Search Search

Audit Process

Audit Services and Institute Compliance

The Audit Process

 

What should I expect...
The following information is intended to familiarize the audit customer with the audit process.

Planning
During the planning process, the auditor gains an understanding of the area to be audited. This includes interviewing key personnel, reviewing relevant policies and procedures and, if available, reviewing prior audit work papers. A risk assessment matrix is created documenting key risk areas, the controls implemented to mitigate the risk, the probability and impact of the risk and the planned audit steps.

Entrance Conference
An entrance conference is scheduled to discuss the purpose and objectives of the engagement, introduce audit and customer personnel and provide management with the proposed timetable of the audit.

Fieldwork
During the audit fieldwork, the auditor will test the adequacy and effectiveness of the internal control environment for the specific audited area. The nature of the work includes interviews, sample selection, sample testing against the criteria and documentation of the results.

Progress Meetings
During the audit, progress meetings are held to keep the customer apprised of any potential observations and the status of our review.

Draft Audit Report
A draft report is prepared and distributed to management to verify factual content.

Exit Conference
At the conclusion of fieldwork, an exit conference is held to discuss the audit observations and recommendations prior to finalization of the audit report.

Management Responses
Management prepares a response detailing their corrective action plan, including estimated completion dates.

Final Audit Report
A final report is issued integrating management's responses. The report is distributed to the responsible management and other senior business officials.

Customer Survey
After the engagement is complete, ASIC will send a survey requesting the customer to provide feedback on the performance of the audit team.

Follow-up Audit
ASIC will schedule a follow-up audit twelve to eighteen months subsequent to issuance of the original audit report to determine the status of management's corrective actions.

Follow-up Report
A follow-up report is issued to document the status of management's corrective actions.