This page contains an updated, alphabetized list of the sample audit reports that are available on KnowledgeLeader. These audit reports are provided in downloadable versions, so they can be customized for use in your organization.
A
Accounts Payable Proposed Standardization Procedures Report
This report template provides an overview of an organization's current accounts payable process and outlines proposed process improvements.
Accounts Payable Review Audit Report
This report lists findings from an accounts payable review and includes audit objectives, scope, procedures performed, executive summary, detailed issues and observations.
Accounts Payable Review Audit Report: Sample 2
The primary objective of this audit report is to obtain an overall, high-level understanding of the accounts payable process and related functions.
Accounts Receivable, Credit and Collections Audit Report
This audit report reviews the accounts receivable, credit and collections processes. In this example report, the company recently completed a system conversion. The objective of this review was to obtain an understanding of the processes, evaluate the adequacy and effectiveness of the associated internal controls and to identify opportunities for process improvements.
Accounts Receivable, Credit and Collections Audit Report: Sample 2
This audit report reviews the account receivable, credit and collections processes for the branch and corporate offices of an organization.
Audit Committee Report – Sarbanes-Oxley Update
This audit report discusses Sarbanes-Oxley project updates including status of the documentation process, testing results, and opportunities for process improvements.
Audit Committee Report: Annual Audit Plan
This sample audit report outlines the procedures for preparing and reporting an audit plan to the audit committee.
Audit Plan Presentation
This example presentation shows some of the documents that can be included in the presentation of the audit plan to management and the audit committee.
B
Back Office Process Optimization Report
This sample audit report benchmarks the costs and productivity of back office processes, with an emphasis placed on process standardization, reduced transaction processing times, and enhanced accountability with clearly defined roles and responsibilities.
Back Office Process Optimization Audit Report: Sample 2
This sample audit report focuses on the project timeline for upgrading related systems during back office process optimization.
Bank Audit Plan Report
This audit report relays the results of a risk-based audit plan. Internal audit identified auditable areas, performed a risk assessment for each, and assigned a risk rating of high, medium or low.
Billing and Collections Review Audit Report: Hospitals and Clinics
This audit report sample focuses on accounts receivable controls and processes at hospitals and healthcare clinics.
Billing and Credit Memo Process Review Audit Report
This audit report focuses on the customer billing and credit processes for invoices and credit memos.
Business Continuity/Disaster Recovery Program Assessment Report
This audit report sample focuses on whether an appropriate enterprise-wide governance structure is in place to manage the ongoing development, enhancement and maintenance of a business continuity and disaster recovery program. The assessment includes an organization’s in-scope tier-one systems to determine if they have appropriate IT recovery strategies and plans in place and whether the strategies are aligned with business requirements.
Business Continuity Management Program Assessment
This sample audit report assesses a second generation business continuity management (BCM) program.
Business Continuity Management Audit Report
This document outlines the critical business processes and incidents that could impact a business’s continuity.
Business Continuity Software Research Report
This report assesses various business continuity software solution providers in the global market with the purpose of enhancing the organization’s business continuity management capabilities.
Business Partner Royalty Audit Report
One of the main purposes of a business partner audit is to ensure that the partner company is in compliance with the contractual obligations of its business partner agreement. This sample audit report covers business partner agreement compliance, including a review of company compliance related to employee training.
Business Process Effectiveness Review Report
This audit report reviews specific finance processes for process effectiveness and efficiency, including financial planning and forecasting, accounts payable, accounts receivable, credit and collections, inventory (cost accounting), and procurement and capital asset management.
C
Close the Books Diagnostic Report
This report focuses on improving the close the books process for the accounting/finance function.
Co-Op Advertising Internal Audit and Process Review Report
This 30-page audit report outlines the activities and tasks included in the co-op advertising process and provides management with information about the condition of risks and internal controls.
COBIT Baseline Review Report – Sample Report
This sample report provides a template to assess the maturity of IT processes and controls using the COBIT framework.
Contract Terms and Conditions Review Report
This report provides internal audit's analysis of the terms and conditions of two construction project contracts. It includes recommendations for better contract terms and conditions, based on leading practices.
Controls Monitoring Quarterly Assessment Report
This is an example report of internal audit’s quarterly assessment of the ongoing controls monitoring processes. This report provides an overview of the work performed and corresponding audit findings.
Corporate Accounts Receivable, Credit, Collection and Cash Application Processes Audit Report
This audit report summarizes findings from a review of accounts receivable, credit, collection and cash application processes.
Corporate Treasury Review Audit Report: Sample 1
This sample internal audit report illustrates treasury review objectives, scope and procedures performed. It includes a sample of treasury review observations and management implementation plans that address these issues.
Corporate Treasury Review Audit Report: Sample 2
This audit report summarizes an internal audit review of a corporate treasury function and focuses on processes such as cash management, wire transfers and foreign exchange exposure management.
Corporate Treasury Review Audit Report: Sample 3
This audit report reviews the corporate treasury finance function of an organization. The scope of the review includes the corporate finance functions, which are defined as the processes of cash management and forecasting; short-term debt funding; and trust and fund management. The objective of the review is to perform an operational assessment of the key business processes for the corporate finance group.
Credit Evaluation and Collections Review Report
This 66-page audit report focuses on the credit evaluation and collections review process.
Cybersecurity Audit Report
This audit report presents the results of vulnerability assessments and penetration testing performed on an organization’s external and internal facing environment.
D
Data Privacy Maturity Audit Report
This report provides findings from the data privacy maturity assessment at any given company.
Disbursements Review Report
This audit report provides a review of key processes and testing of transactions, internal controls, and processes related to disbursement, which include: accounts payable, expense accounting and procurement cards.
Distributor Sales Review Audit Report
This audit report focuses on the distribution sales process, including items such as current distributor contracts and compliance with established parameters.
E
Education Grant Compliance Review Report
This sample audit report focuses on identifying key regulations related to receiving grant funds from the Department of Labor. It provides recommendations on activities that identify and mitigate compliance risks.
Enterprise Risk Management Audit Report
This audit report sample reviews the enterprise risk management function of an organization using a four-phased process.
Entity-Level Assessment Report
The purpose of this report is to document management’s assessment of the COSO internal control components – control environment, risk assessment, control activities, information and communication, and monitoring – at the entity level.
Entity-Level Fraud Risk Assessment Process Report
This sample report provides an overview of the process one company undertook to satisfy the requirements of evaluating fraud risks that pertain to internal control over financial reporting.
Entity-Level Questionnaire Results Report
This report provides an analysis of a company’s entity-level controls under the COSO framework. Key sections include control environment, risk assessment, control activities, information and communication, and monitoring.
Entity-Level Risk Assessment Audit Report
This sample audit report presents findings from an entity-level risk assessment review.
Equity Compensation Audit Report
This 43-page, comprehensive audit report assesses a company’s equity compensation processes and related activities.
Equity Compensation Review Audit Report: Sample 2
The objective of this sample review is to document an organization's current equity compensation administration processes, including assessing the accounting and financial reporting requirements, evaluating the adequacy of internal controls, assessing the efficiency of processes, and identifying improvement opportunities, when applicable.
Establishing the Internal Audit Infrastructure Report
This sample internal audit report to the audit committee chairman focuses on an audit plan for establishing an organization’s internal infrastructure.
Executive Report on Internal Controls: A Report From the CAE to the Audit Committee
This sample audit report provides specific guidance on how the audit approach general plan will be accomplished in a year.
Executive Report on Internal Controls: Sample 2
This audit report sample provides an opinion based on an annual assessment of the adequacy of a company’s systems of internal controls.
External Quality Assessment of Internal Audit Activity – Validation of Management’s Self Assessment
This audit report focuses on the external quality assessment review (QAR) conducted for a company’s internal audit activity.
F
Finance and Accounting Risk Awareness Audit Report
This sample audit report provides findings from a risk awareness and scenario analysis for a construction and development group’s finance and accounting function.
Financial Close Review Report
This sample report can be used to help identify close-the-books process improvements to reduce time and effort, while improving accuracy, completeness and sustainability.
Financial Controls Review Audit Report
This audit report reviews financial controls at an equipment facility plant. The specific processes discussed in this report include: inventory management, accounts payable, intercompany reporting procedures, and close the books. The key risks associated with these processes are also discussed in detail within the report. Example risks focus on authority limits, information integrity and cash flow.
Financial Due Diligence Report
This sample report presents findings from a financial due diligence analysis of a company being acquired.
Financial Transformation Report: Lean Consolidation
This sample report focuses on enhancing the efficiency and effectiveness of an organization's financial consolidation process.
Foreign Subsidiary Review – Audit Report
The objectives of this foreign subsidiary internal audit review are to: assess the adequacy of the overall financial control environment, assess the adequacy of key financial and accounting internal controls, evaluate compliance with significant corporate policies and procedures, and identify opportunities for process and internal control improvement.
Fund Accounting Process Review – Audit Report
This fund accounting process review internal audit report focuses on comprehensive record keeping and reporting requirements for registered investment companies and their affiliates. The objective is to review the controls over the oversight and reporting of financial data for each fund.
H
High-Tech Company Audit Plan
This report shows the results of a business self-assessment (BSA) session, which is a focused discussion of risks facing a corporation and an evaluation of the effectiveness of management controls designed to mitigate exposures.
HIPAA Security Gap Assessment
This audit report identifies potential gaps in complying with the HIPAA Security Final Rule.
Human Resources Process and Compliance Review – Audit Report
This sample human resources process and compliance internal audit report focuses on time reporting, payroll, recruiting, hiring and termination.
Human Resources Risk Management Assessment Report
This sample review was designed to obtain and evaluate the capabilities of existing global human resources risk management techniques using the Capability Maturity Model.
I
Import Compliance Audit Report
This audit report assesses adherence to a company’s import procedures as established by its International Transportation and Compliance (ITC) department. For each procedure within scope, internal audit identified the controls in place to monitor compliance with the procedures and then tested the operation of the monitoring controls.
Incentive Compensation Audit Report
This sample report summarizes an internal audit review of the incentive compensation area. The report includes an executive summary, description of audit work performed, process maps of the audit area, and recommendations.
Integrated Audit Plan – Audit Committee Report
This audit report provides a background on the PCAOB's Auditing Standard 5 (AS5) and covers its impact on a variety of areas.
Intercompany Reconciliation Report
This document focuses on reducing the intercompany out-of-balance differences to an immaterial amount for the month-end close process.
Internal Audit – Board of Directors Orientation Report
This document provides a board level overview of internal audit and internal controls. It can be used as an orientation guide for board members to a company’s internal audit department.
Internal Audit Plan and Report to the Audit Committee
This sample audit report presents an anticipated two-year internal audit plan, including details of each audit area.
Internal Audit Plan Status – Report to the Audit Committee
This sample internal audit report to the audit committee presents a logical, easy-to-follow summary of completed, in-progress and scheduled audit projects.
Internal Audit Report to the Audit Committee
This presentation provides attractive examples of content that can be included within an internal audit report to the auditcommittee. It includes examples of audit planning calendars, dashboard summaries of audit activities and findings, budget and benchmarking material, and ways to present the audit organization and qualifications to the committee.
Internal Audit Risk Assessment – Audit Committee Report
This sample audit report summarizes internal audit risk assessment results to the audit committee. Report topics include: risk assessment approach, risk model, risk map update, top risks, proposed internal audits, audit universe coverage, distribution of internal audit efforts, and internal audit and Sarbanes-Oxley budgets.
Internal Audit Risk Assessment and Proposed Internal Audit Plan
This sample audit report identifies perceived areas of risk and potential internal audit projects for a company after an internal audit risk assessment.
Internal Audit Risk Assessment Report
This 18-page report provides management with information about the condition of risks faced by a company.
Internal Audit Risk Assessment Report: Sample 3
This report outlines an internal audit risk assessment approach that facilitates the audit planning process.
Internal Audit Site Review Audit Report
This sample audit report summarizes an internal audit review of a remote site location. It includes internal audit objectives, an executive summary, the audit work performed, risk based prioritization, process maps of audit areas, CAAT testing, and a best practices benchmarking study.
Internal Audit Site Review Audit Report: Sample 2
This audit report reviews the control adequacy of the expenditure, revenue and inventory cycles at a company facility.
Internal Audit Site Review Report – Energy Industry
The purpose of this audit report is to document the results from a site review at an organization within the energy industry.
Internal Audit Staffing and Audit Plan Report
This report addresses current internal audit staffing levels and audit plan progress.
Internal Audit Update: Audit Committee Report
This audit committee report includes a summary of internal audit activities completed/in progress, an update on process and IT SOX compliance, SOX project milestones and timelines, and next steps.
IPO Organizational Meeting Report
This document outlines key discussion topics and a timeline for an IPO organizational meeting.
IS Resource Management Internal Audit Review Report
This sample report focuses on how a company prioritizes information systems (IS) projects and manages IS resources.
ISO 27001 Information Security Assessment Report
This audit report focuses on a project baselining an organization’s information security practices, with the purpose of identifying opportunities to advance the information security function.
IT Governance Review Report
The Institute of Internal Auditors (IIA) Standards identify IT governance as a key area that should be regularly reviewed by the internal audit function. Objectives of this sample IT governance report include gaining a high-level understanding of the organization's IT governance processes and providing management with a benchmark against which to determine and pursue improved IT governance performance.
IT Organizational Assessment Report
This report focuses on assessing and improving IT processes. It provides an overview of methodology, business value drivers, recommendations and an improvement roadmap.
IT Risk Assessment Audit Report
This report outlines findings from a high-level IT risk assessment at a company.
IT Risks and Controls Review Report
The objective of this audit report is to reduce the volume of controls across applications, infrastructure and IT processes in order to improve consistency and focus on key risks.
IT Strategy Gap Assessment Report
Strategic alignment between business goals and drivers, and IT goals and initiatives is a critical area for most organizations. This report focuses on the gap assessment results of a company’s IT strategic plan.
L
Licensing Process Assessment Report
This report outlines assessment of the third-party licensing process, identifying risk areas that could lead to potential inaccuracies in the reporting of licensing obligations.
O
Out-of-Contract Life Claims Settlements Audit Report
This sample audit report reviews the out-of-contract life claims settlement process at a company.
P
Payroll and Human Resources Review Audit Report
This audit report focuses on the payroll and human resources functions within an organization’s key executive retention program (KERP). The objectives of this review are to obtain an understanding of the payroll and human resource processes for KERP employees; evaluate and ensure that internal controls are adequate and operating effectively; understand how policies and procedures are monitored and enforced; and follow-up on the status of prior internal audit recommendations.
Payroll Review Audit Report
This audit report focuses on the payroll process and related functions. It documents the following: project executive summary; objectives, scope and approach; observations and improvement plans; and work performed.
Payroll Review Audit Report: Sample 2
The objective of this audit report is to review the effectiveness and efficiency of the payroll procedures.
Payroll Review Audit Report: Sample 3
This report presents findings from an evaluation of the design and operating effectiveness of specific controls surrounding the payroll process.
Personal Identifiable Information Privacy Controls Review – Audit Report
This is an example internal audit report focusing on company procedures for handling personal identifiable information. The report includes an executive summary, objectives, detailed findings, recommendations and follow-up notes.
Physician Contract Compliance Review Report
This report focuses on the effectiveness of a healthcare organization’s physician contracting and payment processes.
PMO Effectiveness Review Audit Report
This sample audit report provides a review of an enterprise project management office (EPMO).
PMO Initiative Report
This report outlines a plan for reviewing the expectations and process of a project management office program within an organization.
Post-Implementation Controls Audit Report
This sample audit report provides findings from a post-implementation review specific to audited controls and fixed assets.
Pre-Audit Readiness Report
This report focuses on an organization's pre-audit readiness and includes project scope, pre-audit key findings and a pre-audit assessment.
Pre-Year 1 SOX Roadmap – Audit Report
This report serves as a template for organizations to use when documenting business and IT processes for eventual Sarbanes-Oxley (SOX) compliance.
Privacy and Data Sensitivity Audit Report
This audit report focuses on the process to ensure effective controls are in place for handling sensitive data.
Privacy Compliance Program Review – Audit Report
This sample report focuses on the state of privacy compliance at a financial institution. The review addresses compliance with the Gramm-Leach-Bliley Act (GLB), and uses a capability maturity continuum and gap analysis to illustrate the status of compliance.
Product Safety Audit Report
This audit report provides a detailed description of a review of a company's product safety processes, including significant observations and recommendations.
Purchase-to-Payment Process Assessment
This report focuses on establishing an efficient and streamlined purchase-to-payment process, as well as utilizing strategic sourcing, providing added value through decreased operational costs, and effective supplier management.
Purchase-to-Payment Process Assessment: Sample 2
This audit report focuses on the purchase-to-payment process, assessing spend data for a specified period of time.
Q
Quality Assurance Review Implementation Report
This report provides an example of how to present recommendations and action plans to management upon completion of a Quality Assurance Review (QAR).
Quality Assurance Review Plan Report
This audit report outlines the approach followed to establish a quality assurance function, which includes evaluating the organization’s risks.
Quarterly Compliance Assessment – Audit Report
The purpose of this report is to document internal audit’s quarterly assessment of compliance policies and procedures and the validation of the operational effectiveness of key activities and controls within those policies and procedures.
R
Real Estate Services Agreement Review
The sample report discusses procedures for an audit of a real estate services agreement. The purpose of this audit was to identify and recover: cash due to contractually unallowable items; miscalculated payments; duplicate payments; overpayments; billing errors; and non-conformance to contractual terms.
Rebate Process Audit Report
This audit report evaluates current processes in place to calculate and record rebate information sent by distributors. The internal audit team also assessed the overall maturity of the business process with respect to six essential elements of infrastructure using a capability maturity model. The report highlights both "where the company is at present” and "what the future state of each process may look like” in a more mature state.
Record Retention Practices Review Audit Report
This audit report reviews the record retention process at a company. The objectives of the review were to identify the existing procedures in place, define objectives of the process, identify and prioritize the risks applicable, identify global best practices to minimize the most significant and likely risks, determine key components to be included in a records retention policy, and compare the existing practices to the key components necessary to achieve the process objective.
Risk Assessment and Internal Audit Plan Audit Report
This sample reports results from an annual risk assessment and proposes an internal audit plan based on the assessment.
Risk Assessment Results – Audit Committee Report
This sample report to the audit committee primarily focuses on the audit risk assessment process and results and the internal audit planning process and timing.
Risk Assessment Audit Report
This audit report outlines the risk assessment process, focusing on risk assessment methodology, risk models, risk prioritization, sample process lists and risk maps.
S
Sales Commissions Review Audit Report
This audit review focuses on the sales compensation plan for all commissionable employees.
Sales Compensation Review
This audit report summarizes a review of the sales compensation area. It includes an executive summary, background statistics, benchmarking data and recommendations.
Sales Order Cycle Review – Audit Report
This sample sales order cycle review audit report outlines the quote-to-invoice process, contract operations and maintenance, accuracy and integrity of data captured in the order management system, as well as the quote-to-invoice cycle time.
Sales Order Processing Review Audit Report
This audit report evaluates the control adequacy and operational effectiveness of the sales order processing cycle.
SAP Change Management Review – Internal Audit Report
This internal audit report provides a detailed analysis of a company’s SAP change management process based on the Software Engineering Institute Capability Maturity Model.
Sarbanes-Oxley Section 404 Process Prioritization Report
This document outlines the steps used by management in assessing the criticality of business processes, which is important in setting the scope for the internal control over financial reporting assessments. This includes prioritizing financial reporting elements, defining processes, linking processes to financial elements, and prioritizing processes.
Sarbanes-Oxley Section 404 Status Report
The purpose of this Sarbanes-Oxley Section 404 status report is to increase communication between the project team, executive management and process owners in order to facilitate understanding of project purpose and deliverables.
Sarbanes-Oxley Year-End Audit Committee Report
This report to the audit committee focuses on the progress of the Sarbanes-Oxley Section 404 program.
Security Assessment Report
This sample audit report discusses the key observations and recommendations of an enterprise security assessment for an organization’s external and internal IT infrastructure.
Security Policy and Procedure Evaluation – Controls and Responsibilities - Sample
This sample report records the result of an evaluation of security policies and procedures. It illustrates security policy issues and leading practices regarding controls and responsibilities that could be incorporated into a review, and provides a useful format for reporting the results.
Security Policy and Procedure Evaluation – Data Security
This report records the results of an evaluation of data security policies and procedures. This report format that can be used to communicate the status of company policies, and also to present recommendations for policy changes to management, including details of specific policy and procedure findings and gaps.
Security Policy and Procedure Evaluation – Software
This report format can be used to communicate the status of company software security policies and presents recommendations for policy changes and policy issues to management.
Security Policy and Procedure Evaluation Report – Administrative Personnel
This report records the result of an evaluation of security policies and procedures. The sample illustrates administrative and personnel security policy issues and leading practices to incorporate into a review and provides a useful format for reporting the results.
Security Policy and Procedure Evaluation Report: Application Development and Change Control
This audit report records the result of an evaluation of application development and change control security policies and procedures.
Security Policy and Procedure Evaluation Report: Communications
This report records the result of a security policies and procedures evaluation. The sample illustrates communications security policy issues and practices and provides a useful format for reporting the results.
Segregation of Duties Review Report
This 23-page sample report focuses on a project's final deliverables, including a project overview, remediation roadmap, rollout plan and lessons-learned document.
Self-Assessment on Internal Controls Report
This report focuses on a self-assessment initiative, evaluating the effectiveness of the design of internal controls for a company’s operations and budget process. It describes the approach, the results, and the recommendations that resulted from the initiative.
Software Company Internal Audit Plan
This sample audit plan presentation to the audit committee of a software company focuses on the audit risk assessment process and results, the internal audit planning process and timing, and the business self-assessment processes and results.
Special Accounts Staffing Process Assessment Report
This sample report assesses the staffing model created by human resources for special accounts.
Stock Option Measurement/Grant Date Review – Sample Internal Audit Report
The key objective of this sample audit report is to compare the date used by a company for accounting purposes (the date of record) to the date at which all requisite granting, approval and notification activities occur (the measurement date).
Stock Options Audit Report
This report focuses on internal audit’s review of stock option activities and processes, and the adequacy of controls.
Strategic and Operational Process Review Report
This audit report summarizes a strategic and operational review of a company’s business environment and production processes.
T
Tax Compliance Process Report
This document reviews the business processes related to the tax compliance process, identifies manual and system-based controls, and documents issues and weaknesses.
Team Member Resources Audit Report
This audit report discusses the resources allocated to an organization by level of team member, including components such as timekeeping, team member files, hiring process, and action items to improve each component reviewed.
Technology Change Management Audit Report
This report discusses the results of a technology change management (TCM) process audit. The document offers insight into of the company’s TCM practices and strategies, and identifies strengths and improvement opportunities.
Temporary Labor Service Contract Review
Identifying potential contractors and subcontracting with other agencies to satisfy resource needs is a common business practice. This sample review focuses on the temporary labor process.
Treasury Infrastructure Project Audit Report
This report focuses on an organization's treasury process infrastructure, including payment authorization and release, cash flow forecasting, and related controls.
Treasury Review Audit Report
This audit report focuses on opportunities for improvement through interviews and process observations with treasury personnel and limited transaction testing.
W
Warranty/Field Services Review – Audit Report
This is an example internal audit report focused on the warranty/field-services process. It highlights activities related to billing, customer inquiries, and contract negotiation.