»Audit Process

On a yearly basis, the Director of Internal Audit will perform a risk assessment, which forms the basis for a strategic audit plan.  Upon completion of the risk assessment, the areas which have a higher risk are presented to the Audit Committee for the selection of the audits to be performed for the upcoming fiscal year.  Although every audit is unique, similarities can be found in each one.  The typical audit process consists of:

+-Engagement Letter

The Director of Internal Audit notifies the unit head in writing when his or her area is selected for an audit. This document, which is referred to as an engagement letter, indicates general objectives of the audit and the projected time frame of the audit.  A request for relevant information/item records that will facilitate the audit is included with the engagement letter as an attachment.

+-Entrance Conference

The entrance conference provides the opportunity for the Director of Internal Audit and unit head to discuss the scope and schedule of the audit.  Personnel deemed appropriate by the unit head are encouraged to attend and present any questions or concerns they have about the audit.

+-Preliminary Survey

During this portion of the audit, the Director of Internal Audit will gain an understanding of the unit's functions, procedures, objectives, size, etc.  Key personnel are interviewed; written policies and procedures, organizational charts, related forms and job descriptions are reviewed to enable the auditor to plan the audit tests to be performed and to become familiar with the unit's operations

+-Fieldwork

This phase of the audit includes testing the internal controls and performing other audit procedures necessary to accomplish the objectives of the audit.  Status meetings are conducted throughout this time period, and all potential audit observations and recommendations are discussed

+-Exit Conference

An exit conference is scheduled for the last day of fieldwork. The Director of Internal Audit presents the summary of observations and gathers cause statements from management.  Further, it is an opportunity to discuss the audit observations and clarify any ambiguities

+-Draft Report

It is the goal of the Director of Internal Audit to complete the audit and issue a draft audit report within 30 days after the completion of fieldwork.  The draft audit report is prepared from the summary of observations presented at the exit conference.  A written response to the draft report is required within 2 weeks of receiving the draft report.  Management’s responses must include the unit’s plan for corrective action, the name and title of the person responsible for implementing the corrective action and the date by which the action will be implemented

+-Final Report

When all of the draft audit issues are finalized and all the responses are received, a final report will be issued

+-Follow-Up

The unit head is expected to communicate in writing on the progress made in implementing corrective actions to the Director of Internal Audit within 90 days of the report issuance date. The Director of Internal Audit will review implemented corrective actions and clear audit observation(s)
  • Featured
  • News
  • Events
  • page loading
    TODAY TOMORROW

    »

    TODAY TOMORROW

    »

    TODAY TOMORROW

    »

    View all News »
  • page loading
    TODAY TOMORROW

    »

    TODAY TOMORROW

    »

    TODAY TOMORROW

    »

    View all Events »