Getting started with IA Governance

How to get started with IA Governance

  Instructions:

For each Entity in Caseware Cloud, governance documents, methodologies, strategies, and audit planning are unique.

• For internal audit functions that are in-house, create an entity in Cloud for your internal audit function.
• Outsourced or co-sourced internal audit functions, create an entity in Cloud for the organisation you are serving.

IA Governance houses all the components required to establish and maintain the internal audit function:

• Draft and establish methodologies that form the internal audit manual.
• Prepare and finalise the Internal Audit Charter.
• Define the Internal Audit Strategy aligned with organisational objectives.
• Create and maintain the audit universe.
• Conduct risk assessment and develop the risk-based audit plan.
• Track recommendations and actions arising from engagements.
• Document and manage the Quality Assurance and Improvement Program (QAIP).

IA Governance defines how the internal audit function operates.

Configure the governance environment

When IA Governance is opened for the first time, the experience depends on the user’s role:

Cloud Administrator

A Cloud Administrator can immediately begin configuring:

• SETUP | General – Select country, language, and organization type.
• SETUP | Permissions – Grant access to governance modules.

These settings define how IA Governance behaves and who can use each part of it.

Non-administrator

Non-admin users must request:

• Completion of SETUP | General by the Cloud Administrator
• Additional access rights if they need access to additional modules

This ensures all governance activities are properly controlled and restricted to designated individuals.

Draft and establish methodologies

The internal audit methodology forms the backbone of the internal audit manual.

In IA Governance, auditors can:

Draft your manual

• Create and manage methodologies
• Design forms, templates, and checklists (for planning, fieldwork, RACM design, etc.)
• Iterate drafts until finalised

Establish methodologies

Once approved:

• Mark methodologies as Prepared
• Click Establish to publish them for organisational use
• They become visible under MY WORK for all staff

Established methodologies ensure a consistent, standardised audit approach.

Develop the foundational governance documents

Internal Audit Charter

Under CHARTER, users can:

• Draft the IA Charter
• Align it with organisational governance structures
• Print to PDF and store externally if needed

Internal Audit Strategy

Under STRATEGY, users can:

• Draft a multi-year IA Strategy
• Align the strategy with organisational objectives, risk appetite, and available resources
• Print and store for reference

These documents reflect the internal audit function’s mandate, expectations, and direction.

Build the audit foundation

IA Governance provides the structure for risk-based internal audit planning.

Audit Universe

• Define auditable units
• Add risk considerations
• Maintain an evolving view of the organisation's coverage areas

Risk Assessment

• Identify and assess risks
• Apply likelihood and impact
• Link risks to auditable units

Audit Plan

Based on the universe and risk assessment:

• Develop annual audit plans
• Prioritise engagements
• Monitor progress over time

Recommendations and Action Plans

After engagements conclude:

• Document management actions
• Track implementation progress
• Follow up and report to leadership

The Quality Assurance and Improvement Program (QAIP)

IA Governance includes a module to record the results of quality assessments performed.

   Related Articles

   Search Results