Process Level Auditing

What is Process Level Auditing (PLA)?

PLA means the auditor

acts as a facilitator to help

the managers of a group

of related activities

assess the control

strengths and weakness.

Together, we develop

action plans for

improvement, where

necessary.

In a PLA Environment:

All existing controls and

procedures are reviewed by

managers and auditors to

determine what is needed for

improved efficiency.

Internal Audit, in the capacity

of in-house consultant, works

with the "client" to enhance the

operations of the various

departments.

How Will Process Level Auditing Improve

the Organization?

The managers' operational knowledge of the process

becomes part of the audit.

Each segment of the process is summed into one continuous

flow.

The managers gain an understanding of how the activities in

their segment impact the process.

The risks factors are assessed for potential impact to the

process, and controls are applied for maximum efficiency

and effectiveness.

The Managers' Expanded Role Under PLA

The managers' would participate in the process by:

A. Identifying the segments that constitute a process.

B. Contributing first-hand observations and ideas

regarding the state of existing controls and potential risks

in the process.

C. Developing a flowchart that links the segments into a

process stream.

D. Achieving improvements in cost, quality, and service

within a specific process and ultimately the Organization .

E. Contributing to the development of action plans to reduce

unacceptable risks to acceptable levels.

Tools used in a PLA Environment

Examples of Risks Reporting - The effect of inaccurately prepared financial statements,

which should reflect the organization's financial position accurately,

fairly and in accordance with Corporate Accounting Policies .

Legal Liability – The risk that new laws will be enacted, which

unfavorably affect business operations and revenues.

Regulatory - The risk that an organization operates or engages in

transactions in such a way as to be out of (compliance with Federal

and State laws and regulations - consequences include financial,

civil, criminal, administrative sanction/penalties, and unfavorable

publicity.

Competition - The inability to effectively remain abreast of the

demands of the marketplace or to respond to competitive challenges.

Strategy - The risk that strategy decisions don't accomplish the

desired outcome.

CONTINUED

Examples of Risks Reputation - The risk to an organization's reputation because of

actions of employees, poor performance in the marketplace or

violation of legal or regulatory statutes.

Asset Safeguarding - Due to misadministration or the deliberate

improper act of employees, customers or third parties. These could

include fraud, theft, destruction of records, conflict of interest, misuse

of position or other misrepresentation.

Human Resources - Arises from insufficient competent staff

available to support business activity or the control functions

surrounding it .

Technology - Arises from disruption to business and/or support

operation functions due to system or technology malfunction,

insufficient capacity or inability to recover from disruption due to

power loss, fire, flood, terrorist attack, etc .