广告服务 新浪微博 腾讯微博 微信公众号 欢迎投稿
首页 | 资讯 内控 财会 文库 服务 考试 法规 图片 视频 投稿信箱:tougao@shenji.cn 设为首页 | 收藏本站
考试频道
您现在的位置: 中国审计网 >> 考试 >> CIA考试 >> 考试大纲 >> 正文
2014年CIA考试大纲第二部分:内部审计实务
作者:中审网校    2014/4/25 11:23:55      来源:本站原创

2014年CIA考试大纲第二部分:内部审计实务


 
Part 2 – Internal Audit Practice内部审计实务

100 questions | 2.0 Hours (120 minutes)

题量:100个问题,答题时间:2小时(120分钟)

 
I. Managing the Internal Audit Function (40-50%)
  管理内部审计职能(40-50%)
A. Strategic Role of Internal Audit
  内部审计的战略作用
1. Initiate, manage, be a change catalyst, and cope with change
  激发,管理,催化和应对变革
2. Build and maintain networking with other organization executives and the audit committee
  建立并维护与其他组织管理人员和审计委员会的关系网络
3. Organize and lead a team in mapping, analysis, and business process improvement
  组织并领导团队进行绘制,分析和业务流程改进
4. Assess and foster the ethical climate of the board and management
  评估并培养董事会和管理层的道德氛围
a. Investigate and recommend resolution for ethics/compliance complaints, and determine disposition of ethics violations
   调查并提出关于道德标准/合规性投诉的解决方案,并确定对违反道德规范行为的处理
b. Maintain and administer business conduct policy (e.g., conflict of interest), and report on compliance
   维护并管理经营行为政策(如:利益冲突),以及合规性报告
5. Educate senior management and the board on best practices in governance, risk management, control, and compliance
      向高级管理层和董事会提供关于治理,风险管理,控制和合规性的最佳实践的培训
6. Communicate internal audit key performance indicators to senior management and the board on a regular basis
      定期向高级管理层和董事会报告内部审计的主要业绩指标
7. Coordinate IA efforts with external auditor, regulatory oversight bodies and other internal assurance functions
      协调内部审计工作与外部审计师、监管机构和其他内部保障功能
8. Assess the adequacy of the performance measurement system, achievement of corporate objective – Awareness Level (A)
      评估业绩测评系统的充分性和公司目标的实现情况——要求了解(A)
 
B. Operational Role of IA
   内部审计的运行功能
1. Formulate policies and procedures for the planning, organizing, directing, and monitoring of internal audit operations
      制订系列政策和程序,从而规划、组织、指挥和监控内部审计业务
2. Review the role of the internal audit function within the risk management framework
      审核内部审计在风险管理框架中的职能作用
3. Direct administrative activities (e.g., budgeting, human resources) of the internal audit department
      指导内部审计部门的行政管理活动(如:预算编制,人力资源)
4. Interview candidates for internal audit positions
      面试内部审计职位的应聘者
5. Report on the effectiveness of corporate risk management processes to senior management and the board
      向高级管理层和董事会报告公司风险管理流程的有效性
6. Report on the effectiveness of the internal control and risk management frameworks
      报告内部控制和风险管理框架的有效性
7. Maintain effective Quality Assurance Improvement Program
      保持有效的质量保证与改进程序
C. Establish Risk-Based IA Plan
   制定风险导向的内部审计计划
1. Use market, product, and industry knowledge to identify new internal audit engagement opportunities
      利用市场,产品和行业知识,识别新的内部审计业务机会
2. Use a risk framework to identify sources of potential engagements (e.g., audit universe, audit cycle requirements, management requests, regulatory mandates)
      运用风险框架确定潜在审计业务的来源(如:审计范围,审计周期要求,管理需求,监管指令)
3. Establish a framework for assessing risk
      建立评估风险的框架
4. Rank and validate risk priorities to prioritize engagements in the audit plan
      对风险高低进行排序和确认,在审计计划中列出审计业务的优先顺序
5. Identify internal audit resource requirements for annual IA plan
      为年度审计业务计划识别内部审计资源需求
6. Communicate areas of significant risk and obtain approval from the board for the annual engagement plan
      沟通重大风险领域,年度审计业务计划获得董事会的批准
7. Types of engagements
      审计业务类型
a. Conduct assurance engagements
  实施确认业务
a1. Risk and control self-assessments
    风险和控制自我评估
        a) Facilitated approach
           促进方法
             (1) Client-facilitated
                审计业务客户自我促进
             (2) Audit-facilitated
                审计促进
         b) Questionnaire approach
           调查问卷方法
         c) Self-certification approach
           自我认证方法
a2. Audits of third parties and contract auditing
   第三方审计和合同审计
a3. Quality audit engagements
   质量审计业务
a4. Due diligence audit engagements
   尽职调查审计业务
a5. Security audit engagements
   安全审计业务
a6. Privacy audit engagements
   保密审计业务
a7. Performance audit engagements (key performance indicators)
   绩效审计业务(主要业绩指标)
a8. Operational audit engagements (efficiency and effectiveness)
   经营审计业务(效率和效果)
a9. Financial audit engagements
   财务审计业务
b. Compliance audit engagements
  合规性审计业务
c. Consulting engagements
  咨询业务
c1. Internal control training
   内部控制培训
c2. Business process mapping
   绘制业务流程图
c3. Benchmarking
   基准比较法
c4. System development reviews
   体系开发审核
c5. Design of performance measurement systems
   业绩测评系统的设计
 
II. Managing Individual Engagements (40-50%)
  管理个人的业务(40-50%)
A. Plan Engagements
  计划审计业务
1. Establish engagement objectives/criteria and finalize the scope of the engagement
  设置审计业务目标/标准,确定审计业务的范围
2. Plan engagement to assure identification of key risks and controls
  计划审计业务以确保关键风险的识别和控制
3. Complete a detailed risk assessment of each audit area (prioritize or evaluate risk/control factors)
  完成每个审计领域的详细的风险评估(优先考虑或评估风险/控制因素)
4. Determine engagement procedures and prepare engagement work program
  确定审计业务程序和编写审计工作程序
5. Determine the level of staff and resources needed for the engagement
  确定开展审计业务所需的人员水平和资源
6. Construct audit staff schedule for effective use of time
  编制审计人员时间表,合理有效安排时间
B. Supervise Engagement
   监督审计业务
1. Direct / supervise individual engagements
  指导/监督个人的审计业务
2. Nurture instrumental relations, build bonds, and work with others toward shared goals
  培养工具性关系,建立联系,并朝着共同的目标与他人协同工作
3. Coordinate work assignments among audit team members when serving as the auditor-in-charge of a project
  作为项目的主管审计师,协调分配审计团队成员的工作任务
4. Review work papers
  审核工作底稿
5. Conduct exit conference
  召开退出会议
6. Complete performance appraisals of engagement staff
  完成审计业务人员的绩效评估
C. Communicate Engagement Results
   沟通审计业务结果
1. Initiate preliminary communication with engagement clients
  与审计业务客户进行初步沟通
2. Communicate interim progress
  沟通中期进展情况
3. Develop recommendations when appropriate
  在适当的时候编制建议书
4. Prepare report or other communication
  编制审计报告或其他沟通文件
5. Approve engagement report
  批准审计业务报告
6. Determine distribution of the report
  确定审计报告的分发
7. Obtain management response to the report
  取得管理层对报告的反馈意见
8. Report outcomes to appropriate parties
  向适当的对象报告结果
D. Monitor Engagement Outcomes
   监督审计业务结果
1. Identify appropriate method to monitor engagement outcomes
  确认监督审计业务结果的适当方法
2. Monitor engagement outcomes and conduct appropriate follow-up by the internal audit activity
  监督审计业务结果并由内部审计机构开展恰当的跟踪活动
3. Conduct follow-up and report on management's response to internal audit recommendations
  进行跟进并报告管理层对内部审计建议的反馈意见
4. Report significant audit issues to senior management and the board periodically
  定期向高级管理层和董事会报告重大审计事项
 
III. Fraud Risks and Controls (5-15%)
   舞弊风险和控制(5-15%)
A. Consider the potential for fraud risks and identify common types of fraud associated with the engagement area during the engagement planning process
    在计划审计业务的过程中,考虑舞弊风险的可能性,并识别与审计业务范围相关的一般舞弊类型
B. Determine if fraud risks require special consideration when conducting an engagement
    在实施审计业务时,确定是否需要特别考虑舞弊风险
C. Determine if any suspected fraud merits investigation
    确定是否应对任何可疑的舞弊点进行调查
D. Complete a process review to improve controls to prevent fraud and recommend changes
    对过程进行检查,以改善预防舞弊的控制,并提出改进建议
E. Employ audit tests to detect fraud
    运用审计测试,以发现舞弊
F. Support a culture of fraud awareness, and encourage the reporting of improprieties
    树立舞弊防范意识,鼓励报告不正当的行为
G. Interrogation/investigative techniques – Awareness Level (A)
    讯问/调查技术——要求了解(A)
H. Forensic auditing – Awareness Level (A)
    司法鉴定审计——要求了解(A)

责任编辑:木棉 
·注册会计师考试辅导 ·中级审计师考试辅导
·内部控制自我评估师 ·国际注册内部审计师
·注册信息系统审计师 ·高级审计师考试辅导
·美国注册舞弊审查师 ·国际注册内部控制师
热点新闻
中国审计网投稿信箱:tougao@iaudit.cn
中国审计网中文网址:审计网.中国 中文域名:中国审计网.com
电信与信息服务业务与电子公告BBS经营许可证:B2-20050153号
Copyright @ 2000-2014 www.shenji.cn All Rights Reserved.