Professional Documents
Culture Documents
Bank Audit Plan
Bank Audit Plan
PRESENTATION TO AUDIT
COMMITTEE
(Date)
TABLE OF CONTENTS
2
INTERNAL AUDIT PLAN - OVERVIEW
The audit plan was developed using a risk based audit approach. Utilizing experience and
understanding of the bank’s operations as well as industry knowledge, internal audit identified
auditable areas, performed a risk assessment for each of these areas, and assigned each of these a
risk rating of high, medium or low.
Internal audit considered the following factors, as well as knowledge of the bank, in determining the
risk rating for each auditable area:
• Discussions with bank management, which provided insight regarding issues and risks in the
auditable areas.
• Potential impact that the auditable area may have on the financial position of the bank.
• Other environmental factors, such as past audit results, changes in personnel and operations,
past and current emphasis by regulators, and future business strategies.
This risk assessment process will be performed on an ongoing (at least annually) basis to ensure
changing risk factors, including losses, operational changes or turnover, are continually monitored.
A cycling approach to the internal audit plan was used, whereby high-risk areas are audited on an
annual basis, and medium- to low-risk areas are audited over a 18- to 24-month cycle.
RISK MAP - ABC BANK
High
• Disaster Recovery
• Treasury/Investments/ALM
• Commercial Lending
• Central Services
• Finance
• Internet Conn./Firewall
• IT Applications
• New Product Development
• Community Reinvestment Act
• Real Estate Lending
• Software Licensing
• Commercial Business Lending
• Logical Security/Security Admin.
• SBA Center
• IT Telecommunications
• Operations Support
• Small Business Lending
• Local Area Network
Significance
Low Risks
• Branch Network
• Loan Administration Dept.
• Financial Products
• Marketing/Promotions
• Human Resources/Payroll
• Credit Administration
• Appraisal Department
• Facilities
Low
IV III
High
Low
4
SUMMARY AUDIT PLAN
5
SUMMARY FOCUS OF AUDIT EFFORT DURING PRIOR
AND CURRENT YEARS
1800
1589
1600
1400
1200
1200
Hours
1000
800
800
650 650
600
600 550
470 450 470
400 400
400 300 260
200 160200 200
200 150 150 150
100
0 0
0
k l s
i ng ur
y
or gy ns ro
l
or
y
ct
s
ct tio
n ed ns
nd s w lo io y t u
oj
e et io
a et no at a ul
a
od tra g at
Le Tr
e N h e r
s/
P
eg P r Pr in
i s ud tig
& h ec O
p
ce R al i al nb
ve
s
e a nc n
T d ur ci ec d m /U In
nc Br tio li ze es
o an S p A i ck
na a tra Fi
n
g/
S
Fi rm n
R
fo e an ni
n
In C um ai
H Tr
6
SIGNIFICANT CHANGES IN AUDIT PLAN FROM PRIOR
TO CURRENT YEAR
As is depicted on the preceding page, the following summarizes the most significant changes seen in the audit plan
for this year versus last:
Greater emphasis on lending activities, including centralized documentation unit, based on risk
1 assessment process
Significant re-allocation of time from branch network to centralized/back office operational activities
2 based on our risk assessment process. For branch network, focus to be on high-risk activities,
including branch losses, wire initiation, etc.
4 Reduced administration time, as well as no allocation for training, vacation or sick leave
7
INTERNAL AUDIT SCHEDULE
1ST QUARTER 2ND QUARTER 3RD QUARTER 4TH QUARTER
DESCRIPTION
Jan Feb Mar April May June July Aug Sept Oct Nov Dec
Branch Network
Branch 1
Branch 2
Branch 3
Branch 4
Branch 5
Branch 6
Branch 7
Branch 8
Business Processes/Operations
Treasury/Investments/ALM
Real Estate Lending
Central Services
Commercial Business Lending
SBA Center
Human Resources/Payroll
Centralized Documentation Unit
Finance/Accounting/Accounts Payable
Operations Support
Community Reinvestment Act
New Product Development
Follow-Up on Significant Issues
Discretionary To be determined……
8
INTERNAL AUDIT SCHEDULE (CONTD.)
9
INTERNAL AUDIT SCHEDULE – REGULATORY
COMPLIANCE
Federal/state regulations reviewed as part of the audit plan
As part of our review of the identified business processes and retail branches, internal audit will integrate
compliance testing of the following regulations:
DESCRIPTION Reg B Reg CC Reg D Reg DD Reg E Reg X Reg Z CRA OFAC
Branch Network
Business Processes/Operations
Real Estate Lending
Commercial Business Lending
SBA Center
Centralized Documentation Unit
Small Business Lending
Central Services
Community Reinvestment Act
Internal audit will coordinate with ABC Bank’s compliance officer when determining the scope and degree of work to
be performed for compliance-related issues.
10