The detailed risk assessment results in this sample audit report can help you measure and improve your organization’s internal audit process.

This sample is not intended to be a comprehensive, detailed audit work program. We recommend that organizations develop specific audit work programs for each audit project outlined. This audit plan is not intended to be static or unchangeable. Changes in conditions, problems encountered during projects or special requests may require alterations to the plan. Any significant changes to the plan should be proposed to the audit committee and internal audit steering team.