An internal auditors’ role includes monitoring, assessing, and analyzing organizational risk and controls; and also reviewing and confirming information and compliance with policies, procedures, and laws. Working in partnership with management, internal auditors provide the board, the audit committee, and executive management assurance that risks are mitigated and that the organization’s corporate governance is strong and effective. When there is need for improvement, internal auditors make recommendations for enhancing processes, policies, and procedures.
The internal audit activity evaluates risk exposures relating to the organization’s governance, operations, and information systems, in the following areas:
- Effectiveness and efficiency of operations.
- Reliability and integrity of financial and operational information.
- Safeguarding of assets.
- Compliance with laws, regulations, and contracts.
Based on the results of the risk assessment, the internal auditors evaluate the adequacy and effectiveness of how risks are identified and managed in these above areas. The internal auditors are expected to provide recommendations for improvement in those areas where opportunities are identified.
To achieve quality, processes must first be controlled. To improve quality, controlled processes must be measured and evaluated to identify obstacles to success. Effective internal controls open the door to achieving success. One key issue of consideration for any business – “Is there reasonable assurance of achieving our mission, objectives, goals and desired outcomes, while adhering to laws and regulations; and can we accurately report our success and outcomes to our clients?”
The following are some of the more significant mechanisms a management company facilitates daily that an internal auditor would evaluate:
- Segregation of duties
- Written policies & procedures in place
- Organizational structure
- Authorization and approval
- Bank reconciliation review
- Security
- Proper training and development
To get the highest level of achievement and success, we must constantly identify and establish effective controls, continually assess the risks, monitor control implementation, and modify controls to adhere to new laws, rules and regulations.
Rachel J. Richmond
Principal Management Group of Houston
4 Comments
Thanks for posting the article, however the QMS (Quality Management System, ISO 9001:2008) should be considered at least to test a process “if qualified” and also to address other issues included under the “significant mechanisms a management company facilitates daily that an internal auditor would evaluate” such as org structure, approvals, duties (job descriptions) and the Segregation of duties.
regards,
- aljuhani
Thank you for the suggestion.
This is all well & good but how do our BOD members communicate with the community? Please don’t say “Facebook” as that takes a whole different slant on communication and management.
Internal audit and controls is very important to communicate to your residents. A couple ways to circulate the information is either in your newsletter, if your association does newsletters; a quarterly letter sent from the Board to the residents updating them of the financials, important tasks that the Board has accomplished and upcoming events in the community; association website, which is a secured sight that homeowners have to sign in with a password; and lastly, have a flyer printed of the information and distribute it to homeowners at your next annual meeting. I do agree with you, I wouldn’t recommend Facebook as a selected choice for this type of information to be shared.