SKIP TO PAGE CONTENT Scroll to Top

Audit Process

  PDF this page

Annual Audit Planning

The five steps of the process show in a continuous circle that revolves around stakeholder input

1. Data Gathering and Analysis

Analyze objectives, performance measures, actual performance results, prior assessments, risk events, complaints, open issues, action plan status, recent and coming change, regulations, emerging risks, industry trends, management focus, etc.

2. Perform Annual Risk Assessment

Top-down with the President's Cabinet, middle-up with process/function management.

3. Assess Resources

Current audit skill sets, capacity, current firm and flexible commitments, budget. 

4. Draft Annual Audit Plan

Based on risk and resource assessments, develop the annual internal audit plan. Confirm with the CFO, then the President. Adjust as reasonable.

5. Approve Annual Audit Plan

Obtain Audit & Investment Committee approval. Communicate the approved plan to President's Cabinet. Work with Cabinet members to schedule audits. Post the Internal Audit plan to lee.edu. Email copies of the audit plan to State of Texas offices per regulation. 

Individual Audit Phases

Planning

  • Announce the audit to the department leader
  • Hold a kick-off meeting
  • Identify contacts
  • Work with the department to:
    • Understand its purpose, objectives, performance measures, current performance, activities; e.g., what, why, where, when, how, who
    • Identify potential risks and controls
    • Finalize audit objectives, scope and timing
  • Develop the specific audit program

Fieldwork

  • Execute the audit program
  • Document work performed
  • Regularly communicate progress and potential risk issues to the department
  • Discuss and confirm risk issues, ratings, and management responses
  • Draft risk issues for department response

Reporting

  • Draft the Audit Report
  • Confirm the draft with the department
  • Obtain formal management response(s), action plan owner(s) and target date(s)
  • Present the draft to the department's President's Cabinet member for input
  • Issue the final audit report within Lee
  • Email final report copies to State of Texas offices per regulation

Monitoring

  • Update the Issue-Action Plan database
  • Periodically request the department provide an update on action plan progress
  • Perform procedures to assess action plan status and completion
  • Regularly report action plan progress to senior management and the Audit and Risk Committee
  • Escalate unresolved risk issues and lagging action plan completion in accordance with Lee's risk escalation standards