One of the first things in an audit is the development of the audit plan. Developing an audit plan can be a bit tricky. Though this post by no means is a comprehensive guide to developing an audit plan, I would try and list down the things internal audit departments should be doing to get thier audit plan ready. I have tried and included some common sense stuff on developing audit plans. So lets hit straight to the pointers.

1. Considering risk factors in audit plan development is one of the most important things. Audit plans need to be risk based. Rather than looking at frequency of audits, quarterly, six monthly or yearly, the overall audit plan should look at risk factors most pertinent to the business.

2. To achieve point number one listed above, the most important criteria is to have a continuous risk assessment process in place. One of the biggest advantages of a continuous risk assessment is that it ensures that priority is given to the high risk areas. Instead of trying to cover the entire audit universe, it makes sense to concentrate on the high risk areas.

3. In deciding the extent and scope of the audit plan, it is neccesary to keep materiality into perspective. Materiality would include looking at the relative size of the entity, the complexity of the entity as compared to other entities in the same business and other such stuff.

4 One final point, while assessing materiality internal auditors should look at materiality indicators from financial, operational and human resource perspective.

Related Posts

Web 2.0 Risk Management
Major Classes of Transactions
Sarbanes Oxley Yawn
Adverse Report on Internal Controls