GAGAZA, VERONICA M.

CBET-503E

CHAPTER 2 – Objectives and Phases of Operational Audits

Keywords and Reflection:
1. Risk Assessment
It is under the ‘planning’ phase of operational auditing, wherein Internal Auditing
identify and analyze the likelihood and potential impact of various risks to the
organization. This process generates a strategic plan, impacting company operations for
management use, and enables the CAE to create an audit plan. The latter identifies what
the internal audit function will review based on available resources and the needs and
priorities of the organization.
Risk assessment should be done collaboratively with senior management and the
board of directors. This is done to get their input about plans, concerns, and priorities
regarding the accounting systems in use, defining the scope, objectives, work schedule,
and budget for the engagement. It is a significant step in order for the auditors to facilitate
the execution of audits later on.
2. Document Inspection
It is one of the many ways to collect evidence by reviewing documents. It is
performed by auditors to verify the date and amount of transactions, agreements made
between various parties, evidence of authorizations, and record of decisions made,
among others. Internal evidences consist of Invoices produced, reports such as
production, inventory, and time sheets, policy statements and procedures
documentation. External, on the other hand, consists of invoices received, bank
statements confirmation statements, certificates of insurance, credit reports, and
financial statements.
I considered this process to represent the chapter 2, because as objectivity says,
auditors’ works must have corresponding evidences at all times. These documents are
solid facts that supports the claim of auditing department. It prevents mistakes in
financial statements, and worst—fraud.
3. Reporting
This is the 3rd phase of operational audit. It includes communicating of findings,
observations, and best practices noted during the review, and developing
recommendations for corrective action. The most common used model is the CCCER—
which stands for Criteria, that answer the question of ‘what should exist or occur’,
Condition or ‘what actually exists’. The third C refers to the Cause—wherein the auditor
 tells why the ‘condition’ is different from the criteria. Effect or the impact of the condition,
and lastly, Recommendation to correct the condition.
Moreover, internal auditors should quantify their findings by including amounts,
values, time since when the condition has been occurring, how many individuals or
organizations are affected, the age of assets involved, and do on. Lastly, findings are often
discussed first with owners and relevant stakeholders before the actual report. It is done
to prepare their response and discuss corrective measure immediately.

Definition of Terms:
CAE – Chief Audit Executive
References:
Murdock, H. (2016). Objectives and Phases of Operational Audits. Operational Auditing:
Principles and Techniques for A Changing World. (pp. 36-37, 43, & 54-56). CRC Press.
(2015). Risks Assessment Process. Western Illinois University. Retrieved from:
http://www.wiu.edu/internal_auditing/value_added_audit_services/risk.php