Research On BY Company’s Risk Oriented Internal Audit

On the basis of the review literature at home and aboard,the article expounds the related concepts of the meaning of risk-oriented internal audit,the difference of the risk-oriented internal audit and the traditional internal audit.It also introduces its theoretical basis about the emergence and development of risk-oriented internal audit according to the risk management theory and systems theory.The research of BY company imply risk-oriented internal audit in this paper is based on the theories mentioned above.The paper firstly introduced BY company’s basic situation,and from two aspects of organization and working procedures,this paper introduces the present situation of the internal audit work,founding that the internal audit work in BY company are facing the following problems: the audit planning phase lacks risk assessment,the audit implementation phase have less work on risk control test,the follow-up audit phase’s work does not reach the designated position,the whole audit process lack the support of information technology in the audit process and the structure of the internal auditors is unitary.In view of the implementation of risk-oriented internal audit can help BY company to solve the contradiction between supply and demand of internal audit resources,the lack of perfect internal control system and achieve the purpose of improve company steady development,so this paper build the framework of how to apply risk-oriented internal audit from the audit planning phase,audit implementation phase,audit report phase and follow-up audit phase.Then,this paper specify the application of risk-oriented internal audit in BY company,and application is divided into two aspects: On the audit procedures,BY the company’s internal audit should on the basis of the order of the "goal-risk-control",and take the procurement items which involve the important expenditure of the company as an example to specify the audit procedures.At first,during the audit planning phase,auditor should using a scientific methods to identify and assess risks,and identify key audit areas based on the size of the risk and allocate audit resources.Secondly,during the audit implementation phase,auditor should imply compliance test and substantive test to reduce the risk,and put forward the proposal on how to reduce the risk inwhich cannot reduce risk effectively.Then,during the audit report phase,auditor should issue the audit report according to the auditing issue.And lastly,in the follow-up audit phase,auditor should pay attention to the rectification of risk problems and high-risk areas.In terms of safeguard measures,BY company can optimize the structure of internal auditors,build a compound audit team,strengthen the training of internal auditors in risk-prevented,improve the risk awareness of all staff,and apply information technology to the work of risk-oriented internal audit.