《2014年国际注册内部审计师CIA考试科目考试大纲Part2》由会员分享,可在线阅读,更多相关《2014年国际注册内部审计师CIA考试科目考试大纲Part2(8页珍藏版)》请在金锄头文库上搜索。
1、2014 年国际注册内部审计师 CIA 考试大纲(Part 2)Part 2 Internal Audit Practice 内部审计实务I. Managing the Internal Audit Function (40-50%)管理内部审计职能(40-50%)A. Strategic Role of Internal Audit内部审计的战略作用1. Initiate, manage, be a change catalyst, and cope with change激发,管理,催化和应对变革2. Build and maintain networking with other org
2、anization executives and the audit committee建立并维护与其他组织管理人员和审计委员会的关系网络3. Organize and lead a team in mapping, analysis, and business process improvement组织并领导团队进行绘制,分析和业务流程改进4. Assess and foster the ethical climate of the board and management评估并培养董事会和管理层的道德氛围a. Investigate and recommend resolution for
3、 ethics/compliance complaints, and determine disposition of ethics violations调查并提出关于道德标准/合规性投诉的解决方案,并确定对违反道德规范行为的处理b. Maintain and administer business conduct policy (e.g., conflict of interest), and report on compliance维护并管理经营行为政策(如:利益冲突),以及合规性报告5. Educate senior management and the board on best pr
4、actices in governance, risk management, control, and compliance向高级管理层和董事会提供关于治理,风险管理,控制和合规性的最佳实践的培训6. Communicate internal audit key performance indicators tosenior management and the board on a regular basis定期向高级管理层和董事会报告内部审计的主要业绩指标7. Coordinate IA efforts with external auditor, regulatory oversigh
5、t bodies and other internal assurance functions协调内部审计工作与外部审计师、监管机构和其他内部保障功能8. Assess the adequacy of the performance measurement system, achievement of corporate objective Awareness Level (A)评估业绩测评系统的充分性和公司目标的实现情况 要求了解(A)B. Operational Role of IA内部审计的运行功能1. Formulate policies and procedures for the
6、planning, organizing, directing, and monitoring of internal audit operations制订系列政策和程序,从而规划、组织、指挥和监控内部审计业务2. Review the role of the internal audit function within the risk management framework审核内部审计在风险管理框架中的职能作用3. Direct administrative activities (e.g., budgeting, human resources) of the internal aud
7、it department指导内部审计部门的行政管理活动(如:预算编制,人力资源)4. Interview candidates for internal audit positions面试内部审计职位的应聘者5. Report on the effectiveness of corporate risk management processes to senior management and the board向高级管理层和董事会报告公司风险管理流程的有效性6. Report on the effectiveness of the internal control and risk man
8、agement frameworks报告内部控制和风险管理框架的有效性7. Maintain effective Quality Assurance Improvement Program保持有效的质量保证与改进程序C. Establish Risk-Based IA Plan制定风险导向的内部审计计划1. Use market, product, and industry knowledge to identify new internal audit engagement opportunities利用市场,产品和行业知识,识别新的内部审计业务机会2. Use a risk framewo
9、rk to identify sources of potential engagements (e.g., audit universe, audit cycle requirements, management requests, regulatory mandates)运用风险框架确定潜在审计业务的来源(如:审计范围,审计周期要求,管理需求,监管指令)3. Establish a framework for assessing risk建立评估风险的框架4. Rank and validate risk priorities to prioritize engagements in th
10、e audit plan对风险高低进行排序和确认,在审计计划中列出审计业务的优先顺序5. Identify internal audit resource requirements for annual IA plan为年度审计业务计划识别内部审计资源需求6. Communicate areas of significant risk and obtain approval from the board for the annual engagement plan沟通重大风险领域,年度审计业务计划获得董事会的批准7. Types of engagements审计业务类型a. Conduct a
11、ssurance engagements实施确认业务a1. Risk and control self-assessments风险和控制自我评估a) Facilitated approach促进方法(1) Client-facilitated审计业务客户自我促进(2) Audit-facilitated审计促进b) Questionnaire approach调查问卷方法c) Self-certification approach自我认证方法a2. Audits of third parties and contract auditing第三方审计和合同审计a3. Quality audit
12、engagements质量审计业务a4. Due diligence audit engagements尽职调查审计业务a5. Security audit engagements安全审计业务a6. Privacy audit engagements保密审计业务a7. Performance audit engagements (key performance indicators)绩效审计业务(主要业绩指标)a8. Operational audit engagements (efficiency and effectiveness)经营审计业务(效率和效果)a9. Financial au
13、dit engagements财务审计业务b. Compliance audit engagements合规性审计业务c. Consulting engagements咨询业务c1. Internal control training内部控制培训c2. Business process mapping绘制业务流程图c3. Benchmarking基准比较法c4. System development reviews体系开发审核c5. Design of performance measurement systems业绩测评系统的设计II. Managing Individual Engagem
14、ents (40-50%)管理个人的业务(40-50%)A. Plan Engagements计划审计业务1. Establish engagement objectives/criteria and finalize the scope of the engagement设置审计业务目标/标准,确定审计业务的范围2. Plan engagement to assure identification of key risks and controls计划审计业务以确保关键风险的识别和控制3. Complete a detailed risk assessment of each audit a
15、rea (prioritize or evaluate risk/control factors)完成每个审计领域的详细的风险评估(优先考虑或评估风险/控制因素)4. Determine engagement procedures and prepare engagement work program确定审计业务程序和编写审计工作程序5. Determine the level of staff and resources needed for the engagement确定开展审计业务所需的人员水平和资源6. Construct audit staff schedule for effec
16、tive use of time编制审计人员时间表,合理有效安排时间B. Supervise Engagement监督审计业务1. Direct / supervise individual engagements指导/监督个人的审计业务2. Nurture instrumental relations, build bonds, and work with others toward shared goals培养工具性关系,建立联系,并朝着共同的目标与他人协同工作3. Coordinate work assignments among audit team members when serving as the auditor-in-charge of a project作为项目的主管审计师,协调分配审计团队成员的工作任务4. Review work papers审核工作底稿5. Conduct exit conference召开退出会议6. Complete performance appra
