I.5 Engagement Quality Assurance Checklist template
Internal Audit Engagement Checklist
Quality Assessment Review
Date:
Audit Name:
IIA Standard Reference |
Key Considerations |
Working Paper Reference |
Review Notes |
|
---|---|---|---|---|
Attribute Standards |
||||
1100, 1120, 1130 |
|
Independence and Individual Objectivity |
|
|
1 |
Have all internal audit engagement team members completed a PRIA independence declaration form prior to commencing work on the engagement? Was the independence declaration form reviewed by the Chief Audit Executive? |
|||
1200, 1210, 1220 |
|
Proficiency and Due Professional Care |
||
2 |
Is the subject of the internal audit engagement included in the most recent approved annual Practice Review and Internal Audit Risk-Based Plan Is there an estimate in the internal audit plan of the resources required to complete the internal audit engagement? |
|||
3 |
Does the internal audit team collectively possess the knowledge, skills, and other competencies needed for team members to perform their individual responsibilities? Does the internal audit team have sufficient knowledge to evaluate the risk of fraud, as well as key information technology risks? Were any specialists or consultants engaged to conduct the audit? Did the consultants complete a PRIA independence declaration? Did the consultants obtain appropriate security clearance to participate in the engagement? |
Assessed at conclusion of review. |
||
4 |
Did the audit team exercise due professional care by considering
|
Assessed at conclusion of review. |
||
1300, 1310, 1311, 1320 |
Quality Assurance and Improvement Program |
|||
5 |
Have post-engagement client surveys, lessons learned, self-assessments, and other mechanisms to support continuous improvement been completed?
|
|||
Performance Standards |
||||
2000, 2010, 2020, 2030 |
|
Managing the Internal Audit Activity (Planning, Communication and Approval, and Resource Management) |
|
|
2200, 2201 |
|
Engagement Planning |
||
6 |
Did the audit team develop and document a plan for the engagement, including the engagement’s objectives, scope, timing, and resource allocations? Does the plan include documented consideration of the organization’s strategies, objectives, and risks relevant to the engagement? |
|||
7 |
In planning the engagement, did the audit team consider the use of audit and data analysis techniques? |
|||
8 |
Does the audit engagement plan include documented consideration of
Does the plan include a discussion of the objectives, scope, responsibilities, and other expectations of the engagement client? |
|||
2210 |
|
Engagement Objectives |
||
9 |
Do the audit objectives include consideration of
|
|||
10 |
Does the plan include adequate audit criteria?
|
|||
2220 |
|
Engagement Scope |
||
11 |
Does the scope include consideration of relevant systems, records, personnel, and physical properties? |
|||
12 |
Does the file contain an internal audit engagement checklist? |
|||
2230 |
|
Engagement Resource Allocation |
||
13 |
Does the engagement plan include an assessment of appropriate and sufficient resources to achieve engagement objectives, based on an evaluation of the nature and complexity of the engagement, time constraints, and available resources?
|
|||
2240 |
|
Engagement Work Program |
||
14 |
Does the file include audit work programs that are in line with achieving the engagement objectives?
|
|||
15 |
Are the working papers arranged in a logical fashion? |
|||
16 |
Is the file indexed consistently and appropriately? |
|||
17 |
Are all working papers properly named, referenced, and dated (reviewed and prepared) to document that a review was conducted?
|
|||
2300 |
|
Performing the Engagement |
||
18 |
Was the work completed by the audit team sufficient to achieve the engagement’s objectives? |
|||
19 |
Does the file contain all information required in accordance with any internal audit group standard working paper index? |
|||
20 |
Does the file contain a copy of the audit plan and evidence that it was executed completely? |
|||
21 |
Does the file contain a copy of the completed engagement risk assessment and evidence that it was developed in collaboration with the client? |
|||
22 |
Does the file contain a copy of the final audit program, with approval by internal audit management? |
|||
23 |
Are key management interviews documented? |
|||
2310, 2330 |
|
Identifying and Documenting Information |
||
24 |
Did the audit team identify sufficient, reliable, relevant, and useful information to achieve the engagement’s objectives? |
|||
2320 |
|
Analysis and Evaluation |
||
25 |
Are the conclusion and audit engagement results based on appropriate analyses and evaluations? |
|||
2340 |
|
Engagement Supervision |
||
26 |
Was the audit engagement properly supervised to ensure that objectives were achieved, quality was assured, and staff competencies were s developed? |
|||
27 |
Has the validator/reviewer (internal audit engagement quality reviewer) prepared the quality assurance review and checked the reviewed working papers? |
|||
2400 |
|
Communicating Results |
||
28 |
Does the audit report include
Is the report accurate (free from errors and distortions), objective (fair, impartial, and unbiased), clear, concise, constructive, complete, and timely? |
|||
29 |
Does the draft copy of the audit report provide cross-references to the applicable audit observation worksheets? |
|||
30 |
Does the report clearly document the subsequent analysis of the results of carrying out the audit, as well as the development of observations and conclusions? |
|||
31 |
Are the closing meeting discussions with supervisory staff or management on the initial observations adequately documented? |
|||
32 |
Did the PRIA team document their disposition of the comments received on the draft report? |
|||
33 |
Was the report disseminated to the engagement clients? |
|||
34 |
Has the final report been signed, dated, and issued? |
|||
2500 |
|
Monitoring Progress |
||
35 |
Have the results of the audit been included in a follow-up process to monitor and ensure that management actions have been effectively implemented, or that senior management has accepted the risk of not taking action?
|
- Last modified:
- 2019-03-07