External Audit Reports

Posted By: auditangel

External Audit Reports - 01/04/11 05:32 PM

I am curious how other banks handle the reporting of external audit report and aslo regulatory examination reports. We have an audit committee (new within the last 18 months) and I am the internal auditor. However, we do outsource some audits such as trust, IT, directors audit, loan reivew of larger credits.

Do the reports for these audits go directly to your full board or just your audit committee? I can see that regulatory exam reports should be examinineed by the full board, but feel that the both the full board and audit commitee reviewing the external audits is a bit redudnant. Our audit committee consists of our external directors. The board meets monthly and the audit committee meets quarterly. But maybe I should look at it as using the review at audit committee to discuss any concerns noted in the report.

As I stated, this is a new department and reporting mechanism for the bank. I just want it to be as efficient as possible, but without taking any necessary review away from the board.
Posted By: rlcarey

Re: External Audit Reports - 01/04/11 06:12 PM

Typically, if the the bank has an audit department, any oursourced audits flow through the audit manager like any other internal audit, i.e., next through the audit committee. If you don't have an audit department, then outsourced audits typically go direct to the audit committee. Regulatory examination have to go to the full board and anything of significance in the internal audits should also make it to the full board in summary fashion.
Posted By: auditangel

Re: External Audit Reports - 01/05/11 03:16 PM

Thanks! We do have an audit department, me. Now comes the hard part, re-training managment.
Posted By: CEK

Re: External Audit Reports - 01/06/11 01:23 PM

You said you want to train management. Okay, check out GRC Pro at www.ficsas.com. You can put internal/external audit and exam reports into this system for remediation purposes. All findings go through a risk profile analysis. GRC Pro will help you determine areas that need to be audited based upon safety and soundness. GRC Pro is a ERM using safety and soundness as a framework. ck