Audit Cycle Synopsis

The following steps are followed in most audits conducted:

  • Selection of Unit to be Audited Based on:
    • Input from president, vice presidents, business officers and other University management level personnel.
    • Level of Risk: Volume of activity, stability of management/staff, last time audited, public relations exposure, external regulatory requirements.
  • Notification to Audit Client through Vice President – Allows for input into the audit process by the vice president or other appropriate intermediaries.
  • Entrance Conference – Scope/objectives and purpose of audit are explained. Allows for audit client input into the audit process.
  • Field Work – Auditor performs work.  Findings/recommendations are shared with audit client as audit progresses.
  • Work Paper Review – Director or audit manager reviews work papers and interacts with audit client and University management as audit progresses.
  • Draft Report – Sent to audit client via email for review and discussion at the Exit Conference.
  • Exit Conference – Contents of draft report discussed and agreement reached on any necessary changes. Also provides an opportunity to discuss the format for the response.
  • Audit Client’s Written Response – Via the draft report.
  • Final Report – Email and hard copy sent to audit client with their response incorporated. Email copies sent to appropriate intermediaries.
  • Follow-Up Memo – After two months, a follow-up memo may be sent to request an update on any outstanding recommendations. 
  • Follow-up Audit/Review – Within 12 months, the implemented recommendations may be reviewed for their effectiveness.