How to Conduct Internal Audit Step by Step Process

Prabh Nair

23 Jan 202224:23

Summary

TLDRThis video provides an in-depth overview of the internal audit process, detailing the various stages from planning to reporting. It covers the importance of initial documents like the audit announcement and engagement letters, the pre-audit planning phase, fieldwork, and the preparation of reports. The audit process involves collaboration between auditors and management to address risks, document findings, and ensure corrective actions are taken. Follow-up is critical to verify that issues are resolved with proper evidence. Ultimately, the role of internal audit is to ensure the organization meets legal and regulatory requirements.

Takeaways

😀 Clear documentation is key in internal audits, starting with the Audit Announcement Letter to inform stakeholders of the audit's scope and timeline.
😀 The **Pre-Audit Planning Meeting** helps auditors understand the processes, risks, and gather necessary documentation before starting the audit.
😀 **Audit Plan Memorandum (APM)** is an internal document outlining the audit's scope, risks, and audit steps.
😀 The **Risk Control Matrix (RCM)** lists identified risks, associated controls, and the steps auditors will take to assess those controls.
😀 Fieldwork involves reviewing samples and conducting interviews to assess the effectiveness of internal controls, identifying any risks or issues.
😀 If any issues are found during the audit, auditors document the findings and recommend corrective actions, such as signing off on SOPs.
😀 **Draft Audit Reports** are prepared, shared with management for feedback, and finalized after revisions, including action plans with timelines for corrections.
😀 Internal auditors are responsible for conducting follow-ups on audit findings to ensure corrective actions are taken and that evidence is provided.
😀 The **Final Report** is submitted to the board of directors and relevant stakeholders after the audit is completed, summarizing the findings and actions taken.
😀 The internal audit process involves collaboration between auditors, management, and stakeholders to ensure compliance with legal and regulatory requirements.
😀 Internal auditors not only evaluate compliance but also provide recommendations for continuous improvement within the organization.

Q & A

What is the first document released in the internal audit process?
-The first document released is the **audit announcement letter**, which informs the relevant stakeholders about the upcoming audit.
What is the purpose of the kickoff meeting in the audit process?
-The **kickoff meeting** serves to discuss the audit’s scope, objectives, and key details such as the list of auditors and the audit dates, ensuring everyone is aligned on the process.
What does the engagement letter in the audit include?
-The **engagement letter** outlines the scope, purpose of the audit, the list of auditors, and the scheduled dates for the audit.
What is the Audit Planning Memorandum (APM) and why is it important?
-The **Audit Planning Memorandum (APM)** is an internal document that details the audit's scope, potential risks, processes, and the names of auditors. It is critical for guiding the audit team's approach.
What is the role of the Risk Control Matrix in the audit process?
-The **Risk Control Matrix** identifies potential risks and the controls in place to address them. It also outlines the audit steps to assess those risks and controls, guiding the audit's fieldwork.
What happens during the fieldwork stage of the audit?
-During **fieldwork**, the auditors conduct meetings, review relevant documents, assess risks and controls, and gather evidence to support their findings.
How does the audit team handle critical findings during the audit?
-When critical findings are discovered, the audit team notifies management immediately, ensuring that corrective actions are discussed and planned.
What happens after the audit draft report is prepared?
-After the **draft report** is prepared, it is shared with management for feedback. They provide an action plan to address any recommendations or findings, including timelines for closure.
What is the process after the audit's final report is released?
-After the final report is released, the internal audit team follows up to ensure the findings have been addressed properly, collecting evidence to confirm closure of the issues.
What role does the internal audit play in ensuring compliance?
-The internal audit ensures that the organization's processes comply with legal and regulatory requirements, making recommendations for improvements and monitoring the implementation of corrective actions.