Professional Documents
Culture Documents
Communication is an integral part of any assurance engagement and occurs throughout the
engagement process. During the course of performing an assurance engagement, the internal
audit function communicates routinely and regularly with the key individuals in the area subject to
audit. Much of this communication is done via email and in face-to-face meetings or on conference
calls. The purpose of these communications is to discuss observations as they are identified during
the engagement. This allows the internal audit function to make sure the facts are accurate and
also initiates dialogue regarding the best method of remediation for identified observations. When
an observation calls for immediate attention, interim communication allows it to be brought to the
attention of the appropriate individuals in a timely manner and increases the likelihood of prompt
resolution. The internal audit function will use the information gathered during these interim
communications to finalize the observations that will ultimately go into the final communication and
to formalize management’s action plan for inclusion in the final communication.
The internal audit function must confirm preliminary facts and conclusions with
appropriate management representatives of the area that was covered by the
engagement before it is distributed in its final form. This can be accomplished in
many ways, but it is most commonly done through a formal meeting with
management, typically referred to as an exit interview or closing conference,
followed by a draft of the final communication in whatever form it will take.
As part of this process, the internal audit function meets with appropriate
management representatives from the area covered by the engagement and
confirms agreement with preliminary observations and conclusions discussed
throughout the engagement. This allows all parties to review what is anticipated
to be contained in the formal engagement communication and provides a inal
opportunity for resolving any potential misunderstandings. Additionally, it
provides the management of the area that was the target of the assurance
engagement with a way to present their thoughts and planned actions regarding
the items to be covered in the final engagement communication and give
feedback regarding how well the engagement team executed the assurance
engagement
A primary difference between an assurance engagement and a consulting
engagement is that in an assurance engagement, three parties are involved:
1) the person or group directly involved Final Communication with the
process, system, or other subject matter -the auditee, 2) the person or group
making the independent assessment - the internal audit function, and 3)
internal audit function informs the person or group relying on the independent
assessment - the user. A consulting engagement, on the other hand, typically
involves only two parties: l) the person or group seeking and receiving the
advice - the customer, and 2) the person or group offering the advice - the
internal audit function. Because the results contained in the final assurance
engagement communication will be used by someone other than the auditee
(for example, the audit committee), it is imperative that the communication be
concise, comprehensive, and accurate.
DISTRIBUTE FORMAL AND INFORMAL FINAL
COMMUNICATIONS