TO COMMENT on the article,
 Audit Committee   EMAIL the author at aabunabaa@yahoo.com



 Common mistakes in this context include:  action against those who do not   Sixth: Other mistakes:
 respond to internal audit reports
 1)  Lack of awareness among the members   despite ongoing follow-ups from   1)  Leaving the process of request for
 of  the  committee  that  they  are   internal audit department; which may   proposals and  fees  negotiation  in
 responsible for the effectiveness and   lead to frustration among internal   relation to outsourcing some or whole
 efficiency of internal audit activity.  audit team and weakening the role of   of internal audit activities to executive
 2)  Lack of assuring that the internal audit   internal audit activity in organization.   management .
 plans  are  in  line  with  organization   Fourth: Mistakes in the relationship of
 strategies and covering the most   audit committee with external auditor:   2)  Failure to follow up the latest laws
 important risks encountered, and   and legislations issued concerning
 lack  of assuring effective coordination   Common mistakes in the relationship of   organization activities.
 between the internal audit activities and   audit committee with external auditor:  3)  Failure  to  follow  up  and carry  out
 the rest of internal control departments
 within organization (risk management,   1)  Failure to have a meeting with   periodic review on effectiveness and
 compliance  management,  security  independent auditor, periodically, to   efficiency of managing the most
 management and safety management,   discuss a proposed work plan, and   important risks facing organization,
 etc.).   ensure his/her independence and   whether strategic, operational, financial
 objectivity.   Or not meeting with him/  or compliance.
 3)  Lack  of  knowledge  about  the  her unless there is a representative of
 methodology followed by the internal   executive management in presence,   4)  Lack  of  focus  on  information  security
 audit  activity  and  not  asking  the   and not auditing financial statements   and IT risks.
 director of internal audit department in   critically.    We rarely  find  an  audit
 a critical manner about achievements of   committee that seriously discusses   5)  Failure to adopt any mechanism that
 internal audit activity.  auditor’s opinion, work followed   allows all organization employees to
 4)  Failure to promote importance of   in covering some important audit   provide their comments secretly about
 having an independent audit activity in   elements such  as  investments,  debt   any violation of regulations, and not
 organization, for both board of directors   allocations and performing some   to verify effectiveness of implementing
 important tests.  It is worthwhile noting
 and executive management.   such mechanism, by conducting
 here that the independence of auditor   an  independent  investigation
 5)  Non-approval of a charter, policies   may be affected if he/she has submitted   commensurate with the size of error or
 and procedures of internal audit   consulting work to organization and/or   override and not adopting appropriate
 department.  if  executive  management  has  solicited   follow-up procedures.
 offers  and  negotiated  fees  with  the
 6)  Failure to have a meeting with director   auditors.
 of internal audit department without   6)  The committee never exploits its
 having a representative of executive   2)  Not  asking  external  auditor  to  submit   authority to review organization records
 management.  to management (Management Letter   and documents, to ask for clarification
 Points) and study his/her notes about   or statement from members of board or
 7)  Failure to look at and approve a strategic   corporation financial statements and   members of executive management, and
 plan (not annual plan) of internal audit   on the adequacy of internal control   to ask board to call general assembly
 activity.  systems and on follow up actions.  of shareholders for a meeting if board
 8)  Allow  executive  management  to  3) Lack  of  knowledge  about  the  obstructs its duty.
 intervene in appointing the director   requirements of adopting international
 of internal audit, determining his   standards,  and  with  possible   The  role of audit  committees  is of
 remuneration, not to review and   weaknesses and manipulation and   continuous development and their focus on
 approve annual budget of internal   leaving the matter entirely to executive   old means considering the developments in
 audit activity and leave it to executive   management and the auditor.  the risk environment and the enormous size
 management and not to ask the   of task on shoulder of board of directors is
 director of internal audit  department   Fifth: Mistakes in committee meetings:  no longer sufficient.  Therefore, they should
 frankly about his personal assessment   focus more on organizational changes that
 of  the level of  his  independence  from   Some common mistakes in relation to   may affect overall control, risk management
 executive management and its level of   committee meetings include low number   processes, compliance with regulations and
 cooperation with him.   of meetings,  , short duration, poor pre-
 preparation by its members, failure to   laws, and on helping the board to play its
 9)  Failure to carry out a periodic   read internal audit reports presented to   supervisory and control role over executive
 assessment for internal audit activity by   them, lack of documenting all the matters   management  performance,  thereby
 the committee (at least once a year) and   that were discussed in committee minutes   supporting independence of external
 by an external party (at least once 3-5   of meetings, but, documenting only the   auditor and increasing effectiveness of
 years).  decisions and recommendations, and delays   internal audit activity and internal control
 10)  Rely, mainly, on director of internal   in preparing the minutes or approving   systems.
 audit  to  perform  duties  and  it. In addition, it is wrong to believe that
 documenting some sensitive issues may
 responsibilities of the committee.
 harm organization reputation, and also not   Ala’ Abdelaziz Abu Naba’a,  CPA, CIA,
 11)  Weak interaction of the committee   reporting, periodically, on committee work   CRMA, CICP, MACC, Head of Audit and Corpo-
 with the results of internal audit   to board of directors or general assembly of   rate Excellence at IFA Group of Companies (In-
 reports, or failure to take appropriate   shareholders.   ternational Financial Advisors)

 24     INTERNAL AUDITOR - MIDDLE EAST                                                                                                                                MARCH 2018  MARCH 2018  INTERNAL AUDITOR - MIDDLE EAST     25