Internal Audit Engagement Planning

Determine priorities of the internal audit and plan the timing and scope of audit procedures and resources



Competency Area

Internal Audit


Identify components of engagement planning

Identify relevant frameworks, guidelines and standards to be applied in the engagement

Identify stages of the engagement and various stakeholders involved

Support conduct of preliminary survey and risk assessment

Develop audit procedures and programme based on engagement objectives and scope

Conduct preliminary survey and risk assessment to understand the audit environment, including key business risks and controls

Determine audit areas to address the risks identified

Develop work programmes

Revise audit programmes based on risks identified

Determine objectives and scope with consideration given to risk assessments, staff and other resources

Develop and document risk-based audit plans, objectives, scope, timing and resource allocations

Identify sources of potential engagements through risk framework

Review audit engagement objectives and scope to ensure they address the risks identified

Review and approve audit engagement programs

Revise audit plans based on business rollout plans for new technology applications

Review and approve audit engagement plan

Evaluate completeness and relevance of risk assessments

Review and approve audit engagement plans

Evaluate the relevance and the prioritisation or focus of the audit plans and their alignment with internal audit and organisational strategies

Assess whether audit plans sufficiently cover the scope, address key risks and consider expectations of senior management and board

Establish key performance indicators to measure the progress and performance of each initiative against expectations