The Audit Process:
Working Together for the Best Result
Internal Audit strives to involve our clients in every stage of the audit process. The audit process works best when client management and Internal Audit have a solid and constructive working relationship based on clear and continuing communication. This not only ensures that there are no surprises, but also results in a better finished product. We view that finished product not as simply the final audit report, but the improved business processes that management chooses to implement as a result of our recommendations. Although every audit is unique, the audit life cycle is similar for most engagements and normally consists of the following stages:
A draft audit plan is developed annually based on a University-wide analysis of auditable entities, their inherent level of business risk, and input provided by senior management. Risk factors included in the analysis may include financial, compliance, public relations, physical security, health and safety, and other factors. These factors drive the frequency and intensity of audit activity in the proposed plan, which is presented to the Finance and Audit Committee of the Board of Visitors for comment at their annual June meeting. Any feedback from the committee is incorporated into the plan and it is resubmitted to the Committee for final approval at their annual August meeting.
This phase includes gathering information about your processes and reviewing and evaluating the existing business processes and internal controls. It may involve written requests for information as well as formal interviews.
This part of the process consists of informal communications and examination of transactions, documents, and records with the purpose of confirming that the controls established by management exist and are working as documented in the System Understanding phase.
The written report includes an overall assessment of the client’s control structure, recommendations to management (including the anticipated benefits and basis), and management’s action plan. Internal Audit works closely with its clients to refine the wording of the final report before it is issued to ensure it reflects the collaborative nature of the audit process.
Audit performs a limited follow-up review of any significant new or updated business processes to verify the completion of the action plans and report their completion to executive management and the Finance and Audit Committee of the Board of Visitors. The timing of this review is based on the time frames included in management’s action plans as included in the final report.
Internal Audit is continuously looking for ways to improve the audit process and the effectiveness of our services to the University community. At the completion of each audit, Internal Audit sends a link to an electronic Client Survey to key leaders of the client organization. The survey asks for specific feedback about the audit process and management's experiences with the audit team.
Contacting Internal Audit
Internal Audit is located at
North End Center, Suite 3200.
If you have questions, please
contact the department at
(540) 231-5883 or email@example.com.
System Understanding and Documentation
University Internal Audit | Virginia Tech
firstname.lastname@example.org | (540) 231-5883 | North End Center, Suite 3200, Virginia Tech | MC 0328 | Blacksburg, Virginia