2. Finalize Verify receipt of
Site Arrival and
Pre-Audit Schedule and information as
Audit initiation
Agenda per Checklist
Substantiate Interview Review
Audit and
risk for People to obtain Documents and
assess
identified understanding Information
compliance
exposure gathered
Audit Process Flowchart
No
Yes Submit to
Prepare Initial Submit to IT
Accept Senior
draft report Audit Manager
Management
Attendees:
CEO/CFO/
IT Manager
Submission of
Senior
Report to Send to IT Audit Interim Closing
Management
Senior Manager Meeting
Review
Management
No
Publish report Remedial
to Unit Audit follow-up
Accept measures from
Business procedures and
Unit Business
Yes Owners dates
Owners
Submit to
Final Closing Submit to IT
Senior
Meeting Audit Manager
Management
Attendees:
CEO/CFO/
IT Manager
3. Our Methodology
Gather Information and Plan
• Knowledge of Business and Industry
• Prior Year’s Audit Results
• Regulatory Statutes
• Inherent Risk Assessments
Obtain Understanding of Internal Controls
• Control Environment
• Control Procedures
• Control Risk Assessment
Perform Compliance Tests
• Test Policies and Procedures
• Test Segregation of Duties
Perform Substantive Tests
• Analytical Procedures
• Other Substantive Audit Procedures
4. Conclude Audit
Make recommendations after correctly evaluating the controls for improvements
within each of the five interrelated areas like:
• Control environment.
• Risk assessment.
• Control activities.
• Information and communication.
• Monitoring.
Submit an Audit Report that is:
• Accurate
• Objective
• Clear
• Concise
• Constructive
• Complete
• Timely
5. Sample Audit Report
To:
_______________
_________________
From:___________________________
Date:
EXECUTIVE AUDIT SUMMARY
I. INTRODUCTION AND SCOPE
Entity Name: _________________________ Location: _______________________
Segment : ________________________
Assets: (USD million) ______________ Bud. Ann. Sales: (USD million)__________________
Bud. Ann. EBIT: (USD million __________________________
Business Description: (Provide information about the business and its links to other businesses or
corporate office. Give list of services offered and how these are executed)
________________________________________________________________________________
________________________________________________________________________________
Scope: (Write about scope of the audit in terms of areas covered)
________________________________________________________________________________
________________________________________________________________________________
Audited Period: ________________
II. AUDIT RESULTS
__________________________________________________________ Critical
__________________________________________________________ Important
Minor
6. Executive summary of our audit findings:
Compliance
Operational Efficiency
Findings Total Financial Reporting & Effectiveness
Critical - - - -
Important - - - -
Minor - - - -
The table below details Audit findings:
Findings &
Issue Specific Root
Area Rating Causes Impact Recommendation Management Response
Finding: Agree: (Yes/No)
Root Cause: Responsible Party (Person, Title):
Corrective Action Plan:
Target Date:
Audit Follow Up Date:
7. Based on the overall audit strategy, we undertake medium term and annual Audit programmes to
provide the required assurance. These will be drawn up by Internal Audit in consultation with the
Concerned Authority and the approval of the Audit Committee. The programme’s are meticulously
designed to:
Appraise progressively the soundness, adequacy and application of the internal control systems;
Ascertain the extent to which the system of internal control ensures compliance with the policies
and procedures and State laws and regulations;
Ascertain that the system of internal control promotes the efficient and effective use of resources;
Ascertain that the system of internal control operates to ensure that the assets of the
Organization are properly controlled and safeguarded from losses arising from fraud, irregularity
or corruption;
Ascertain that there are adequate controls to ensure reliability of accounting and other
information as a basis for producing accounts and for financial, statistical and other returns;
Ascertain that there is an adequate internal control system to ensure the integrity and reliability of
financial and other information provided to the Governing Authority; and
Confirm compliance with laws, regulations and Government Guidelines.