Internal Audit Charter

Department of Management Audit

General Treasury
 Internal Audit Charter

• Audit charter is a formal document that defines internal audit purpose,

authority, responsibility and position within an organization.

• Internal audit charter is the best way to agree and describe how Internal
Audit will provide value to the organization, the nature of service it will
provide and the specific focus or emphasis required of internal audit to
help organizations achieving its objectives.
Why Audit Charter is important?
• For internal audit to operate at the highest levels, it must have clearly
defined and articulated marching orders from the management. This is
most easily achieved with a well-designed internal audit charter

• A charter provides the organization for blueprint for how internal audit
will operate and helps the management to clearly signal the value it
places on internal audit’s independence.

• It allows the scope of internal audit activity to be defined specifically to

unique needs of the organization.
Continue…

• The charter can provide in great deal of desired what work internal audit
will undertake and the support it will receive from top management to
achieve the work.

• Audit charter serves as a reference point to measure the effectiveness of

the internal audit activity.
The charter should include
Every organization can benefit from internal audit, and an internal audit
charter is vital to success of the activity (IIA Standard 1000). The charter is a
formal document approved by the governing body and/or audit committee
(governing body) and agreed to by management. It must define, at
minimum:
• Internal audit’s purpose within the organization.
• Internal audit’s authority.
• Internal audit’s responsibility.
• Internal audit’s position within the organization.
Relevant Attribute Standards to Audit Charter
1000 : Purpose, Authority and Responsibility

• The purpose, authority, and responsibility of the internal audit activity

must be formally defined in an internal audit charter, consistent with the
mission of Internal Audit and the mandatory elements of the International
Professional Practices Framework (the Core Principles for the Professional
Practice of Internal Auditing, the Code of Ethics, the Standards, and the
Definition of Internal Auditing). The chief audit executive must periodically
review the internal audit charter and present it to senior management and
the board for approval.
• 1000.A1 : The nature of assurance services provided to the organization
must be defined in the internal audit charter. If assurances are to be
provided to parties outside the organization, the nature of these
assurances must also be defined in the internal audit charter.

• 1000.C1 : The nature of consulting services must be defined in the internal

audit charter.

• 1010: Recognizing mandatory guidance in the Internal Audit Charter.

• 1100: Independence and objectivity.

• 1110: Organizational independence.

• 1112: Chief audit executive roles beyond internal auditing.

• 1130: Impairment to independence or objectivity.

• 1300: Quality assurance and improvement program.

• 1311: Internal assessments.

• 1312: External assessments.

• 1320: Reporting on the quality assurance and improvement program.

• 2060: Reporting to senior management and the board

Vital Components of an Internal Audit Charter
• Mission
• Internal audit’s mission is to enhance and protect organizational value
by providing risk-based and objective assurance, advice, and insight.
• Describe how internal audit will assist to organization to achieve its
objectives. The mission is a summary of the way internal audit will
provide value to the organization.

• Purpose
• Internal audit’s purpose is to provide independent, objective assurance
and consulting activities that are guided by a philosophy of adding value
to improve the operations of the organization.
• Scope
Internal Auditor is authorized to review all areas of the organization
and has full, free, and unrestricted access to all activities, records, property,
and personnel necessary to complete their work.
Scope of CIA’s activities extends to all institutions coming under the
ministries.
Explaining the role of internal audit i.e.
• Assessing the adequacy and effectiveness of the system of risk
management and internal controls operated within the organization;
• Reviewing and evaluating compliance with policies, plans, procedures,
laws and regulations;
• Assessing the reliability and integrity of information;
• Safeguarding of assets.
• Objectives

Internal audit objectives are to provide Basicaly

• Assurance service – provision of assurance on the adequacy and
effectiveness of risk management process in reducing risk exposures
down to acceptable level
• consulting activities – provision and nature of consultancy service
• Independence
The charter should explain the way independence is established
and maintained.
• A statement that the CAE will ensure that the internal audit activity
remains free of conditions that threaten the ability of the activity to
carry out its activities in an unbiased matter.
• A statement that the internal audit activity will have no direct
operational responsibility or authority over any of the activities audited.

• Responsibilities
Setting out the responsibilities of the CIA / IA.
The CIA/IA is responsible for effectively managing the internal audit
activity in accordance with the mission, objectives, core principles,
definition of internal auditing and code of ethics.
Responsibilities…
• Evaluating the system established to ensure compliance with the policies,
plans, procedures, laws and regulations which could have a significant
impact on the organization.
• Evaluating the effectiveness and efficiency with which resources are
employed.
• Evaluating the means of safeguarding assets and verifying the existence of
such assets.
• Evaluating operations or programs to ascertain whether results are
consistent with established objectives and goals and whether the
operations or programs are being carried out as planned.
Continue..

• Performing consultancy and advisory services related to governance, risk

management and control as appropriate for the organization.
• Communicating the results of its work (performance relative to its plan)
and following up on agreed-to corrective actions.
• Coordination with other assurance providers. (eg. General audit)
• Implement the annual audit plan as approved.
• Convey Audit and Management Committee.
• Authority
A statement that maintain and assure the internal audit activity has
sufficient authority to fulfill its duties. The authority has been given by the
financial regulation and national audit act.

The authority is granted to internal auditor to full, free and unrestricted

access any and all of the records, physical properties and personnel relevant
to any function under review. All employees are requested to assist the
internal audit activity in fulfilling its roles and responsibilities. CIA/IA reports
functionally to the CAO/AO.

The IA is not authorized to perform any operational duties for the

organization including the implementation of internal audit
recommendations
• Approving internal audit charter
• Approving internal audit plan
• Receiving timely communication from CIA / IA on performance
relatives to internal audit plan
• Developing and approving a statement that the CIA will have
unrestricted access to and communicate and interact with CAO /
AO.
• Developing approving and authorization that the activity will
have free an unrestricted access to all functions, records,
property and personal pertinent to carrying out any engagement
subject to accountability for confidential and safeguarding of
records and information
• Reporting
• A statement on CIA / IA s reporting relationship in the organization,
• Explain the internal audit reporting lines, for example, that it reports regularly
to the CAO / AO directly.
• Audit exit meetings
• Signature of the report

• Position in the organization

The CIA/CA reports functionally to the CAO/AO and positioning
in organizational structure directly under the CAO/AO.
International Standards for the Professional Practice of Internal Auditing

• The internal audit activity will govern itself by adherence to the mandatory
elements of The IIA’s International Professional Practices Framework (IPPF)
including its Standards, Core Principles for the Professional Practice of
Internal Auditing, Definition of Internal Auditing, and Code of Ethics.
Some more points…
• Charter should be approved by the AMC.
• Internal Audit charter is vital to internal audit’s success and should de
relieved periodically.
• It enables the CIAs /IAs and internal audit activity to effectively carry out
their roles in the organization.
• The charter should be reviewed periodically and if any changes identified
as the need of the organization in the roles and responsibilities of internal
auditor, need to take necessary arrangements to rectify.
Internal audit charter template
• Introduction
• Mission
• Purpose
• Scope /Objectives
• Code of ethics
• Authority
• Responsibility
• Independence
• Position with in the organization
• Reporting line
Continue…
Internal Audit Charter

Approved this________ days of ________, _________.

______________
CIA / IA

_________________
Chairman of the Audit and Management Commitee
Conclusion
• The charter provides the organization with an agreement relating to the
work internal audit will undertake and the support it will receive.

• It may also be seen as a benchmarking tool against which it can measure

the effectiveness of the internal audit unit in fulfilling its commitment.

• The charter can act as a service level agreement with the top management
so that there is a clear understanding of the role, purpose and position of
internal audit within the organization and the scope and nature of its work.