ABC BANK Audit Plan Presentation to Audit Committee (Date)

ABC BANK Audit PlanPresentation to Audit Committee

(Date)

2Source: Protiviti KnowledgeLeader http: / / www.knowledgeleader.com

Table of Contents

Introduction of Internal and External Audit Teams

Audit Risk Assessment Process and Audit Plan

Summary Comparison of Audit Effort in Prior Year Versus Plan for the Current Year

Internal Audit Schedule

Sample Audit Committee Deliverable

Matrix for Evaluation of Audit Independence


Internal Audit Plan - Overview

The audit plan was developed using a risk based audit approach. Utilizing experience and understanding of the bank’s operations as well as industry knowledge, internal audit identified auditable areas, performed a risk assessment for each of these areas, and assigned each of these a risk rating of high, medium or low.

Internal audit considered the following factors, as well as knowledge of the bank, in determining the risk rating for each auditable area:• Discussions with bank management, which provided insight regarding issues and risks in the auditable areas• Potential impact that the auditable area may have on the financial position of the bank• Other environmental factors, such as past audit results, changes in personnel and operations, past and current

emphasis by regulators, and future business strategies

This risk assessment process will be performed on an ongoing (at least annually) basis to ensure changing risk factors, including losses, operational changes or turnover, are continually monitored.

A cycling approach to the internal audit plan was used, whereby high-risk areas are audited on an annual basis, and medium- to low-risk areas are audited over a 18- to 24-month cycle.


Medium Risks High Risks

Low Risks

HighLow

Lo

wH

igh

Sig

nific

ance

Likelihood of control/process issues

• Disaster Recovery• Commercial Lending• Finance• IT Applications• Community Reinvestment Act• Software Licensing• Logical Security/Security Admin.• IT Telecommunications• Operations Support• Small Business Lending• Local Area Network• Centralized Doc. Unit

• Treasury/Investments/ALM• Central Services• Internet Conn./Firewall• New Product Development• Real Estate Lending• Commercial Business Lending• SBA Center

• Branch Network• Loan Administration Dept.• Financial Products• Marketing/Promotions• Human Resources/Payroll• Credit Administration• Appraisal Department• Facilities

III

IIIIV

Risk Map - ABC Bank


Summary Audit Plan

Audit Area Risk Assessment Budgeted Hours

Treasury/Investments/ALM High X

Real Estate Lending High X

Central Services High X

Commercial Business Lending High X

SBA Center High X

New Product Development High X

Internet Connectivity/Firewall High X

Centralized Documentation Unit Medium X

Logical Security & Security Admin Medium X

Local Area Networks Medium X

IT Telecommunications Medium X

Disaster Recovery Planning Medium X

Software Licensing Medium X

Finance/Accounting/Accts Payable Medium X

Operations Support Medium X

Community Reinvestment Act Medium X

Branch Network Low X

Human Resources/Payroll Low X

Discretionary NA X

Planning, Admin & Reporting to AC NA X

Follow-Up on Prior Year Audit Plan NA X

Total Budgeted Audit Hours X


Summary Focus of Audit Effort During Prior and Current Years

1200

550

450 470

650

150 150 160

400

260

0 0

470

600

1589

300

100

650

200 200150

800

400

200

0

200

400

600

800

1000

1200

1400

1600

1800

Current Year

Prior YearHou

rs


Significant Changes in Audit Plan from Prior to Current Year

As is depicted on the preceding page, the following summarizes the most significant changes seen in the audit plan for this year versus last:

• Greater emphasis on lending activities, including centralized documentation unit, based on risk assessment process

• Significant re-allocation of time from branch network to centralized/back office operational activities based on our risk assessment process. For branch network, focus to be on high-risk activities, including branch losses, wire initiation, etc.

• Increased discretionary time for special projects

• Reduced administration time, as well as no allocation for training, vacation or sick leave


To be determined……

Jan Feb Mar April May June July Aug Sept Oct Nov Dec


4TH QUARTER1ST QUARTER 2ND QUARTER 3RD QUARTERDESCRIPTION

Branch 6Branch 7Branch 8

Business Processes/OperationsTreasury/Investments/ALM

Real Estate LendingCentral Services

Commercial Business LendingSBA Center

Human Resources/PayrollCentralized Documentation Unit

Finance/Accounting/Accounts PayableOperations Support

APPLICATION SYSTEMS

Community Reinvestment ActNew Product Development

Follow-Up on Significant IssuesDiscretionary

Information TechnologyGENERAL

Deposit ApplicationGeneral Ledger System

OTHERSpecial Management Request Projects

Follow-Up on Significant Issues

Logical Security & Security Admin.Local Area Networks

Internet Connectivity/FirewallDisaster Recovery Planning

Software Liscencing

Internal Audit Schedule

= Planned = In Process = Completed


Internal Audit Schedule (Contd.)

Jan Feb Mar April May June July Aug Sept Oct Nov Dec


DESCRIPTION 1ST QUARTER 2ND QUARTER 3RD QUARTER 4TH QUARTER

Information Technology

GENERAL

OTHER

Special Management Projects

Follow-Up on Significant Issues

Logical Security & Security Admin.

Local Area Networks

Internet Connectivity/Firewall

Disaster Recovery Planning

Software Licensing

IT Telecommunications

= Planned = In Process = Completed


Internal Audit Schedule - Regulatory Compliance

Federal/state regulations reviewed as part of the audit plan

As part of our review of the identified business processes and retail branches, internal audit will integrate compliance testing of the following regulations:

Internal audit will coordinate with ABC Bank’s compliance officer when determining the scope and degree of work to be performed for compliance-related issues.

OFAC HMDA BSAReg D Reg DD Reg E Reg X Reg Z CRA

Branch Network

Business Processes/Operations

DESCRIPTION

Real Estate Lending

Reg B Reg CC

Commercial Business Lending

SBA Center

Centralized Documentation Unit

Small Business Lending

Central Services

Community Reinvestment Act

ABC BANK Audit Plan Presentation to Audit Committee (Date)

Documents

Transcript of ABC BANK Audit Plan Presentation to Audit Committee (Date)