AUDIT PROGRAMME

Audit programme
After the conclusion of preliminary survey, the auditor has a fair idea of the audit objectives and the control systems. At this stage the audit programme should be made providing the proposed procedures, budgeting and basis for controlling the audit. It outlines the steps to achieve the objectives of the audit within the defined scope The audit programme will prevent the auditor from going off the scope pursuing irrelevant items and help in completing the audit project in an efficient manner.

Things to be considered while preparing audit programme

Needs of potential users of the audit report. Legal and regulatory requirements Management controls Significant findings and recommendations from previous audits that could affect the current audit objectives. Also determine whether corrective action has been taken and earlier recommendations implemented. Potential sources of data that could be used as audit evidence and consider the validity and reliability of these data. Consider whether the work of other auditors and experts may be used to satisfy some of the audit objectives. Provide sufficient staff and other resources to do the audit Criteria for evaluating areas under audit.

Framing the programme:

Review the results of preliminary survey with audit supervisor The audit team holds a meeting with the audit supervisor to decide on the priority / high risk areas and tests to be conducted. Provide a general overview of the auditee's operations. Include in the narrative statistical and monetary information, locations, authority, staffing and main duties and responsibilities. The programme should consist of detailed directions for carrying out the assignment. For each segment of the audit the programme should (1) state the risks that must be covered in that segment; (2) the controls that exist or that are needed to protect against the indicated risk; (3) state the work steps required to test the effectiveness of those controls, or set forth the recommendations that will be required to install needed controls; and (4) provide space for referencing the related audit work papers. Prepare draft audit programme and document transaction flows.

 Audit programmes should be consistent. Some organisations may have standardised audit programmes. It should contain an estimate of the time necessary to complete the project Number the audit programme steps consecutively. Have the final programme reviewed by Audit supervisor and Audit manager. All major changes must be documented in writing and the reason documented. A well constructed programme provides:

 plan for each phase of the work that can be communicated to all audit personnel concerned A means of self control for the audit staff assigned A means by which the audit supervisor/manager can review and compare performance with approved plans Assistance in training inexperienced staff members and acquainting them with the scope, objectives, and work steps of an audit. Assistance in familiarizing successive audit staff with the nature of work previously carried out.

 The audit programme should contain a statement of the objectives of the area being reviewed. These objectives would be achieved through the detailed audit programme procedure. Objectives should fit within the overall scope of the audit. Every audit procedure should help answer one of the objectives and every objective should be addressed in the procedures or steps. The tests have to be designed in such a manner that they achieve their objectives. Use imagination, ingenuity and intelligence in creating audit steps responsive to objectives. The goals should be made amply clear by prefacing major steps with : to test whether . . .; or, to determine that . .

Time Budget
At the planning phase an estimated time budget should be prepared to control the audit and complete it efficiently. The detailed project time budget should be completed at the conclusion of the preliminary review. The time budget should be approved by the audit manager and audit administration. This budget will include all time necessary to complete the audit, from assignment through issuance of the final report. A portion of the budgeted time should be allocated to planning. Adequate planning is essential for effective audit. However, care should be taken that not too much time is spent on that activity. The time budget should be broken down into the following general categories: Planning - initial planning, preliminary survey, audit programme Fieldwork - allocated to the various segments of the audit project Audit report and wrap-up - audit manager's review, quality assurance review, report writing and editing, report review, auditee's review, exit conference, etc. Preparation and Approval - The project time budget should be prepared by the audit manager and approved by audit administration Any revisions to the project time budget should be discussed with audit administration at the earliest and when approved by audit administration, documented. Planning should continue throughout the audit. Audit objectives, scope, and methodologies are not determined in isolation. They have to be determined together, as the considerations in determining each often overlap.

Audit Evidence
Evidential matter obtained during the course of the audit provides the documented basis for the auditor's opinions, findings, and recommendations as expressed in the audit report. A. Types of audit evidence Evidence may be categorized as physical, documentary, testimonial, and analytical. a. Physical evidence is obtained by auditors' direct inspection or observation of people, assets, or events. Such evidence may be documented in memoranda, photographs, charts, or physical samples. b. Documentary evidence consists of created information that may be internally or externally generated. Some examples are letters, contracts, accounting records, invoices, and management reports. c. Testimonial evidence is obtained through inquiries, interviews, or questionnaires. d. Analytical evidence includes computations, comparisons, and rational arguments.

 Test of Evidence Internal auditors are obligated by professional standards to collect sufficient, competent, relevant, and useful information to provide a sound basis for audit findings and recommendations. Evidence is sufficient if there is enough of it to support the auditors' findings. It would be also be sufficient if it can persuade a reasonable person of the validity of the findings. When appropriate, statistical methods may be used to establish sufficiency. Evidence used to support a finding is relevant if it has a logical, sensible relationship to that finding. Evidence is competent to the extent that it is consistent with fact (that is, evidence is competent if it is valid). Auditors should get written representations from the officials of the auditee on the evidence provided. Written representations ordinarily confirm oral representations given to auditors, indicate and document the continuing appropriateness of such representations, and reduce the possibility of misunderstanding

 The sufficiency, competence and relevance of evidence depends on the source of information. This would include data collected by auditee, third party or the auditor . Data gathered by auditors: This would include auditors own observations and information collected through interviews, questionnaires, surveys and calculations.The design of these methods and the skill of the auditors applying them are the keys to ensuring that these data constitute sufficient, competent, and relevant evidence. Data Gathered by the Auditee :When data gathered by auditee is used as evidence , the auditor has to test the reliability and validity of the data. If the entitys internal control systems test the data for accuracy and validity, then the auditor needs to check whether internal controls are functioning. The nature and extent of testing of the data will depend on the significance of the data to support auditors' findings. In case the auditor is not satisfied for any reason the auditor may : seek evidence from other sources use the data and indicate the limitations.

 Data Gathered by Third Parties evidence may also be received from third parties. In most cases the auditor will not get chance to test its validity and accuracy. Data from computer based information systems: Auditors have to determine the accuracy and reliability of data from computer based systems either by testing the data or by testing the effectiveness of general and application controls over computer-processed data, and these tests support the conclusion that the controls are effective.