views
Preparing to Write an Audit Report
Understand the basic goals of all audit reports. Before delving into the specifics of writing an audit report, it is important to have a broad view of the major objectives of all audit reports. Having these in mind as you delve into the technicalities of writing a report will make sure your report does what it is supposed to do. Illustrating non-conformities: The main goal of any audit report is to illustrate where the organization does not conform with whatever standard, rule, regulation or objective that it is supposed to. It is important to clearly identify the non-conformity, as well as the standard it does not conform to. It is then important to demonstrate which evidence you used to confirm the non-conformity. The goal is that each non-conformity will contain enough information so that the receivers of the audit report can change it. Outlining positives: An audit report should not just include negatives. This is especially true for compliance reports, and operational audits. This allows the organization to focus on areas that are working and apply these to other areas. For example, if you are conducting a compliance audit to ensure an organization meets training requirements, you may say, "The audit reveals the current training program has exceeded requirements on-time and on-budget". Opportunities for improvement: Beyond indicating things that are not conforming to requirements (non-conformities), it is important to also indicate high-risk areas, or areas that may be in compliance but are at risk of eventually not complying, or could be improved.
Think about who will be reading the report. Who will be reading your report, and what is their scope of knowledge on the language you will use? An audit report is an official record of an audit project, so it will likely be returned to in later years for re-audits. Tip: Make sure to define all the terms and abbreviations you use, as the standard forms of communication have potential to change.
Learn the different types of audit. An audit is considered an official examination to verify that proper policies and procedures were followed, and therefore, an audit can take many forms. Financial Audit: This is the most commonly known form of audit and refers to the systematic review of a company's financial reporting to ensure all information is valid and conforms to GAAP standards. Operational Audit: An operational audit is a review of an organization's usage of resources to ensure those resources are being utilized as efficiently and effectively as possible to accomplish the mission and goals of the organization. Compliance Audit: A compliance audit is performed to determine if an organization or program is operating in according with laws, policies, regulations, and procedures. Investigative Audit: These are typically commissioned when there is an assumed violation of rules, regulations, or laws, and may involve a blend of all the previously mentioned types of audit.
Learn the types of audit opinions. If you are writing a financial audit report, for example, it is important to understand there are four basic types of opinion that can be expressed. Which opinion you express affects the tone, structure, and organization of an audit report, and the type of opinion you express is determined by the results of the audit. Other types of audits (like operational and legal audits) can use the same types of opinions. A clean opinion is used if an entity's financial statements are a clear representation of an entity's financial opinion. A qualified opinion is used when there were scope limitations on the auditor's work. Scope limitations are restrictions on the audit caused by the client or other events that do not allow the auditor to complete all aspects of his or her audit procedures. An adverse opinion is used if financial information was misstated. A disclaimer opinion can be triggered by several different situations. For example, the auditor may not be independent or there are concerns with the auditee.
Beginning Your Report
Know the style of audit reporting before you begin. There are certain style guidelines you need to follow for any audit report, so make sure you know what these principles are before you begin to write. Provide perspective for the reader, giving a fair balance of the positive and negative results of the audit. Be precise, and avoid redundant phrasing and inexact terminology. In interest of clarity, opt for shorter sentences over longer ones. A limit of 15 to 18 words is recommended in business writing. Also, avoid intensifiers like clearly, special, key, and reasonable as these lack precision. Do not use passive voice. Passive voice can be difficult to read. Instead of saying "No irregularity of operation was found" say "The audit team found no evidence of irregularity." Use bullet points, which break up difficult information and make it clearer for the reader. Use gender neutral terms. Do not use audit buzzwords. Buzzwords are ambiguous, overused phrases like "generally improved," "significant risk," and "tighten controls."
Outline your audit report. Before you begin writing, read the results of the audit and make an outline for yourself based on all the sections you will need. A standard outline is comprised of headings, marked by Roman Numerals, and subsections that use letters, numbers, or lowercase Roman Numerals. Pick and organizational strategy that works for you and go from there. For example, if you are auditing the processes for a particular department of an organization, you may consider breaking the department up into several key sections and reporting findings that way.
Write your Introduction. The introduction overviews information about the audit area, and informs the reader of any background they might need to know before reading the full report.
Follow with the Purpose and Scope Methodology. This section provides information about the audit and should answer the following questions, as well address the methodology used in the audit: Why was the audit conducted? What was included and not included in the audit? What was the time period audited? What were the audit objectives?
Continue onto the Statement on Auditing Standards. This audit is a basic disclaimer people will look for to make sure the audit was conducted correctly. The Statement on Auditing Standards should say the report was conducted according to government standards.
Write the Executive Summary. This is an overview of the audit results. It should present overall conclusions and recommendations related to the Purpose and Scope Methodology. This section must include: A brief description of what was audited, objectives, scopes, and time periods. Statements of significant action plans. Overall statements of concerns and conclusions. Overall audit report rating.
Writing Your Results and Recommendations
Write an opening statement for your findings/recommendations section. An audit report typically ends with results from the audits and recommendations for improving the entity audited. Results and recommendations are the foundation of a good report. Before you begin writing this section, provide a brief opening statement that outlines the information you will be providing.
Understand condition, criteria, cause, and effect. The findings of your audit report are reliant on these terms, and understanding and addressing them in each finding is key to a good report. Criteria is an explanation of management goals and the standards use to evaluate the program, function, or activity audited. Condition is how effectively department management is meeting goals and/or achieving standards. Goals can either be fully achieved, partially achieved, or not achieved. Cause is a statement on the reason things have gone well or poorly. Possibilities include inadequate procedures, procedures not being followed, poor supervision, or unqualified employees. Effect states the result of the conditions, in quantifiable terms. Is the effect increased risk or exposure? Is it monetary cost? Is it poor performance? This should be addressed when you cover effect.
Make effective recommendations. As an auditor, your final task is making recommendations for improvement for the entity audited. They should be listed together under a lead statement such as "We recommend that the department director:" Remember to do the following while writing your recommendations: Be positive. Focus on what is going right at the moment, and how the good aspects of the entity can be applied in ineffective areas. Be specific. Be very clear as to what specific aspects do not adhere to protocol, and to what concrete steps could be potentially implemented to ensure compliance. Identify who should act. Does the company need better employee performance or should management be picking up the pace? Make clear who needs to make changes. Keep recommendations brief. Be succinct - only include details that are necessary to your point.
Follow proper format. When you are polishing up your audit report to send to management, make sure to follow proper format before you send it out. Include a cover page. The cover page should be three or four lines, and outline the subject of the audit report and the type of audit. A memo should follow the cover page. The memo should be one or two short paragraphs overviewing who and what was audited, who has received or is receiving the report, and plans for future distribution. A table of contents follows the memo, and it contains a catalogue of chapters, page numbers, sections, and suggestions of the audit. The report should be written in plainly-worded, non-technical language and use proper grammar and paragraph organization. Reports are organized by chapters, each with a title, and by sections and subsections, each marked with a heading. Headings should go from general to more specific.
Comments
0 comment