This is the third of 3 posts; this post describes how I audited the auditors and my perspective on the whole thing.
Tag Archives: workpaper
You can kill an auditor in 10 easy steps. If you’re a manager, it’s even easier. Here’s how:
1. Insist that all periods are followed by 2 spaces. Those days are long gone and so are typewriters. But some managers who review workpapers still insist on this. No kidding!
A little help for non-auditors: a workpaper describes 1) the control being tested, 2) the steps used to select samples and perform the test, 3) the evidence gathered and how it was analyzed, 4) the conclusion, and if the test failed, usually 5) a broad recommendation of what might be done to resolve it.
2. When reviewing workpapers electronically, question an obvious mistake instead of correcting it. For example, I numbered my test steps 1, 2, 3, 5. Just fix it and move on. Don’t waste your time and mine writing things like “is this number correct?” and then sending it back to me to fix it, especially when it’s the only correction in the workpaper. Just fix it! If multiple errors exist, say something to me or send it back and ask me to review all numbers and references. By pointing out a single error, you are wasting shareholder dollars. I sure hope you feel better now!
The Institute of Internal Auditors (IIA) has back-to-basics articles for new auditors (and like Dummies books, the topics can be a reference for the rest of us). Even security pros might want to read a few of these to better understand their auditors, or how those auditors should be doing their jobs.
The topics are as follows (no special order):