Audit Cycle Synopsis
The following steps are followed in most audits conducted:
- Selection of Unit to be Audited Based on:
- Input from president, vice presidents, business officers and other University management level personnel.
- Level of Risk: Volume of activity, stability of management/staff, last time audited, public relations exposure, external regulatory requirements.
- Notification to Audit Client through Vice President – Allows for input into the audit process by the vice president or other appropriate intermediaries.
- Entrance Conference – Scope/objectives and purpose of audit are explained. Allows for audit client input into the audit process.
- Field Work – Auditor performs work. Findings/recommendations are shared with audit client as audit progresses.
- Work Paper Review – Director or audit manager reviews work papers and interacts with audit client and University management as audit progresses.
- Draft Report – Sent to audit client via email for review and discussion at the Exit Conference
- Exit Conference – Contents of draft report discussed and agreement reached on any necessary changes. Also provides an opportunity to discuss the format for the response.
- Audit Client’s Written Response – Via the draft report.
- Final Report – Email and hard copy sent to audit client with their response incorporated. Email copies sent to appropriate intermediaries.
- Follow-Up Memo – After two months, a follow-up memo may be sent to request update on any outstanding findings/recommendations.
- Follow-up Audit/Review – Within 12 months, the implemented recommendations may be reviewed for their effectiveness.