Mar 25, 2019

Learning from the Dutch Example How to Improve Internal Audit Process

With an intention to further improve knowledge in internal audit process and procedures, Mr. Fitim Tahiri, internal auditor at the Kosovo Ministry of Internal Affairs, attended the CEF learning event Internal Audit Engagement from Planning to Reporting last November. Apart from engagement planning, the sessions looked into identifying and prioritizing the risks relevant to the engagement, determining the objectives and scope of the area or process under review, as well as considering the reporting requirements along with the follow-up quality assurance review. Here are some of the reflections Mr. Tahiri shared as an afterthought on the proceedings of the learning event.

“Participation in Internal Audit Engagement from Planning to Reporting has contributed to the practices and forms of initiating the steps for drafting reports. It is known that we have standards for drafting reports, but the experience of colleagues from the Netherlands illustrating the concrete steps has also served at work during the audit development process.

It is worth mentioning that the experience has been re-deferred to the experience of applying COSO standards to an organization, guaranteeing a proper functioning of the control system. It also guarantees credible reports and acknowledges the role of internal audit as the third checkpoint.

The possibility of exchanging practices with colleagues from the countries of the region is very important and the CEF is the right place for such exchange of professional experience. On this occasion, the practice of Dutch colleagues regarding the functioning of an electronic platform for the steps of planning and drafting a report has been introduced, which is an added value for my work.

Also, it has triggered me to devote more attention to planning standards and rethink the role of auditor’s participation in risk assessment. With regard to the latter, I discussed the cases from my work experience and I shared concrete examples how I engage in the risk assessment of the organization, and I also appreciated discussing the importance of creating the list of risks.

I am very pleased with the quality of the training at the CEF, both in terms of organization and the materials and presentations. Last but not least, receiving the participation certificate is a value for me and my organization.”