Internal Audit and Risk Management

The Internal Audit Services that Makwande offers is in line with the key areas as identified by the definition of Internal Auditing. Our main objective is to add value to your organization, leaving your controls intact and giving recommendations that will help minimise your costs and maximise your bottom line. Some of our activities will be carried out using Computer Assisted Audit Techniques and appropriate audit software.

The definition states;
Internal auditing is an independent, objective assurance and consulting   activity designed to add value and improve an organisation's operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Our Internal Audit function carries its scope from the mandate given by management of your organization. Our key performance areas include:

  • Identifying, evaluating, prioritising and documenting business risks and opportunities for operating units and updating respective risk profiles
  • Perform audit planning for assigned projects
  • Identify and document systems
  • Review adequacy and effectiveness of internal controls in the systems
  • Preparation of audit reports on the findings
  • Testing compliance with regulations, policies and procedures
  • Perform and check, reconciliation, comparisons and verification of transactions
  • Prepare working papers and documenting procedures followed
  • Monitor the implementation and adherence to audit recommendations
  • Perform any related duties as requested by management


Risk Management

Risk Management is one of our specialists field within the Internal Audit Function. We believe risk is a result of a THREAT + EXPOSURE (T + E = R). Risk will result in a loss and the loss must be material or have an impact. There must also be a probability or frequency of risk. Our process in combating risk includes:

  • Identification of risk
  • Risk Quantification
  • Mitigation and Control
  • Risk Monitoring

When we are done with you, you will be able to apply a Risk Management Framework in the execution of your duties. Management responsibility is to:

  • Plan
  • Organise
  • Direct and
  • Control

After you have done the above, your responsibility will be to consult us. We will monitor your controls using Key Performance Indicators (KPIs), Key Performance Areas (KPAs) and Critical Success Factors (CSFs). All of our duties will be executed within the parameters of COSO/COBiT.