The purpose of this audit work program is to assess, at a high level, and validate key controls in place for the information and communication component of the COSO Framework. Inadequate or ineffective controls in this area may give rise to financial and operational risks.
Risks addressed in this audit work program include: monitoring of relevant external information with consideration on the impact on the entity; entity-wide operating results are not reviewed and compared against budgets at regular intervals; the adequacy of the information technology structure is not considered by senior management; and managers and other personnel do not have the required information in sufficient detail to carry out their responsibilities.
Risk & Control Matrices - RCMs
Deploy and Maintain Solutions RCM
Monitoring Entity-Level Controls Audit Work Program
Checklists & Questionnaires