AUDIT MANAGEMENT

AND
RECORDS MANAGEMENT
AUDIT MANAGEMENT
I. INTRODUCTION
Audit management refers to the process of
planning, organizing, and overseeing audits
within an organization. It involves the systematic
examination and evaluation of an organization's
financial records, operational processes, and
internal controls to ensure compliance with
applicable laws, regulations, and industry
standards.
Purpose of Audit
Management
1. Enhancing Financial Integrity: Audit
management ensures the accuracy and
reliability of financial statements by examining
and verifying financial records. This helps in
maintaining the integrity of financial information
and providing assurance to stakeholders.

2. Compliance with Laws and Regulations: Audit

management ensures that an organization
complies with applicable laws, regulations, and
industry standards. It helps identify any non-
compliance issues and provides
recommendations for corrective actions.
Purpose of Audit
Management
3. Risk Identification and Mitigation: Through
audit management, potential risks and
vulnerabilities within an organization's
operations and financial processes are
identified. This enables proactive measures to
be taken to mitigate risks and prevent potential
losses or fraudulent activities.

4. Improving Internal Controls: Audit

management evaluates the effectiveness of an
organization's internal controls. It helps identify
weaknesses or gaps in controls and provides
recommendations for strengthening them. This
improves the overall efficiency and effectiveness
Purpose of Audit
Management
5. Stakeholder Confidence and Trust: Effective
audit management enhances stakeholder
confidence and trust in the organization. It
provides assurance that the organization's
financial statements are reliable and accurate,
which is crucial for shareholders, investors,
lenders, and regulatory bodies.

6. Continuous Improvement: Audit management

facilitates a culture of continuous improvement
within an organization. It identifies areas for
improvement, highlights best practices, and
provides recommendations for enhancing
processes, controls, and overall performance.
Purpose of Audit
Management
7. Legal and Ethical Compliance: Audit
management ensures that an organization
operates in a legal and ethical manner. It helps
identify any potential ethical breaches or
fraudulent activities and provides
recommendations for addressing them.

Audit management is to emphasize its role in

promoting transparency, accountability, and
good governance within an organization. It helps
organizations identify and address risks,
improve processes, and build trust with
stakeholders.
Overview of Audit
Process
 II. Audit Objectives and
Scope
1. Financial Statement Reliability: This involves verifying that
the financial statements are prepared in accordance with the
applicable accounting standards and fairly represent the
organization's financial position, results of operations, and cash
flows.

2. Compliance with Laws and Regulations:This includes

ensuring adherence to accounting principles, tax regulations, labor
laws, environmental regulations, and other legal requirements
applicable to the organization's operations.

3. Detection of Fraud and Errors: They perform procedures to

assess the risk of fraud, evaluate the effectiveness of internal
controls, and gather evidence to identify any fraudulent activities
or significant errors.
 II. Audit Objectives and
4. Scope
Assessment of Internal Controls: This involves assessing
the reliability of the internal control system in preventing and
detecting errors, fraud, and non-compliance. The objective is to
provide recommendations for improving internal controls and
minimizing risks.

5. Assurance to Stakeholders: The audit process aims to

provide assurance to stakeholders, such as shareholders,
investors, lenders, and regulatory bodies, regarding the reliability
and credibility of the organization's financial information.

6. Operational Efficiency and Effectiveness: In some cases,

audits may also focus on assessing the efficiency and
effectiveness of an organization's operational processes. This
includes evaluating the utilization of resources, identifying areas
for improvement, and providing recommendations to enhance
operational performance.
 Key areas to be Audited
1. Financial Statements: Auditors thoroughly examine an
organization's financial statements, including the balance sheet,
income statement, cash flow statement, and statement of
changes in equity.

2. Revenue and Receivables: Auditors review the organization's

revenue recognition policies and procedures to ensure that
revenue is properly recorded, recognized, and measured.

3. Expenses and Payables: Auditors examine the organization's

expense recognition policies and procedures to ensure that
expenses are properly recorded and classified.

4. Cash and Bank Accounts: Auditors verify the accuracy of

cash and bank account balances by reconciling them with bank
statements and examining supporting documentation. They
assess the adequacy of cash management controls and evaluate
the organization's compliance with cash handling policies.
 Key areas to be Audited
5. Inventory and Fixed Assets: Auditors assess the existence,
valuation, and ownership of inventory and fixed assets. They verify
physical counts, review valuation methods, and assess the
adequacy of controls over inventory management and fixed asset
acquisition, use, and disposal.

6. Internal Controls: Auditors evaluate the design and

effectiveness of an organization's internal controls. This includes
assessing controls over financial reporting, IT systems,
segregation of duties, authorization and approval processes, and
safeguarding of assets.

7. Compliance with Laws and Regulations: . This includes

reviewing tax compliance, labor laws, environmental regulations,
contractual obligations, and other legal requirements relevant to
the organization's operations.
 Key areas to be Audited
8. Risk Assessment and Management: Auditors evaluate the
organization's risk management processes, including the
identification, assessment, and mitigation of risks. They assess the
effectiveness of risk management controls and provide
recommendations for improving risk management practices.

9. Corporate Governance: Auditors assess the organization's

corporate governance practices, including the effectiveness of the
board of directors, audit committee, and internal audit function.
They review governance policies, ethical standards, and the
organization's commitment to transparency and accountability.

These are some of the key areas that auditors typically focus on
during an audit. The specific areas audited may vary based on the
industry, regulatory requirements, and the specific objectives of
the audit engagement.
III. Audit Planning
III. Audit Planning
Resources and Team
Members Involved in Audit
1. Audit Team: This includes the individuals responsible for
conducting the audit.

2. Audit Manager: The audit manager oversees the entire audit

process and ensures that it is conducted effectively and
efficiently.

3. Audit Program: An audit program is a detailed plan that

outlines the specific procedures and steps to be followed
during the audit.

4. Audit Documentation: This includes all the records, working

papers, and evidence gathered during the audit.

5. Audit Tools and Technology: These may include data

analytics software, electronic workpapers, audit management
Resources and Team
Members Involved in Audit

6. Internal Resources: The organization being audited may

provide internal resources to support the audit process. These
resources can include financial staff, IT personnel, legal
advisors, and other relevant personnel who can provide
necessary information and assistance to the audit team.

7. External Experts: In some cases, auditors may need to

engage external experts or specialists to assist with specific
areas of the audit. For example, they may consult with tax
experts, valuation specialists, or industry-specific consultants
to obtain specialized knowledge or opinions.

It's important to note that the specific resources and team

members involved in an audit can vary depending on the
nature and scope of the audit, as well as the size and
IV. Risk Assessment
 Key Risk and their potential
Impact
1. *Financial Misstatements:*
- *Potential Impact:* Misstated financial statements can lead to
inaccurate financial reporting, affecting the organization's credibility
and compliance with regulatory requirements. It may also impact
decision-making by stakeholders.

2. *Internal Control Weaknesses:*

- *Potential Impact:* Weak internal controls increase the risk of
fraud, errors, and mismanagement. This can result in financial losses,
reputational damage, and legal consequences for the organization.

3. *Compliance Risks:*
- *Potential Impact:* Non-compliance with laws and regulations may
lead to fines, legal actions, and damage to the organization's
reputation. It can also affect relationships with regulators and other
stakeholders.

4. *Business Operations Risks:*

- *Potential Impact:* Disruptions in business operations, whether
 Key Risk and their potential
Impact
5. *Cybersecurity Risks:*
- *Potential Impact:* A breach in cybersecurity can result in data
loss, financial theft, and reputational damage. It may also lead to
legal actions and regulatory penalties.

6. *Market Risks:*
- *Potential Impact:* Fluctuations in market conditions, such as
changes in interest rates, currency exchange rates, or demand for
products/services, can impact the organization's financial
performance and competitiveness.

7. *Strategic Risks:*
- *Potential Impact:* Poor strategic decisions or changes in market
trends may lead to decreased market share, financial losses, and
long-term negative impacts on the organization's competitive
position.
 Key Risk and their potential
Impact
8. *Human Resources Risks:*
- *Potential Impact:* Issues related to workforce management, such
as talent retention, succession planning, and compliance with labor
laws, can affect organizational performance and employee morale.

9. *Reputation Risks:*
- *Potential Impact:* Negative publicity, whether due to ethical
lapses, product recalls, or other factors, can harm the organization's
reputation, leading to loss of customers, partners, and investors.

10. *Third-Party Risks:*

- *Potential Impact:* Dependence on external vendors, suppliers,
or partners introduces risks related to their financial stability,
compliance, and operational reliability. Failures in these areas can
disrupt the organization's operations.
Audit Procedure
 Audit Procedure to be
Performed
1. *Vouching and Tracing:*
- Vouching involves selecting transactions from the
financial records and tracing them back to supporting
documents, such as invoices or contracts, to verify their
occurrence and accuracy. Tracing, on the other hand,
involves selecting supporting documents and tracing them
forward to the financial records to ensure completeness.

2. *Bank Reconciliation:*
- Auditors perform bank reconciliations by comparing the
organization's bank statements with its accounting records.
This helps identify any discrepancies, such as unrecorded
transactions or errors, and ensures the accuracy of cash
balances.

3. *Inventory Observation:*
- Auditors physically observe and count the organization's
inventory to verify its existence, condition, and valuation.
 Audit Procedure to be
Performed
4. *Accounts Receivable Confirmation:*
- Auditors send confirmation requests to the organization's
customers to verify the accuracy and completeness of
accounts receivable balances. This procedure helps confirm
the existence of receivables and identifies any potential
discrepancies or disputes.

5. *Fixed Assets Verification:*

- Auditors physically inspect and verify the existence,
condition, and valuation of the organization's fixed assets.
They also review supporting documentation, such as
purchase invoices and depreciation schedules, to ensure
proper accounting treatment.

6. *Analytical Procedures:*
- Auditors perform analytical procedures by comparing
financial data, ratios, or trends over time, as well as
benchmarking against industry standards. This helps identify
Audit Procedure to be
Performed
7. *Substantive Testing of Revenue and Expenses:*
- Auditors select a sample of revenue and expense
transactions and perform detailed testing to verify their
accuracy, completeness, and proper recognition. This may
involve examining supporting documents, such as sales
invoices or expense receipts.

8. *Review of Internal Controls:*

- Auditors assess the design and operating effectiveness of
internal controls by reviewing policies, procedures, and
control documentation. They may also perform tests of
controls to evaluate their implementation and effectiveness.
 Audit Procedure to be
Performed
9. *Management Inquiry and Observation:*
- Auditors interview management and key personnel to
gain an understanding of the organization's operations,
internal controls, and financial reporting processes. They may
also observe control activities being performed.

10. *Review of Legal and Regulatory Compliance:*

- Auditors review the organization's compliance with
applicable laws, regulations, and contractual obligations. This
may involve examining legal documents, contracts, and
correspondence with regulatory authorities.
 Communication and
Reporting

Communication and reporting are

essential aspects of the audit process.
They involve effectively conveying
audit findings, conclusions, and
recommendations to the relevant
stakeholders.
Key elements of Communication and
Reporting
1. *Planning Meeting:*
This ensures alignment and clarity between the auditor and the auditee.

2. *Interim Communication:*
- Throughout the audit, auditors may have regular meetings or
communication with management to provide updates on the progress,
address any issues or concerns, and seek additional information or
clarification as needed.

3. *Audit Findings and Conclusions:*

The findings should be supported by appropriate evidence and
documentation.

4. *Audit Report:*
The report is usually issued to the organization's management and board of
directors.
Key elements of Communication and
Reporting
5. *Management Letter:*
- This letter provides detailed recommendations for improving internal
controls, operational efficiency, and compliance.

6. *Exit Meeting:*
- After the audit report and management letter are issued, auditors often
hold an exit meeting with management to discuss the findings,
recommendations, and any follow-up actions required. This meeting allows
for clarification, discussion, and agreement on the audit outcomes.

7. *Follow-up Communication:*
This ongoing communication ensures that the audit recommendations are
effectively implemented.

8. *Confidentiality and Ethical Considerations:*

- Auditors must adhere to strict confidentiality and ethical standards when
communicating and reporting audit findings. They should ensure that
sensitive information is appropriately protected and that the communication
is objective, accurate, and unbiased.
Follow-up and Corrective
Action
Follow-up and corrective
action are important steps in
the audit process to ensure
that identified issues and
recommendations are
addressed appropriately
 Overview of the follow-up and
corrective action process:
1. *Management Response:*
- After receiving the audit report and management letter, management
should carefully review the findings and recommendations. They should
provide a formal response addressing each point raised by the auditors.
The response should indicate whether management agrees or disagrees
with the findings and outline the actions they plan to take.

2. *Action Plan Development:*

- Based on the management response, an action plan should be
developed to address the identified issues and implement the
recommended improvements. The action plan should include specific
tasks, responsible individuals, timelines, and measurable objectives.
 Overview of the follow-up and
corrective action process:
3. *Implementation of Corrective Actions:*
- Management should execute the action plan by
implementing the necessary corrective actions. This may
involve making changes to internal controls, processes,
policies, or procedures. It is important to assign
responsibilities, monitor progress, and ensure that the
actions are carried out effectively and in a timely manner.

4. *Monitoring and Review:*

- Auditors may conduct follow-up procedures to monitor
the implementation of corrective actions. This may involve
reviewing documentation, conducting interviews, or
performing additional testing. The purpose is to verify that
the actions taken are adequate and have effectively
addressed the identified issues.
 Overview of the follow-up and
corrective action process:
5. *Reporting on Follow-up Actions:*
- Auditors may issue a follow-up report or letter to
management, summarizing the status of the corrective
actions and their assessment of the implementation. This
report may include any remaining concerns or outstanding
issues that need to be addressed.

6. *Management Communication:*
- Throughout the follow-up process, management should
communicate with the auditors to provide updates on the
progress of the corrective actions. They should address any
challenges or delays encountered and seek guidance or
clarification if needed.
 Overview of the follow-up and
corrective action process:

7. *Closure and Final Reporting:*

- Once the corrective actions have been implemented and
verified, the audit process can be considered closed.
Auditors may issue a final report or letter to management,
acknowledging the completion of the corrective actions and
providing any final recommendations or suggestions for
improvement.
RECORDS MANAGEMENT
 Learning Outcomes:

 Controlling and dealing with confidential

information and documents.
 Controlling, evaluating and ordering and
distribution of office stationery.
 Implementing control measures with
individuals.
 Record Management

 Defining Record Management

 Records management, or RM, is the practice of maintaining the
records of an organization from the time they are created up to
their eventual disposal.

 A record can be either a tangible object or digital

information:

 Eg. birth certificates, medical x-rays, office documents,

databases, application data, and e-mail.
What record Management
involves

 planning the information needs of an

organization
 identifying information requiring capture
 creating, approving, and enforcing policies
and practices
 developing a records storage plan,
 identifying, classifying, and storing records
 Coordinating access to records
 Executing a retention policy on the disposal
of records
CONFIDENTIAL
INFORMATION
 Key concept of record management.

 Confidential Information" means any non-

public information pertaining to company's
business or an individual.

 Workplace confidentiality can be defined as keeping

the employee, customer and client information private.

 Eg. client records,

 business planning and forecasting,
 employee records,
 research and development information.
IMPORTANCE OF
CONFIDENTIALITY AT WORK

 information could be misused to commit

fraud
 The client or the customer can file legal
suits against the organization
 it can lead to discrimination in the
workplace
 Professionalism
 Safety and Security
 MAINTAINING
CONFIDENTIALITY AT
 WORKPLACE
Employees should exercise discretion while interacting with their fellow
colleagues.

 Employee must refrain from sharing information that the

organisation considers sensitive.
 The HR department must devise such policies and procedures that
ensure complete workplace confidentiality.

 Employee confidentiality training through hand-outs, seminars, and

workshops,

 educate employees about the consequences of breach of

confidentiality.

 secure data using advanced or sophisticated electronic methods such

as firewalls, password protection, encryption, etc.

 strict laws regarding disposal of sensitive information.

 SECURING DOCUMENTS

Securing documents involves:

 Store them properly.
 Records must be stored in such a way that they are accessible and
safeguarded
against environmental damage
 Maintain confidentiality.
 Dispose them the proper way
 Destruction of records ought to be authorized by law, statute,
regulation, or operating procedure, and the records should be disposed
of with care to avoid inadvertent disclosure of information .
 CONFIDENTIAL SHREDDING

 destroying a large amount of documentation

for security reasons.
 Most companies may have a small machine in the
office for casual use but when it comes to dealing
with tonnes of paper then the services of a
professional firm may well come in useful
Importance of shredding
documents

 Protect your business, employees and your

customers from
identity theft.

 Breaches of confidentiality are avoided.

 Help the environment by selecting secure

shredding over landfill.

 With mounting costs for the disposal of waste,

you can ensure
cost savings
 Defining stationery

 Office stationeries are those expendable items

which are necessary for and consumed in the
daily operations.

Examples:
 office forms,
 letter-heads pads,
 envelopes,
 pencils,
 pens, erasers,
 pins, tags, files and folders.
Why do we need to control office
stationary.

 Excessive Investment
 Wastage
 Inferior Quality and High
Price
 Disorderly Arrangement
 Deterioration
 Policies on controlling office
stationary

 Encourage employees to reduce the paper work.

 Lay strict rules of not taking home the office

stuff.

 Recycle stuff

 Check on the inward and outward movements of

stationery inventory .

 Order stationery in bulk..

DEVELOPING EFFECTIVE SHRINKAGE CONTROLS FOR
AN ORGANISATION.

Shrinkage
 the loss of inventory that can be attributed to
factors including employee theft, shoplifting,
administrative error, damage in transit etc.

 Shrinkage is the difference between recorded

and actual inventory.

 Also defined as Inventory recorded on a

company's books but
not on hand, due to theft, loss or accounting
error.
 MAJOR SOURCES OF INVENTORY
SHRINKAGE

 Employee Theft

 Shoplifting

 Administrative
Error

 Vendor Fraud
EFFECTIVE SHRINKAGE CONTROLS IN
A COMPANY

 Heightened Security

 Management Focus

 Merchandise control:

 Standardizing the existing policies and

procedures:

 Clearly defined roles for the security

personnel:

 Quality control:

 Ground staff training:

DOCUMENTATION USED FOR THE CONTROL OF
STATIONERY

 Stock Requisition
 Pick and Issue
 Stock Issue Confirmation
 Over the Counter
 Stock Return
 Inventory Adjustment
 Physical Inventory Purchase
Input
 Managing office stationery.

 Take inventory of what stationery the office already

has.
 Ask people what types of stationery they currently
use and how much they estimate they'll use’

 compare the master list of what people will need to

the list of what stationery is already available

 Consider reusing stationery that is only partially

used.

 Choose where to purchase the stationery supplies by

comparing prices.
 Set aside a space to store the office stationery.
 inventory control methods

 Min-Max
System.

 Two-Bin
System.

 ABC Analysis.

 Order-Cycling
System.
 Defining a report

 any informational language made with the intention

of relaying information or recounting certain
events.

 are documents which present focused, salient

content to a specific audience.

 Reports are used in government, business,

education, science,
and other fields.
 Where are business reports
used

 Business reports are required in

disciplines such as

 accounting, finance,

 management,

 marketing and

 commerce.
 REPORTS COMPILED USING
CURRENT
INFORMATION

 INCIDENT
REPORT

 EXPENSE
REPORT

 AUDIT
REPORT
 INFORMATION SOURCES IN
AN ORGASINATION

 sickness absence
data

 productivity data

 Staff turnover
 SOURCES OF
INFORMATION
 PRIMARY INFORMATION - data from an original source
document.

 SECONDARY INFORMATION- information from a source

other than the original.

 INTERNAL INFORMATION -information sources from

within the organisation,

 EXTERNAL INFORMATION -information from beyond

the
boundaries of the organisation.
 TYPES OF REPORTS IN
PROFESSIONAL
COMMUNICATION

Progress Reports
 informs readers of the status of a project-in-progress. Its
primary informational mission is to Informing the reader of the
status of the project and Presenting preliminary findings

Periodic Reports
 reports generated periodically, either on a regular schedule,
such as annual performance reviews, or when necessary, such
as trip reports.

Presentation Reports
 Refers to the hand-outs surrounding an oral presentation
(or the PowerPoint files themselves) used in place of
interim reports and sales proposals.
 REPORT TEMPLATE/FORMAT

 THE TITLE PAGE

 ACKNOWLEDGMENTS
 THE SUMMARY ABSTRACT/ THE
EXECUTIVE SUMMARY
 THE TABLE OF CONTENTS
 THE LIST OF FIGURES, TABLES,
ILLUSTRATIONS
 THE INTRODUCTION
 THE BODY
 THE CONCLUSION
 RECOMMENDATIONS
 REFERENCES
 APPENDICES
 What are the benefits of good
record keeping?

 help you work more efficiently

 enable you to meet legal obligations applicable

to your work

 protect your rights as an employee

 enable review of processes and decisions

 help research and development activities

 Enable consistency and continuity in your

organisation.
 Reports recording table or
template:

 The purpose of the report

 Regular recipients

 Frequency of distribution.

 Date when the report written

 Department in which the report

is from
 Information source form

 from whom it is obtainable

 when it is available

 its level of confidentiality

 And to whom it should be

returned.