Although every audit is unique, the audit process usually consists of four stages: Planning, Field work, Reporting and (for some audits) Follow-up. Engagement of the client, or the area being audited, is critical at every stage of the audit process. An audit often results in a certain amount of time being diverted from your department’s usual routine. It’s helpful for a client to treat an audit like any other special project and allocate time for you and your staff to participate in the audit process. This minimizes the time necessary for the audit and avoids disrupting ongoing activities.
1 email notification can be delegated
2 consider need for engagement by UVA Counsel’s office
3 update project Kanban card with agreed upon dates, staffing, milestones
4 Director or CAE approval required
1 Table with Priority Rating and brief description of each observation; brief narrative of overall insights
QA & Wrap Up
- QA checklist must be completed within 30 days of final report issuance
- Issues/Observations and Management’s Corrective Action Plans input to audit management software for follow-up testing.
- must be completed within 30 days of final report issuance
- Shared folders (Teams, Box, Dropbox) to facilitate document sharing from client must be deprovisioned and closed, with all evidence supporting the audit opinion stored in Onspring. If approval to maintain a collaboration tool location has been received from Audit leadership, all non-Audit employees must be deprovisioned and access removed.
- Testing procedures on audit findings from final report
- Status of findings reported to Audit, Compliance, and Risk Committee in Board of Visitor materials