Download presentation
1
Audit Planning Process
2
Audit Planning Process
Strategic/tactical audit planning Engagement letter Risk assessment Preliminary evaluation of internal controls Audit plan, program and scope Classification, scope of audit
3
Strategic/tactical Audit Planning
Short term Takes into account audit issues that will be covered during the year Long term Relates to audit plans that will take into account risk related issues regarding changes in the organization’s IT strategic direction that will affect the organization’s IT environment
4
Steps to perform audit planning
Gain an understanding of the business's mission, objectives, purpose and processes, which include information and processing requirements, such as availability, integrity, security and business technology Touring key organization facilities Reading background material including industry publications, annual reports and independent financial analysis reports Reviewing long term strategic plans Interviewing key managers to understand business issues Reviewing prior reports Identify stated contents, such as policies, standards and required guidelines, procedures, and organization structure
5
Steps to perform audit planning
Evaluate risk assessment and any privacy impact analysis carried out by management Perform a risk analysis Conduct an internal control review Set the audit scope and audit objectives Develop the audit approach or audit strategy Assign personnel resources to the audit and address engagement logistics
6
Risk Assessment Risk assessment method Areas to be audited
Use of risk assessment in audit planning (S11, G13, P1)
7
Risk Assessment Method
Qualitative and Quantitative Methods Semiquantitative Analysis Methods Quantitative Analysis Methods
8
Areas to be audited Enables management
Ensures that relevant information Establishes a basis for effectively managing the audit departement Provides a summary of how the individual audit subject is related to the overall organization as well as to the business plans
9
Audit Program Obtaining and recording and understanding of the audit area/subject Risk assessment and general audit plan and schedule Detailed audit planning Preliminary review of the audit area/subject Evaluating the audit area/subject Compliance testing (often referred to as test of controls) Substantive testing Reporting (communicating results) Follow up
10
Classification, scope of audits
Financial Audits Operational Audits Integrated Audits Administrative Audits Information Systems Audits Specialized Audits Forensic Audits
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.