According to the Institute of Internal Auditors, “internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.” Simply said, internal audit is responsible for monitoring the effectiveness of the internal control processes that have been established by management.
Internal audit serves many purposes, but the principal tasks include:
- Risk assessment – Assisting management with identifying and prioritizing areas or processes that require attention and audit focus
- Process walkthroughs and documentation – Gaining an understanding of the processes and procedures as they currently exist, especially with respect to the IT systems utilized in the processing of high volumes of policyholder/claims data
- Control assessment – Identifying gaps, also known as “trouble spots,” where procedures and controls are not properly designed
- Testing – Performing tests of controls to verify whether controls are working as designed
- Reporting – Providing observations and recommendations to improve processes and controls.
NEW CASTLE internal audit services include the following: