A Consultative

Approach to Auditing
Presented by:
Rachael Moyer

Business Consulting Solutions

Objectives

 Internal Audit vs. Consulting

 IIA Standards for Consulting
 Why Internal Auditors as Consultants
 Consulting Skills for Internal Auditors
Only 45% of 1,800 audit
committee members surveyed are
satisfied that their company’s
Internal Audit function delivers
value.
Who are the internal
customers?
IA Customers

Audit Committee
Auditee
Senior Management
External Auditors
Regulators
Internal Audit vs.
Consulting
Internal Audit Consulting
Focused on historical Focused on future
data activity
Results in
Results in an audit
recommendations for
report
implementation
Initiated by business
Initiated by CAE
manager
Results provided to Results provided to
Audit Committee requestor
IIA Standards &
Definitions
“Internal auditing is an independent,
objective assurance and consulting
activity designed to add value and improve
an organization's operations. It helps an
organization accomplish its objectives by
bringing a systematic, disciplined approach
to evaluate and improve the effectiveness of
risk management, control, and governance
processes.”
IIA Standards for
Consulting
 1000.C1- The nature of consulting
services must be defined in the
internal audit charter.
 1130.C1 – Internal auditors may
provide consulting services
relating to operations for which
they had previous responsibilities.
 1130.C2
IIA Standards for Consulting
1210.C1 – The chief audit executive
must decline the consulting
engagement or obtain competent
advice and assistance if the internal
auditors lack the knowledge, skills, or
other competencies needed to
perform all or part of the engagement.
1220.C1 – Internal auditors must
exercise due professional care during
a consulting engagement.
IIA Standards for
Consulting
1220.C1 1220.A1
Relative complexity and Relative complexity and
extent of work extent of work
Cost/Benefit Cost/Benefit
Needs and expectation
Adequacy/Effectiveness
of the client
Probability of significant
errors
IIA Standards for Consulting

 2010.C1 – The chief audit

executive should consider
accepting proposed consulting
engagements based on the
engagement’s potential to
improve management of risks,
add value, and improve the
organization’s operations.
Accepted engagements must be
included in the plan.
IIA Standards for Consulting

 2120.C1
 2120.C2
 2120.C3 – When assisting
management in establishing or
improving risk management
processes, internal auditors must
refrain from assuming any
management responsibility by actually
managing risks.
IIA Standards for
Consulting
 2130.C1 – Internal auditors must
incorporate knowledge of controls gained
from consulting engagements into
evaluation of the organization’s control
processes.
 2201.C1
 2210.C1
 2210.C2
 2220.C1
 2220.C2 – During consulting engagements,
internal auditors must address controls
consistent with the engagement’s
objectives and be alert to significant control
IIA Standards for
Consulting
 2240.C1

 2330.C1
 2410.C1
 2440.C1
 2440.C2 – During consulting
engagements, governance, risk
management, and control issues may
be identified. Whenever these issues
are significant to the organization, they
must be communicated to senior
management and the board.
 2500.C1
Objectives

 Internal Audit vs. Consulting

 IIA Standards for Consulting
 Why Internal Auditors as Consultants
 Consulting Skills for Internal Auditors
Why Internal Auditors as
Consultants
 56% saw the audit as a routine
chore that varied little from
year to year.
 Just
over 60% of the companies
said their auditor did not raise
any issues or ideas that were
used in their business to
enhance their processes or
decisions.
Why Internal Auditors as
Consultants

We know COSO. We know SOX. We’ve

performed that same accounts payable
audit the same way 3 years in a row with
no major audit findings to date. It’s time to
infuse our IA department with creativity and
ask ourselves, what more can we be doing
for our internal customer? How can we
perform this audit differently to add greater
value?
What Are The Risks?

 Risk of Political Exposure

 Project Failure
 Management Expectations
 Conflict of Interest
 MaintainingIndependence
and Objectivity
 Consulting Assignment
Consulting Skills for
Auditors
 Include
consulting services in
annual audit plan/budget
 Defineand communicate
scope early and often
 Gain client buy-in
 Don’t be afraid to say no
Consulting Skills for
Auditors
 Identify process improvement
areas

RVA – Real Value Added

BVA – Business Value Added
NVA – Non-Value Added
6 Tips for a Consultative
Approach to Audit

 Striveto understand the

business on a deeper level
 Alignresources to critical
areas of risk
 Develop in-house expertise
 Build trust through
relationships
 Offer something extra
 Speak business, not audit
Now It’s Your Turn…

 Does your internal audit department

offer consulting services?
 What concerns/questions do you have
that this presentation did not address?
 What advice can you offer to the person
sitting next to you about internal audit
and/or consulting?
 What is one thing you learned from
today’s presentation or networking?
Contact Information

Rachael@FluxBCS.com
512.843.2318
Thank You