Upcoming Dates & Locations
Developing the Annual Audit Plan - UK-OAG252
This course covers best practices in internal audit planning, so the function focuses on the right areas. Throughout the course, best practice will be shared alongside useful tools and techniques to help ensure the plan is demonstrably focusing on the right areas. Also, how to incorporate the organization’s key data into the plan to set the audit strategy of the future.
Who Should Attend
Internal audit managers and directors, audit committee members and external auditors.
- Fundamentals of Internal Auditing
What You’ll Learn
You will learn how to develop a business focused, objective-based audit plan that will zero in on business issues of key importance and maximize the value of expended audit resources.
1. Are you using questions of value and value add into the planning process:
- Linking the IA plan with a desire to add value in practical terms
- Improving your ability to articulate the value of an IA audit, as well as the cost of an audit, so that there is a better match between these
- This will include thinking through different Internal Audit products such as Investigation, Audit and Review so that the work done is proportionate
2. Who should be engaged and what are the best practice questions that should be asked?
- Which Senior Managers – does the order matter?
- How to handle the Audit Committee and thinking about other board members as well
- What to do with view from Middle management and IA staff
3. Leveraging other sources of intelligence
4. How to balance the multiple sources of information that could inform a plan in a way that can be explained and justified, whilst not simply following the latest fads. For example:
- Past IA reports
- Risk registers
- Other Compliance information
- Other sources (newspapers, best practice IA)
5. Best practice ways of linking the IA plan to key risk areas, whilst delivering core assurance areas:
- Developing/validating your audit universe
- Where should key risks on the risk register feature?
- How to handle core compliance needs in a way that might lead to greater ownership of these areas by other parts of the organization
6. Killer questions and follow up questions to help ensure that you don’t get too many ‘turkeys’ on the plan:
- Recognizing the hidden pitfalls in typical discussions about risks and areas to audit
- Developing a way of understanding the factors influencing stakeholder views of areas to audit and learning how to influence those factor
- Great follow-up questions to ensure you don’t simply audit areas where the reaction might be – in the end – “we already knew that”
7. Implications and action plans
8. How to address differences between Senior Management and the Audit Committee in relation to what they would like IA to do:
- Many heads note that their senior managers most like business oriented audits which identify efficiencies or cost savings or advisory work on key projects
- In contrast some Audit Committees are more concerned with core assurance areas – compliance and financial controls and favor advisory work less
- Learn practical ways to work through any of these difficulties constructively
9. How to effectively address the question “Do you have enough resource?” in a way that gets a constructive debate going, without being a too overt plea for resource
10. Clear and simple ways to present IA coverage in terms of:
- The depth and breadth of past work
- Key compliance and control areas in terms of key controls coverage and cycle times
- The depth of work planned in the current year
- The areas that are and are not being covered
11. Best practices around longer term planning horizons, the annual plan and ad hoc audit work:
- Is a longer-term plan advisable especially in the context of the many fast moving risks that arise nowadays?
- How much of the plan should be presented as fixed versus flexible?
- What are best practice ways of accommodating new requests without turning this into a time-consuming and bureaucratic process?
12. Ways to use the planning process as a way of deepening the relationship between the head of audit and senior stakeholders:
- Recognizing the unique opportunity that the annual planning process presents to understand the needs and concerns of key stakeholders
- Recognizing the spin off benefits that can arise from the planning process beyond the audit plan itself – for example, insights into the effectiveness of risk management and compliance
13. Application of all of the insights through small group work, to develop a tailored plan of action that will suit your organisation – without turning any improvements into an industry
14. Sharing priority plans
Why You Should Attend
You should attend because the annual audit plan drives the request for and allocation of internal audit resources, and is a key determinant of the department’s success.
MIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.