Download the 10 most frequently viewed audit tools and publications on KnowledgeLeader in January.

1. Project Management Office (PMO) Questionnaire

The Project Management Office (PMO) Questionnaire is a strategic tool designed to assist organizations with evaluating the effectiveness and comprehensiveness of their project management practices. This document includes two sample questionnaires that can be used to gather critical insights from various stakeholders involved in project management, including executives, project managers and team members. Through detailed questions covering areas such as program goals, governance structures, scope management and performance metrics, this questionnaire helps identify strengths and pinpoint areas that require improvement within a PMO framework.

2. Internal Audit Feedback Questionnaire

This tool includes 10 sample questionnaires that can be used by internal audit functions to gather client feedback and measure client satisfaction. Sample questions include: What is your overall evaluation of internal audit’s performance for this project? How much value do you believe the audit provided to your group/department? How likely are you to use internal audit for future projects? How much would you be willing to recommend internal audit to other members of management? Would you ask internal audit for help in a situation warranting their attention? Does internal audit perform work efficiently and effectively in an acceptable amount of time? 

3. Internal Audit Plan

This audit report sample will guide your organization’s internal audit activities for a specific fiscal year. This tool outlines a methodical approach to auditing, starting with initial discussions with key stakeholders to identify high-level risks and potential areas of focus. These discussions help confirm the areas that require attention and subsequently gain endorsement from executive and audit committees. The plan details the projects to be undertaken, including their scope, timing and the resources required, ensuring that all activities are aligned with the organization's strategic goals and risk environment.

4. Non-Inventory Purchasing RCM

A successful risk management strategy requires a strong internal control environment. The risk control matrix (RCM) format emphasizes that strong and risk-oriented internal control environments are often optimized with automated/manual controls, depending on the situation. An RCM provides an overview of different control objectives that organizations should take into consideration and the corresponding controls to safeguard the company against risks, which may arise if not checked timely. Once customized to an organization, this document can help the user in assessing each control. The control assessment can then also be summarized to develop an action plan. This document outlines risks and controls common to the Non-Inventory Purchasing process in a risk control matrix (RCM) format. 

5. Human Resources (HR) Process and Compliance Audit Report

The objective of this review is to assess the overall effectiveness of human resources processes, with a specific focus on time reporting accuracy and completeness. This report primarily focuses on areas such as time reporting accuracy, payroll changes, recruitment, hiring and termination procedures. The tool identifies potential risks, inefficiencies and areas for improvement in these processes. It also provides detailed process maps for several HR functions, which can guide organizations in understanding and improving their workflows. 

6. Internal Audit Capability Maturity Model (CMM)

This capability maturity model can be used to measure the maturity of an organization’s internal audit function and to assist its progress from the initial/ad-hoc stage toward the optimized state. The capability maturity model describes a maturity curve on these capability levels: initial, repeatable, defined, managed and optimized. In this sample, an optimized organization’s new hires are easily integrated.

7. Entity-Level Controls Risk Assessment Questionnaire

Risk assessment is the component of the entity’s internal control that involves identifying and analyzing risks internally and externally. Risk assessment is relevant to achieving business objectives as well as objectives related to the preparation of reliable financial statements. This questionnaire template provides a number of COSO elements and the related objectives for entity-level controls. Within the questionnaire, you can document the control's COSO attribute, whether the control exists, whether it was designed properly, related test procedures, management's action plan for deficiencies, and more.

8. IT Internal Audit Report

This sample audit report discusses steps auditors can use when conducting an information technology (IT) audit. Testing involved identifying and evaluating the key general computer controls in place to support the company’s processing in the areas of information security, computer operations, software change management and systems support; identifying and evaluating the key controls around system security (both user administration and functional security rights); providing implementation team support by acting as a controls expert in the subject matter during the design of CPOE; and attending key committee and team meetings as necessary in addition to serving in a project risk/controls advisory role.

9. Process Documentation Narrative and Flow Chart Guide

Documenting the understanding of a process, related controls, and key roles and responsibilities can be achieved through process narratives and flow charts. Both of these documentation techniques assist internal audit teams and those responsible for the processes with establishing a common understanding of a process. Once these documents are confirmed as accurate, they provide a baseline for performing risk analysis, testing internal controls and implementing process improvements as necessary. Discover the essential elements of process documentation narratives and flow charts with our comprehensive guide, including a process flow example.

10.  Accounts Receivable Policy

Our Accounts Receivable Policy establishes procedures to ensure consistency in your company’s accounting treatment of receivables. It covers various aspects of receivable management, including when to reserve, write off or recover a receivable, and how to handle billings, cash receipts and credit memos. It also provides guidelines on maintaining internal controls and accurate records within the accounts receivable function. The document is designed to safeguard the company's assets, promote efficient operations, and ensure the proper valuation and reporting of trade accounts receivable, a major asset for many companies.