Developing the Annual Audit Plan - UK-OAG252
Developing the Annual Audit Plan - UK-OAG252
This course covers best practices in internal audit planning, so the function focuses on the right areas. Throughout the course, best practice will be shared alongside useful tools and techniques to help ensure the plan is demonstrably focusing on the right areas. Also, how to incorporate the organization’s key data into the plan to set the audit strategy of the future.
Suitability - Who should attend?
Internal audit managers and directors, audit committee members and external auditors.
- Fundamentals of Internal Auditing
Outcome / Qualification etc.
Completion of this course is worth 16 CPE Credits
Training Course Content
You will learn how to develop a business focused, objective-based audit plan that will zero in on business issues of key importance and maximize the value of expended audit resources.
Are you using questions of value and value add into the planning process:
- Linking the IA plan with a desire to add value in practical terms
- Improving your ability to articulate the value of an IA audit, as well as the cost of an audit, so that there is a better match between these
- This will include thinking through different Internal Audit products such as Investigation, Audit and Review so that the work done is proportionate
Who should be engaged and what are the best practice questions that should be asked?
- Which Senior Managers – does the order matter?
- How to handle the Audit Committee and thinking about other board members as well
- What to do with view from Middle management and IA staff
Leveraging other sources of intelligence
How to balance the multiple sources of information that could inform a plan in a way that can be explained and justified, whilst not simply following the latest fads. For example:
- Past IA reports
- Risk registers
- Other Compliance information
- Other sources (newspapers, best practice IA)
Best practice ways of linking the IA plan to key risk areas, whilst delivering core assurance areas:
- Developing/validating your audit universe
- Where should key risks on the risk register feature?
- How to handle core compliance needs in a way that might lead to greater ownership of these areas by other parts of the organization
Killer questions and follow up questions to help ensure that you don’t get too many ‘turkeys’ on the plan:
- Recognizing the hidden pitfalls in typical discussions about risks and areas to audit
- Developing a way of understanding the factors influencing stakeholder views of areas to audit and learning how to influence those factor
- Great follow-up questions to ensure you don’t simply audit areas where the reaction might be – in the end – “we already knew that”
Implications and action plans
How to address differences between Senior Management and the Audit Committee in relation to what they would like IA to do:
- Many heads note that their senior managers most like business oriented audits which identify efficiencies or cost savings or advisory work on key projects
- In contrast some Audit Committees are more concerned with core assurance areas – compliance and financial controls and favor advisory work less
- Learn practical ways to work through any of these difficulties constructively
How to effectively address the question “Do you have enough resource?” in a way that gets a constructive debate going, without being a too overt plea for resource
Clear and simple ways to present IA coverage in terms of:
- The depth and breadth of past work
- Key compliance and control areas in terms of key controls coverage and cycle times
- The depth of work planned in the current year
- The areas that are and are not being covered
Best practices around longer term planning horizons, the annual plan and ad hoc audit work:
- Is a longer-term plan advisable especially in the context of the many fast moving risks that arise nowadays?
- How much of the plan should be presented as fixed versus flexible?
- What are best practice ways of accommodating new requests without turning this into a time-consuming and bureaucratic process?
Ways to use the planning process as a way of deepening the relationship between the head of audit and senior stakeholders:
- Recognizing the unique opportunity that the annual planning process presents to understand the needs and concerns of key stakeholders
- Recognizing the spin off benefits that can arise from the planning process beyond the audit plan itself – for example, insights into the effectiveness of risk management and compliance
Application of all of the insights through small group work, to develop a tailored plan of action that will suit your organisation – without turning any improvements into an industry
Sharing priority plans
Provider: ACI Learning
At ACI Learning, we train leaders in Cybersecurity, Audit, and Information Technology. Whether you're starting your IT career, mastering your profession, or developing your team, we're with you every step of the way. We believe that training is not a...
Request information - obligation free
Customer Outreach Award
We believe that it should be easy for you to find and compare training courses.
Our Customer Outreach Award is presented to trusted providers who are excellent at responding to enquiries, making your search quicker, more efficient and easier, too.