Prepare a comprehensive audit plan.

Prepare a comprehensive audit plan.

Clearly state the purpose of the report early.

What has happened in the past and what do we want to happen in the future?

Be clear, logical, and complete in your analysis.

• What is the business background and context of report?

What is the environment and business conditions surrounding the purpose of this report?

Remember the role of internal audit and understand the difference between controls and tests of controls. this is about putting together a full internal audit plan, analyzing a particular business, analyzing the business processes, the risks, what controls might be in place for those particular risks and then how could you as internal auditor test some of those controls

consider these concepts from the perspective of a Chief Audit Executive, beginning with the planning phase of an audit engagement.

Please use the following imaginary organizations to prepare a comprehensive audit plan.

Your audit plan must include the following:

1. An overall assessment of the organization including its mission, vision, 3 core values, and 4 objectives (one objective from each of the four categories).

2. Understanding of the 5 most important business processes the organization utilizes to achieve its objectives.

3. Create a process map and/or process narrative for each business process (5 total).

4. Identify which financial statement accounts are impacted by this business process (at least two FS accounts per business process).

5. Identification of 2 risks associated with each business process. You may utilize a generic risk model to determine these risks, or simply brainstorm.

6. A formal risk assessment of the company's 10 risks within a risk matrix (see right) and accompanying documentation on how the CAE assessed the impact and likelihood of each risk. (why is it a probable/impactful risk? or why not?)

7. A formal risk response/control (that the imaginary company has implemented) for each risk that reduces the risk to an acceptable level. This risk response should include distinction between preventative/ detective and manual/automated controls. *These risk responses would be executed by the specific functions of the organization, not by the internal audit group.*

8. Finally, you will select an appropriate audit procedure for the internal audit team to review the risk response/control that has been completed by management. This can be a manual or CAT procedure.

Pleas include information about the interviews that must be conducted, documents to collect, and timing of the audit procedures that we've discussed in Chapter 10.

9. As part of the audit planning, please discuss at least 3 resource management considerations we discussed in Chapter 9 and 13, such as your department's organizational structure, staff obligations, knowledge base of staff, training/mentoring opportunities, career planning & exposure, and financial budgets.

My Audit plan.

Sam's Snacks: Sam's is a midsize, publicly traded snack food manufacturer based in the United States.

The company prides itself on selling a wide variety of high-quality cookie and cracker snack items.

Sam's directly markets its merchandise through food retailers. It currently has production facilities and distribution centers in the United States, Canada and Europe. Sam's recently purchased XYZ Company, a manufacturer of protein and energy bars, and is exploring further growth opportunities in new markets in the coming years.

Required

• Organization's mission, vision, 3 core values are clearly outlined/documented and make sense for the chosen imaginary business.
• identifies one of the organization's objectives in each of the following categories: organization: strategic, operational, reporting, and compliance for a total of four objectives.
• identifies 5 business processes that are crucial to the operations of the business and includes a SPECIFIC process map or narrative for each process. Process maps are clear, logical, and include a key to identify the symbols used. Student demonstrates thoughtful analysis of given business processes.
• includes the major financial statement accounts impacted by each distinct business process. At least two accounts should be identified for each business process.
• identified at least two risks for each business process that are logical & relevant to the business process.
• outlines all ten risks identified within a risk matrix with a written explanation for the assessed impact and likelihood of each risk included.
• makes appropriate logical conclusions in terms of the impact and likelihood of each risk.
• determines a formal risk response/control that will reduce the risk to an acceptable level.
• identifies each control as preventative or detective, as well as manual or automated.
• Student determines an audit testing procedure for each of the ten risks identified and distinguishes the type of procedure, manual/CAAT nature, and relevant documentation, questions, and timing of testing throughout the engagement.
• The plan includes 3 (imaginary) resource management considerations that a CAE would consider when planning an engagement, i.e. Budget, Schedules, staffing, etc.
• The audit plan is organized clearly, free from error, and grammatically correct. Process maps are easy to read. Overall, the student has put together a professional piece of writing that is at least 2,500 words.