Internal audit is a key pillar of governance in any organisation. It is an important element in the governance and assurance environment, and a valuable tool to manage risk effectively. Many jurisdictions, especially government, mandate that organisations must have an independent and effective internal audit function. This can apply to the public sector, and also corporate and not-for-profit organisations.
It has been said that internal audit is the ‘eyes and ears’ of management because it gets around the organisation and looks at lots of risk areas. When the organisation’s risk management, control and governance are operating properly, the Corporate is protected.
VINARE has established its Internal Audit since April 1st,2021 in compliance with Decree No. 05/2019/ND-CP dated 22/01/2019 of the Vietnamese Government on internal audit.
The main jobs of the Internal Audit are:
- To provide independent and unbiased assessment of the organisation’s operations;
- To provide the management with information on the effectiveness of risk management, control and governance processes;
- To act as a catalyst for improvement in risk management, control and governance;
- To be an adviser that tells the management what it needs to know, when it needs to know it.
The mission of Internal Audit is to enhance and protect organisational values by providing risk-based and objective assurance, advice, and insight. This is achieved through internal auditors:
- Being a partner to management: internal audit operates in a collaborative way to build a partnership with management without losing its independence from line management;
- Ensuring decision-makers get unfiltered messages: This means internal audit’s messages and commentary are not subject to filtering through various layers of management and they can report in a ‘frank and fearless’ manner;
- Helping maintain organisational focus on achieving objectives: An effective internal audit function will ensure its work is risk-based and aligned to its organisation’s strategic objectives;
- Providing assurance that decisions are properly authorised: A fundamental component of every internal audit engagement is to follow the approval process to assure key organisation decisions are properly authorised in line with the approved delegation structure;
- Validating the reliability and integrity of information: Internal audit engagements will typically examine reliability and integrity of information;
- Providing assurance the organisation is complying with laws, regulations, policies and contracts;
- Determining whether business activities are conducted efficiently, effectively, economically and ethically;
- Promoting activities that minimise the risk of fraud: It is not a specific internal audit role to detect and investigate fraud. But it is internal audit’s role to make sure controls designed to control fraud risk are in place and operating effectively;
- Identifying business improvements and better ways of doing things;
- Monitoring high-risk programs and projects to ensure they remain on track: Independent validation of project reporting by internal audit can pinpoint issues and ultimately save money by helping to keep projects on track. Reviewing projects after they are completed is too late;
- Delivering in-house consultancy services to management.
All of the above proves that the establishment of an internal audit department is necessary and VINARE will benefit from having its corporate governance enhanced.