Shared Resources​

Shared Resources


Risk Mitigation Strategy Monitoring

Reposting this on behalf of our community member Jen who kindly shared this document with everyone. This document provided comprehensive risk mitigation strategy monitoring. The template is designed by specifically for a NGO project.

Read More →

Agile Auditing FAQ Document

This document was prepared by Karl Sousa and EJ Manalang as part of the Agile Auditing virtual event they led here on Auditopia on August 3, 2021. It lists some FAQ on the topic and answers to questions from community members that we didn’t get to address in the event.

Read More →

SAP SOD on P2P Process Document Flow

This worksheet shared by Claire Worledge was used in the virtual event “Segregation of Duties Audits in SAP”, where we did hands-on practical exercises to check for Separation Of Duties issues in the Purchase To Pay document flow in SAP systems. When we check for SOD issues in a document flow, we not only look at risks relating to who has access to what; but we look at who has actually done what during the period. But even more than that, when we look at a document flow, we can see risks relating to specific documents in terms of user access. For example, I create a purchase order, and then I create a goods receipt for that purchase order and then I create an invoice for that goods receipt, and even the payment for the invoice. When we identify such cases, we are identifying risks that are much more “real” than only looking at who has a separation of duties conflict based on their access.

Read More →

Excel Model to Compute Who Has Violated User Access In SAP

This spreadsheet shared by Claire Worledge was used as the first practical exercise in the virtual event on Thursday July 22nd, 2021 “Segregation of Duties Audit in SAP”. In this spreadsheet we see the methodology followed in order to check who has violated user access, based on the general ledger header table. Normally, this process would be done in a data mining tool (ACL, IDEA, SQL, Alteryx, QLIK), however, here we show it in Excel, for the purpose of understanding the process and to help those of you that don’t have access to any of the above tools.

Read More →

SAP SOD: Who Did What List Of Tables And Fields

This list of tables and fields shared by Claire Worledge includes those that were used in the virtual event on July 22nd, 2021 “Segregation of Duties Audit in SAP”. Here we list the SAP tables that help us to determine “who did what” during the period, either in the general ledger, purchase to pay or order to cash.

Read More →

SOD Matrix For SAP

This a basic SOD matrix for SAP transaction codes. Claire Worledge shared this resource as part of the virtual event “Segregation of Duties Audit in SAP” that she took the lead in on July 22nd, 2021.

Read More →

Internal Controls Questionnaire

The internal control questionnaire (ICQ) includes questions that auditors can use to evaluate a company’s internal controls. This document helps internal and external auditors determine whether a company complies with the internal control system requirements standards.

Read More →
writing, write, person

Workpaper use to track audit findings

I have use this workpaper in the past to track the status of my audit findings

Read More →
Screen Shot 2021-06-14 at 9.05.10 PM

List of Remote Audit Tools & Resources!

Hi all, In the spirit of the Successful Remote Internal Audits community event, please share tools and resources you find really helpful in remote internal audits here. Add them as comments and I’ll compile them in a spreadsheet and attach it here. Add your favorite tool(s) / resource(s) along with a brief description of what you use them for and why they’re really helpful. You can also indicate if it’s a free resource or a paid one if you like (but it’s not required). Let’s get the brainstorming started!

Read More →
virtual learning, online, learn

Remote Internal Audit

This document highlights some key aspects to take into consideration to successfully execute remote audits

Read More →

Template Risk Matrix

Risk-based audit plans utilize a systematic process to evaluate, identify, and prioritize potential audits based on the level of risk. This risk matrix is used in the planning phase of an audit and compliments an audit program.

Read More →
risk image

Risk Assessment Template

A concise, high-level summary of the risk related to a business initiative, for example, deploying a new system, setting up a new partnership, the business units involved, what the project or change is and what the objective is of the project/ change.

Read More →
fraud image

Reference Guide For Enhanced International Due Diligence

A resource guide for enhanced international due diligence when auditing third-party entities.

Read More →

Inventory Audit Work Program

This resource is an Audit Program that can be used by internal audit functions to perform Store Audit Testing.

Read More →

Quarterly Control Certification

This resource is a questionnaire that can be used by internal audit functions to gather client information around potential changes to control processes throughout the audit year.

Read More →

Audit Report Template

Could you please share an example of internal audit report?

Thank you so much,

Read More →

How to Audit Operational Risk Management – Second Line of Defense

I am looking for examples of how the audit departments are performing audits of Operational Risk Management challenges, risk appetites, resources to perform the challenges, technology tools, etc.

Read More →

Opening Meeting Checklist

This resource is an opening meeting checklist template that can be used by internal audit functions for all audit projects.

Read More →

Internal Audit Survey

This resource is an Internal Audit survey that can be used by internal audit functions to obtain feedback from management on each respective audit project.

Read More →

Internal Audit Skills Questionnaire

This resource is a questionnaire that can be used by internal audit functions to assess the skills available in the department and where there could be a skills gap.

Read More →

IT Security Questionnaire

Common IT Security questions for assessment of ITGC

Read More →

IT General Control Matrix

A common matrix and test steps for ITGC assessment

Read More →

Auditing in a Cyber World

This resource is a questionnaire that can be used by internal audit functions to gather client information and obtain a better understanding of the client’s Cyber Security controls and processes.

Read More →

System Development Life Cycle – Questionnaire

This resource is a questionnaire that can be used by internal audit functions to gather client information and obtain a better understanding of the client’s System Development Life Cycle (SDLC) controls and processes.

Read More →

About Auditopia

Auditopia is a learning and collaboration platform for internal auditors. We tap into our collective knowledge by sharing resources and engaging in virtual community events and collaboration groups. We also offer access to a growing catalog of recorded events and cutting-edge gamified trainings.

Create Free Account
[ultimatemember form_id="117"]

Contact Us