Company Profile
Internal audit organization and operations
Organization
The audit department has an audit supervisor and several auditors, who are selected by the board of directors with auditing capabilities and are directly under the board of directors.
Use an independent and objective confirmation and consulting activity to increase the added value of the enterprise and enhance the effectiveness of company supervision, ensuring the continuous and effective implementation of the internal control system to achieve positive benefits and negative fraud prevention, and improve operations performance, reduce corporate improper risks, enhance the purpose of crisis management, and assist the board of directors and management to achieve established organizational goals.
Purpose
Investigate and evaluate deficiencies in the internal control system and measure the efficiency and effectiveness of operations, and provide timely improvement suggestions to ensure the continued and effective implementation of the internal control system.
By assisting top management in identifying problems and finding effective solutions, they are not causing trouble but reducing the company's troubles.
Function
Investigate and evaluate the soundness, rationality and effectiveness of the company's internal control system and various management systems.
Investigate and evaluate the efficiency of each unit in the enterprise in executing the company's plans, policies and designated functions.
Operation
1. Establish "internal audit standards and specifications": including audit roles, objects, audit plans, audit work execution methods, authority, responsibilities, obligations, audit communication methods (referring to directors, supervisors and each unit subject to audit) and audit report writing methods etc. are regulated.
Role:
Effectively implement the internal control of the organization and improve the internal control system, and focus on risk prevention, detect problems early and propose effective strategies to improve them.
Object:
All businesses of the company's organizational units and all businesses of subsidiaries with more than 50% investment are covered.
Plan:
Divided into two categories: regular and temporary audits. Regular audits are carried out on a monthly basis in accordance with the annual audit plan; temporary audits are conducted under the instructions of the company's top management or his authorized person.
Implementation modalities:
Auditors have the right to require each audited unit to provide all required information and relevant reports. Auditors are required to keep confidentiality and perform audit tasks in a fair, independent, truth-seeking spirit and a friendly manner according to their duties.
Communication method:
Regularly communicate with members of the board of directors or accountants on the work plan and audit content, and communicate effectively with each audited unit to ensure that the audit work is completed smoothly and effectively.
Report writing method:
The report writing content must cover the audit cycle category, audit work items, audited units, audit period, audit purpose, audit basis, conclusion report and recommendations, etc., and should be timely to achieve the effectiveness of the audit report.
2. Audit operation types: Mainly divided into three types [compliance audit, risk audit, and operation audit]
Type 1 [Compliance Audit]
Task:
※ Check whether records and work procedures comply with regulations.
※ Find out the difference between the actual execution performance of various control operations and the standards.
※ Expose the problem of non-compliance with regulations.
※ Provide effective suggestions for improvement of some procedures to meet company requirements.
Purpose:
※ Avoid financial crisis.
※ Ensure that the system is effectively followed.
※ Ensure the internal control system remains effective.
Type 2 [Risk Audit]
Task:
※ Effectively grasp the complex and dynamically developing market environment changes.
※ Select risk indicators, quantify risk items and risk units, and analyze the cost of risk management and control.
※ Effectively plan and implement enterprise risk management, use systematic thinking to systematically summarize and analyze enterprise operational risks, and design an operation model of a risk management strategy to facilitate risk management and prevention in advance.
Purpose:
※ Assist enterprises to effectively identify crises, analyze and manage risks, and propose effective countermeasures.
※ Analyze risk control costs to determine audit procedures, audit projects, audit focus and resource allocation.
※ Systematic analysis summarizes the characteristics of risks and proposes ways to effectively control risks.
Way:
※ Conduct audits based on the risk items and risk units that are most likely to occur and have the greatest impact on the enterprise.
※ Auditors decide the order and operations of the audit based on the results of risk quantification and analysis of the cost of risk management and control.
Type 3 [Operation Audit]
Task:
※ Evaluate future situations and environments and seek opportunities to achieve maximum results.
※ Find out the crux of the problem in advance and make suggestions regarding vision, strategy, and tasks.
※ Provide advance control and continuous tracking and auditing for projects that may seriously endanger asset safety.
※ Directly participate in the promotion and execution of the company's major strategies and plans.
Purpose:
※ Solve the crisis problems that may arise in the enterprise in the future.
※ Design internal controls and processes that can adapt to future situations and environments.
※ Improve corporate strategies, plan execution efficiency and operational performance.
Way:
※ Conduct audits on projects that are important to the company's top management.
※ In accordance with the promotion and execution of corporate vision and strategy, auditors should actively participate in operations and make suggestions to prevent any risks that may occur.
Execution of internal audit:
Before audit:
※ Issue an audit plan notice to notify the audited unit, and maintain a professional and skeptical attitude, which will help detect risks.
※ Arrange the inspection sequence for high- and low-risk operations, and fully understand the internal audit practice standards.
※ Understand the ethics of internal auditing and the functions of internal auditing.
※ Understand the organizational culture, behaviors and roles, which will help two-way communication with the unit being audited.
Under audit:
※ Understand the concepts and procedures of internal control.
※ Know the elements of a sound internal control environment.
※ Understand the importance and seriousness of internal control deficiencies.
※ Know the effective control in computer environment.
After the audit:
※ Able to use various audit evidence to design and prepare working papers.
※ Able to make good use of analytical review skills.
※ Make sure it complies with relevant laws and regulations.
※ Analyze, evaluate and summarize audit reports.
※ Able to write audit reports and track results concisely, objectively, pertinently and clearly.