| |
By Jerry Bonham, Texas Mutual Insurance Company
Every organization in AASCIF, regardless of its size, should have
some type of internal control system or process. In many places
this will include an internal auditing process. My colleague in
Kentucky is writing to you about the role he plays as a staff of
one. Since things are always bigger in Texas, I am pleased to share
the role of my internal audit staff at the Texas Mutual Insurance
Company.
The Board of Directors, to whom I report, and management believe
that the Texas Mutual Insurance Company is best served by a fully
resourced and professionally competent internal audit staff that
provides value-added services and improves the organization's operations.
My staff consists of four Financial & Operational auditors and
three Information Technology auditors. This larger staff size allows
for more breadth of services. During the past year, our services
have included the following:
- Traditional auditing in areas such as compliance with organizational
procedures, laws and regulations; economic and efficient use of
resources; safeguarding of assets; accomplishments of established
objectives; responses to assertions of fraud; and reliability
and integrity of financial information.
- Facilitation of Control Self-Assessments (CSA).
- External auditor support (annually we provide 500 hours of
direct assistance to our external audit firm and share the results
of our audit activities).
- Educating and orienting personnel on risk assessment and internal
control concepts.
- Consultation and special projects on numerous topics ranging
from computer security, systems evaluation, corporate governance
matters, and responses to new legislation.
As you can see, our role is more than the traditional activities
of reviewing compliance, assuring safeguards and recommending controls.
At the Texas Mutual Insurance Company one of our roles is a facilitator,
primarily through CSAs. This powerful self-governance tool was adopted
by the Texas Mutual Insurance Company in 1997 as an alternative
method of evaluating internal control systems. CSA utilizes the
traditional audit concepts of risk and control; however, these concepts
are combined with a quality-focused workshop to make the evaluation
of controls a collaborative effort. CSA has become so successful
and routine we are frequently approached by management to facilitate
a workshop.
Our role is also one of educator, as is highlighted in our Board's
Policy on Internal Audit Matters. Recently, we have played this
role through the design of a 90-minute class on risk and control.
Management has asked us to teach this class throughout the company.
In 2001 we will conduct approximately 20 separate classes in the
corporate and regional offices for all departments.
Another role is consultant. In this role our primary objective
is to provide advice and counsel on business matters. The purpose
of a consultation may include providing additional resources to
research subject matters, explore opportunities, address a need,
or assist in solving problems. An example in the past year was in
the area of corporate governance. We were asked by the Chairman
of the Board to research the recommendations of the SEC's Blue Ribbon
Committee on Improving the Effectiveness of Corporate Audit Committees
and make suggestions to improve the Board's audit committee activities.
An internal audit unit with in-staff professionals with CPA, CISA
and CFE credentials enables us to broaden our services and serve
many roles. Facilitator, educator, consultant, coach, reporter,
explorer, analyst, and listener! It's all in a day's work.
|
