Internal Audit for Financial Institutions

Internal Audit for Financial Institutions

The International Standards for the Professional Practice of Internal Audit define internal audit as an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.  The standards go on to say that internal audit helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance process.

CRI’s internal audit professionals deliver risk-based, cost-effective service to financial institutions while fully embracing the Standards, as well as prevailing financial institution regulatory guidance.

The International Standards for the Professional Practice of Internal Audit define internal audit as an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.  The standards go on to say that internal audit helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance process.

CRI’s internal audit professionals deliver risk-based, cost-effective service to financial institutions while fully embracing the Standards, as well as prevailing financial institution regulatory guidance.

Our internal audit approach begins with defining the audit universe by identifying all relevant business processes, consistent with Internal Control – Integrated Framework developing by the Committee of Sponsoring Organizations (COSO 2013).  We then conduct an internal audit risk assessment, designed to deploy internal audit resource in the most efficient and effective means practicable.  CRI’s risk assessment methodology is both adaptable and scalable and considers prevailing financial institution regulatory guidance and thought leadership such as The Three Lines of Defense in Effective Risk Management and Control.

Our internal audit approach begins with defining the audit universe by identifying all relevant business processes, consistent with Internal Control – Integrated Framework developing by the Committee of Sponsoring Organizations (COSO 2013).  We then conduct an internal audit risk assessment, designed to deploy internal audit resource in the most efficient and effective means practicable.  CRI’s risk assessment methodology is both adaptable and scalable and considers prevailing financial institution regulatory guidance and thought leadership such as The Three Lines of Defense in Effective Risk Management and Control.

Development of a Risk-Based Audit Plan

Our internal audit process includes, but is not limited to:

  • Documentation of the business process, identification, and evaluation of key internal controls.

  • Design and performance of audit testing procedures, documentation of results, and analysis of symptoms discovered to identify the root cause.

  • Verification of results through discussions with management, resolution of questions, and development of workable recommendations.

  • Development of an internal audit report, which contains business and risk analysis, findings and recommendations from testing, and identification of common themes on an institution-wide basis.

  • Presentation of report to senior management and Audit Committee.

CRI conducts internal audits in a variety of operational areas, including

Our highly skilled internal auditors have the depth, breadth, and diversity of experience to provide value-added internal audit services to financial institutions while adhering to the highest standards of the profession.