Writing Highly Effective Audit Reports
Benefits
Why you should attend
- Writing effective audit reports must be one of the most important aspect of the Internal Audit process.
- It is the main deliverable and the only real information audit customers receive.
- This 2 day course is designed to challenge your thinking about the whole approach to writing audit reports.
After completing this course you will be able to
- Simplify your reports and enhance their readability
Significantly enhance the impact of your reports - Make your reports easier to write, easier to review and easier for management to implement
- Improve the acceptance and implementation of your recommendations
- Create more focussed audit opinions
- Reduce the lead time for their issue
- Avoid unnecessary words and phrases
- Benchmark your audit reports against worldwide best practice
- Influence management more effectively
- Negotiate more successful outcomes
Who should attend
Who should attend
- Experienced auditors or other assurance professional who want to significantly improve their reports
- Newer internal auditors – to enable them to learn the most up to date techniques
- Personnel in other functions who need a wider understanding on how to improve their reports
Course Details
Course Level
- This is an intermediary level course it is advisable that delegates have 6 months experience in Internal Audit or other assurance functions
- There are no minimum educational requirements
- No advance preparation is required
- Delivery method – Group-live (with exercises to simulate audit scenarios and situations that delegates will encounter)
CPE credits
Participants will earn 9 CPE credits in the Auditing field of study.
Modules
Day 1: Audit reports – your shop window
The 5 dilemmas of audit reporting
- Video from IIA president
- What is a best practice report?
- Who do you need to convince?
- Top tips – communicating results
- The challenges of audit reporting
- Grabbing attention
- Getting the message across
- Getting action
- The need for impact
- Which of 6 reports shown would you be likely to read
- Ideas on creating impact
- How do you know a good report when you see one?
- What Management expect – recent survey of chief executive
- IIA professional standards
- Who are the reports really for?
- Exercise 1 – What are the factors that separate an excellent report from the rest?
The problems with audit reports
- Exercise 2 – Thirty five questions about your audit reports
- The 35 questions (all based on best practice) – how did you score?
- What are the factors preventing the achievement of these best practice measures
- Tips, techniques and ideas to help you score a maximum
- How to get 95% of recommendations implemented
- Use of charts and photos
- Dealing with minor issues
- Future focus
- Order of importance of the issues
- Actions rather than recommendations
- Action plans
- Discussion of the implications
- How to assess the needs of the audit customers
Analysis of actual reports
- Explanation of a proven method to evaluate audit reports
- The need to determine success criteriaWho should you involve?
- Exercise 3 – Analysis of 4 actual reports
The Executive Summary
- Exercise 4 – Comparison of 3 executive summaries
- The role of the Executive summary
- 20 tips for writing better summaries
- Targeting the Executive summary to the reader
- The benefits of writing the Executive summary before the main report.
- Asking a non-technical person to read it
- Exercise 5 – Role-play a meeting with senior management to discuss the report
- Feedback and discussion of the issues
Writing the Executive summary
- Reflecting on the issues raised in the role-play
- The need to cover the following issues
- How many key issues are there?
- What led to the control failures?
- What did it or could it cost the business?
- Were there any other impacts
- Will the actions agreed deal with the risk?
- What confidence will this give senior management
- Exercise 6 – Writing the Executive summary
Day 2: Best practice internal audit reports
Writing reports with impact
- How to market the audit reporting process
- Why audit reports are taken as a criticism of management
- Messages rather than content
- Outcomes rather than output
- Solutions not problems
- Auditor and reader mind-sets
- Ways to make the reports more positive
- Benefits and deliverables
- Conclusions
- Language and impact
- Simple and Complex language
- The use of ‘power words’ in your communications
- How to get on the same wavelength as your customer
- Highlighting the issues that matterAudit observations
- New paper on audit observations will be shared
- Causes and effects
- How to draft a report with impact
- Exercise 7 – Writing a report – taking account of the issues raised
Ideas on improving the review process
- Ways to improve the review process
- The need for a positive approach
- Techniques for effective review
- Putting yourself in the position of the writer and recipient
- Avoiding the use of the ‘red pen’
- Encouraging the auditor
- Avoiding making changes for change sake
- Messages rather than content
- Outcomes rather than output
- Exercise 8 – The review process
The main report
- Ideas for improving the main report
- Keeping it simple
- The report process
- Writing the main report
- Dealing with writers block
- Audit Objectives
- Scope
- Forming and expressing the audit opinion
- Wording tips
- Tone
- Writing effective coherent sentences and paragraphs
- The editing process – tips for success
- The power of Senior management comments
- Circulation lists
- Formatting ideas
- How to avoid repeating any sections in the Executive summary
- Words and phrases to avoid
- How to reduce the number of words
- Why the spellchecker sometimes does not help you
- Dealing with the difficulties of the English language
- Exercise 9 – Picking the biggest paragraph from a report and rewriting it in one third of the words originally used.
Finalising the report
- How to finalise the report more effectively
- Recommendations and actions plansManagement Comments
- How to reflect the right issues for the Audit Committee
- Audit Committee report examples
- The need to be on your customers side
- Follow up audits – using the action plan
- How to get management to take responsibility for actions
- 5 Ways to improve the follow-up process
- Exercise 10 – Follow up of reports
- Issuing the report
- Presenting or issuing reports (including use of e-mail and the Intranet)
- Alternative methods of reporting e.g. PowerPoint
- Examples of excellent reports will be provided
- The need to be on your customers side
- Reporting performance indicators
- Tracking actions
- 10 other Steps to success
Assessment and evaluation of your own reports
- A model for assessing reports will be outlined
- Exercise 11 Self-evaluation against the model provided
- (delegates are requested to bring along 2 recent reports- purely for
- their own reference)
- Discussion of key issues and action plans
About Phil Griffiths
Phil Griffiths, FCA
Phil Griffiths is founder and Managing Director of Business Risk Management Ltd.
A Chartered Accountant, he has over 30 years experience in risk management, Corporate Governance, internal audit and fraud prevention as practitioner, professional adviser, facilitator and trainer.
His areas of specialism are:
- Assisting Senior Management to identify, manage and then exploit the risks within their business via facilitated business risk management programmes
- Helping Internal Audit functions to implement world class standards.
- Developing fraud prevention, detection and investigation programmes
- Training both private and public sector organisations in all the above disciplines.
He has extensive experience of the European, Asian, Middle Eastern, and African markets having trained professionals from over 1000 organisations in these regions during the past 15 years
He has extensive experience of managing and auditing major International projects. He has also direct experience of negotiating major contracts (including the largest mobile telecommunications contract in the world at the time)
Phil has developed strategic alliances with professional bodies and world renowned training companies, to deliver training and consultancy services across Europe, Asia, the Middle East and Africa.
He has developed over 300 training courses on all aspects of internal audit, risk management and fraud and delivered them across the globe.
He has led risk management programmes for more than 120 private and public sector clients tailored specifically to include facilitated workshops, development of risk strategies and assistance with implementation
He is an accomplished author. His book ‘Risk Based Auditing’ is an international best seller and his new book ‘Enterprise Risk Management – the key to business success’ is receiving much acclaim
Phil has published research into many aspects of internal audit and risk management best practice, including “Strategic Risk management” “The Need to Co-ordinate Assurance Providers” and “The Expectations of Chief Executives towards Internal Audit and its future”
He is recognised as an accomplished and charismatic facilitator, trainer and lecturer and is in continual demand to speak at the most prestigious events on risk management, internal audit and fraud.
Schedule Overview
Course Fee and Timings
The fee for the 2-day course is GBP 500 (US$ 650) which includes comprehensive course materials. The course will consist of three 1.5 hour sessions each day.
The course will consist of three 1.5 hour sessions with the following UK timings
- 9.00 – 10.30 Session 1
- 10.30 – 10.45 Break
- 10.45 – 12.15 Session 2
- 12.15 – 13.00 Break
- 13.00 – 14.30 Session 3