Thu, Mar 23, 2023
Driving Audit Success Through Project Management

Audit Testing Needs Project Management

For finance and audit professionals, project management is a core requirement for achieving effective results in audit testing, reducing risk and satisfying stakeholder expectations.

By implementing best practices and using tools born out of those best practices, companies can enhance their audit project management program and gain insights that reduce wasted resources and effort. Successful audit testing involves policies, procedures, integration, frameworks and fit-to-purpose tools.

Best Practices

Best practices in audit testing are inevitably related to project management. When it comes to project management auditing, there are generally five best practices to follow if companies want to achieve effective results:

Practice 1: Create Well Defined and Measurable Project Goals

  • Set clear and measurable project goals that support the audit objectives.

Practice 2: Clearly Establish Team Responsibilities and Workflows

  • Ensure seamless communication and buy-in from stakeholders.

Practice 3: Maintain Healthy Lines of Communication

  • Make open communication channels within the team and with stakeholders a default setting.

Practice 4: Plan for Setbacks and Course Corrections

  • Anticipate project challenges and plan accordingly to mitigate risk.

Practice 5: Implement Enabling Technology

  • Use technology, such as integrated audit project management software, to significantly reduce risk while increasing effectiveness.

Using these best practices can ensure that a project meets its objectives, reduces risk and satisfies stakeholder expectations.

Bonus Practice: Outside of project management, one leading best practice worth mentioning in audit testing is the use of agile internal audits. The benefits of an agile internal audit can improve stakeholder focus, accelerate audit cycles and generate timely insights that reduce wasted effort. Using agile methodologies, companies can determine the value expected to be delivered by an audit while prioritizing audits based on risk and readiness.

Best-Practice Tools

There are multiple tools that build upon best practices:

  • Audit Project Checklist: This checklist helps companies evaluate and follow project management standards, laws and regulations and provides steps to guide complex tasks.
  • Annual Internal Audit Plan Report: This report provides samples of core foundational audits that address key risk areas, processes and regulatory requirements.
  • Strategic Internal Audit Plan: This audit plan demonstrates methods to develop an internal audit plan for the year.

The Necessity of Policies

To provide internal consistency and structure, companies are wise to use auditing testing policies. Some examples of auditing testing policies include:

Audit Testing Procedures

Procedures, like policies, are part of any robust audit plan. Like policies, procedures put structure to audit testing. Unlike policies, procedures specifically focus on processes. Procedures help companies maintain a consistent application of methodologies when conducting audit operations. They ensure that an audit’s course, from start to finish, is appropriate. Two examples of audit testing procedures include the formalization of processes such as:

  • The documentation of inputs at the start of an audit project with the use of questionnaires
  • Using checklists to ensure that the audit testing project is staying on course

Questionnaires, such as the Audit Committee Risk Assessment Survey or the Internal Audit Risk Assessment, are methods to gain input required to design an appropriate audit cycle. A checklist, like the Audit Project Checklist, helps avoid blind spots and ensures that a project is on course.

Frameworks Within Checklists: Audit Testing

Provide internal auditors with the necessary resources and best practices to plan their audit projects. One of these resources is a comprehensive audit checklist that outlines key steps and considerations to remember when planning an audit. One such approach to internal audit planning is with the following checklist:

Initial Audit Planning

  • Understand the purpose of the audit project.
  • Determine how the process supports the organization's goals and objectives.
  • Identify the enterprise risk addressed by the audit.
  • Review past audit results and any significant changes since the previous audit.

Risk and Process Subject-Matter Expertise

  • Seek external expertise to evaluate the process design.
  • Leverage internal and external resources to identify relevant risks.
  • Build an audit program that tests for these risks.

COSO’S 2013 Internal Control – Integrated Framework

  • Use COSO’s framework to create a more comprehensive audit program.
  • Identify and test all components of a well-controlled process.

Initial Document Request List

  • Request relevant documentation on the process, organization and key reports.
  • Obtain access to key applications used in the process.
  • Analyze master data for the processes being audited to aid in making detailed sampling selections.

Preparing for a Planning Meeting with Business Stakeholders

  • Outline key process steps by a narrative, flowchart or both.
  • Validate draft narratives and flowcharts with subject-matter experts.
  • Create an initial pre-planning questionnaire to facilitate a pre-planning meeting with key audit customers.

Preparing the Audit Program

  • Confirm understanding of the process and risks within the process.
  • Create an audit program detailing process objectives, risks, controls and testing procedures.

Audit Program and Planning Review

  • Review and finalize audit programs before beginning fieldwork.
  • Ensure that multiple levels of review and buy-in for processes that have never been audited before.

Audit Testing Integration

Audit testing integration at a companywide level can be a challenging task. To better approach that task, companies can rely on best practices, tools and frameworks (like the COSO 2013 Internal Control — Integrated Framework).

Taken together, these methods for audit testing integration help refine a company’s internal control components, principles and points of focus for a more comprehensive approach to auditing. When implemented successfully, audit testing integration ensures that all parts of an audit’s scope are thoroughly tested and controlled, leading to more effective risk management and compliance.

Wrapping Up

Project management is a critical requirement for audit testing, and best practices are essential to achieving effective results. By following the best practices outlined above, companies can reduce risk, satisfy stakeholder expectations and make informed decisions to improve their project management processes.

Using agile internal audits, policies and procedures, frameworks, and checklists, like the Audit Project Checklist, can further enhance a company's internal audit program and ensure adherence to project management standards.

By incorporating these tools and best practices, companies can gain perspectives that reduce wasted resources and effort. Additionally, using these tools and best practices can see companies realize valuable organizational insights while maintaining compliance and can help executives and project managers make informed business decisions.

0 Comments