Introduction to Audit Planning

Audit planning is a process of deciding in advance what is to be done, who is to do it, how it is to be
done and when it is to be done by the auditor in order to have effective completion of work meaning
that all possible audit risks are identified.
Audit planning is a major part of audit works for both internal and external audits. A good audit planning
will help the auditor to minimize audit risks, improve audit efficiency, and meet its objective at the
minimum effort.
Auditors are required to prepare a correct audit strategy and a proper audit plan to ensure that all audit
risks are identified. This will help the auditor to minimize the risk of issuing the incorrect opinion to
financial statements.
We divide the audit plan into four main important parts according to the international standard on
auditing:

1. Pre-audit activities: Getting knowledge of client's business, which includes financing, legal
framework, government norms, investments, accounting policies, business risk and financial risk.

2. Development of audit strategies or overall plan (who, when and how)

The audit strategy sets out in general terms how the audit is to be conducted and sets the scope, timing
and direction of the audit. The audit strategy then guides the development of the audit plan.
Our audit strategy is a summary of objectives, needed resources, and risks. The audit strategy doesn’t
have to be complicated or long; it can be a short memo. Consider it as the big picture. Following are the
areas we cover in an audit strategy:
Define audits to be performed and Break them down by function or department.
Perform risk assessment, like what are the risks within the organization to be addressed? and
then Prioritize the identified internal audits to be executed.
Designate resources, like who will work on each audit; and Define timeline of the audit.
Review results of the past audits, and List the risks encountered in the prior year.
Review and list the anticipated risks in the current audit.
Record references to work papers addressing the relevant risks.

3. Audit Activities: Preparation of audit plan (or audit program).

Now we need to develop a detailed plan to satisfy the demands of the strategy—this is the audit plan.
The audit program links back to the identified risks and points forward to the substantive procedures
and test of controls.
Creating the Audit Program
How—in a practical sense—do we create the audit programs? Most auditors tailor the prior
year audit programs. That works—as long as we revise them to address the current year risks.
Audit programs are not—at least, they should not be—static documents. Even so, the current
year audit program can be the same as last year—as long as the risks are the same.
In a more theoretical sense, we need to:
  Give detailed scope and objectives for the audit.
 Make sure that we have key reports, policies, and procedures for the function being
audited.
 Make sure that we have access to the systems to properly evaluate the functions.
 Record in detail what data or information is to be tested with each function.
Ensuring Sufficient Audit Steps
How do we know if we have adequate audit program steps? Look at your risks of material
misstatement (RMM)—which are assessed at the assertion level (e.g., completeness). Audit
steps should address all high and moderate RMMs.
Integrating Risk Assessment with the Audit Program
Put the relevant assertions next to each audit step—this makes the connections between the
RMMs (at the assertion level) and the audit steps clear.
Creating Efficiency in the Audit Plan
Once you complete your risk assessment work, you want to ask, “Which is the more efficient
route? Testing controls or performing substantive procedures.” Then go with your instincts.
There you have it—the creation of the audit strategy and the audit plan. Your strategy includes
the risks, needed resources, and objectives. And your audit program contains the tactical steps
to address risks. Now for the final step, you audit plan should be reviewed to resolve any
conflicts.
4. Review Audit Plan and Set-Up Planning Meetings
Within an organization, the Board or Audit Committee provides oversight of the planned audit. It is
important to get input from the Board or Audit Committee, and organization management, while
reviewing the audit plan to ensure all considerations and risks have been taken into account. After the
audit plan has been reviewed, then initial planning meetings with key business points of contact can be
scheduled. It is important that personnel within the business functions that are to be involved in each
audit be notified in advance and made aware of the audit purpose and objectives so that they can
prepare as well.

Conclusion

Audit planning is a critical part of audit works and performing the correct audit plan could be the factors
that lead to the success of audit engagement. The key areas to be included in the plan are:

Properly identified the audit engagement purpose.

Conducts proper risks assessments including risks of error and fraud.
Properly assess the resources requirement.
Correctly identified report requirement and timeline.
Properly assess the conflict of interest.