Internal Audit, Risk & Compliance
Georgia Southern University

Audit Process

Each engagement consists of three phases.  The three major phases and subsequent steps of the audit process are as follows:

Planning
  • Perform campus engagement risk assessment.
  • Assign resources and staff to engagement.
  • Notify executive leadership of engagement.
  • Perform engagement risk assessment with input from the client, management, and audit team members.
  • Develop audit scope and objectives
  • Prepare audit program
  • Hold entrance conference

Field Work
  • Develop and perform detailed testing
  • Document and evaluate processes and controls
  • Interview client staff members
  • Perform other audit procedures to meet audit objectives
  • Review work papers for completeness and accuracy
  • Evaluate audit evidence and develop conclusions
  • Communicate with client on an ongoing basis

Reporting
  • Document strengths and opportunities for improvement
  • Communicate with client management regarding audit results
  • Develop recommendations
  • Prepare draft report
  • Obtain management’s plan of action to address issues (if necessary)
  • Prepare final report
  • Evaluate audit performance
  • Obtain engagement feedback from audit client
  • Follow up on implementation of action plans (if necessary)

 

Last updated: 7/24/2018

Internal Audit, Risk & Compliance • PO Box 8038 Statesboro, GA 30460 • 912-478-1652