Tip of the Month: Using Audit Objectives

Did You Know?

BarnOwl is a fully integrated risk, compliance and audit software solution supporting true risk and control based auditing enabling risks and controls to be ‘pulled through’ automatically from risk management into audit where they can be audited independently. The audit results are then ‘aligned’ back to risk management on acceptance by management of the audit’s ratings (risks and control) and findings. Audit objectives simplify audit execution by grouping risks and controls into manageable work items.

Please note: ‘Audit Objectives’ are not the same as risk management ‘Objectives’. Setting up audit objectives in advance as per point 2 and 3 below are preferable, however, many users forget to set up audit objectives in advance, in which case, it’s possible to capture audit objectives directly within an audit project (at the time of auditing) and to drag and drop the relevant risks under the audit objective/s. Create an Audit Objective:

  1. directly, within an audit project during the planning or execution stage.
  2. in advance, in the process library.
  3. in advance, in the process library and link process/es to different types of audit in SCM (Server Console Manager).

Using Audit Objectives

1. Create Audit Objective directly within an audit project during the planning or execution stage
In cases where audit objective/s have not been setup in advance in the ‘Process’ library, it’s possible to capture audit objectives directly within an audit project (at the time of auditing) and to drag and drop the relevant risks under the audit objective/s.

1.1: Risk register in the risk module:
Fig 1.1.1: Risk register in the Pretoria>PTA Assets unit

BarnOwl Tip Pic1

1.2: Create Fixed Asset Audit:
Fig 1.2.1: Create fixed asset audit

BarnOwl Tip Pic2

1.3: Fixed Asset Audit PFO (Project File Organiser):
Fig 1.3.1: Risk and Controls pulled through from risk management into the PFO

BarnOwl Tip Pic3

Please note: it is also possible to create risks and controls directly in the audit project. At a later stage, when the audit project is closed, both existing and newly identified risks and controls can be ‘aligned / copied’ automatically back into risk management.

1.4: Create an Audit Objective directly in the audit project:

Fig 1.4.1: Create an Audit Objective directly in the audit project

Place the cursor on the Process node ’02. Disposal of FA’ in the PFO and select the menu option Capture>Audit Objective:

BarnOwl Tip Pic4

Fig 1.4.2: Capture the title of the new audit objective: e.g. ‘Dispose of FA’

BarnOwl Tip Pic5

1.5: Drag and drop risk/s under the Audit Objective:
Fig 1.5.1: Pre dragging and dropping of the risk/s under the Audit Objective

BarnOwl Tip Pic6

Fig 1.5.2: Post dragging and dropping of the risk/s under the Audit Objective:

BarnOwl Tip Pic7

1.6: Open the Audit Objective form:
Fig 1.6.1: Double click on the Audit Objective in the r.h.s. pane to open the audit objective screen. The ‘Risk/Controls’ tab shows the risks and controls and audit procedures (if configured):

BarnOwl Tip Pic8

2. Create Audit Objective in advance, against the relevant process / sub process in the Process structure (tree)
Setting up audit objectives in advance and linking them in the process library is the preferred method compared to point 1 above.

2.1: Capture an Audit Objective against a process / sub process in the Process library (tree):

Fig 2.1.1: View>Objectives>Objective Register

BarnOwl Tip Pic9

Fig 2.1.2: Capture>Audit Objective

BarnOwl Tip Pic10

Fig2.1.3: Capture Audit Objective

BarnOwl Tip Pic11

2.2: Link risks to the audit objective
Fig 2.2.1: Link / Un-Link Risk

BarnOwl Tip Pic12

Fig 2.2.2: Link Audit Objective to relevant risk/s in this unit.

BarnOwl Tip Pic13

Fig 2.2.3: Audit Objective register with linked risk/s and linked control/s

BarnOwl Tip Pic14

2.3: Apply Process library to the relevant Business Units
Fig 2.3.1 Apply Process library (template) to the relevant Business Units

BarnOwl Tip Pic15

Please Note: Setting up audit objectives and linking risks in advance in the process library is the preferred approach as it simplifies the audit process.

2.4: When creating an audit project, the Audit Objective is automatically created and linked to the relevant risks in the PFO
Fig 2.4.1 The Audit Objective is created and linked automatically in the audit project PFO (Project File Organiser)

BarnOwl Tip Pic16

2.5: Link Process/es automatically in advance to a project type via SCM
Fig 2.5.1 Link Process/es automatically in advance to the PFO (Project File Organiser) via SCM (server management console). This enables a project type to be configured with processes, which are automatically imported with their risks and controls when creating an audit project.

BarnOwl Tip Pic17

Fig 2.5.2 Conduct a ‘Fixed Asset’ audit

BarnOwl Tip Pic18

Useful links

Some useful links:
https://api.barnowl.co.za/insights/4-ways-auditors-can-add-value-to-your-organisation/
https://api.barnowl.co.za/insights/6-ways-risk-based-auditing-adds-value-to-your-organisation/
https://api.barnowl.co.za/tip-of-the-month/barnowl-arbutus-bringing-grc-to-life-with-integrated-data-analytics-and-continuous-monitoring/

About BarnOwl:

BarnOwl is a fully integrated governance, risk management, compliance and audit software solution used by over 150 organisations in Africa, Australasia and the UK. BarnOwl is a locally developed software solution and is the preferred risk management solution for the South African public sector supporting the National Treasury risk framework.

Please see www.barnowl.co.za for more information.

Leave a Reply

Your email address will not be published. Required fields are marked *