If your audit department has a Quality Assurance Program, how are you selecting audits to review? Additionally, does anyone complete horizontal reviews, e.g. doing a full-scope review of the issue management process, scoping process, work papers, etc.? If so, how are you going about sampling or selecting for the years QA reviews?

Auditing & Logging
4.2k views1 Upvote8 Comments
Sort By:
Oldest
Director of Finance in Consumer Goods8 months ago
For Quality Assurance Audit, we have a UAT( User Acceptance Testing) and SOX compliance which looks after SLA/KPI's timelines and error free accounting and reporting. If standards are met it passes out Quality Assurance Program.
1
India Head and Director of Global Finance Shared Services in Hardware8 months ago
One should conduct a thorough risk assessment to identify potential areas of risk within the organization. This involves understanding the business processes, identifying vulnerabilities, and assessing the impact of potential risks. One should take inputs from key stakeholders, including management on areas that should be included in the audit scope. This ensures that the audit addresses relevant concerns and covers high risk areas. The high-risk areas should be in audit scope every year. The medium ones once in 2 years and low risk ones can be covered once in 3 years so that all processed of your organization get covered in a cycle of 3 years. 
1 1 Reply
Audit Practices Senior in Banking8 months ago

Thank you! Yes we currently do this with our audit planning (actual audits we are going to test). We are more looking for a way to scope from that plan into our Quality Assurance and Improvement Program testing. Historically we have done this based on resources (getting a good sample of resources throughout the year), but are looking into maybe doing this a different way. I think we might try to go through a risk assessment of the processes in the department to see if there are higher risk processes that we can scope from a horizontal perspective (e.g. issue management, scoping, testing workpapers, etc.) vs. doing full scope on a single audit.

1
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Vice President - Internal Audit and Enterprise Risk Management in Healthcare and Biotech8 months ago
We select approximately 15% of our audits to review per year, and utilize a combination of judgmental and random selection, to ensure thorough coverage across all of our team.  Our review covers the complete audit life cycle from risk assessment/planning through the issuance of the final audit report.  We don't currently include issue management, although will be assessing and updating our program to incorporate the requirements from the new standards.
2 1 Reply
Audit Practices Senior in Banking7 months ago

Great to hear. Currently, we are also benchmarking for 15% of the audit plan for full-scope QA reviews. We are currently looking to expand our reach into some other ways of doing things to maybe save time and resources. I appreciate your input!

1
SVP Corporate Audit in Energy and Utilities7 months ago
We have a 3 stage approach.  At the end of each audit the auditees receive a satisfaction questionnaire which asks about the process, the communication throughout the audit, and the quality of the findings and recommendations.  In addition the VP of each area goes through a quality gate with the auditor at the end of each audit to get and give feedback on the quality of the audit, reviewing the working papaers and how they relate to the eventual findings.  Finally twice a year all executives are asked to complete an iNPS rating for the department as a whole.
1
Team Lead Quality Assurance in Energy and Utilities7 months ago
1 completed audit per quarter and making sure that all lead auditors were selected for QA for the year. We leveraged the IIA QA Manual to assess the performance standards from planning, execution, reporting and follow up. 
1

Content you might like

In your internal audit reports, do you provide an overall conclusion (opinion)? If so, what is your process or methodology? And what are the categories that you use for e.g. overall high risk or unsatisfactory.

Auditing & LoggingFinance
Information Security Manager in Insurance (except health)3 months ago
No. We rate individual findings on a low, medium to high-risk scale. We have a methodology to rank these.
1 Reply
Read More Comments
1.5k views6 Comments

The audit industry has faced significant criticism due to various audit failures, conflicts of interest, and lack of transparency. Is it time to change the way audit firms work entirely?

Auditing & LoggingFinanceFinancial Management

Yes71%

No11%

Not sure17%

View Results
1.3k views2 Upvotes2 Comments

We would like to benchmark the time spent on "other activities" within our Internal Audit department (financial services sector). These activities make up 20% of our time spent each year. They include: team meetings, professional practices/QAIP, data analytics, issue follow-up, regulatory issue validation, strategic initiatives, risk assessment, and continuous monitoring.  Can you please share approximately how much of your department's time is spent on such activities? 

Business ApplicationsPeople & LeadershipAuditing & Logging+2 more
Finance Manager in Bankinga month ago
For auditors we model 20-25%. We also have a dedicated function within our unit that is devoted to professional practice and digitalization. It includes about 6 or 7 FTEs
1 Reply
Read More Comments
607 views1 Upvote3 Comments

What does your Audit Final Report look like today?

Auditing & LoggingKPIs, Metrics & Reporting

Flat document (PDF, Word...)88%

Dashboard12%

Other (please comment below)

View Results
2.9k views

For an audit, what is your department's expectation/KPI to have an audit report finalized and issued after fieldwork is complete/closing meeting with management is done? ( i.e. 21 days?  45 days? etc). 

Financial ManagementKPIs, Metrics & ReportingAuditing & Logging+1 more
Finance Manager in Bankinga month ago
We’re currently modeling about 45 days, but we’re working on shortening our durations. Our kpi for delivery is 150, but our moonshot is 120 average. We’re looking into creative ways to bring our duration down.
1 Reply
245 views2 Comments