Lean Auditing : Driving Added Value and Efficiency in Internal Audit.
- 1st ed.
- 1 online resource (330 pages)
Intro -- Lean Auditing -- Table of Contents -- Foreword -- Introduction -- PART 1 Lean and Lean Auditing in Overview -- 1 Lean Auditing at AstraZeneca -- References and Other Related Material of Interest -- 2 A Brief History of Lean, Notable Principles and the Approach Taken by this Book -- ORIGINS OF LEAN AND THE BENEFITS IT DELIVERS -- KEY LEAN PRINCIPLES, TOOLS AND TECHNIQUES -- The Five Key Principles of Lean -- Specify Value from the Point of View of the Customer -- Identify the Value Stream -- Flow -- Pull -- Seek Perfection in Ways of Working -- Other Schools of Lean and the Neutral Approach of this Book -- Cost Reduction and Lean -- References and Other Related Material of Interest -- 3 Key Lean Tools & -- Techniques -- UNDERSTANDING CUSTOMER NEEDS: THE KANO MODEL -- GEMBA -- Value Stream Mapping -- IDENTIFYING WASTE (MUDA) -- Heijunka -- Jidoka - Also Known as Autonomation -- Just in Time -- Andon - Visualization -- Root Cause Analysis (RCA ) -- A WORD OF CAUTION ABOUT LEAN TOOLS AND TECHNIQUES -- References and Other Related Material of Interest -- 4 The Development of Lean Auditing and Its Benefits -- THE KEY BENEFITS OF ADOPTING A LEAN AUDITING -- A FEW WORDS ON TERMINOLOGY IN THIS BOOK -- 5 The Wider Benefits of a Lean Audit Approach - and How to Use This Book -- Key Hallmarks of a Progressive Lean Audit Approach -- The Mindset of a Lean, Progressive, Auditing Approach -- The Wider Organizational Implications of a Lean Auditing Approach -- HOW TO USE THIS BOOK -- Advice on Reading the Following Chapters -- PART 2 Looking at Internal Audit Planning and Assignment Delivery -- 6 Who Are the Customers of Internal Audit? -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- Different Views within Internal Audit Concerning Which Stakeholders should Be a Priority. Different Views Concerning the Primacy of the Board/Audit Committee or Senior Management -- Stakeholders Disagreeing Who is Prime -- RECOMMENDED PRACTICES -- Define and Agree the Key Internal Customers and Stakeholders of the Internal Audit Function -- Always Remember the Importance of the External Customer -- Ensure the Whole Audit Function is Clear Who They Are Working For -- CONCLUDING REMARKS -- References and Other Related Material of Interest -- 7 What Really Adds Value - And What Doesn't -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- A "Value Gap" between the Perceptions of Audit and Stakeholders -- The Importance of Paying Attention to Dissatisfiers -- RECOMMENDED PRACTICES -- Make a Commitment to Adding Value beyond Motherhood and Apple Pie -- Strive to Clarify What Adds Value and What Does Not -- Identify Different Perceptions of Value and Develop a Plan to Address the Most Problematic Areas -- DELIVER VALUE TO MULTIPLE STAKEHOLDERS - BUT MANAGE BOUNDARIES -- The Delivery of Value should Always Take into Account Cost -- Delivering Delighters is Often Simpler than You Think -- Listen, and Respond, to the "Voice of the Customer" -- CONCLUDING REMARKS -- References and Other Related Material of Interest -- 8 The Importance of Role Clarity in Assurance and the Insights Lean Can Offer -- AN IIA PERSPECTIVE ON the UNIQUE ROLE OF INTERNAL AUDIT -- COMMON CHALLENGES & -- DILEMMAS -- Thinking Audit is a Compliance and Controls Monitoring Function -- Believing the First and Second Lines have only a Limited Assurance Role -- Thinking Audit Needs to Check Remediation -- Stakeholder Misunderstandings about the Assurance that Audit Can Deliver -- Lean Insights -- RECOMMENDED PRACTICES -- Engage Stakeholders on the Importance of Role Clarity and the Power of the Three Lines of Defence Model. Ensure the Role of Internal Audit is Understood in Wider Terms Than Just Financial Control and Compliance Auditing -- Promote Greater Clarity in Relation to Roles and Responsibilitiesin the First and Second Lines of Defence -- Audit should be Flexible on Occasions, but be Mindful of Becoming a Substitute -- Ensure Stakeholders have a Realistic Understanding of Audit's Assurance Role -- CONCLUDING REMARKS -- References and Other Related Material of Interest -- 9 The Audit Plan: Taking a Value Approach -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- Audit Planning Shortcomings Often Arise in EQA Reviews -- What is the Problem with an Audit Universe? -- Should the Plan be Based on Gross or Net Risk? -- A Focus on Cost Rather than Value -- Staff Capability may be a Factor as Well -- RECOMMENDED PRACTICES -- Prioritize the Audit Plan, and Focus on Value -- Create a Streamlined Planning Process -- Take a Gross Risk Perspective (at Least at the Start) -- Upgrade the Audit Universe, but Don't Necessarily Let it Drive the Plan -- Gather a Picture of Current Performance as well as Issues, Incidents, "Near Misses" and External Intelligence -- Examine Carefully Which Issues will Really Impact Value and the External Customer -- Gain Inspiration from the Committee on Internal Audit Guidance for Financial Services in the UK -- Use Audit Planning to Drive Additional Value Add Beyond the Audit Plan -- CONCLUDING REMARKS -- References and Other Related Material of Interest -- 10 Factoring in Risk Assurance in the Audit Plan -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- Auditing Known or Suspected Issues -- Uncertainty about Risk Assurance Roles -- Considering the Motivations behind Assurance Requests -- RECOMMENDED PRACTICES. Have a Clear Process for Working through What to Do in Relation to Known or Suspected Issues -- Explicitly Address Risk Assurance in the Audit Plan -- Recognize the Power of Direct Assurance or Other Sources of Independent Assurance -- CONCLUDING REMARKS -- References and Other Related Material of Interest -- 11 Considering the Allocation of Resources to Optimize Value Add -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- Getting the Right Balance between Assurance and Advisory Assignments -- Core Assurance Work on Compliance and Control Takes Over -- Challenges to Rationalize the Plan Against Key Value Related Areas -- The Impact of Resources Constraints is Not Always Clear -- RECOMMENDED PRACTICES -- Understand Value Opportunities from Advisory Assignments -- Being Transparent about the Use of Audit Time Across Different Risk Areas -- Make the Impact of Resource Limitations Crystal Clear -- Core Assurance Is to be Expected and will Add Value if done in the Right Way -- The Audit Plan Should Address Capability Issues within the Audit Function -- Think Through How the Plan will Deliver any Overall Opinions Required -- CONCLUDING REMARKS -- 12 Assignments - Types, Scheduling and Resourcing -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- Plan Flexibility Is Impacted by a Number of Standard Assignments -- Large Assignments Can Easily Deliver a Poor Return for the Resource Expended -- Challenges in Scheduling the Plan, at the Start, During the Year and at the End of the Year -- Ad Hoc Requests and Investigations Can Adversely Affect the Delivery of the Plan -- RECOMMENDED PRACTICES -- Orientate Resource Allocation and Timing towards Adding Value -- Consider What Type of Assignment is Required. Obtain Buy‐In to the Overall Phasing of the Plan at the Time of the Audit Plan, Not Later in the Year -- Update the Plan on an Ongoing Basis and Maintain Some Contingency -- CONCLUDING REMARKS -- 13 Using Assignment Scoping and Planning to Drive Added Value -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- Impatience to Get Going Can Result in Difficulties and a Lack of Value Focus -- Not Fully Thinking Through Assignment Resourcing -- Disagreements or Changes in Relation to the Assignment's Purpose and Scope -- Often Information is Not Forthcoming on a Timely Basis -- Planning Just the Fieldwork Can Result in Issues Later on -- RECOMMENDED ACTIONS -- Invest Sufficient Time in Focused Assignment Planning -- Be Explicit about the Added Value of Each Assignment -- Engage with the Assignment Sponsor During the Assignment -- Think about Key Risks and Key Controls -- Consider an Initial or Working Hypothesis -- Revisit the Scope and Resourcing of Each Assignment as a Fundamental Part of Assignment Planning -- Plan Assignments like Projects Throughout -- CONCLUDING REMARKS -- 14 Assignment Delivery - Managing What Really Goes On -- COMMON PRACTICES AND IIA STANDARDS OF NOTE -- COMMON CHALLENGES & -- DILEMMAS -- Getting Data and Documents in Advance is not Always Straightforward -- Process Mapping -- Managers and Staff are Often Busy and have Limited Time to Engage in the Audit Process -- The Impact of Auditor Preferences on Testing -- "Innocent Until Proven Guilty?" -- Audit Tools: A Blessing or A Curse? -- Waste Associated with Meetings -- What Is a Finding? -- RECOMMENDED PRACTICES -- Make the Assignment as Painless as Possible -- Aim for a Flow of Data and Documents Through Direct Access -- Consider an Audit Liaison Role and Agree Expectations Around Timelines -- Prioritize Scope Delivery and Use "If Time Permits". Deriving Value from Process or Systems Mapping, and Clarifying the Role of Audit in this Regard.