How to Develop an Overall Audit Plan to Mitigate Risks?
RICHARD GUDOI, Member
@CHARLES A.C. DALMEIDA
: Really this is another area where all of us go and find gaps, yet we don't contribute or add value to the investors expectations.
The issue is when you want to follow audit plans for risk mitigation, How do you go about it? Here's a generic way forward:
- Understand the firm's objectives, its performance history.
- Find out its ways of performing tasks and duties and to achieve such outputs and outcomes.
- Find out if the operational managers and directors are knowledgeable about their duties, understand staff compliments and job profiling.
- Perform risk profiling, ranking the risks for each department. How do you do this? Get policy documents for each department and together with all of them rank the risks in agreement with the departmental heads.
- Therefrom, rank these risks according to your professional outlook.
- Include these ranked risks in your audit plan to be discussed with your CEO
- Get it to the audit committee for final discussion.
- Then implement your annual audit risk based audit plan.
The process is long, tough and enough to draw attention, especially in the value for money audit or operational auditing and fraud risk management.