Business
Fact-checked

At WiseGEEK, we're committed to delivering accurate, trustworthy information. Our expert-authored content is rigorously fact-checked and sourced from credible authorities. Discover how we uphold the highest standards in providing you with reliable knowledge.

Learn more...

What are the Different Audit Steps?

Carol Francois
Carol Francois

There are four different audit steps followed in every financial or system audit: planning and risk assessment, testing of internal controls, substantive procedures, and finalization. The purpose of these audit steps is to provide a standard process that is used in every audit. In most organizations, an audit is conducted by the internal audit department or an external auditing or accounting firm.

Planning and risk assessment audit steps are typically conducted before the fiscal year end and are used to gather information. The auditor takes the time to learn about the industry, regulations, accounting policies, and information systems. During this stage, many auditors work from a remote location, as most of this information is available from independent sources.

The fieldwork phase of the auditing process is the hands-on review of financial and operational information by auditors.
The fieldwork phase of the auditing process is the hands-on review of financial and operational information by auditors.

In order to effectively plan the audit, the overall scope must be evaluated and documented. A standard financial audit is limited in scope to transactions that occurred in the current period and is often completed at a summary level. The number of transactions and dollar values are used to determine the upper and lower bounds that will be used to set the audit values. The industry, strength of internal controls, and any issues raised by management determine the risk assessment for the audit.

In most organizations, audits are conducted my external accounting firms.
In most organizations, audits are conducted my external accounting firms.

One of the most important of all the audit steps is the process of testing the internal controls. These processes and procedures are used to ensure that proper approvals are in place before payment is made or transactions entered in the system. The primary method of internal control testing is to randomly select transactions and check the source documentation. If a random selection from a representative sample finds controls were weak or missing, then the sample size must be increased.

The primary method of internal control testing is to randomly select transactions and check the source documentation.
The primary method of internal control testing is to randomly select transactions and check the source documentation.

Substantive procedures is the actual process of collecting physical evidence of transactions and verifying the value posted to a specific account is supported by actual documents. This aspect of the audit is the most time consuming and is very detailed work. The account selected for this type of review varies, but is typically one that tracks a range of high and low dollar value activity.

The last stage of the audit is finalization. This is the creation of a report to management that summarizes all the procedures used to conduct the audit, the result of the various processes, and supporting documentation. Audit reports have a variety of formats or layouts used, depending on the audience. For example, most banks require audited financial statements when applying for a business loan. They often have a preferred format, making the comparison and review a simpler process.

Discussion Comments

ceilingcat

I would personally hate having to follow all these audit procedure steps to do an internal audit of a company. I think it makes a lot more sense to hire an outside auditor to come in and do the audit.

Yes, you would have to give them some time to learn about your industry and processes. However, I think you would probably get more honest results from an outside auditing firm rather than internal auditors that work with the company every day.

Pharoah

@Azuza - I didn't know that every audit followed the same steps either. I also didn't think there would be so many steps! I thought an audit would just be looking at financial transactions and making sure everything matched up. I didn't know that auditors actually did a control audit to check the internal controls!

However, I guess it kind of makes sense to do this during an audit. Because that way, if something doesn't match up, you would at least have a start to investigating what went wrong.

Azuza

I always hear about audits, but I had no idea that every audit followed the same internal audit steps. I always thought it might be different for different industries, or maybe different steps if you were doing an audit that spanned a large amount of time versus a small amount of time.

However, I guess it's easier on people who perform audits to have the steps stay the same. Because even if you have to learn about a new industry, at least you already know the steps to doing the actual audit. I imagine this saves some time!

Post your comments
Login:
Forgot password?
Register:
    • The fieldwork phase of the auditing process is the hands-on review of financial and operational information by auditors.
      By: Kirill Kedrinski
      The fieldwork phase of the auditing process is the hands-on review of financial and operational information by auditors.
    • In most organizations, audits are conducted my external accounting firms.
      By: Sharpshot
      In most organizations, audits are conducted my external accounting firms.
    • The primary method of internal control testing is to randomly select transactions and check the source documentation.
      By: Arto
      The primary method of internal control testing is to randomly select transactions and check the source documentation.