E.7 Internal Audit Objectives and Planning—Project Level

  1. To uniformly document the audit planning process at the project level, an Internal Audit Objectives and Planning Section found in the internal audit TeamMate library will be completed before the examination stage begins. Practice Review and Internal Audit (PRIA) directors will be responsible for the timely completion of the Planning Section. In preparation, the director and assigned staff should review and understand the processes selected for review and the reasons (risks) this particular audit was included in PRIA’s Risk- Based Plan.

  2. The steps have been designed to document the following planning information:

    1. Reviewing annual plan risk assessments, prior audit working papers, prior audit scope and audit reports, and determining specific follow-up steps required, if applicable.

    2. Reviewing prior audit time spent to complete the audit versus findings and conclusions and determining the potential impact on the current audit, if applicable.

    3. Assessing current audit risk at the project level and identifying current audit concerns.

    4. Coordinating the audit with external auditors and determining the effect of their work on current audit scope, if applicable.

    5. Establishing specific audit objectives and criteria to conclude on the objectives. Summarize the audit objectives in writing to focus efforts toward meeting objectives and to later facilitate the evaluation of whether or not the audit accomplished the purpose intended.

    6. As a guide, audit objectives can be an evaluation of:

      1. reliability and integrity of information or recorded transactions;

      2. compliance with policies, directives, procedures, plans, laws, or regulations;

      3. safeguarding of assets;

      4. economic and efficient uses of resources; and

      5. accomplishment of established goals and objectives for programs or operations.

    7. Estimating the time and resources necessary to meet the audit objectives.

    8. Identifying staff or other support to fill the identified resource requirements appropriately matching competencies and ensuring objectivity.

    9. Developing the summary internal audit plan and presenting it to the Chief Audit Executive (CAE) for preliminary approval. The summary audit plan would include the objective, criteria, scope, timelines, and resources required.

    10. Communicating with management of the unit to be audited regarding the audit objectives and criteria, and obtaining their comments and agreement to facilitate positive audit results.

    11. Communicating with all who need to know about the audit. Generally speaking, the Internal Audit Plan Summary would be the tool used to communicate.

    12. Documenting the rationale for selecting audit entrance—and exit—level management to make sure that the management level selected has the authority to implement the agreed corrective actions.

    13. Developing and, if appropriate, revising the detailed audit program to reflect the results of communications with management about the location to be audited, or to reflect the results of the on‑site survey. The audit program will also identify document and information needs from the area under audit.

    14. Obtaining final approval from the CAE for the audit program and target completion date.

Last modified:
2018-03-06