We, as internal auditors, must understand and be able to evaluate the business processes of our Clients. Audit planning is conducted at the beginning of the audit process to establish the overall audit strategy and set out the relevant procedures to be carried out to implement the strategy and complete the audit.
Internal Audit Approach and Benefits
Gather information and plan
- Knowledge of business and industry
- Regulatory statutes
- Inherent risk assessment
Obtain understanding of internal control
- Control procedures
- Detection risk assessment
- Equate total risk
Perform compliance tests
- Identify key controls to be tested
- Perform tests on reliability, risk prevention and adherence to organization policies and procedures
Perform substantive tests
- Analytical procedures
- Detailed tests
- Other substantive audit procedures
Conclude the audit
- Create recommendation
- Write audit report
Management relies on internal auditing for insight and objective assurance to ensure that existing internal controls are adequate to:
- mitigate the organization’s risks,
- ensure thatgovernance and risk management processes are effective and efficient, and
- that the organizational goals and strategic objectives are met.
At planning stage (after a thorough review of the organisational processes) we will introduce a holistic audit methodology to establish a robust action plan of engagements to be conducted with the aim to start improving the defense line mechanism with the organisation
Our Internal Audit Team
The internal audit team members have over 30 years of experience in different types of audits.
John Debattista - Partner
John Debattista is a Certified Public Accountant and Registered Auditor. Prior to Zampa Debattista, John occupied the post of audit manager in a medium-sized audit firm, where he developed a specialization in the financial services industry and remote gaming sector. John is one of the founding partners at Zampa Debattista and heads the Assurance function of the organisation. He is the IFRS leader and acts as an advisor on highly technical IFRS issues.
Greg Szabo – Head of Internal Audit
Mr. Szabó has been providing internal audit, IT audit and business process re-engineering, and consultation services to regulated entities for a decade. He is the Head of Internal and IT audit at Zampa Debattista, and his main focus is on investment service, iGaming service providers, and financial institutions.
Matthias Mangion – Senior Auditor
Matthias is a member of the Malta Institute of Accountants (MIA). In 2017, he obtained a Bachelor of Commerce in Accountancy and Banking. Following this, he graduated with a Masters in Accountancy from the University of Malta in 2020. Throughout his work experience, he was exposed to both internal and external audit assignments on licensed funds, iGaming, shipping, manufacturing, and retail.
Zampa Debattista is a full member of Russel Bedford International, a top 20 global network of firms that also grants access to global resources.
Types of Internal audits and assessments
IT combines financial, operational, compliance, and information system audit steps primarily recommended to regulated entities. Controls are typically composed of policies, procedures, practices, and organizational structures implemented to reduce risk to the organization. As your Internal Auditor, we assess whether the internal controls are developed to assure management that the organization’s business objectives will be achieved and that risk preventive measures are efficient and adequate.
Information System (IS) audit
Our program follows the CISA framework, designed to collect and evaluate evidence to determine whether an information system and related resources are adequately safeguarded and protected, maintain data and system integrity and availability, and achieve organizational goals effectively.
Our team also analyzes the internal controls to see whether these provide reasonable assurance that business, operational, and control objectives will be met.
Corporate and IT Governance – MBR
Every company is unique, but all of them require efficient processes and reliable controls.
We can assist you in evaluating the current operational flows and internal controls, identify risks and recommend actions. We assure you of an enhanced control system with customized reporting solutions and provide you with strategic advice regarding opportunities to improve your business process.
Zampa Debattista can also assist you in improving your corporate governance
To achieve a successful project outcome, the audit function should play an active role, where appropriate, in the life cycle development of a new system or business application. This will facilitate efforts to ensure that proper controls are designed and implemented in the new system. We must understand the system or application developed to identify potential vulnerabilities and points requiring control.
Cash flow management and cost review audit
We are living in a challenging time for businesses and individuals, whereby we are facing a serious global energy crisis, and we are facing soaring rates of inflation whilst governments are trying to defend entities and the general public with rate hikes against inflation. Operational and investment costs are also increasing, and it is getting harder to get financing. The risk appetite of Venture capital investors is decreasing. Considering these factors, it is crucial to monitor oversight of the cash flow management closely, introduce additional strong control measures, and explore new cost optimization methodologies. We aim to assist you at this time and later on with an independent evaluation and recommendations.
Business process and controls
The management focus is on the growth of the business and other essential objectives. The business development should be followed by quality assurance and implementation of accurate controls and procedures. Otherwise, the company can run significant risks, generate losses, and lose control over the business. In this scenario, the company might lose the status quo and face business development-, financial and operational issues. We can support you with a gap analysis and recommend actions to improve your processes and controls.
Security Status Quo
Every business has to consider security seriously regardless of its size or regulatory status. We created a framework to perform a security status quo check on your company to identify weaknesses and recommend preventive actions. It is not an ISO security audit, but the methodology is designed according to the standard.
Individual Audit Assignments – Specific Areas Requested y the Client
We as the internal auditors will perform a risk assessment to establish the audit plan. However if a specific area of business needs to have an independent review, we can assist in this respect to provide relevant recommendations in order to improve the respective controls and procedures, when relevant.
- Investment service
- Securities and markets
- Bond issuers
- Family Office
- Other trading entities
Internal Audit’s role in ESG reporting
Internal Audit’s role in ESG reporting
Strong governance over ESG requires alignment among the principal players, as outlined in The IIA Three Lines Model, Zampa Debattista can support your regulated or nonregulated company with objective assurance, insights, and advice on ESG matters.
- Review reporting metrics for relevancy, accuracy, timeliness, and consistency
- Review reporting for consistency with formal financial disclosure filings.
- Conduct materiality or risk assessments on ESG reporting.
- Incorporate ESG into audit plans.
- Build an ESG control environment.
- Recommend reporting metrics.
- Advise on ESG governance