data, review documents, observations, etc.
·
Summation
meeting – Toward the end of the audit, a meeting is held with the
audited party, during which the auditors present the findings of the audit as
have been formulated to date. The goal of this meeting is to receive feedback
from the audited party regarding the findings, and to jointly formulate the
recommendations for remedying the faults that were found. In our opinion, this
meeting provides an opportunity for the audit parties to identify with the
audit.
·
Preparation of
a draft of the audit report – The audit report is
prepared on the basis of a structured format, on the basis of the process that
was audited. The report includes an executive summary, summary of findings and
recommendations for the convenience of the reader. The report is submitted to the audited party
for his comments.
·
Presentation to
management and preparation of a final report –
A draft of the report is sent to management.
The auditor presents the audit that was conducted and a discussion takes
place in connection with the findings and the recommendations. Management feedback is incorporated into the
report, following which a final version of the report is prepared.
·
The report is
presented to the audit committee
Type of internal audits
Our firm has amassed practical experience in internal auditing in Israel and
around the world, in all of the major areas of organizational processes. The
following is a list of the major areas in which we have conducted internal
audits:
·
Revenue
processes
·
Payroll and
premiums
·
Purchase
processes in various areas
·
Fixed assets
·
Commissions and
interest
·
IT and
information systems
·
Inventory
·
Human resources
·
Project
management
·
Payments
·
Banks and means
of payment
·
Royalties
(expenses and income)
·
Special issues
|
