We Ensure Best Corporate Audit & Assurance Service
Our Internal Audit Function conducts internal audits in diverse environments, within organisations that vary in purpose, size, complexity, and structure-guided by The International Professional Practices Framework (IPPF) as issued by the Institute of Internal Auditors (IIA), which provide clear guidance on Assurance and Consulting Services within the Internal Audit environment.
Co-sourcing & Outsourcing (COS)
There are three types of sourcing arrangement, for the internal audit function:
- In-house – where you maintain your own internal audit department;
- Outsourcing – where your internal audit service provider or independent accounting firm conducts the internal audit function;
- Co-sourced – where your internal audit is conducted by a partnership between the internal audit department of your company and an internal audit service provider.
In view of this, Masegare & Associates Incorporated can reduce their clients’ costs, free up capital, and enhance their ability to focus on what they do best – their primary operations, by providing either outsourced or co-sourced internal audit services. With organisations being driven to do more with less, the internal audit (IA) function has logically become the target for strategic sourcing. Achieving effective IA capabilities requires a significant level of investment in skilled resources, methods, training, and technical infrastructure.
Co-sourcing is obtained through external resources participating jointly in an engagement with in-house internal audit staff, for which such engagements may be ongoing or for specific terms. Masegare & Associates Incorporated can supplement organisations’ existing internal audit capabilities, by providing specialised skill sets and undertaking once-off audit assignments as needed. While in Total outsourcing, where 100 percent of the internal
audit services are obtained from external sources, usually, on an ongoing basis, our firm can advise you on critical business risks, implementation of effective controls and compliance processes, identifying better practices, reducing the cost of operations and realising improvement opportunities.
Staffing/Resourcing Considerations for Internal Audit Activity
For a number of reasons, appropriate internal audit resources may be scarce or unavailable in certain situations
in your organisation, whether selected as a temporary alternative or permanent solution – then co-sourcing may
be necessary to acquire competent and professional internal audit services. Masegare & Associates Incorporated’s
internal audit unit consists of appropriately skilled and experienced audit professionals that are readily available
to undertake work under the direction of your organisation’s internal audit function. These engagements may be
undertaken on a once-off or a continuing basis.
Assurance & Consulting Services
Internal Audit and related assurance services provided by Masegare & Associates Incorporated involve the internal auditor’s objective assessment of evidence to provide an independent opinion or conclusion regarding an entity, its operations, functions, processes, systems, or other subject matter.
Assurance services provided by Masegare & Associates Incorporated include the following types of audit:
A review of an organisation’s objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations, and policies.
In today’s political and business environment, there is an increasing focus on governance, risk management, and control. Strong governance systems are needed to better ensure that organizations will meet their objectives and stakeholder expectations. Organizational governance involves the set of relationships among the organization’s stakeholders, board, and organizational management.
In accordance with the International Professional Practices Framework (IPPF), specifically Standard, 2110: Governance and Practice Advisories, 2110.1: Governance: Definition; 2110.2: Governance: Relationship with Risk and Control; and 2110.3: Governance, we are required to perform audits of all governance activities and processes, by assessing and making appropriate recommendations for improving the governance processes in accomplishment of the following objectives:
- Communicating risk and control information to appropriate areas of the organisation
- Coordinating the activities of and communicating information among the board, external and internal auditors, and management
- Ensuring effective organisational performance management and accountability
- Promoting appropriate ethics and values within the organisation
- Review of the board, meet legal requirements and meeting stakeholders’ expectations
- Review if an appropriate organizational governance framework is in place and operating effectively, etc.
When conducting an operational audit, we will consider both soft controls, as well as hard controls, as it is often the case that soft controls that have a greater influence on whether the organisation’s objectives will be achieved. In view of this, we will conduct a systematic review of effectiveness, efficiency, and economy of operations. An operational audit is a future-oriented, systematic, and independent evaluation of organisational activities.
An independent examination of a program, function, operation or the management systems and procedures of an organisation, is to assess whether the entity is achieving economy, efficiency, and effectiveness in the employment of available resources.
The need for timely and ongoing assurance over the effectiveness of risk management and control systems is critical. Traditionally, internal auditing’s testing of controls has been performed on a retrospective and cyclical basis, often many months after business activities have occurred.
Masegare & Associates Incorporated understand that more and more organisations are seeking an internal audit service provider that focuses simultaneously on its financial, operational and IT control processes. Today, however, it is recognized that this approach only affords internal auditors a narrow scope of evaluation and is often too late to be of real value to business performance or regulatory compliance. Continuous auditing is a method used to perform control and risk assessments automatically on a more frequent basis. Masegare & Associates Incorporated Internal Audit Unit deploys multi-disciplinary teams of professionals experienced in financial and operational internal auditing and risk assessment to augment and enhance an organisations’ existing internal audit capabilities. The teams work at making internal audit functions, enterprise risk management programmes, as well as risk and controls management more efficient and effective.
Governance, Regulatory & Compliance Services
Masegare & Associates Incorporated provide consulting services which are advisory in nature and are generally performed at the specific request of their clients. Governance, regulatory and compliance issues continue to be complex business challenges. Increased accountability and potential exposure to liability means accounting authorities need to ensure that corporate governance standards are adhered to and that robust compliance management systems are in place. In addition, our Internal Audit Activity (IAA), can assist your management to identify applicable laws and regulations to gain a better understanding of the regulatory environment. Our
approach combines an analysis of the legal framework together with an assessment of the systems and processes which can help to ensure compliance and sound corporate governance. Some of the Governance, Regulatory & Compliance services we can provide include:
Board and Audit Committee Assessments
- Board training and development
Development of internal control frameworks, in line with CoSO
- Governance framework design, (including values, culture, philosophy, structures, arrangements e.g. legal documents, policies, standards, charters, process, procedures, process management), level below organization-wide structures, results, stakeholder expectations, compliance, objectives, etc.
- Quality assurance reviews, etc.
In increasingly complex organizations, where more and more players are involved in providing different measures of assurance, how can we prevent management from being overwhelmed by information and reports and succumbing to “assurance fatigue”? Combined assurance can help solve this problem by integrating and aligning assurance processes so that senior management and audit committees obtain a comprehensive, holistic view of the effectiveness of their organization’s governance, risks and controls to enable them to set priorities and take any necessary actions. ❝When combining assurance, the role of internal audit is key in supporting the board in having effective oversight of the company. Otherwise, it does not work.❞ (Marie-
Helene Laimay, CAE, France).
As a third line of defense, Masegare & Associates Incorporated will provide additional independent assurance on the activities of the first and second lines of defense, and this include assessing the design of various processes and effectiveness of controls, compliance with procedures, and review of the effectiveness of the second line of defense and assist in developing and implementing a combined assurance plan. We may also play an advisory role, in accordance with The IIA’s Definition of Internal Audit.
Implementing a New Internal Audit Function
Organisations very often establish internal audit function or improve the current and ill-functioning internal audit function. This could be a very daunting task of having to prepare and respond to the increasing challenges and demands for transparency, accountability, and effectiveness at all organisational levels. One of the biggest challenges in implementing the internal audit function is the allocation of an adequate budget. To mitigate these challenges, Masegare & Associates Incorporated will consider interviewing senior managers, stakeholders, and
appointing authorities to learn what they expect from an internal audit function, educating senior managers and appointing authorities on the role of internal audit, etc.
We will identify different levels of Internal Audit Capability Model (IACM) to be applied to new internal audit functions. On lower levels (1 and 2), capabilities are characterized by the absence of infrastructure, lack of adherence to established professional practices or partial compliance with professional standards, reliance on personal skills to perform engagements, and audit planning based on management priorities, among other factors, while, on higher levels (3, 4, and 5), capabilities are characterized by compliance with professional standards; focus on independence and objectivity; documentation of processes, policies, and procedures; quantitative measurement and management of risk; participation in the organization’s governance and risk management; and
transformation into a learning organization with continuous process improvements and innovation. Our timelines practical implementation steps will include the ‘’First Six Months — Actions Needed’’, as well as ‘’Six Months to One Year or Longer — Actions Required’’,