Internal Audit Department,
- establishing
- development
- management
- transformation
ORGANISATION
- Global Industrial Battery Producer – $2Bn revenue, 9000 FTEs
project SCOPE
- Company just started to be quoted on NYSE and therefore an Internal Audit dept. was required.:
project GEOGRAPHY
EMEA
manufacturing: UK, FRANCE, GERMANY, ITALY, POLAND, BULGARIA. other entities: – all 30 remaining European Countries
FINDINGS
- Lack of Internal Audit department: staff, budget, methodology,
- weak corporate governance culture
- non standardized and weak internal control systems
- lack of control risk management:
- documentation
- testing
- analysis
CHALLENGES
- project complexity (6 entities full scope + 30 entities limited scope in EMEA)
- time constraints, delay on starting point
ACTIONS
- plan (staff, processes, budget)
- building risks map based on SOX
- hiring team of auditors
- budget and audit plans
- ensuring independence from operational management
- assisting with issues cleaning/follow up process
- cooperation with auditors from other regions (APAC, Americas)
- strict cooperation with E&Y (Auditor)
DELIVERABLES
- EMEA Internal Audit dept. established
- 5 Auditors + 5 Internal Controls staff
- Budget
- Methodology (including IT Audit)
- Documentation
- Audit Procedures
- Risk Mapping
- Management awareness of IA existence.
- Management is aware of the IA existence – IA is able to deliver:
- strategic and performance reviews,
- advice,
- preventing frauds
- Management is aware of the IA existence – IA is able to deliver:
EXPERTISE APPLIED
Audit & Assusrance
- audit procedures (sampling, testing, walk-through, documentation, investigation)
- IT audit procedures (general IT controls)
- Audit Dep’t staff managment
Internal Controls and Procedures
- internal controls (design, implementation, monitoring) frameworks standards (PCAOB, COSO, COBIT) SOX/RCM (Risk Controls Matrix):
- implementation,
- management,
- transition
- business process: (assessment, streamlining, simplification, permanent monitoring)
- process documentation (narratives, workflows,
- walkthroughs, testing): O2C, P2P, R2R, others
Risk management
- Risks mapping
- Risk Assessment & Analysis Risk Mitigation Strategies
- Risk Identification
- Compliance risk
- promoting culture of risk approach
- permanent risk monitoring
Ethics and Integrity
- Promoting Culture of Integrity
- Gaining/Building stakeholder’s trust
Languages
French, Russian, Polish
DOWNLOAD FILE
Call to have a short discussion (without any obligations)