audit tasks under planning

Audit planning: Why is it important and what are the best practices for success?

Audit planning is the essential first step in the audit process, the foundation of a successful audit. Plan effectively, and your entire audit workflow will be made smoother and swifter. Get the process right, and your fieldwork, analytics, issue management and reporting will be more robust, comprehensive and accurate. Planning enables you to identify the key risks and controls your audit should cover, ensuring nothing is missed. The benefits cannot be underestimated. “Fail to plan and plan to fail” is a well-known maxim: but what should the audit planning process be? What does best practice look like? There are numerous factors to consider when planning an audit; here, we look at what they are, examine the benefits of the audit planning phase, and explore what audit planning software  should deliver to help.

What Is Audit Planning?

Internal audits and control are vital, but they can be costly and complex without the proper structure. Whether you are auditing for your internal control purposes or complying with external regulations like Sarbanes-Oxley , effective audit planning enables you to bring order to the process and focus on the right risks to drive strategic insight. Audit planning should be your first step when starting an audit. Done effectively, it will drive efficiency across your entire audit workflow; it should encompass the audit’s scope, nature, and timing. Planning your audit ensures that all areas of the process are covered and given appropriate attention. It can also help you identify any potential problems or obstacles with the auditing process, map out activity so that it is carried out in a timely way, and manage your audit workflow for maximum efficiency.

Why Is It Important?

Businesses today face numerous and evolving risks. Effective audit planning ensures that you measure the right risks — and as a result, derive the strategic insights you need to manage and mitigate the threats your business faces. In a world of ever-increasing governance, risk and compliance obligations, your audit process cannot be a tick-box exercise. It’s a real-world measurement of your ability to manage your business processes and policies and the controls you put in place to measure them. Your audit process needs to deliver value to your board and top executives; effective audit planning will allow you to achieve this.

Benefits of Audit Planning

Taking the necessary steps will:

• Identify priority areas to ensure you focus where it matters.
• Make audit workflows and processes more efficient.
• Help you to identify — and engage at an early stage — key process owners, and your “first line of defense” reduces costs by minimizing duplicate work.
• Identify where manual and repetitive internal controls work can be automated, increasing robustness and assurance.
• Enable you to pinpoint and capture the metrics you need to measure and manage enterprise risk across your organization.
• Drive optimum scheduling and project management.
• Audit planning helps you approach the audit process. You may be transitioning from paper-based, spreadsheet-led auditing processes to a more integrated, risk-driven approach. You may already use technology solutions to support your audits.

Whatever your approach, planning minimizes wasted time and duplication and brings crucial focus to the audit process.

What Is Best Practice in Audit Planning?

So you’ve identified audit planning as the holy grail for a successful audit. What happens next? — you may be wondering how to do it, what the essential steps are and whether you can draw on a best practice example to help you.

5 Best Practice Steps

• Assemble your team. Who needs to be involved in the audit planning phase? Ensure you include the right people — those with a comprehensive understanding of the audit and control process and the right skillsets and experience.
• Assess the risks you face. What is the scope of your audit? Your planning needs to capture all the areas that need to be audited to ensure a comprehensive approach. What are your high-priority risks, either because they’re particularly material or more frequently occurring? Review previous years’ audits and identify any new risks that have arisen since the last one.
• Decide on your audit approach. This will be determined by how you manage audits (using software or manual processes, or a combination of both), how you categorize the risks identified in step 2, and the resources at your disposal.
• Brief your audit team — ensure they are clear on their roles, your process, timescales and next steps.
• Create a risk-based audit plan for your entire audit universe, including an activity schedule, to ensure a smooth and comprehensive audit process.

Best Practice and Audit Planning Tools

Best practice audit planning will cover the steps above, giving you complete oversight of your risk landscape and the controls that your organization uses to manage its risks. Many businesses are turning to audit planning tools and audit management software to manage this planning process and the broader audit. Employing software can bring structure and rigor to the audit, including your audit planning process; good audit workflow software supports planning, scheduling and project management, and document management — capturing a library of past audits and templates that minimize rework and maximize consistency. The latest audit software can be used offline or via apps, enabling you to conduct planning and fieldwork on-site. Harness technology to send requests and reminders to members of the audit team, and speed reviews and sign-offs. From planning through to the entire audit, the innovation and technology characterized by Diligent’s audit solutions are making the modern audit process quicker, simpler and more reliable. You can keep up to date with all the latest innovations in audit planning, audit processes and audit technologies — as well as other governance, risk and compliance hot topics, in Diligent’s GRC Newsletter . You can sign up for the newsletter here .

Solutions Solutions

• Board Management
• Enterprise Risk Management
• Audit Management
• Market Intelligence

Resources Resources

• Research & Reports

Company Company

Your data matters.

• Audit Planning: Develop Your Audit Plan and Strategy

By Charles Hall | Auditing

• You are here:

This article teaches you how to develop your audit plan and strategy. Once you complete your risk assessment , it’s time to build these critical pieces of your audit engagement. 

Effectiveness and efficiently are both possible with a good audit plan. Below I explain how to do this. Additionally, we’ll also take a look at three common mistakes made in planning . See if you make any of these. 

To be in compliance with audit standards, we need to develop:

• Our audit strategy
• Our audit plan

Developing Your Audit Strategy

What’s in the audit strategy? AU-C 300, Planning an Audit, states that the audit strategy should include the following:

• The characteristics of the engagement (these define its scope)
• The reporting objectives (these affect the timing of the audit and the nature of the reports to be provided)
• The significant factors (these determine what the audit team will do)
• The results of preliminary engagement activities (these inform the auditor’s actions)
• Whether knowledge gained on other engagements is relevant (these potentially provide additional insight)

Think of the audit strategy as the big picture.

We are documenting:

• The scope (the boundaries of the work)
• The objectives (what the deliverables are) 
• The significant factors (e.g., is this a new or complex entity?)
• The risk assessment (what are the risk areas?)
• The planned resources (e.g., the engagement team) 

Much can be achieved with the right strategy—even walking on the moon.

Strategy for Walking on the Moon

When NASA planned to put a man on the moon, a strategy was created. It could have read as follows:

We will put a man on the moon. The significant factors of our mission include mathematical computations, gravitational pull, thrust, and mechanics. The risks include threats to our astronauts’ lives, so we need to provide sufficient food, air, sound communications, and a safe vessel. The deliverable will be the placement of one man on the moon and the safe return of our three astronauts. The engagement team will include three astronauts, launch personnel at Kennedy Space Center, and mission-control employees in Houston, Texas. 

A sound strategy led to Neil Armstrong’s historic walk on July 20, 1969.

Our audit strategy—in a more pedestrian pursuit—is a summary of objectives, resources, and risk. It’s the big picture. Our strategy leads to the successful issuance of our audit opinion (not quite as exciting as walking on the moon, but still important).

What’s in an Audit Strategy?

The audit strategy doesn’t have to be complicated or long, especially for smaller entities—it can be a short memo. What are we after? A summary of risks, needed resources, and objectives.

My firm uses an internally-developed strategy form—mainly, to ensure consistency. The form contains structure, such as references to risk assessment work and blank boxes in certain areas—such as partner directions—so it is flexible. As a result, the form has structure and flexibility.

Here are the main areas we cover:

• Deliverables and deadlines
• A time budget
• The audit team
• Key client contacts
• New accounting standards affecting the audit
• Problems encountered in the prior year 
• Anticipated challenges in the current year 
• Partner directions regarding key risk areas
• References to work papers addressing risk

Who Creates the Audit Strategy?

Who should create the strategy? The in-charge can create it with the assistance of the engagement partner ,  or the partner can do so. 

Audit Strategy as the Central Document

If you want to see one document that summarizes the entire audit, this is it. As you can see, the strategy is general in nature, but you also need a detailed plan to satisfy the demands of the strategy—this is the audit plan (commonly referred to as the audit program). NASA had a mission statement for Apollo 11, but—I’m sure—written guidelines directed the step-by-step execution of the project. 

Audit Plan (or Audit Program)

Now we create the detailed planning steps—the audit program. Think of the audit program as the final stage of audit planning. What have we done to get to this stage of the audit? 

• Performed risk assessment procedures
• Developed our audit strategy

Now it’s time to create the audit plan.

The audit plan is the linkage between planning and further audit procedures.

What are “further audit procedures”? They are the tactical steps to address risk including substantive procedures and test of controls . The audit program links back to the identified risks and points forward to the substantive procedures and test of controls. Substantive procedures include tests of details and substantive analytical procedures .

Creating the Audit Program

How—in a practical sense—do we create the audit programs? Most auditors tailor the prior year audit programs. That works—as long as we revise them to address the current year risks. Audit programs are not—at least, they should not be—static documents. Even so, the current year audit program can be the same as last year—as long as the risks are the same.

Sufficient Audit Steps

How do we know if we have adequate audit program steps? Look at your risks of material misstatement (RMM)—which, hopefully, are assessed at the assertion level (e.g., completeness). An auditor assesses the risk of material misstatement because it informs the audit plan—or the steps to be performed.  Audit steps should address all high and moderate RMMs. 

Integrating Risk Assessment with the Audit Program

How else can we integrate our documentation? Put the relevant assertions next to each audit step—this makes the connections between the RMMs (at the assertion level) and the audit steps clear.

AU-C 330 says the auditor is required to apply substantive procedures to all relevant assertions related to each material class of transactions, account balance, and disclosure. So, the audit program should reflect steps for all material areas.

Creating Efficiency in the Audit Plan

Once you complete your risk assessment work, you want to ask, “Which is the more efficient route? Testing controls or performing substantive procedures.” Then go with your instincts. 

Generally, I assess control risk at high . While we can’t default to a high control, we can—once the risk assessment work is complete—decide to assess control risk at high as an efficiency measure. Why? If we assess control risk at below high, we must test the controls as a basis for the lower risk assessment. The testing of controls can—sometimes—take longer than substantive procedures. 

For example, is it better to test the controls related to fixed asset additions or is it more efficient to vouch the invoices for significant additions? Usually, the vouching of the invoices will get you to your desired destination quicker than testing controls. Generally—at least in my opinion— this line of reasoning is less true for more complex organizations . Larger organizations process more transactions and tend to have better controls. So it can be better to test controls for larger entities.

There you have it—the creation of the audit strategy and the audit plan. Your strategy includes the risks, needed resources, and objectives. And your audit program contains the tactical steps to address risks. You are set to go. 

I find that auditors usually understand the above, but still make one of the following three audit planning mistakes. 

Three Mistakes in Audit Planning

Auditors make three common planning mistakes: (1) not tailoring audit programs and (2) allowing prior year work papers to drive the audit process, and (3) using a balance sheet audit approach. Let’s see how these happen.

1. Not Tailoring Audit Programs

Where do most audit programs come from? They are purchased from forms providers, usually international publishing companies. These purchased programs are useful, but they can become a crutch, leading to canned audit approaches that are not responsive to risks.  

If we use unrevised audit programs and if our audit approach is always the same, what good is risk assessment? Another way to say this is, If audit programs never change, why perform walkthroughs, preliminary analytics, and other risk assessment procedures?  

Canned audit programs are one reason auditors give lip-service to risk assessment. In the auditor’s mind, he may be thinking, I already know what I’m going to do, so why waste time with risk assessment? This cookie-cutter approach is dangerous, but quite common. And why is it dangerous? Because it can lead to an intentional blindness toward internal controls and significant risks. And deficiencies in risk assessment lead to deficiencies in audit procedures. The result: material misstatements are not identified and an unmodified audit opinion is rendered. In other words, audit failure occurs.

Audit programs can be tailored: steps can be added, changed, or deleted. These steps can be amended based on the risk of material misstatement. But some auditors don’t change their audit plan.  

And not tailoring audit programs can lead to several problems such as:

• Audit team members signing off on steps not performed  
• Team members typing Not Applicable (N/A) next to several audit steps  
• Auditors performing unnecessary procedures  
• Auditors not performing necessary procedures  

In addition to not tailoring audit programs, some auditors hit autopilot and use their prior year work papers as their current year plan.  

2. Prior Year Work Papers as the Audit Plan

Audit documentation should develop sequentially:

• Risk assessment
• Audit programs
• Audit work papers  

But poor auditors tend to follow the prior year work papers and complete the audit program as an afterthought . Worse yet, the risk assessment work is completed at the end of the engagement, if at all. The tail wags the dog. This same-as-last-year approach leads to incongruities in risks of material misstatement and the procedures performed. In effect, the prior year work papers become the current year audit program.  

Another common audit planning mistake is the use of a balance sheet audit approach.  

3. Balance Sheet Audit Approach

Many auditors use a fully substantive approach, meaning they don’t test controls for effectiveness. Moreover, some auditors test balance sheet accounts and little else . But this approach can lead to problems.

I have heard auditors say: If I audit all of the balance sheet accounts, then the only thing that can be wrong is the composition of revenues and expenses . But is this true?

The accounting equation says:

Totals assets = Total liabilities plus Total equity

Another way to say this is:

Total equity = Total assets minus Total liabilities

If we disregard stock purchases and sales, equity is usually the accumulation of retained earnings. And retained earnings comes from the earnings or losses on the income statement. In other words, retained earnings comes from revenues and expenses. So the net income or loss (revenues minus expenses) has to fit into the accounting equation (equity equals assets minus liabilities).

Therefore, if we audit all assets and liability accounts, doesn’t it make sense that the only thing that can be wrong is the composition of revenues and expenses ? Mathematically I see why someone might say this, but a flaw lurks in the construct .  

Audit Failure Example

I once saw an audit firm sued for several million dollars. The CPAs audited the company for several years, issuing an unqualified opinion each year, but a theft was occurring all along.

So what were the audit firm’s mistakes? They relied too heavily upon a balance sheet audit approach, and they did not gain an understanding of the company’s key internal controls.  

The auditors used substantive procedures such as:

• Testing bank reconciliations
• Sending receivable confirmations and vouching subsequent collections
• Computing annual depreciation and agreeing it to the general ledger
• Vouching additions to plant, property, and equipment
• Performing a search for unrecorded liabilities in payables
• Confirming debt

The balance sheet accounts reconciled to the general ledger, and no problems were noted in the audit of the balance sheet accounts. But millions were missing.  

So what flaw lies in a balance sheet audit approach? Millions can go missing while the balance sheet accounts reconcile to the general ledger. Consequently, auditing the balance sheet accounts alone may not detect theft. Therefore, gaining an understanding of the internal controls and developing appropriate responses is critical to identifying material misstatements, especially when fraud is possible.  

So as we plan our substantive procedures, we need to avoid the flawed balance sheet approach . Yes, substantive procedures for the balance sheet accounts are important, but fraud detection procedures are necessary when control weaknesses are present. A test of details is necessary when a significant risk (such as a fraud risk) is present.  

Develop an audit strategy and plan once you complete your risk assessments procedures. Then link the risks of material misstatement to your further audit procedures. Doing so will help ensure that your audit is successful. In other words, that no material misstatements are present when you issue an unmodified opinion. 

Moreover, don’t make these three audit planning mistakes: (1) not tailoring audit programs and (2) allowing prior year work papers to drive the audit process, and (3) using a balance sheet audit approach.

See my audit series  The Why and How of Auditing   to learn even more about the  full audit process, including how to audit transaction cycles such as cash, receivables, payables, and debt. 

About the Author

Charles Hall is a practicing CPA and Certified Fraud Examiner. For the last thirty-five years, he has primarily audited governments, nonprofits, and small businesses. He is the author of The Little Book of Local Government Fraud Prevention, The Why and How of Auditing, Audit Risk Assessment Made Easy, and Preparation of Financial Statements & Compilation Engagements. He frequently speaks at continuing education events. Charles consults with other CPA firms, assisting them with auditing and accounting issues.

[…] identify and consider the expectations of senior management, the board, and other stakeholders for internal audit opinions and other conclusions.The chief audit executive should consider accepting proposed […]

Glad you liked it, Victor.

[…] Develop a plan to address those risks (plan our work) […]

Many thanks for posting this. It’s timely.

Wesley, yes, for my subscribers. You should see a subscription box at the top or bottom of my posts. Or I can add you manually if you like.

Thanks for posting this. Do you send notifications via email when you post an article?

Session expired

Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our  privacy policy  to learn more.

• PROFESSIONAL LIABILITY SPOTLIGHT

The importance of audit planning

• Firm Practice Management
• Strategic Planning
• Audit & Assurance

What is the purpose of audit planning if the audit may not ultimately follow the carefully thought out plan? As may be inferred from Dwight D. Eisenhower's words—"Plans are worthless, but planning is everything"—the value of audit planning is not derived solely from the resulting audit plan. Often overlooked, the real benefit of audit planning is gained from the process itself. In painstakingly documenting endless client details, auditors achieve more than just compliance with professional standards—they also develop more efficient engagements and help reduce professional liability risk.

Consider the importance of planning in this claim scenario:

The senior on a CPA firm's largest audit engagement received a request from the client's CFO for a copy of "any communications the firm has sent relating to internal - control - related matters identified during the current - and prior - year audits and copies of internal control documentation completed by the firm." Operating under the assumption that the client was finally going to address its many pesky control deficiencies, the senior happily sent an email with the requested documents.

A short time later the firm received notification of a lawsuit from the client. The complaint asserted that the audit firm had failed to detect an embezzlement scheme perpetrated by the accounts payable clerk. It further indicated that the firm's failure to detect a breakdown in internal controls allowed for the payment of fictitious vendor invoices.

The firm's legal counsel hired an expert to review each year's engagement workpapers. One hopeful yet disturbing issue arose: The firm had informed the client of a significant deficiency in internal controls in its prior - year management letter. Had the deficiency been corrected, the embezzlement scheme likely would have been discovered. The disturbing point—the significant deficiency was not mentioned in current - year engagement planning documentation, neither in risk assessment nor in the design of planned audit procedures. It appeared as though the prior - year documentation had simply been copied to the current - year file with updated completion dates. No additional audit procedures addressed the issue, and the scheme continued for an additional six months beyond issuance of the current - year audit report.

As exemplified above, use of the "same as last year" (SALY) mentality can be a major pitfall in audit planning. SALY disregards the advantages of the planning thought process, focusing instead on getting the job done quickly. Many planning pitfalls, including relying too heavily on checklists or compartmentalizing each step of the audit, result from trying to save time in the present without consideration of the rest of the engagement. Conversely, an engagement that is effectively planned could eliminate over - or under - testing , lead to more relevant documentation, and help reduce the likelihood of audit failure or a potential professional liability claim, saving time in the long run.

AUDIT PLANNING STANDARDS AND RISK MANAGEMENT

Audit planning is not a simple process. It involves consideration of client industry and regulatory factors, client operations and administration, availability and assignment of firm resources, engagement timing, and much more. Fortunately, the hard work of proper planning may not only enable more efficient audit execution, but it also provides auditors with important risk management techniques. Complying with all applicable professional standards when delivering services helps reduce professional liability risk. Consider the professional liability lessons that can be gleaned from these particular sections of the AICPA Statements on Auditing Standards:

• Timing ( AU - C §§ 300.02 and 300.A2): Planning can easily be misconstrued as a discrete phase of an audit, taking place only when scheduled. Instead, it should be viewed as a continuous process that begins upon completion of the prior audit and ends with completion of the current engagement. The information learned during planning should be applied throughout the engagement to achieve appropriate conclusions. In our scenario, planning for the current engagement should have started with the control deficiency identified in the prior audit and addressed the issue throughout the audit process.
• Risk assessment ( AU - C §315): Gaining an understanding of the client and its environment presents an opportunity for the auditor to view the client's business and the engagement from a perspective other than the debits and credits underlying the financial statements. A holistic view of the various industry, regulatory, internal, and external factors may allow for linkages that might otherwise be lost in the minutiae of performing the engagement. Identifying areas of greatest risk early in an audit can allow for additional testing or analysis, reducing the likelihood of error that may result in a professional liability claim. As exemplified in the claim scenario, accounts affected by the internal control deficiency should have been deemed high - risk , and testing should have been tailored to address the concern.
• Team composition ( AU - C §300.05): Assignment of the engagement team and scheduling of resources may seem like simple logistical issues. Nevertheless, the level of experience on the team, use of experts, and scheduling of who will review and when are all variables that can significantly alter the engagement approach and affect its success. Assigning complex or difficult areas of an audit to the appropriate level of expertise, depth of experience, or extent of review is an important step in reducing the likelihood of an error.

Further, the resources should not be limited solely to the engagement team. Colleagues, peers, professional associations, technical standards, prior - year audits, and other engagements can all provide valuable insight. Utilizing all resources available to the engagement team may develop a more informed audit approach. For example, in the scenario above, the current - year testing of accounts affected by the significant deficiency could have been assigned to a more experienced team member or subjected to additional review.

ADDITIONAL PLANNING CONSIDERATIONS

In addition to the professional liability risk management considerations that can be gleaned from the professional standards, two additional suggestions should be kept in mind.

• Invest the time: Proper planning is an investment in time that is intended to pay dividends in later phases of the engagement. Identifying a potential issue or complex audit area at the start of the planning process could save time later in the audit. That additional effort, while it may seem difficult in the moment, could save time as deadlines approach. Errors are more likely to occur when timing is compressed, causing work to be rushed. If planning can alleviate even a portion of the demand for time during the busiest periods of the year, exponential gains in efficiency and reduction of professional liability risk can be realized.
• Be flexible: Planning is a guide for work to be performed, not a step - by - step instruction manual. Flexibility creates a positive tone that can be established in planning and carried through to issuance. The audit plan and strategy developed at the start of the engagement should be updated and adjusted based upon information gathered throughout the engagement. Maintain a focus on achieving the correct end result, rather than simply finishing the audit. Flexibility also allows the audit plan to be quickly modified when unexpected risks arise, thus reducing professional liability exposure that would exist if adjustments were not made.

Daniel Gartland is a risk control consultant at CNA.

Continental Casualty Co., one of the CNA insurance companies, is the underwriter of the AICPA Professional Liability Insurance Program. Aon Insurance Services, the National Program Administrator for the AICPA Professional Liability Program, is available at 800-221-3023 or visit cpai.com .

This article provides information, rather than advice or opinion. It is accurate to the best of the author's knowledge as of the article date. This article should not be viewed as a substitute for recommendations of a retained professional. Such consultation is recommended in applying this material in any particular factual situations.

Examples are for illustrative purposes only and not intended to establish any standards of care, serve as legal advice, or acknowledge any given factual situation is covered under any CNA insurance policy. The relevant insurance policy provides actual terms, coverages, amounts, conditions, and exclusions for an insured. All products and services may not be available in all states and may be subject to change without notice.

Where to find May’s flipbook issue

The Journal of Accountancy is now completely digital. 

SPONSORED REPORT

Manage the talent, hand off the HR headaches

Recruiting. Onboarding. Payroll administration. Compliance. Benefits management. These are just a few of the HR functions accounting firms must provide to stay competitive in the talent game.

FEATURED ARTICLE

2023 tax software survey

CPAs assess how their return preparation products performed.

• Chazey Partners
• Global Offices
• Leadership Team
• Culture & Values
• Quality & Data Protection
• Outsourcing For Good
• Flexible Working at QX
• Our Commercial Partners

Accounting Services

• Year end accounts outsourcing
• Bookkeeping outsourcing
• Payroll outsourcing
• Management accounts outsourcing
• Company startup secretarial outsourcing
• iXBRL tagging outsourcing

Audit Services

• Audit Support Service

Tax Outsourcing Support

• Corporation tax outsourcing
• Personal tax outsourcing
• VAT outsourcing
• Making Tax Digital

Business Tax Support Services

• Capital Allowance Support
• R&D Tax Credits

Advisory and Consulting Services

• Merger & Acquisition
• Pre-Merger Due-Dilligence
• Onshore Resourcing
• Practice transformation
• Liquidation Support Services

Specialties

• Dental Accounting
• Pub Accounting
• Restaurant accounting
• Solicitor accounting
• Contractor Accounting
• Umbrella companies
• Managed Services
• Practice Pro
• Nearshore/Onshore Services
• Accounting & Bookkeeping Outsourcing
• Payroll Outsourcing
• Free Trial Offer

How we Work

• QXAS Tracker App
• QXAS Client Portal

Media & Publications

• Guides, E-books & Brochures
• Case Studies
• Customer Testimonials

Content Hub

• Payroll Content Hub
• Tax Content Hub
• MTD Content hub

Trends & Reports

• Hybrid Work Models Survey 2022

Topics: Audit, audit planning, Audit Support, Auditing, Outsourcing

Mastering Audit Planning: A Beginner’s Guide to Ensure Audit Success

4 MIN READ | Posted on April 18, 2024 Written By Pooja Kshirsagar

So, you’ve decided to step into the world of auditing? Welcome aboard!

Auditing may sound like a maze of complexities, but with the right approach, you can navigate it like a pro. One of the key elements of an audit is planning. Once you master audit planning, half of your job is already done.

This guide is tailored for accounting firm owners who are new to audits. It will help you understand audit planning , why it matters, and how to master it effectively.

What is Audit Planning?

First things first, let’s demystify audit planning. Simply put, audit planning is like creating a roadmap before embarking on a journey. It involves outlining the scope, objectives, and procedures of the audit to ensure a smooth and effective process. Think of it as setting the stage for a successful audit performance.

Why is Audit Planning Important?

You might wonder, “Why bother with all this planning stuff?” Well, here are a few compelling reasons why audit planning is crucial:

• Clarity of Purpose: By defining the audit’s scope and objectives upfront, you gain clarity on what you’re looking to achieve through the audit.
• Efficient Resource Allocation: Planning helps efficiently allocate resources such as time, personnel, and technology, maximising productivity.
• Risk Identification: It allows you to identify potential risks and challenges early on, enabling proactive risk management strategies.
• Quality Assurance: Proper planning ensures the audit complies with standards and regulations, enhancing the overall quality of the external audit process.
• Client Communication: Transparent planning fosters better communication with clients, setting clear expectations and building trust.

Tips to Master Audit Planning

Now that we understand the significance of audit planning, let’s dive into some actionable tips to master it:

• Understand the Client’s Business: Before diving into audit planning, take the time to understand your client’s business operations, industry nuances, and regulatory environment. This knowledge forms the foundation of effective audit planning.
• Define Audit Objectives: Clearly define the audit objectives, focusing on areas of financial significance, potential risks, and regulatory compliance. Align these objectives with the client’s goals and expectations.
• Scope Definition: Outline the scope of the audit, including the specific areas, processes, and timeframes to be covered. Ensure the scope is comprehensive yet manageable within the audit timeline.
• Risk Assessment: Conduct a thorough risk assessment to identify and prioritise audit risks. Consider both inherent risks related to the industry and specific risks associated with the client’s operations.
• Audit Plan Documentation: Document the audit plan detailing the audit approach, procedures, timelines, responsibilities, and reporting requirements. Use clear and concise language to facilitate understanding and implementation.
• Resource Allocation: Allocate audit resources, including personnel with relevant skills and expertise, audit tools, and technology infrastructure. Ensure adequate training and support for audit team members or employ experienced senior auditors through outsourcing.

HIRE AUDIT EXPERTS

• Communication Strategy: Develop a communication strategy to keep stakeholders informed throughout the audit process. Schedule regular meetings, provide progress updates, and address any concerns promptly.
• Quality Control Measures: Implement quality control measures to maintain audit integrity and compliance with auditing standards. Review audit documentation, procedures, and findings to ensure accuracy and reliability.
• Flexibility and Adaptability: Remain flexible and adaptable to unforeseen changes or challenges during the audit. Adjust the audit plan as needed while maintaining focus on audit objectives and quality.
• Post-Audit Review: Conduct a post-audit review to evaluate the effectiveness of the audit plan, identify lessons learned, and make improvements for future audits.

But How Do I Manage Capacity?

If you have recently added audits to your service offerings, we understand that you may not have a full-fledged team in place. How can you manage the time and capacity for audit planning in such a case?

Audit support services can be key to creating the much-needed capacity within your firm, so your team can focus on core tasks. Outsourcing audit support to an external provider gives you access to a global talent pool of highly experienced and qualified auditors well-versed in the latest regulations.

If you are just starting out with audits, expertise is crucial to ensuring quality and timeliness. With the FRC introducing strict regulations concerning audit quality, it’s important to have experienced resources within your team who can manage audits end-to-end efficiently.

Which Aspects of Auditing Can be Outsourced?

Outsourcing audit support encompasses end-to-end audits. You can also outsource parts of the audit process, such as planning, reporting, and risk assessment. Some of the commonly outsourced components of auditing include:

• Assistance in Engagement Planning and Risk Assessments
• Audit Testing and Evidence Gathering through Test of Details and Analytical Procedures
• End to End Processing of Statutory Audits compliant with UK GAAP and ISA’s
• Specific Agreed Upon Procedures
• Review of Audit Files
• Onshore Audit Support – both short-term and long-term

Wrapping Up

Mastering audit planning is a journey that requires attention to detail, strategic thinking, and effective communication. By following these tips and embracing a proactive approach to audit planning, you can enhance the quality of your audits, build client trust, and achieve successful audit outcomes.

Remember, the key to mastering anything new is practice, so dive in, learn, and refine your audit planning skills along the way.

Need a helping hand to streamline your audits? We can help! Call us at +44 208 146 0808 or write to us at [email protected] .

Happy auditing!

Book a Free Consultation

We hope you enjoyed reading this blog. If you want our team to help you resolve talent gaps, reduce costs and transform your business operations, just book a call.

Pooja Kshirsagar

With a rich experience of curating content for various industries, Pooja believes in the power of words in marketing and building brands. She enjoys experimenting with different forms of content and is currently on a mission to add value to the accounting industry through her detailed and researched write-ups.

Originally published Apr 18, 2024 02:04:31, updated Apr 18 2024

Don't forget to share this post!

Most popular.

QX Recognised “Leader” by IAOP, Achieves “Sustained Excellence” distinction and “All Star” award

Leading Women in Payroll: In Conversation with Lou Gray

QB Connect 2020 : 11 Experts Reveal How to Own the Future in Accounting

Pay-Roll, Camera, Action: Setting the Stage for Payroll 2021

An Accountant’s Master Guide to Payroll 2021

Get a Free Strategy to  Transform Your Business Operations

Resolve the talent gaps, reduce costs, and improve your margins

Related Topics

Outsourcing Audit and Assurance Services...

16 May 2024

Isn’t assurance an important part of our life? The security that comes with being ensured of help ...

Can Payroll Be Profitable Amid the Capac...

10 May 2024

When was the last time you earned substantial profits on payroll? For us accountants, it’s always ...

Balancing Books, Balancing Life: A Guide...

03 May 2024

Isn’t the first quarter of the financial year always a busy time for us accountants? It’s a ...

How to Move Your Audit Practice from Goo...

25 Apr 2024

Do you run a growing audit practice in the UK? If so, you must be aware of the challenges and opport...

Subscribe  to our blog

Get the latest posts in email.

We’re committed to your privacy. QX uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our  privacy policy .

Get the monthly QXAS newsletter with curated content just for you

Privacy Overview

10 hours free trial.

• Policy and research
• Career Pathway
• Training and events
• Audit & Risk
• Communities
• Technical blog
• Technical skills
• Interpersonal skills
• How to audit
• Internal audit leadership
• Risk management
• Control and regulatory compliance
• Sector-specific standards and guidance
• Global insights
• Ask the resources team
• Global Internal Audit Standards 2024

• You are in:
• Technical guidance
• Delivering internal audit
• How to plan an audit engagement

This page is for members and subscribers only

IIA Membership login is currently disabled.

In the meantime, if you urgently need access to a piece of guidance, please contact  [email protected]  and we'll email you a copy.

If you have any membership queries, please call  020 7498 0101

Sorry for the inconvenience and thank you for your patience.

Please log in

If you're a member of the Chartered IIA, or a subscriber to our Audit Committee Service, please enter your username and password at the top of the page to access your exclusive content. 

Forgotten your username or password?

If you have any problems logging in, please contact us on 020 7498 0101.

Not a member? Why not join us?

When you become a member of the Chartered IIA you'll receive support and guidance on every aspect of internal auditing. You'll get access to all of our technical guidance, exclusive features, news and webinars, plus a host of other membership benefits.

Find out more about membership

• What is internal audit?
• Join the Chartered IIA
• Audit & Risk Magazine
• Jobs in internal audit
• Regional network
• Terms and conditions
• Privacy policy

Audit Planning: Meaning, Process, Activities

The audit plan determines the audit’s scope, how the auditor checks the client’s accounting system and internal control system, determines the program or type of audit, and sets the audit procedures to carry out the entire audit.

What is Audit Planning?

An audit plan is a detailed strategy that sets the nature, timing, scope, and boundaries for the auditor to carry out the entire audit procedure.

An audit plan contains the nature, timing, and extent of audit procedures (including risk assessment procedures) to be performed by engagement team members to obtain sufficient appropriate audit evidence.

Meaning of Audit Planning

Planning the audit includes establishing the overall audit strategy for the engagement and developing an audit plan, which includes, in particular, planned risk assessment procedures and responses to material misstatement risks.

Planning is not a discrete phase of an audit but a continual and iterative process that might begin shortly after (or in connection with) the completion of the previous audit. It continues until the completion of the current audit.

A good plan and actual control of the work as per the plan will prove to be valuable evidence that the audit has been carried out according to generally accepted auditing practices if the plan and controls exercised are adequately documented.

Audit control seeks to ensure that the work is carried out as intended.

The auditor exercises control over the quality of the audit by effectively supervising the work of his assistants, coordinating work performed by others, and adequately documenting the audit matters.

The auditor should develop and document an audit plan that includes a description of:

• The planned nature, timing, and extent of the risk assessment procedures;
• The planned nature, timing, and extent of tests of controls and substantive procedures; and
• Other planned audit procedures must be performed so that the engagement complies with PCAOB standards.

Role and Timing of Planning

Adequate planning benefits the audit of financial statements in several ways, including the following:

• Helping the auditor to devote appropriate attention to important areas of the audit.
• Helping the auditor identify and resolve potential problems on a timely basis.
• Helping the auditor o rganize and manage the audit engagement is performed effectively and efficiently.
• Assisting in selecting engagement team members with appropriate levels of capabilities and competence to respond to anticipated risks and the proper assignment of work to them.
• Facilitating the direction and supervision of engagement team members and the review of their work.
• Where applicable, assist in coordinating work done by auditors of components and experts.

Audit procedures should be discussed with the client’s management, staff, and audit committee to coordinate audit work, including internal audits .

However, all audit procedures remain the responsibility of the external auditors.

Planning the Audit

Audit planning involves the development of an overall strategy or game plan for the expected conduct and scope of the audit —matters such as the integrity of management, errors and irregularities, and illegal acts. The auditor should plan the audit with professional skepticism about such.

The amount of planning required in engagement will vary with the size and complexity of the client and the auditor’s knowledge of and experience with the client.

As expected, considerably more effort is needed to adequately plan an initial audit than a recurring audit.

Preliminary Engagement Activities

The auditor should perform the following activities at the beginning of the audit:

• Perform procedures regarding the continuance of the client relationship and the specific audit engagement,
• Determine compliance with independence and ethics requirements, and
• Establish an understanding of the terms of the audit engagement with the audit committee.

Planning Activities

The nature and extent of planning activities depend on the company’s size and complexity, the auditor’s previous experience with the company, and changes in circumstances that occur during the audit.

When developing the audit strategy and audit plan, the auditor should evaluate whether the following matters are important to the company’s financial statements and internal control over financial reporting and, if so, how they will affect the auditor’s procedures:

• Knowledge of the company’s internal control over financial reporting obtained during other engagements performed by the auditor;
• Matters affecting the industry in which the company operates, such as financial reporting practices, economic conditions, laws and regulations, and technological changes;
• Matters relating to the company’s business, including its organization, operating characteristics, and capital structure;
• The extent of recent changes, if any, in the company, its operations, or its internal control over financial reporting;
• The auditor’s preliminary judgments about materiality, risk, and, in integrated audits, other factors relating to the determination of material weaknesses;
• Control deficiencies previously communicated to the audit committee or management;
• Legal or regulatory matters of which the company is aware;
• The type and extent of available evidence related to the effectiveness of the company’s internal control over financial reporting;
• Preliminary judgments about the effectiveness of internal control over financial reporting;
• Public information about the company relevant to the evaluation of the likelihood of material financial statement misstatements and the effectiveness of the company’s internal control over financial reporting;
• Knowledge about risks related to the company is evaluated as part of the auditor’s client acceptance and retention evaluation; and
• The relative complexity of the company’s operations.

Three Resources to Optimize Your Audit Plan

February 5, 2020

Well-executed audit planning sets the tone for an audit — an audit is more likely to be effective for all parties involved if time is taken to plan it correctly. Uplevel your next audit with a downloadable audit planning checklist, critical risk areas to consider including in your audit plan, and top metrics to track in your audits.

Audit planning is an essential — but sometimes overlooked — part of the audit process where internal audit’s preparation can put an audit project on a track toward success. The work of effective audit planning can not only lead to more efficient execution, but also to smoother interactions with key stakeholders, the ability to track meaningful Key Performance Metrics throughout an engagement, and more effective risk management techniques. 

We’ve collected three top audit planning resources from our Audit Management Playbook to help you optimize your next audit plan — and you can download the full Audit Management Playbook below to learn everything you need to manage your audit program . 

Planning an Audit from Scratch

Sometimes, audit teams have neither the knowledge nor the subject matter expertise needed to provide assurance for areas that have never been audited before . Unfortunately, these areas often include processes that support an organization’s strategy and key objectives. In such scenarios, auditors may initially approach the project by Googling “how to audit XYZ” or “XYZ audit program,” but the resulting project scope often amounts to testing several controls, highlighting exceptions in the audit report, then moving on to the next audit. Recommendations might consist of “Internal Audit recommends following the policy and procedure…” but will rarely provide any actionable insight to create positive change.

This approach not only fails the audit customer, but also harms internal audit’s performance and reputation. 

Auditors who create and document custom audit programs from scratch, versus relying on checklists or template audit programs found on Google, are better equipped to perform audits over areas that are not routinely audited. And, when internal audit can spend more of its time and resources aligned with the organization’s strategy and key objectives, the benefits can — and do — multiply.

Download the Planning an Audit From Scratch Checklist to get started auditing new and important areas of the business. 

5 Critical Risk Areas to Include in Your Audit Plan

A well-rounded audit plan will not only meet Sarbanes-Oxley (SOX) or other compliance requirements, but will also reflect an enterprise-wide scope and coverage of risks . Internal audit has a key role to play in identifying areas that need attention and safeguarding strategic assets by mitigating potential future risks. The more comprehensive coverage an audit plan can provide across different categories, the more internal audit will position themselves as a partner adding value to the organization. 

Download our 5 Critical Risk Areas to Include in Your Audit Plan with important risk areas and recommended audit projects for each category.

Track Key Metrics in Your Audits and Audit Plan

As internal audit faces perennial pressure to cut costs, it is ever important for the department to prove its value as a contributor to business goals . Performance metrics communicate the effectiveness of internal audit activities and their alignment with organizational objectives. 

What sets good metrics apart from the rest?

Key performance indicators (KPIs) are quantifiable measurements that demonstrate the effectiveness of an individual, department, or organization in achieving key goals. Clearly defining goals and tracking meaningful KPIs provide valuable evidence demonstrating that internal audit’s activities support the organization’s strategic objectives.

Learn which metrics you should track as you plan, perform, and report on your next audit project with the checklist of Top Metrics to Track in Your Audits.

Looking for more resources to take your internal audit team to the next level in 2020?  Download the full Audit Management Playbook below  and get more best practices, checklists, and tools for each stage of the audit lifecycle — planning, fieldwork, reporting, issue management , and scaling audit practices.

Fill out the form below to get your free guide.

Related Articles

DataSnipper Reaches $1B Valuation with $100M Funding

From planning to reporting: exploring the phases of the audit process.

The audit process is a crucial component of any business. It provides assurance that financial statements are accurate and reliable, helping to build trust among stakeholders. In this article, we will take an in-depth look at the different phases of the audit process, from planning to reporting, and explore the key tasks involved in each phase.

Understanding the Audit Process

Before delving into the specific phases of the audit process , it's essential to understand the overall concept of auditing. Auditing is a systematic examination of an organization's financial statements and records, conducted by independent professionals known as auditors. This process involves assessing the fairness and accuracy of financial information, identifying any potential fraud or errors, and ensuring compliance with applicable laws and regulations.

Auditing serves as a critical function in business, providing credibility to financial information and enhancing the accountability of corporate entities. It involves a comprehensive review of financial records, internal controls, and management practices, with the aim of providing an opinion on the accuracy of financial reporting. The audit process follows a systematic approach and is governed by a set of generally accepted auditing standards (GAAS), ensuring consistency and reliability.

When conducting an audit, auditors perform several key procedures to gain a thorough understanding of the organization's financial health. These procedures include analyzing financial statements, testing internal controls, sampling transactions, and verifying the existence and valuation of assets and liabilities. By conducting these procedures, auditors are able to assess the organization's financial position and provide an independent opinion on the fairness of the financial statements.

Importance of Auditing in Business

Auditing plays a vital role in business by providing numerous benefits. Firstly, it enhances the confidence of external stakeholders, such as investors, creditors, and regulators, by providing an independent assessment of financial statements. This, in turn, facilitates investment decisions and promotes market efficiency.

Furthermore, audits help in identifying areas of improvement, enabling organizations to address weaknesses in their financial reporting processes and internal controls. By highlighting areas for improvement, audits contribute to the overall efficiency and effectiveness of an organization's operations.

Audits also serve as a deterrent to fraud and misconduct. The presence of auditors reviewing financial records and internal controls acts as a strong deterrent to fraudulent activities, promoting ethical behavior and protecting the interests of shareholders.

In addition to these benefits, audits also provide valuable feedback to management. Through the audit process, management receives insights into the organization's financial health, internal controls, and compliance with laws and regulations. This feedback helps management make informed decisions and improve the overall governance and risk management of the organization.

The Initial Phase: Audit Planning

The audit process begins with detailed planning. During this phase, auditors gather relevant information, set objectives, and develop an audit strategy to guide their work. It involves a careful assessment of the organization's operations, risks, and controls, ensuring that the audit is conducted efficiently and effectively.

Identifying the Scope of Audit

One of the key tasks in audit planning is to determine the scope of the audit. This involves identifying the specific areas to be audited, such as financial statements, internal controls, or compliance with laws and regulations. The scope is typically based on the auditor's understanding of the organization, its industry, and specific risks and issues that need to be addressed.

Risk Assessment in Audit Planning

Risk assessment is a critical component of audit planning. It involves identifying and evaluating the risks that may impact the organization's financial statements. Auditors use various techniques, such as interviews, inquiries, and analytical procedures, to gain an understanding of the entity's risk profile. This information helps them to plan the audit procedures and allocate resources effectively.

Developing an Audit Strategy

Based on the scope and risk assessment, auditors develop an audit strategy tailored to the organization's specific needs. The strategy outlines the approach to be taken, the audit procedures to be performed, and the resources required. It serves as a roadmap for the audit, ensuring that the work is conducted in a systematic and efficient manner.

The Execution Phase: Conducting the Audit

Once the planning phase is complete, auditors move on to the execution phase, where they gather evidence, test internal controls, and perform substantive procedures to validate the accuracy of the financial statements.

• Check out DataSnipper's Financial Statement Suite for next-gen "tick and tie".

Gathering and Analyzing EvidenceN

The gathering and analysis of evidence are crucial steps in the audit process. Auditors use various techniques, such as examination of documents, observation, and confirmation with third parties, to obtain the necessary evidence to support their conclusions. The evidence is then analyzed to determine whether the financial statements are free from material misstatements.

Testing Internal Controls

A significant aspect of the audit process is testing the effectiveness of internal controls. Internal controls are the policies and procedures established by management to ensure the reliability of financial reporting. Auditors evaluate the design and implementation of these controls to determine their effectiveness in preventing or detecting errors or fraud. This analysis helps auditors assess the level of risk associated with the financial statements and guides the selection of appropriate audit procedures.

• Use DataSnipper to assist in documenting Test of Controls related to the purchases cycle by creating cross references between evidence and your testing workbook.

Audit Sampling Techniques

Due to the volume of transactions and the limited resources available, auditors often use sampling techniques to gather evidence. Sampling involves selecting a representative portion of the population for examination. Various sampling methods, such as statistical sampling or judgmental sampling, can be employed depending on the circumstances. Auditors carefully design their sampling plans to ensure that they obtain reliable and meaningful results.

The Final Phase: Audit Reporting

The last phase of the audit process involves finalizing the audit report and communicating the findings to the organization's management and stakeholders.

Preparing the Audit Report

The audit report is perhaps the most critical deliverable of the audit process. It provides an independent opinion on the fairness and accuracy of the financial statements. The report typically includes an introductory paragraph, a description of the scope and objectives of the audit, a summary of findings, and the auditor's opinion. The format and content of the report are governed by auditing standards and must adhere to certain reporting requirements.

Communicating Audit Findings

Once the audit report is finalized, auditors communicate their findings to the organization's management and relevant stakeholders. The communication may include a discussion of significant issues identified, recommendations for improvement, and any other matters of importance. This step ensures that the impact of the audit is fully understood and that appropriate actions are taken to address any identified deficiencies.

Follow-up and Actions Post-Audit

After the audit is completed, organizations typically take steps to address any deficiencies or issues identified during the audit process. These steps may include implementing new controls, modifying existing processes, or improving reporting practices. The follow-up actions help strengthen the organization's financial reporting and internal control mechanisms, ensuring continuous improvement and accountability.

In conclusion, the audit process is a comprehensive and systematic examination of an organization's financial statements and records. From the initial planning phase to the final reporting phase, auditors follow a structured approach to ensure the accuracy, reliability, and compliance of financial information. Understanding the different phases of the audit process helps organizations and stakeholders appreciate the importance of auditing in building trust, enhancing transparency, and promoting sound business practices.

What are the 4 phases of the audit process?

Planning, execution, reporting, and follow-up. Auditors plan the scope and objectives, collect evidence during execution, summarize findings in a report, and monitor implementation of recommendations in the follow-up phase.

Intelligent Automation Platform

Discover how DataSnipper can dramatically improve your team's audit process

Become a DataSnipper Expert

• Sage Intacct
• Client Accounting Services
• Building a Board of Directors
• Business & Practice Growth
• Business & Practice Start Up
• Business Transitions
• Business Valuations
• Merger & Acquisition
• Audit & Assurance Services
• Business Tax
• Individual Tax
• Estate, Trust, and Gift Strategies
• Architecture & Engineering
• Construction
• Manufacturing
• Real Estate
• Measurable Results. ®
• About SVA ®
• Professionals
• Recorded Webinars
• Tax E-Alerts
• SVA Interactive Tax Planning Guide
• Colorado Springs

A Guide to Audits: Prep, Planning, and Post-Audit Tips

Scroll down to continue reading.⬇

Table of Contents

• Chapter 1: Do I Need a Compilation, Review, or Audit of Our Financial Statements?
• Chapter 2: What are the Types of Audits Available?
• Chapter 3: How to Choose an Auditor
• Chapter 4: Importance of Auditor Independence
• Chapter 5: 5 Strategies to Lessen Stress and Anxiety During an Audit
• Chapter 6: Using Agreed-Upon Procedures to Target Specific Items of Concern
• Chapter 7: What are the Benefits of a Financial Statement Audit?
• Chapter 8: What are the Five Steps in the Audit Process?
• Chapter 9: What do Auditors Review?
• Chapter 10: How to Prepare for an Audit: Audit Preparation Checklist
• Chapter 11: Nonprofit Audit Preparation Checklist
• Chapter 12: Onsite vs. Remote Audit
• Chapter 13: Why Auditors Prefer In-Person Interviews to Assess Fraud Risks
• Chapter 14: How to Leverage an Internal Audit
• Chapter 15: What are the Four Levels of Auditor Opinions on the Auditor's Report?
• Chapter 16: Management Letters are the Follow-Up on Your Auditor's Recommendations
• Chapter 17: How SVA Can Help

Do I Need a Compilation, Review, or Audit of Our Financial Statements?

Are you wondering if you need an audit, review, or compilation?

Either a third party is asking for one of these services or your leadership may feel that a CPA firm is required to examine records.

Don’t automatically assume you need a full audit. A review or compilation may serve your needs, while saving you some money.

Let's Walk Through These Three Options and Discuss the Differences:

1. what is a compilation.

Compiled financial statements are prepared based on the financial information provided by the organization to the CPA firm.

The CPA firm will produce financial statements , which can include footnotes, with a report that states no assurance is given regarding the completeness or accuracy of the information presented.

This is often a letter drafted by the CPA firm that accompanies the financial statements explaining there has been no testing of the accuracy of the information. There is no preparation needed on the part of the organization for a compilation report.

Compiled financial statements can be required when a business owner applies for a personal loan or other banking matters. More often, a reviewed or audited financial statement is required.

2. When Do I Need an Audit?

Audited financial statements may be required when raising equity, planning to sell , receiving funding from federal or state governments, or looking for extended credit or significant financing.

The auditor must obtain evidence to confirm that your financial statements are free from material error and/or fraud.

3. When is a Financial Statement Review Appropriate?

Reviewed financial statements provide limited assurance that there are no material modifications needed for the financial statements to conform with an applicable reporting framework.

The process includes the following:

• Review of financials
• Interview and assessment of accounting practices used by the organization
• Use of analytical procedures to gain insights into the current-year and prior-year balances

Reviewed financial statements can be performed to satisfy lenders, investors, and buyers or when you are looking for a smaller loan or line of credit.

Your CPA will need access to your trial balance , bank reconciliations and accrual schedule, deferred revenue, and more.

Procedures performed include analytical methods and inquiry and do not include an assessment of internal controls or the risk of fraud .

Discuss with your lender if a financial statement review is appropriate or if a full audit is required.

To decide which type of financial statement service is the best option for you, discuss your goals with a qualified CPA firm and select the service that best fits your needs. Understanding what level of assurance you need can save you time and money.

(Download Video Transcript)

What are the Types of Audits Available?

Privately held companies in various industries, nonprofit organizations , government entities, and employee benefit plans all require some type of audit.

Audited financial statements are needed for lenders, owners, shareholders , the board of directors, investors, or other organization stakeholders. These audits assure that the reported financial information has the highest level of credibility.

The audit process provides leadership with the assurance that their financial reports are materially correct and compliant. Also, leadership derives value from the reported observations of their internal controls , systems, and operations gleaned from the audit process.

The best way to determine which audit you need is to contact a firm with audit experience. Once you discuss your needs, they can recommend the best audit for you.

Here are the Most Common Audits and Information on Agreed-Upon Procedures Engagements:

Agreed-upon procedures engagement.

An agreed-upon procedure is just what it sounds like. The parties involved will agree on what type of audit is required and what kind of report will be developed based on the findings.

The benefit of this type of engagement is it can be tailored to fit the business’s needs. The CPA will not provide an opinion or conclusion but rather a report listing the findings of the areas that engagement detailed.

Compliance Audits

A compliance audit evaluates the organization's adherence to regulatory guidelines. It assesses if the applicable laws, regulations, and rules are being adhered to. It is an outward-facing audit ensuring compliance with the requirements of the industry or geographic region.

The government uses these audits to enforce rules at the federal and local levels. A third party conducts a compliance audit to ensure it is unbiased and accurate.

Employee Benefit Plan Audits

Excluding specific exceptions, federal law requires employee benefit plans with 100 or more participants (ERISA defined) to include audited financial statements with the Form 5500 filing.

Smaller plans may also require an audit if they do not meet certain conditions exempting them from the audit requirement.

Federal and State Single Audits

Single audits are specialized and tailored compliance audits for organizations that receive certain levels of federal and/or state grant awards.

These audits ensure that government funds are used for their intended purposes and vary in complexity depending on the level of grant funding the organization receives and the programs funded.

Financial Statement Audits and Examinations

Financial statement audits offer the highest level of assurance to outside sources and third parties on financial statements and financial statement elements.

These audits include an in-depth examination and confirmation of account balances, inventories, and a sample of transactions.

Financial statement examinations provide a similar assurance level; however, this assurance is on the reasonableness of management assertions. An examination is a set of procedures narrower in scope than an audit.

Financial Statement Reviews and Compilations

Financial statement reviews offer limited assurance to outside sources and third parties on the organization's financial statements and financial statement elements.

These reviews involve a tailored combination of management inquiries and analytical studies of financial information to identify any items requiring further investigation.

Financial statement compilations and preparation engagements offer no assurance but provide management with a formal set of financial statements for the organization and are used when bookkeeping assistance is required.

Compilations include a standard accountant's report and are often used for external reporting, while preparation engagements typically exclude a formal report and are usually intended for internal use.

Internal Control Audits

The internal control audit is a process to review operational effectiveness, efficiency, and reliable financial reporting, as well as compliance with regulations and policies.

The audit confirms the information is accurate, timely, and reliable. Internal controls are designed to prevent errors and irregularities, while safeguarding assets.

The internal control audit review is an important step to ensure that your controls are working properly.

System and Organization Controls (SOC 1 and SOC 2) Readiness Assessment

A SOC report is designed to assure third-party service organizations are expected to have appropriate internal controls and safeguards in place regarding hosting, processing, or accounting for their customers' data and assets.

Organizations requiring a SOC report are becoming more common as internal control compliance issues are at risk when critical services are outsourced to a third party.

SOC 1 audits focus on financial controls and SOC 2 reports focus on security, process integrity, privacy, and confidentiality.

Businesses that may require a SOC audit include:

• Medical Claims Processors
• Data Center Companies
• Software-as-a-Service (SaaS) Companies
• Collection Agencies
• Human Resource and Payroll Services
• Loan Servicing Companies
• Third-Party Administrators

How to Choose an Auditor

Reviewing an auditor's qualifications is a critical step in selecting your auditor.

This will require the consideration of licensing and independence rules, as well as the auditor's experience including specific audit experience in your industry and continuing professional education.

Experience and Professional Development

A firm equipped to provide a high-quality audit of your organization should be able to demonstrate its qualifications in response to your request for a proposal.

Evaluate whether the firm has experienced, qualified staff. Not only is overall experience necessary, but also experience relevant to your organization (i.e., retail, banking, construction , manufacturing , nonprofit, etc.) is a component of the firm's qualifications.

In some instances, a less-experienced auditor may be assigned to perform routine audit procedures to reduce audit costs. When this happens, you should confirm that an experienced auditor will review his/her work and perform the more complicated audit procedures.

Identifying Quality Audit Firms

The size of a firm doesn't dictate the level of audit quality — it's their commitment to quality that differentiates them.

The AICPA (American Institute of Certified Public Accountants) established the profession's Peer Review Program to enhance the quality of accounting, auditing, and attestation services its members perform in public practice.

The results of a firm's peer review provide a look at quality control systems and adherence to the profession's standards . If a firm doesn't provide the results of its latest peer review with its proposal, ask for it.

You'll also find information on accessing a firm's peer review information in the Additional Resources section of the AICPA report Hiring a Quality Auditor: Your Guide to the Selection Process .

A commitment to quality can also be shown by a firm's additional membership in AICPA resource centers, including:

Firms that are members of the GAQC and EBPAQC must establish higher standards of audit quality in their policies and procedures specific to the practice area. These quality centers also offer additional resources to help firms provide quality services to their clients.

If these practice areas are relevant to your organization, as you consider firm proposals, ask representatives of the firms if they are members of these centers.

When engaging an auditor, you should obtain references and discuss the auditor's work for other clients. You may want to obtain the continuing professional education records of the proposed audit team and determine that team members have recent training that addresses unique issues related to your industry.

Determining Independence

CPA professional standards require that the auditor be independent for purposes of auditing financial information and issuing an auditor's report on the financial statements.

The auditor's independence is essential for a successful audit because it enables him/her to approach the audit with the necessary professional skepticism.

Independent auditors must adhere to rules of auditor independence established by the AICPA (and the SEC and the Public Company Accounting Oversight Board, if applicable).

Review Licensing

CPA firms are required to meet the licensing requirements of the state(s) in which they practice.

You may wish to verify with the appropriate state regulatory authority that the audit firm holds a valid, up-to-date license or certificate to perform auditing services (most states make this information available online).

Importance of Auditor Independence

It is imperative to understand the rules for auditor independence. If you discover potential issues now, there's still plenty of time to take corrective action before next year's audit begins.

Definition of Auditor Independence

Independence is one of the most essential requirements for audit firms. It's why investors and lenders trust CPAs to provide unbiased opinions about the presentation of a company's financial results.

The AICPA and the Securities and Exchange Commission (SEC) have rules regarding auditor independence. Even the U.S. Department of Labor has issued independence guidance for auditors of employee benefit plans .

The AICPA specifically goes to great lengths to explain how audit firms can maintain their independence from the companies they audit. In short, auditors can't provide any services for an audit client that would typically fall to the company's management to complete.

Auditors also can't engage in any relationships with their clients that would:

• Compromise their objectivity
• Require them to audit their own work
• Result in self-dealing, a conflict of interest, or advocacy

Independence is a matter of professional judgment, but it's something that accountants take seriously. A firm that violates the independence rules calls into question the accuracy and integrity of its client's financial statements.

Prohibited Services to Maintain Auditor Independence

Under Rule 2-01 of Regulation S-X, the SEC explicitly prohibits auditors from providing the following non-audit services to a publicly traded audit client or its affiliates:

• Bookkeeping
• Financial information systems design and implementation
• Appraisal or valuation services , fairness opinions, or contribution-in-kind reports
• Actuarial services
• Internal audit outsourcing services
• Management functions or human resources
• Broker-dealer, investment advisor, or investment banking services
• Legal services and expert services unrelated to the audit

This list isn't exhaustive. Audit committees should consider whether any service provided by the audit firm may impair the firm's independence in fact or appearance.

SEC independence rules also prohibit audit firms and auditors from engaging in financial relationships with their public audit clients, such as contingent fees, banking, insurance, debtor-creditor arrangements, broker-dealer relationships, and futures commission merchant accounts.

Independence is a critical issue for public and private companies alike. Contact your auditor to discuss any questions you may have regarding auditor independence.

5 Strategies to Lessen Stress and Anxiety During an Audit

Audits can be very stressful, especially for nonprofits. Mistakes in the books and a poor audit can lead to decreased donations down the road, undermining the entire mission of a nonprofit.

Nonprofit organizations must obtain audits to comply with local laws and regulations. They must show those who have donated to their cause that they are good stewards of that money.

While audits are undoubtedly intimidating, you can take steps to decrease that stress. With the proper mindset and good planning, audits do not have to be cause for alarm.

1. Get a Pre-Audit Checklist and Work Through it Throughout the Year

Most auditors will give you a list of items that they intend to review. They also often provide unique deadlines for each item.

Reviewing the list before the audit can help you properly prepare and meet necessary deadlines.

If your auditor does not provide this type of list ahead of time, you might want to ask for it. Alternatively, you can take the information you needed from prior audits and start a working checklist so you can internally prepare for the audit.

As you review the checklist, be sure to get clarification wherever you have questions before the actual audit begins. Addressing these uncertainties at the outset can significantly reduce the stress around the audit.

Of course, you cannot prepare for everything in an audit, as each audit requires some unpredictability. However, having most of your documents ready to review can take some of the uncertainty out of even the unpredictable parts of the audit.

You should, for example, have expense reports, journal entry support, and program reports ready to go in preparation for the audit. These documents will help you address questions that come up as well.

2. Create and Maintain Realistic Expectations About the Audit

The auditor should provide some specific goals and expectations as part of their engagement letter. Having this information upfront can not only help you prepare, but it can also ensure that your third-party auditor will accomplish the goals you need in an audit.

Keep in mind there should be a clear line between accounting services and audit functions. Any auditor will only evaluate what you have; they will not help you do the accounting or reporting work. They will likely provide suggestions for improvements, but those will only come about after they complete the audit.

Once you receive a comprehensive list of necessary improvements after the audit, you should work either internally or with another third party to do any accounting "cleanup." If your internal team lacks the necessary expertise to address a specific item, look to a third-party CPA firm.

3. Ensure Compliance and Good Practices Year-Round

In preparation for the audit, you should take a hard look at internal processes to address areas where there is room for improvement.

Although taking the time to go through this exercise can be cumbersome, it will be well worth it. Just be sure that you do this evaluation well before the audit, so you have time to implement changes as necessary.

You should also ensure that documented processes are being followed. You can make adjustments to the documents or to the processes, whichever makes sense, in preparation for the audit.

Updating policies and procedures periodically is not only suitable for any audit, but it also helps your team do their jobs more efficiently as well. It also helps with compliance issues before they start to cause problems.

4. Recognize Any Internal Control Deficiencies and Be Prepared to Address Them

Explaining why you do things a certain way before the audit can be beneficial.

For example, imagine that you have more than one person doing payroll and handling cash receipts. As this deficiency can lead to errors and confusion, you should be able to explain why you are functioning in this way.

It is imperative to provide information about safeguards you are using to ensure these internal control issues are addressed.

The same basic policy can be said any time you have more than one person handling accounting or finance functions.

Contract authorization, expense approvals, and actual purchasing functions are all areas where having one person, rather than a group, increases internal controls and accountability.

You should also be able to explain checks and balances functions that are currently in place or start thinking of ways they can be implemented after the audit. The auditor might have suggestions on how to address this issue as well.

5. Communicate Effectively with the Auditor Before, During, and After the Audit

Having year-round communication with your auditor can be a great way to maintain controls and best practices. It also helps you keep up with deadlines and ensure that the annual audit is done promptly.

Proactively ensuring compliance with new guidelines and rules can make the entire audit process run much more smoothly.

Using Agreed-Upon Procedures to Target Specific Items of Concern

Your CPA offers a comprehensive menu of services. One flexible offering, known as an "agreed-upon procedures" engagement, provides limited assurance on a specific aspect of an organization's financial or nonfinancial information.

What's Covered?

Agreed-upon procedures can cover various items. For example, a CPA could provide a statement about the reliability of a company's accounts receivable, the validity of the sales team's credit card payments , the effectiveness of the controls for the security of a system, and even greenhouse gas emissions.

Lenders may request these types of engagements before they approve a new loan application or an extension of credit for an existing customer — or they might want one if a borrower defaults on their loan covenants or payments.

These engagements can also be helpful in M&A due diligence by franchisors or when a business owner suspects an employee of misrepresenting financial results . Stakeholders don't necessarily like waiting until year-end to see how an organization is faring in today's uncertain markets. Agreed-upon procedures can be done at any time, providing much-needed peace of mind throughout the year.

What's Reported?

These engagements are based on procedures similar to an audit, but on a limited scale. When performing agreed-upon procedures, CPAs issue no formal opinions; they simply act as fact finders. The report lists:

• Procedures performed
• CPA's findings

Agreed-upon procedures can be relied on by third parties. But it's the user's responsibility to draw conclusions based on the findings.

What's New?

Agreed-upon procedures are usually a one-time engagement, so you might not know much about them — or how the rules that apply to them changed a few years ago.

A revised standard was published in 2019, bringing several fundamental changes. Most notably, an accountant can now report on a subject matter without obtaining a written assertion from the responsible party that the responsible party complies with an underlying criterion, such as laws or regulations.

This gives CPAs more flexibility when examining or reviewing certain documents if the engaging party can't appropriately measure or evaluate them.

The new guidance went into effect for reports dated on or after July 15, 2021, although early implementation was permitted.

What are the Benefits of a Financial Statement Audit?

An audit is an evaluation of a company's financial statements forming an independent opinion.

A company prepares financial statements according to U.S. Generally Accepted Accounting Principles (GAAP). The fair presentation of those financial statements is evaluated by independent auditors using a framework of Generally Accepted Auditing Standards (GAAS) , which set out requirements and guidance on how to conduct an audit.

Simply put, an audit validates the accuracy of financial statements.

How are Financial Statement Audits Used?

What are the five steps in the audit process.

Every audit is unique, however the audit process typically includes the following five steps.

1. Accepting the Engagement

Once your company has selected an audit firm, you must sign an engagement letter. Then your auditor will assemble your audit team, develop a timeline, and explain the scope of the audit inquiries and onsite "fieldwork."

2. Assessing Risk

The primary goal of an audit is to determine whether a company's financial statements are free from "material misstatement."

Management and third-party stakeholders who rely on your financial statements count on them to be accurate and conform to U.S. Generally Accepted Accounting Principles (GAAP) or another accepted standard.

Auditing rules require auditors to assess general business risks , as well as industry- and company-specific risks. The assessment helps auditors determine the accounts to focus on and develop audit procedures to minimize potential risks.

3. Planning

Based on the risk assessment , the audit firm develops a detailed audit plan to test the internal control environment and investigate the accuracy of specific line items within the financial statements. The audit partner then assigns audit team members to work on each plan element.

4. Gathering Evidence

During fieldwork, auditors test and analyze internal controls.

For example, they may trace individual transactions to original source documents such as sales contracts, bank statements, or purchase orders. Or they may test a random sample of items reported on the financial statements such as the prices or number of units listed for a randomly selected sample of inventory items.

Auditors may also contact third parties — such as your company's suppliers or customers — to confirm specific transactions or account balances.

5. Communicating the Findings

At the end of the audit process, your auditor develops an "opinion" regarding the accuracy and integrity of your company's financial statements.

In order to do so, they rely on quantitative data, such as the results of their testing, as well as qualitative data, including statements provided by the company's employees and executives.

The audit firm then issues a report on whether the financial statements present a fair and accurate representation of the company's financial performance and comply with applicable financial reporting standards.

What do Auditors Review?

Do you understand how auditors verify account balances and transactions? This knowledge can minimize disruptions when the audit team visits your facilities and maximize the effectiveness of your audit.

Here are Five Common Sources of "Substantive Evidence" That Auditors Gather to Help Them Form an Opinion Regarding Your Financial Statements

1. confirmation letters.

Auditors send letters to third parties, such as customers or vendors, asking them to verify amounts recorded in the company's books.

There are two types of confirmations:

• A positive confirmation requests that the recipient complete a form confirming account balances (for example, how much a customer owes the company).
• A negative confirmation requests that the recipient respond only if the balance is inaccurate.

2. Original Source Documents

Auditors can verify an account balance or record by vouching (or comparing) it to third-party documentation. For example, an auditor might confirm the existence of a vehicle on your fixed asset list by reviewing the invoice from the seller.

Vouching enables an auditor to evaluate the accuracy of the amount claimed by the company and whether it recorded the transaction correctly in its accounting system.

3. Physical Observations

Seeing is believing, so auditors sometimes verify the existence of assets through physical observations and inspections.

For example, inventory audit procedures typically include observing or conducting a physical inventory count, inspecting the process to record incoming and outgoing inventory , and analyzing the inventory obsolescence process.

4. Comparisons to External Market Data

For assets actively traded on the open market, auditors may confirm the amounts claimed on the company's financial statements by researching pricing data.

For example, if the company invests in marketable securities that it plans to sell within one year, an auditor could analyze the prevailing market price to confirm the book value.

Likewise, a random sample of parts inventory could be compared to online pricing sheets to confirm that items are reported at lower cost or market value.

5. Recalculations

Auditors may verify in-house schedules and records by recreating them. If the auditor's work matches the client's work, it confirms that the underlying accounts appear reasonable.

Auditors often rely on this procedure for such items as bank reconciliations and schedules of payroll-related expenses (i.e., overtime, benefits, and tax payments).

How to Prepare for an Audit: Audit Preparation Checklist

Prepare the items on your auditor's preparation checklist before the audit starts.

This sample checklist features the most frequently needed documents for a typical audit. Be sure to get a final list from your auditor.

The information should be submitted to the auditor based on their directions, often electronically and in Excel format.

Bank reconciliations and related statements from financial institutions for all cash, certificates of deposit, and investment accounts as of December 31st. These reconciliations should have a listing of all outstanding checks and deposits, held checks, deposits in transit, or any unusual reconciling items.

Reconciliation of cash held for others at the end of the fiscal year.

Summary of bank transfers for the month ending the fiscal year.

Access to January bank statements and reconciliations.

Accounts Receivable

Detailed aged listing of all accounts receivable balances by invoice as of the end of the year (reconciled to the G/L).

Your auditor will likely ask you to prepare an analysis of the collectability of aged accounts receivable balances.

Income/Expenses

Monthly revenue and expense analysis and gross profit trend analysis.

Variance analysis spreadsheet for general and administrative expenses.

Schedule of rent expense reconciled to the terms of the lease agreements and schedule of future minimum lease payments over the next five years.

Access to all manual journal entries made during the year.

Details of repairs and maintenance account.

Detail of legal fees paid, with all attorneys' names and addresses throughout the year.

Detailed inventory reports as of the end of the year (reconciled to the general ledger ), including overhead calculation, if applicable.

Your auditors will typically observe your year-end inventory count to verify the existence of inventory at year-end and for any obsolescence issues.

Property and Equipment

Fixed asset roll-forward schedule showing beginning balance in each asset class plus additions, less disposals equals ending balance reconciled to the general ledger.

Detail of fixed asset additions and disposals during the year.

Book depreciation schedule by asset, including useful lives, depreciation method , etc.

Accounts Payable

Accounts payable aged trial balance as of the end of the fiscal year.

Check registers for the period between year-end and the date of fieldwork.

Long-Term Debt

Debt roll-forward schedule showing beginning balance in each note plus borrowings, less repayments equals ending note balance reconciled to the general ledger.

Schedule of future maturities of long-term debt for the next five years reconciled to the terms of debt agreements.

Compliance schedules for covenants.

General ledger (also called a working trial balance) covering the entire fiscal year.

Internal financial statements.

Articles of Incorporation and Bylaws (or other organization documentation).

Equity certificates.

Employee handbook.

Accounting Policies and Procedures manual.

Bank notes, security agreements, and lease agreements.

Organization charts and systems documentation (memos detailing flow of transactions within the company).

Minutes of meetings of the board of directors and any other oversight committees.

Fiscal year budget.

Your auditors will need access to all paid bills and checks received during the year.

Reconciliation and schedules supporting all asset, liability, and equity accounts.

Nonprofit Audit Preparation Checklist

Nonprofits have specific audit requirements. While the previous checklist is a general audit checklist, this one is formulated for nonprofit audit requirements.

Trial Balance

Copy of the trial balance by account as of December 31st. Provide this information in electronic format (Excel) so that it can be directly downloaded into your auditor’s system.

Cash and Restricted Cash

Bank reconciliations and related statements from financial institutions for all cash, certificates of deposit, and investment accounts as of December 31st. These reconciliations should have attached a listing of all outstanding checks and deposits, held checks (if any), deposits in transit, and any unusual reconciling items.

Summary of bank transfers for the month ended December 31st.

Reconciliation of cash held for others (if any) as of December 31st.

Investments and Certificates of Deposit

Certificates of deposit reconciliations and related statements from financial institutions as of December 31st.

Reconciliation of beginning and ending balances, investment income, unrealized gains/losses, purchases, and distributions for assets held, including access to annual summary statements, for the year ended December 31st.

Unconditional Promises to Give and Accounts Receivable

List of unconditional promises to give as of December 31st. Balances will be confirmed as of year-end with a sample selection of donors. Once those contributors are identified, you should receive a confirmation letter template to complete for each donor.

Calculation of the discount to net present value as of December 31st.

Calculation of the allowance for uncollectible promises to give as of December 31st.

Aging by account for receivable balances outstanding as of December 31st.

Furniture and Equipment

Summary schedule of fixed assets. Include beginning balances of fixed asset accounts, additions and disposals during the fiscal year, and ending balances of those accounts. Also include beginning balances of accumulated depreciation accounts, depreciation expense, reductions in accumulated depreciation as a result of asset disposals, and ending balances of accumulated depreciation accounts.

Detailed fixed asset listing showing asset descriptions, estimated useful lives and depreciation methods used, calculation of depreciation expense for the fiscal year, etc. It will be helpful if the listing was subtotaled by account such that the totals agree with the summary schedule previously requested.

Access to supporting documentation for fixed asset additions and disposals during the year.

Accounts Payable and Grants Payable

Detailed accounts payable aging as of December 31st. If applicable, denote any payables to related parties.

List of checks written from January 1st through the date of audit fieldwork and access to the underlying related invoices.

Provide access to copies of all unprocessed vendor invoices as of the date of fieldwork.

Support for balances of grants payable (if any) as of December 31st and the underlying agreements.

Detail for all accrued expense balances. Include calculations or supporting documentation for these balances where appropriate.

Prepaid Expenses

Worksheet showing the calculation of prepaid expenses, if any.

Support and Revenue

Support for income received and expenses incurred in connection with the organization's special events. Include a reconciliation of special event income including a breakout of income received from contribution revenue for the year by event, date, amount received, tickets sold, sponsorships received, etc. Also include a breakdown of expenses by the following categories: cash prizes, non-cash prizes, rent/facility costs, food and beverage, entertainment, and other direct expenses. Verify that this schedule ties to the amounts to be reported on the organization's tax return.

Summary schedule of in-kind contributions received including the amounts received by category (i.e., investment, other) and support for valuation of each contribution.

Support for contributions received from donors equal to $5,000 and greater during the year including each donor's name and address. Provide access to underlying support for these contributions (i.e., thank you letters, etc.).

Net Assets and Endowments

Summary schedule of net assets including detailing the changes in unrestricted as well as temporarily and permanently restricted net assets including contributions received and released from restrictions. Also provide underlying support received from donors for the balances of temporarily and permanently restricted net assets.

Summary schedule of board-designated net assets including beginning and ending balances and activity throughout the year.

Reconciliation of the organization's endowment balances including a breakout between unrestricted (both donor-restricted and board-designated endowment funds) and temporarily and permanently restricted net assets.

Access to all legal, accounting, and consulting invoices.

Access to the 401(k) pension plan agreements and support for the annual contributions.

Copies of the property insurance binder pages or certificates from the insurance binder which specify premiums, coverage limits and dates, name and address of insured, mortgagee and/or loss payee, etc. for property/casual and liability insurance. Also provide support for fidelity bond/employee dishonesty insurance that is in place.

Detailed schedule of grants awarded to governments and other organizations for the year ended December 31st.

Schedule to support payroll costs for the year and allocations of the expenses to program, management and general, and fundraising. Confirm if payroll is prepared in-house or if an outside vendor is used. Also provide access to the Forms 940 and 941.

Copies of meeting minutes from meetings of the board of directors from January 1st through the date of audit fieldwork.

Support for the methodology used to allocate each entity's expenses as program, management and general, and fundraising.

Access to lease agreements (i.e., office space, office equipment, etc.) entered into as of January 1st or later. Access to year-to-date general ledgers as of December 31st.

List of general journal entries for the year ended December 31st.

List of the individuals who served as members of the board of directors at any time during the year including each individual's position, name, and compensation paid, if any.

Onsite vs. Remote Audit

The pandemic has presented numerous challenges for businesses, but it also taught us how to be resilient, cost-conscious, and adaptable.

Over the last few years, we've learned that remote working arrangements offer many benefits including reducing the time and cost of performing many tasks.

Here's How These Lessons Translate to Auditors' Work to Prepare Your Company's Financial Statements:

Transitioning from onsite to remote procedures.

Traditionally, audit fieldwork has involved a team of auditors camping out for weeks (or even months) in one of the conference rooms at the headquarters of the company being audited.

Now, thanks to technological advances — including cloud storage, smart devices, and secure data-sharing platforms — many audit firms conduct specific auditing procedures remotely rather than sending auditors onsite.

For example, drones and video-conferencing technology can observe physical inventory counts, eliminating the expense of sending auditors to facilities that store inventory. For companies with multiple sites, performing this task in-person was costly and difficult to schedule, especially around the holidays.

In addition to saving time and audit fees, allowing auditors to work remotely improves the work-life balance for auditors and in-house accounting personnel. Your employees won't need to stay glued to their desks for the audit because they can respond to the auditor's inquiries and document requests remotely.

Facilitating Remote Work

The transition to remote audits requires flexibility, including a willingness to embrace the technology needed to exchange, review, and analyze relevant documents. You can assist the transition process by:

Being Responsive to Electronic Requests

Answer all remote requests from your auditors in a timely manner.

If a key employee will be on vacation or out of the office for an extended period, give the audit team the contact information for the key person's backup. Auditors who are out of sight shouldn't be out of mind.

Giving Employees Access to the Requisite Software

Sharing documents with remote auditors may require installing specific software on employees' computers. But your company's policies may prohibit employees from downloading software without approval from the IT department.

Before remote auditors start their work, ask for a list of software and platforms that will be used to interact with in-house personnel. Give the appropriate employees access and authorization to share audit-related data from your company's systems. Work with your IT specialists to address any security concerns they may have with sharing data with the remote auditors.

Tracking Audit Progress

Ask the engagement partner to explain how they'll track the performance of their remote auditors, and how they plan to communicate the team's progress to in-house accounting personnel.

With less face-to-face time with your auditors, you'll have fewer opportunities to receive updates on the team's progress.

Is a Remote Audit Right for Your Business?

Remote audits have become popular, but not every audit firm or business is ready to fully embrace remote auditing. Contact us to discuss ways to make your company's next audit more efficient and cost-effective.

Why Auditors Prefer In-Person Interviews to Assess Fraud Risks

Auditing standards require financial statement auditors to identify and assess the risks of material misstatement due to fraud — and to determine overall and specific responses to those risks.

Here's Why Face-to-Face Meetings are Essential When Assessing These Risks:

What is an audit inquiry.

Fraud-related questions are a critical part of the audit process.

The AICPA requires auditors to identify and assess the risks of material misstatement due to fraud and to determine overall and specific responses to those risks under Clarified Statement on Auditing Standards (AU-C) Section 240, Consideration of Fraud in a Financial Statement Audit .

Interviews must be conducted for every audit — auditors can't just assume that fraud risks are the same as those that existed in the previous accounting period.

Analysis Goes Beyond Words

Although many audit procedures have been done remotely during the pandemic, auditors are now resuming face-to-face meetings with managers and others to discuss fraud risks. Why?

Psychologists estimate that 7% of communication happens through spoken word, 38% through tone of voice, and 55% through body language. So, a face-to-face interview is critical when evaluating fraud risks during an audit to help pick up on nonverbal clues.

Nuances such as an interviewee's tone and inflection, the speed at which he/she responds, and body language provide essential context to the words being spoken.

The auditor will also watch for signs of stress on the interviewee's part in responding to questions including long pauses before answering, starting answers over, profuse sweating, or tapping feet.

In addition, in-person interviews provide opportunities for immediate follow-up questions. When it isn't possible to have a face-to-face interview, a videoconference or phone call is the next best option because it provides the auditor many of the same advantages as meeting in person.

External audits don't provide an absolute guarantee that dishonest behaviors will be detected, but they can be an effective antifraud control.

According to Occupational Fraud 2022: A Report to the Nations , companies that were audited lost one-third less from fraud than those that weren't audited — and audited companies could detect fraud 33% faster than those without audited financial statements.

You can facilitate the efforts to assess your company's fraud risks by anticipating the types of questions you'll be asked and the source documents you'll need to provide. Forthcoming, prompt responses help ensure your audit stays on schedule and minimizes any unnecessary delays.

How to Leverage an Internal Audit

Many companies have an internal audit department that tests whether the organization is accurately reporting financial results and complying with U.S. Generally Accepted Accounting Principles (GAAP).

But internal auditors need to think beyond compliance. Internal auditors who understand the big picture can expand their department's influence by helping their organizations mitigate risk, improve financial and operational processes, and evaluate business strategies.

Here's How to Get More From Your Internal Audit Team:

Expand the scope.

The skill sets of internal auditors make the department ideally suited to participate in managing a broad range of risks including:

• Operational
• Information Technology (IT)
• Merger and Acquisition (M&A)
• Foreign Corruption
• Business Continuity

To maximize its value, the internal audit team should take a forward-looking approach.

Individual auditors are well equipped to help identify and assess risks — and even help businesses anticipate and avoid obstacles before an adverse event occurs.

Use Internal Auditors Like Consultants

Your company should tap into the auditors' expertise to evaluate and improve controls and ensure compliance before problems arise, instead of waiting for internal auditors to report possible control or compliance deficiencies.

The department can also highlight ways for other functional areas — such as production, sales, HR, finance, and procurement — to improve processes and eliminate waste and inefficiency.

Optimize Technology

Technological advances make it possible to greatly enhance the value of the internal audit function.

For instance, continuous auditing is an automated approach that allows auditors to gather critical information and identify problems in real time. This is a dramatic improvement over the traditional approach in which internal auditors test a limited number of samples and then report their findings after the fact.

Likewise, data analytics and predictive modeling enable internal auditors to spot anomalies quickly and focus the team's resources on high-risk areas.

Conduct Quality Assessment Reviews

Businesses should conduct regular quality assessment reviews (QARs) of their internal audit departments. The Institute of Internal Auditors' Code of Ethics requires Certified Internal Auditors to undergo a QAR at least once every five years.

This oversight helps assess the department's performance, competence, and objectivity, allowing the company to identify and remedy any issues quickly.

Functional Diversity is Critical

Do your internal auditors have the skills and training necessary to meet the demands of today's volatile, complex business world?

Effective internal audit teams include people from a broad range of backgrounds including those with IT, management consulting, and engineering expertise.

Suppose these skills are lacking in your internal audit team. In that case, your organization might need to hire some new auditors to infuse fresh ideas into the department — or you might consider "co-sourcing" with an external firm to help fill any internal skill gaps.

What are the Four Levels of Auditor Opinions on the Auditor's Report?

The first page of audited financial statements is the auditor's report .

This is an integral part of the financials that shouldn't be overlooked. It contains the audit opinion which indicates whether the financial statements are fairly presented in all material respects, compliant with U.S. Generally Accepted Accounting Principles (GAAP), and free from material misstatement.

In General, There are Four Types of Audit Opinions, Ranked From Most to Least Desirable:

1. unqualified.

A clean "unqualified" opinion is the most common (and desirable). Here, the auditor states that the company's financial condition, position, and operations are fairly presented in the financial statements.

2. Qualified

The auditor expresses a qualified opinion if the financial statements appear to contain a small deviation from GAAP but are otherwise fairly presented. To illustrate, an auditor will "qualify" his/her opinion if a borrower incorrectly estimates the reserve for a contingency, but the exception doesn't affect the rest of the financial statements.

Qualified opinions are also given if the company's management limits the scope of audit procedures. For example, a qualified opinion may have resulted if you denied the auditor access to year-end inventory counts due to safety concerns during the pandemic.

When an auditor issues an adverse opinion, there are material exceptions to GAAP that affect the financial statements as a whole. Typically, an adverse opinion letter outlines these exceptions. Here, the auditor indicates that the financial statements aren't presented fairly.

4. Disclaimer

Even more alarming to lenders and investors is a disclaimer opinion. Disclaimers occur when an auditor gives up in the middle of an audit. Reasons for disclaimers may include significant scope limitations, material doubt about the company's going-concern status, and uncertainties within the subject company itself. A disclaimer opinion letter briefly outlines the auditor's reasons for throwing in the towel.

Beyond the Auditor Opinion

Auditors' reports for public companies also must include a discussion of so-called "critical audit matters" (CAMs). Essentially, these are the most complicated issues that arose during the audit.

CAMs are specific to the engagement and the year of the audit. As a result, they're expected to change from year to year. This requirement represents a significant change to the pass-fail audit opinions that have been in place for decades.

It's intended to give stakeholders greater insight into the company's disclosures and the auditor's work when issuing an unqualified opinion. Contact us for more information on audit opinions.

Management Letters are the Follow-Up on Your Auditor's Recommendations

Maintaining the status quo in today's volatile marketplace can be risky.

To succeed, businesses need to "level up" by being proactive and adaptable. But some managers may be unsure where to start or they're simply out of new ideas.

Fortunately, when audited financial statements are delivered, they're accompanied by a management letter that suggests ways to maximize your company's efficiency and minimize its risk.

These letters may contain fresh, external perspectives and creative solutions to manage supply chain shortages, inflationary pressures, and other current developments.

Auditing Standards Communication Rules

Under Generally Accepted Auditing Standards, auditors must communicate in writing about material weaknesses or significant deficiencies in internal controls that are discovered during audit fieldwork.

A material weakness is defined as "a deficiency, or combination of deficiencies, in internal control, such that there is a reasonable possibility that a material misstatement of the entity's financial statements will not be prevented or detected and corrected on a timely basis."

Significant deficiencies are generally considered less severe than material weaknesses. A significant deficiency is "a deficiency, or a combination of deficiencies, in internal control that is important enough to merit attention by those charged with governance."

Auditors may unearth less severe weaknesses and operating inefficiencies during the course of an audit. The write-up for each deficiency includes an observation (including a cause, if observed), financial and qualitative impacts, and a recommended course of action.

Although reporting these items is optional, they're often included in the management letter.

From Compliance to Business Improvement

Audits should be more than just an exercise in compliance.

Management letters summarize lessons learned during audit fieldwork on improving various aspects of the company's operations. For example, a management letter might report a significant increase in the average accounts receivable collection period from the prior year.

Then the letter might provide cost-effective suggestions on expediting collections, such as implementing early-bird discounts and using electronic payment systems to enable real-time invoices and online payments.

Finally, the letter might explain how improved collections could boost operating cash flow and decrease write-offs for bad debts.

When you review the management letter, remember that your auditor isn't grading your performance. The letter is designed to provide advice based on best practices the audit team has learned over the years from working with other clients.

Observant auditors may comment on a wide range of issues they encounter during the course of an audit. Examples — beyond internal controls — include cash management, operating workflow, control of production schedules, capacity issues, defects and waste, employee benefits, safety, website management, technology improvements, and energy consumption.

Take Your Audit to the Next Level

Always take the time to review the management letter that's delivered with your audited financial statements — don't just file it away for a later date. Too often, the same talking points are repeated year after year.

Proactive managers recognize the valuable insights these letters contain, and they contact us to discuss how to implement changes as soon as possible.

How SVA Can Help

SVA has the expertise and resources you need to tackle all your audit needs. Our team is experienced in all facets of the audit process, with industry expertise to give you the best view of your business.

We will provide a customized approach specific to your needs.

• Accounting Services
• Accounting Software
• Audit & Assurance
• Business Technology & Solutions
• Growing Your Business
• Business & Intangible Asset Valuations
• Merger and Acquisition Services
• Starting a Business
• Fraud & Forensic Accounting Services
• Litigation Support
• Risk Management & Compliance
• Trust, Estate, and Gift Planning
• Tax e-Alerts

Madison, WI 1221 John Q Hammons Dr, Suite 100 Madison, WI 53717 (608) 831-8181

Milwaukee, WI 18650 W. Corporate Drive, Suite 200 Brookfield, WI 53045 (262) 641-6888

Colorado Springs, CO 1880 Office Club Pointe, Suite 128 Colorado Springs, CO 80920 (719) 413-5551

Are you in the know on the latest business trends, tips, strategies, and tax implications? SVA’s Biz Tips are quick reads on timely information sent to you as soon as they are published.

Connect With Us

Copyright © 2024 SVA Certified Public Accountants | Privacy Policy | Cookie Policy | CCPA

• Events & Webinars
• Case Studies
• Feature Stories
• Infographics
• Whitepapers
• Corporate Philosophy
• Leadership Team
• Current Openings

• Financial Reporting and Assurance
• Financial Reporting Support
• Capital Market Readiness
• CFO Advisory Services
• Agreed Upon Procedures Management Reportings
• Stock Audit Verification
• Accounting Advisory Services
• Mergers & Acquisitions
• Business Feasibility Study
• Teaser & Confidential Information Memorandum (CIM)
• Channel Partner Search
• Post Merger Integration
• Financial Due Diligence
• Operational Due Diligence
• Legal Advisory
• Entity Management
• Investment Advisory
• Real Estate Legal Services
• Cross Border Transaction Advisory
• Legal Health Check
• Counsel Assistance
• Corporate Secretarial Services
• Legal Structuring
• Contract Management Services
• Trademark Registration in India
• Corporate Tax Services
• Personal Tax Services Indian Nationals
• Expatriate Taxation in India
• Transfer Pricing in India
• International Tax Services
• Health Check
• Custom Valuation And Assistance in SVB Investigation
• GST Advisory and Compliance
• Assistance in GST Audit by Department
• Indirect Tax Litigation
• Trade Remedies under Anti-dumping and Countervailing Duties
• Representation on DGFT matters (Foreign Trade Policy Procedures and Incentives)
• Authorised Economic Operator Programme (AEO Programme)
• GST Health Check
• GST Refunds
• Risk Advisory
• SOX Compliance and J-SOX Audit
• Organizational Restructuring
• Accounting Reconciliations
• Fixed Asset Tagging and Verification
• Business Process Reengineering (BPR)
• Business Cost Optimization
• Supply Chain Management Services
• SOP Implementation
• Scrap Validation Services
• Corporate Governance
• Dealership Audit
• Transaction Testing Services
• Design & Evaluation- IFC / ICFR
• Forensic & Dispute Resolution
• White Collar Investigation
• Corporate Intelligence
• Forensic Technology Solutions
• Anti Bribery & Corruption
• Fraud Risk Assessment
• Risk Management Support
• Internal Audit
• Operational Review
• Grant Utilization Review
• KRA and KPI Mapping
• India Market Entry
• Evaluation of Market Entry Strategies
• Market Feasibility Study
• Business Setup
• Business Setup in India
• Business setup in UAE

Step-wise guide to audit programme planning

February 29, 2024.

AUDIT PROGRAMME

An audit programme is commonly prepared to allocate work to team members which may include the list of audit procedures and instructions to be followed by the member. It also estimates the duration for completing an audit task.

Formulating an Audit Programme

• The important matters to be considered while formulating audit programme .

  (A) Nature of business in which the organisation is engaged:

• his first appointment, the auditor should examine in detail the financial and accounting organisation of the business by visiting the client’s office; by observing different stages through which documents pass before each transaction is authorised and recorded; the record that is kept and the type of books maintained.
• In the case of an industrial concern, he must also visit the factory to acquaint himself with the different processes of manufacture, the quantitative records maintained and the manner in which statistics are compiled in respect of losses in process.
• The auditor, therefore, should draw up the audit programme after considering the technical, financial and accounting set-up of the company.

(B) Overall plan :

• Audit programme should be drawn up to ensure a systematic approach to the work. If in drawing the audit programme, any divergence from the overall plan becomes necessary, first the overall plan should be modified after due consideration and thereafter, only that specific matter may be taken in the audit programme.
• The framework provided under the overall plan should be strictly adhered to.

(C) System of internal control and accounting procedures :

• The existence of a system of internal control ensures that both financial and statistical records are checked continuously; it also unearths errors, both of omission and of commission.
• The auditor, in framing his opinion on financial statements needs reasonable assurance that transactions are properly authorised and recorded in the accounting records and that transactions have not been omitted.
• The study and evaluation of internal control helps the auditor to establish the reliance he can place on the internal controls in determining the nature, timing and extent of his substantive auditing procedures.
• The auditor’s examination of the system of internal control should have three features - review and preliminary evaluation, testing of compliance and evaluation.

(D) Size of the organisation and structure of its management

• Increase in the size of the organisation enhances the complexity of the examination of its accounting records specially when it has a number of branches, deals in several products or has a very large turnover.

We're here to help you.

Submit your enquiries to MBG Corporate Services. We will respond as soon as possible.

Call us at: +91 88601-90008

Get A Free Consultation

Industry Aviation Capital Equipment Construction Consulting E-Commerce Education Entertainment FMCG Fintech Government Healthcare Hospitality Industry Information Technology Insurance Iron & Steel Manufacturing Media Oil and Gas Petroleum Power Professional Services Retail Shipping Technology Trading Transportation Travel & Tourism Utilities Others

This is a Customer submission Form.

If you are a Jobseeker please check here for Current Openings or mail your resume at [email protected]

Related Articles