Audit Planning
A Risk-Based Approach
IIA (Institute of Internal Auditors) Series

More now than ever before, auditing is in the spotlight; legislators, regulators, and top executives in all types of businesses realize the importance of auditors in the governance and performance equation. Previously routine and formulaic, internal auditing is now high-profile and high-pressure! Being an auditor in today's complex, highly regulated business environment involves more than crunching the numbers and balancing the books-it requires ensuring that appropriate checks and balances are in place to manage risk throughout the organization.

Designed to help auditors in any type of business develop the essential understanding, capabilities, and tools needed to prepare credible, defensible audit plans, Audit Planning: A Risk-Based Approach helps auditors plan the audit process so that it makes a dynamic contribution to better governance, robust risk management, and more reliable controls.

Invaluable to internal auditors facing new demands in the workplace, this book is also a "hands-on" reference for external auditors, compliance teams, financial controllers, consultants, executives, small business owners, and others charged with reviewing and validating corporate governance, risk management, and controls.

The second book in the new Practical Auditor Series, which helps auditors get down to business, Audit Planning: A Risk-Based Approach gives new auditors principles and methodologies they can apply effectively and helps experienced auditors enhance their skills for success in the rapidly changing business world.

Preface.

List of Abbreviations.

Chapter 1: Why Risk-Based Audit Planning?

Introduction.

Risk-Based Audit Planning Model: Phase One.

Risk-Based Audit Planning Model: Phase Two.

Risk-Based Audit Planning Model: Phase Three.

Risk-Based Audit Planning Model: Phase Four.

Risk-Based Audit Planning Model: Final.

Summary.

Chapter 2: Basic Planning Techniques.

Introduction.

Basic Planning Model: Phase One.

Basic Planning Model: Phase Two.

Basic Planning Model: Phase Three.

Basic Planning Model: Phase Four.

Basic Planning Model: Final.

Summary.

Chapter 3: Using the Corporate Risk Register.

Introduction.

Corporate Risk Register Model: Phase One.

Corporate Risk Register Model: Phase Two.

Corporate Risk Register Model: Phase Three.

Corporate Risk Register Model: Phase Four.

Corporate Risk Register Model: Final.

Summary.

Chapter 4: The Annual Audit Plan.

Introduction.

Annual Audit-Planning Model: Phase One.

Annual Audit-Planning Model: Phase Two.

Annual Audit-Planning Model: Phase Three.

Annual Audit-Planning Model: Phase Four.

Annual Audit-Planning Model: Final.

Summary.

Chapter 5: Engagement Planning.

Introduction.

Engagement Planning Model: Phase One.

Engagement Planning Model: Phase Two.

Engagement Planning Model: Phase Three.

Engagement Planning Model: Phase Four.

Engagement Planning Model: Final.

Summary.

Chapter 6: Project Management.

Introduction.

Project Management Planning Model: Phase One.

Project Management Planning Model: Phase Two.

Project Management Planning Model: Phase Three.

Project Management Planning Model: Phase Four.

Project Management Planning Model: Final.

Summary.

Chapter 7: Keeping the Accent on Risk.

Introduction.

Risk Focus Model: Phase One.

Risk Focus Model: Phase Two.

Risk Focus Model: Phase Three.

Risk Focus Model: Phase Four.

Risk Focus Model: Final.

Summary.

Chapter 8: A Holistic Approach to Risk-Based Audit Planning.

Introduction.

Holistic Risk-Based Audit-Planning Model: Phase One.

Holistic Risk-Based Audit-Planning Model: Phase Two.

Holistic Risk-Based Audit-Planning Model: Phase Three.

Holistic Risk-Based Audit-Planning Model: Phase Four.

Holistic Risk-Based Audit-Planning Model: Final.

Summary.

Appendix A: Applying an RBAP Diagnostic Tool.

Index.

K. H. SPENCER PICKETT is course director in internal auditing at the National School of Government in Berkshire, England. He is in charge of training programs for auditors based on the IIA examinations and various audit skills workshops. He has authored or coauthored several books including Auditing the Risk Management Process, Auditing for Managers: The Ultimate Risk Management Tool, Internal Control: A Manager’s Journey, The Internal Auditor at Work: A Practical Guide to Everyday Challenges, Financial Crime Investigation and Control, and The Internal Auditing Handbook, Second Edition (all from Wiley).