posted 29th June 2020
A good audit planning process should also act as a platform to showcase what audit can do and build closer relationships with key stakeholders, writes James C Paterson on the ACCA blog.
I have been running a course on audit planning for more than 10 years. Common planning steps that you can find include consulting managers and the audit committee, up-dating the audit universe and considering areas of concern for Internal Audit and/or a regulator. However, after that, different approaches to the audit plan start to emerge, from:
- Cross-checking against the key risk register” to “We can’t rely on the risk register”
- “Co-ordinating with other functions and external audit” to “We do our most of our plan independent of others”
- “Calculating priority based on number of years since the last audit” to “We have a blend of factors we use to calculate priorities, and we adjust these if we don’t think the plan is right”.
Then greater differences emerge when we discuss the frequency of changes to the plan, how you determine what items are in/out of any audit universe, and what the
weighting factors are for risk rankings.
Often participants recognise their planning process is a hotchpotch of historical steps, overlaid with specific priorities, where specific factors and weightings cannot be easily justified other than by explaining that: 1) They were used in the past and 2) They seem to give a reasonable result that stakeholders are happy with.
However, times are changing and problems with an audit plan are one of the key findings that arise when an audit team has an External Quality Assessment (EQA), especially when it comes to whether the plan formally recognises other sources of assurance. For this reason, it’s worth looking at your audit plan again with a critical eye.
You can read the rest of this article on the ACCA website here
