Audits are an important tool in risk management. They can be used to monitor a company’s financial performance and compliance with laws, regulations, and contractual agreements. Auditing is primarily conducted by organizations to provide assurance about their systems of internal control over financial reporting, which facilitates the preparation of external reports such as for income tax purposes, shareholders and shareholders. Audit work plans are created for audits that have not yet begun so they can be managed in a timely manner at the beginning stages. In this post we will walk you through the what, the why, the when and the who of an audit work plan.
What is included in an audit program?
The audit plan should include things like internal auditors’ names, roles and responsibilities; what data will be reviewed; how long it will take; who needs access to information during the process; how much it will cost; assessing risks for mitigation before starting the audit. A good plan is one that enables the internal auditor to be efficient with resources, practical in their scope, and focused on what is important. Working with an experienced MSA team can help with all these steps.
The most successful audits are built upon a solid foundation of planning. The general strategy of an audit work plan is the first step towards an effective process which will deliver value for money and benefits, and which enables an organization to meet its objectives.
How do you prepare an audit plan?
The first step in preparing an audit work plan is to obtain an understanding of the proposed project. This includes, but is not limited to:
- The purpose and objective of the audit; In this step, the client needs to provide information about what they are trying to achieve, why, where and when. This will help the auditor understand the background of the audit.
- The business environment surrounding the project; The auditor needs to have a basic knowledge of the industry type, company size, company’s financial statements, operations and their clients’ competition so that they can properly assess risks.
- Scope of the project; This step gives the auditor insight into what parts of the audit will be included, and why. For example, it may be appropriate to exclude social media accounts if they are not related to internal financial reporting. The auditor will also determine whether any modifications need to be made to ISA/PCAOB standards or regulatory requirements based on the client needs.
- The timeframe in which to complete the project; This is important because it determines the resources required (i.e.: human, technological and financial), as well as how to prepare the team for the audit by establishing timelines for training, reviewing documentation, etc.
- A high-level budget; This includes both direct and indirect costs that will be incurred throughout the process by all parties involved (auditors, managers, supervisors, etc.)
- An exhaustive list of all resources that are necessary to perform the audit;
- A thorough review of existing plans, policies or procedures that are related or applicable to the subject matter being audited. These are required because they establish a foundation of knowledge and understanding of the business function and industry which will be fundamental in carrying out the project.
- The time commitment required from employees; This is also necessary information for managers to communicate with their staff members about how long they must dedicate to the project.
- Roles and responsibilities; it is important to determine who, on both sides of the relationship, is responsible for producing required documentation and information. It is also important to clearly define what each party needs to do in order to provide an efficient audit process.
- Who the plan is shared with; it’s necessary that all parties involved are aware of which documents or information they can access throughout the project lifecycle. For example, there may be legal or privacy restrictions that prevent access to certain information.
Establishing a firm foundation for the audit is critical to its success. With a plan in place, everyone involved can work together as a team and know what they need to do next.
This information is then used to construct a formal document that outlines the procedures that will be followed during the course of the audit. This document is should also include, at least:
- A list of all tasks required to complete the project;
- The timeframe for each task;
- The staff responsible for completing each task;
- How any problems or issues that arise will be handled.
Every audit work plan should also include contingency plans in the event that something needs to be addressed outside of the original scope of the audit. For example, if it is determined that additional time is required to complete a certain task, it would be appropriate to create a contingency plan that outlines procedures for how additional time will be allotted.
In essence, an audit work plan should describe the exact course of action that will take place during the course of conducting an audit. The best way to approach any project is with a clear end in sight and this is no exception.
What are the 7 steps in the audit process?
The 7 steps in the audit process are as follows:
1. Audit Planning
2. Fieldwork / Data Collection
3. Analysis and testing of evidence
4. Drafting the Audit Report
5. Supplementation and Clearance Procedures
6. Completion of Findings and Submission of the Audit Final Report to client
7. Closing letter
With the successful completion of the seven steps, an auditor will be able to turn in a completed audit.
What is the purpose of the Audit Work Plan?
The Auditors are required to submit their plan on how they wish to carry out their auditing procedures. The work plan should include possible alternatives that Auditors had considered for review and also help provide Auditors with a roadmap to follow in the completion of their tasks, all while keeping within the project’s scope.
When will an Audit Work Plan be created?
Preparation of work plans generally begin at least 6 months prior to the initiation of fieldwork for audits that are particularly resource intensive or complex in nature . However, most audit firms will initiate a work plan at the beginning of a new audit assignment. Often this happens on an annual basis.
Who should prepare the audit procedures?
The person who is assigned with the responsibility for managing the completion of the audit should have the authority to approve the Audit Work Plan as well as any changes that are made to it throughout its duration. In addition, this person is responsible for giving it appropriate attention and supplying any information requested by the Auditor(s) in order to allow them to complete their work.
What are the benefits of an Audit Work Plan?
The main benefit is that it helps ensure that the final product is delivered on time and within budget, which ultimately results in a more efficient process overall.
Also most organizations expect a detailed approach with the auditor able to provide reasons for the changes (i.e., variances) that are noted in their observations and calculations, whether it is positive or negative. This would require an Audit Plan that details all steps of the audit process; otherwise, it becomes difficult to justify any variances/changes noted at any step in the process.
What are the 5 stages of an audit?
Audit work plan stages include: planning, executing, observing, reporting, and closing.
- Planning is the highest-level step in an audit. This stage consists of defining the scope of your review, what you are looking for in the records you’re auditing. The end result of this phase is developing a list of questions you want answered.
- Executing is the second highest level in an audit. In this stage, you’re going to examine supporting documents and interview staff at your client’s location as well as any people involved with the records that you are auditing.
- Observing includes observing how transactions are processed internally at your client’s location from start to finish and observing the physical environment.
- Reporting is where you explain your observations and document any potential problems or issues that you encountered.
- Closing – The final step in an audit is closing work done on this project and making sure everything has been completed properly. This also involves filing the appropriate documentation for this audit as well as recording what’s been done and why. It is important to let the team know that this project has been completed, so they can begin work on their next stage of an audit.
The last word on an internal audit function and risk assessment
In conclusion, an audit work plan is a must when completing an audit to ensure that everything has been completed with effectiveness in mind. It is to provide a step-by-step method for auditors to follow in completing their tasks which helps avoid any risks, confusion or inaccuracies. Without a plan, it would be difficult to know what the next step is in the procedures and when certain tasks must be completed. By clearly outlining each step of an audit, as well as including necessary deadlines for each task, auditors can enjoy a smoother process overall. Equally, it clearly defines the people and resource needs, which can help minimize cost and time commitment. It also lets you use terms like sufficient appropriate evidence and continual and iterative process. 😉