ITTIHAD UNIVERSITY

College of Management & Information Systems

B.S. !rogram in B"siness Information Systems
IT Management for Ser#ie $%erations &'(')*)+,
IT Assignment (
Internal A"-it. Com%liane& Et/is an- Ris0 Management
S"1mitte- 1y2
Zubaidah Abdul Rehman (20042080)
I declare that this assignment is my own work, in my own words and it
does not include any copy paste or plagiarism issues. I also confirm
that I did not copy it from others and I have included all the
references.
S"%er#ise- 1y2
Dr. Selma EL-Sheikh

Internal Audit, !m"lian#e$ Ethi#% and Ri%k &ana'ement
(able !) !ntent%
Section 1) Introduction
1.1) Overview 3
1.2) Purpose and Aim 3
Section 2) Discussion Findings
2.1) Internal Audit 3
2.2) Compliance !t"ics #
2.3) !nterprise $is% &anagement '
Section 3) Conclusion ( Summar) *
$e+erences ,
Zubaidah Abdul Rehman, 20020!0 Page 2 of 8
Internal Audit, !m"lian#e$ Ethi#% and Ri%k &ana'ement
Se#ti!n *) Intr!du#ti!n
*.*) +,er,ie-
-"e pro.ect will contain discussion on internal audit/ et"ics and compliance and
enterprise ris% management. Internal audit are activities conducted 0) an organi1ation +or
evaluating t"emselves internall) and it is di++erent +rom e2ternal audit. &ost o+ t"e
organi1ations are "aving code o+ et"ics and standards or policies t"at will support t"at et"ical
culture and aspects w"ere all t"e emplo)ees s"ould compl) wit" it wit"out +ailure. !nterprise
ris% management is 0roader +orm o+ ris% management in+luencing t"e overall operations o+
t"e organi1ation.
*.*.*. .ur"!%e, and Aim
-"e purpose o+ t"e pro.ect is to identi+) w"at internal audit/ et"ics and compliance/
and enterprise ris% management are and to ma%e a discussion a0out t"ese terms 0) directl)
lin%ing t"em to practical li+e in t"e organi1ational operations. -"ere+ore/ t"e pro.ect is aimed
to provide good discussion around t"e various +acts o+ t"ese concepts.
Se#ti!n 2) Di%#u%%i!n /indin'%
2.*) Internal Audit
Internal audit is a process t"at involves o0.ective assurance/ independent and
consulting activit). It is designed +or adding value and improving t"e operations o+ an
organi1ation. -"ere+ore/ it will 0e "elping t"e organi1ation so t"at t"e) will 0e a0le to
accomplis" t"eir o0.ectives set 0) 0ringing disciplined and s)stematic approac" +or
evaluating and improving t"e e++ectiveness o+ governance processes/ control and ris%
management. -"e internal auditors will 0e evaluating t"e e++ectiveness and e++icienc) o+ t"e
organi1ation3s procedures along wit" t"eir related internal controls
1
.
1
4owal/ Pari0as. 52663). Co0i- +or Internal Auditors. $etrieved ' Decem0er 2611 +rom
"ttp7((www.n)sscpa.org(committees(emergingtec"(co0it.ppt
Zubaidah Abdul Rehman, 20020!0 Page 3 of 8
Internal Audit, !m"lian#e$ Ethi#% and Ri%k &ana'ement
Internal audit is carried out 0) internal auditors +or reporting to t"e Audit Committee
o+ t"e 8oard o+ Directors and t"e top management. Some o+ t"e areas o+ internal audit are
ma%ing sure emplo)ees are not ma%ing copies o+ so+tware programs 0ecause it is illegal and
auditing +or +raud. -"ere+ore/ ever) department will 0e "aving personnel +or conducting audit
+unctions o+ t"eir departmental activities assuring and c"ec%ing e++icienc) and e++ectiveness
2
.
I- auditing is involving t"e evaluation o+ t"e computer3s role suc" as control
o0.ectives ac"ievement and audit o0.ectives ac"ievement. -"ere will 0e in+ormation
providing suc" as means proving in+ormation and data will 0e availa0le/ secure/ con+idential
and relia0le
3
.
In ot"er words/ internal is considered as parallel process incurring 0e+ore e2ternal
audit or preparing +or e2ternal audit. -"e in+ormation +or internal audit will 0e coming +rom
management in+ormation s)stems/ production or operations/ +inance and accounting/ researc"
and development/ mar%eting and management
4
.
-"e personnel conducting internal audit s"ould 0e certi+ied internal auditor. -"e ma.or
areas o+ e2am will include 0usiness management s%ills/ in+ormation tec"nolog) and 0usiness
anal)sis/ conducting internal audit and its role in control/ ris% and governance
5
. -"ere+ore/ an
internal auditor will 0e usuall) compan) emplo)ee +or auditing w"et"er organi1ation is
compl)ing inline wit" set standards/ policies and procedures
6
.
2.2) !m"lian#e $ Ethi#%
2
Strand/ Sim%in/ 8agrano++. 5266#). In+ormation -ec"nolog) Auditing. $etrieved '
Decem0er 2611 +rom
"ttp7(("ig"ered0cs.wile).com(legac)(college(0agrano++(69*669##:6(ppt(c"11.ppt
3
Strand/ Sim%in/ 8agrano++. 5266#). In+ormation -ec"nolog) Auditing. $etrieved '
Decem0er 2611 +rom
"ttp7(("ig"ered0cs.wile).com(legac)(college(0agrano++(69*669##:6(ppt(c"11.ppt
9
&a%aeva. 52669). Internal Scanning7 Organi1ational Anal)sis. $etrieved ' Decem0er 2611
+rom "ttp7((s0mt.0su.0)(+acult)(ma%aeva;#Cma%aevaS&en;#C<ecture=otes
;#CIntrernal>Scanning>and>Organi1ational>Anal)sis.ppt
#
?urt. 52616). Pro+essional Certi+ications and Career Planning. $etrieved ' Decem0er 2611
+rom "ttp7((www.p"iladelp"ia.edu..o(courses(AIS(C"ap61*.ppt
'
-ur0an/ &c<ean/ @et"er0e. 52666). &anaging In+ormation $esources and Securit).
$etrieved ' Decem0er 2611 +rom "ttp7((people."o+stra.edu(<aura>?><all)(0cis961(c"1#.ppt
Zubaidah Abdul Rehman, 20020!0 Page 4 of 8
Internal Audit, !m"lian#e$ Ethi#% and Ri%k &ana'ement
!t"ics are set o+ guiding ideals/ standards or 0elie+s t"at will 0e pervading a group or
an individual. -"ere is great importance to computer et"ics 0ecause t"e people are "aving
certain +ears and perceptions towards t"e use o+ computer. &ost o+ t"e organi1ations "ave
et"ics programs/ code o+ et"ics/ and et"ics audit. An et"ics program will 0e consisting o+
several activities t"at will provide sta++ mem0ers wit" directions to carr) out t"e credo o+ a
corporate. @"ere0)/ et"ics audit per+ormed are 0) t"e internal auditors to evaluate
compliance 0) t"e sta++ mem0ers. -"e) will 0e auditing per+ormed activities against code o+
et"ics
7
.
-"ere are some issues o+ computer et"ics suc" as internal control integrit)/
unemplo)ment and displacement/ eAuit) in access/ owners"ip o+ propert)/ privac)/ computer
misuse/ arti+icial intelligence/ environmental issues/ and securit) and accurac)
8
. -"e two
approac"es in et"ics are integrit)B0ased approac" and complianceB0ased approac"
9
.
In order to "ave e++ective et"ics compliance/ t"e organi1ation s"ould consider t"e
+ollowing
10
7
!sta0lis"ing compliance procedures and standards/
Assigning top level management/
Avoiding delegating responsi0ilit) w"o are not trustwort")/
Communicating procedures and standards to all emplo)ees/
&onitoring and auditing s)stems +or detecting unet"ical activities/
!n+orcing et"ical standards/ and
&a%ing ad.ustments in t"e process o+ et"ical issues.
2.0) Enter"ri%e Ri%k &ana'ement
*
&c<eod/ Sc"ell. 52669). !t"ical Implications O+ In+ormation -ec"nolog). $etrieved '
Decem0er 2611 +rom "ttp7((people."o+stra.edu(<aura>?><all)(0cis961(c"1#.ppt
,
@"eeler/ P. 52663). !t"ics/ Fraud/ and Internal Control. $etrieved ' Decem0er 2611 +rom
"ttp7((www.swlearning.com(accounting("all(ais>9e(ppt(c"63.ppt
:
Altman. 5266#). Organi1ational !t"ics and t"e <aw. $etrieved ' Decem0er 2611 +rom
"ttp7(("ercules.gcsu.edu(Cdgoings(m%tg31*2(C"ap66'.ppt
16
Stanwic%/ P. 52666). Dnderstanding 8usiness !t"ics. $etrieved ' Decem0er 2611 +rom
"ttp7((www.au0urn.edu(Cstanwsd(introtoet"ics.ppt
Zubaidah Abdul Rehman, 20020!0 Page 5 of 8
Internal Audit, !m"lian#e$ Ethi#% and Ri%k &ana'ement
!nterprise ris% management 5!$&) is consisting o+ t"ree areas7 operational ris%s/
speculative ris%s and strategic ris%s. It is muc" 0roader concept considering personnel/
propert) or lia0ilit) loss e2posures
11
.
-"e process o+ !$& will 0e +lowing and ongoing t"roug" an entit) and t"e
application will 0e during strateg) setting. -"e design o+ !$& will 0e to identi+) possi0le
events t"at mig"t a++ect t"e entit) so t"at t"e) will 0e a0le to prepare ris% management at
enterprise level and to provide reasona0le assurance. -"ere are si2 encompassing areas in
!$& as s"own in +igure 17
Figure 17 !$& !ncompassing Areas
12
Se#ti!n 0) !n#lu%i!n
11
$e.da. 52666). Advanced -opics in $is% &anagement. $etrieved ' Decem0er 2611 +rom
"ttp7((+acultad.0a)amon.inter.edu(cde"o)os(+inan1as(seguros(+in;26'61(CAP;269.ppt
12
&ula)/ P. 5266'). In+ormation $is% &anagement visBEBvis !nterprise $is% &anagement.
$etrieved ' Decem0er 2611 +rom
"ttp7((www.assoc"am.org(events(recent(event>'#(Presentation>>>!$&>>>26>9>6'>>>Pravi
n>&ula).ppt
Zubaidah Abdul Rehman, 20020!0 Page 6 of 8
Internal Audit, !m"lian#e$ Ethi#% and Ri%k &ana'ement
@e "ave discussed a0out internal audit/ compliance and et"ics/ ris% management. All
"ave and pla)s ma.or +unctions in t"e operations o+ organi1ations. -"ere+ore/ internal audit is
"elping to accomplis" organi1ational to departmental o0.ectives +or 0ringing improvements.
!t"ics is important in t"e 0usiness world and it is in t"e top agenda o+ 0usinesses to ma%e
sure t"at sta++ are compl)ing wit" et"ical standards and activities set or initiated. @it"out an
e++ective et"ics compliance program/ t"ere is no point +or et"ics. !$& ena0les identi+)ing
possi0le events t"at mig"t a++ect t"e 0usiness and it will "elp in managing ris%s e++ectivel)
and e++icientl).

Zubaidah Abdul Rehman, 20020!0 Page 7 of 8
Internal Audit, !m"lian#e$ Ethi#% and Ri%k &ana'ement
Re)eren#e%
1) 4owal/ Pari0as. 52663). Co0i- +or Internal Auditors. $etrieved ' Decem0er 2611 +rom
"ttp7((www.n)sscpa.org(committees(emergingtec"(co0it.ppt
2) Strand/ Sim%in/ 8agrano++. 5266#). In+ormation -ec"nolog) Auditing. $etrieved '
Decem0er 2611 +rom
"ttp7(("ig"ered0cs.wile).com(legac)(college(0agrano++(69*669##:6(ppt(c"11.ppt
3) Strand/ Sim%in/ 8agrano++. 5266#). In+ormation -ec"nolog) Auditing. $etrieved '
Decem0er 2611 +rom
"ttp7(("ig"ered0cs.wile).com(legac)(college(0agrano++(69*669##:6(ppt(c"11.ppt
9) &a%aeva. 52669). Internal Scanning7 Organi1ational Anal)sis. $etrieved ' Decem0er
2611 +rom "ttp7((s0mt.0su.0)(+acult)(ma%aeva;#Cma%aevaS&en;#C<ecture=otes
;#CIntrernal>Scanning>and>Organi1ational>Anal)sis.ppt
#) ?urt. 52616). Pro+essional Certi+ications and Career Planning. $etrieved ' Decem0er
2611 +rom "ttp7((www.p"iladelp"ia.edu..o(courses(AIS(C"ap61*.ppt
') -ur0an/ &c<ean/ @et"er0e. 52666). &anaging In+ormation $esources and Securit).
$etrieved ' Decem0er 2611 +rom
"ttp7((people."o+stra.edu(<aura>?><all)(0cis961(c"1#.ppt
*) &c<eod/ Sc"ell. 52669). !t"ical Implications O+ In+ormation -ec"nolog). $etrieved '
Decem0er 2611 +rom "ttp7((people."o+stra.edu(<aura>?><all)(0cis961(c"1#.ppt
,) @"eeler/ P. 52663). !t"ics/ Fraud/ and Internal Control. $etrieved ' Decem0er 2611 +rom
"ttp7((www.swlearning.com(accounting("all(ais>9e(ppt(c"63.ppt
:) Altman. 5266#). Organi1ational !t"ics and t"e <aw. $etrieved ' Decem0er 2611 +rom
"ttp7(("ercules.gcsu.edu(Cdgoings(m%tg31*2(C"ap66'.ppt
16) Stanwic%/ P. 52666). Dnderstanding 8usiness !t"ics. $etrieved ' Decem0er 2611 +rom
"ttp7((www.au0urn.edu(Cstanwsd(introtoet"ics.ppt
11) $e.da. 52666). Advanced -opics in $is% &anagement. $etrieved ' Decem0er 2611 +rom
"ttp7((+acultad.0a)amon.inter.edu(cde"o)os(+inan1as(seguros(+in;26'61(CAP;269.ppt
12) &ula)/ P. 5266'). In+ormation $is% &anagement visBEBvis !nterprise $is% &anagement.
$etrieved ' Decem0er 2611 +rom
"ttp7((www.assoc"am.org(events(recent(event>'#(Presentation>>>!$&>>>26>9>6'>>>Pr
avin>&ula).ppt
Zubaidah Abdul Rehman, 20020!0 Page 8 of 8