I’m sitting in the airport getting ready to head to Kuwait and Dubai to visit customers and attend the Asia-Pacific CACS conference. Looking forward to learning more about the IT and internal audit communities on the Arabian Peninsula.

If you are attending the conference or are just interested in meeting up in the area, let me know. Shoot an email to customer support (help@workpapers.com) and they’ll put us in touch. We’ll post anything interesting learned throughout and after the conference.

Dan

Article and Comments »

So just last week we posted about “the little things” (referring to adding comments to the to-do log report). Well, we have really been focusing on to-do items lately. A lot of our audit teams are really starting harness their power.

The problem in Workpapers.com though was that they weren’t adequately searchable or they were too hard too look through and manage. To combat this, we have added a set of filters to the To-dos tab that allow anyone on the audit team to filter the listing by: who the item is assigned to, who the to-do was assigned by, or the status. Now everyone see the communication going on through review notes across the entire audit team and can easily revisited Cleared and Closed items.

Is there anything else we can do to help you get more out out of to-dos?

Article and Comments »

SCENARIO: You have conducted audit procedures and identified a variety of findings. Great! I mean, who doesn’t love findings? So now management needs to remediate. After three times as long as they said it would be, they’ve fixed the problems. So, you ask for evidence it is fixed and they give it to you.

The problem that arises is where do you put this in the system? Maybe attached to the original procedure? Maybe in a project file group called remediation? Could be a little confusing until now.

NEW FEATURE: Now you can attach evidence directly to the finding itself. That way, when you get documentation specifically related to resolving or closing a finding you can attach right there. Easy to find when you got back to the audit again next year.

We think this will make organizing documentation around findings more logical, hope it helps your audits. Keep adding those findings!

Article and Comments »

The to-do system in Workpapers.com is pretty great. Makes tracking review notes a cinch. In fact, it works so well, that lots of folks have grown into needing more out of it. One of those things is better reporting of the overall status of their entire to-do list, including those items that were closed.

The to-do log helps auditors with this. But something was missing. As part of the package of changes we pushed this morning, the to-do log now not only shows a log of the to-do the items and their status, but also the comments on each item. Now one report provides the whole picture on your to-dos.

Article and Comments »

As many of you noticed, there is now a place right in the sidebar of essentially every fieldwork screen to add request list items (just like with to-dos). Here is why we have done this and what the benefits are.

Better Request List Workflow

This really follows on our last couple of posts. Basically, as we were conducting our audits we realized that it makes a lot more sense to simultaneously build both the audit workplan and the request list (rather than the request list either first or later as an afterthought). Also, like so many our customers, we build project templates and then roll those templates forward for each of the clients we conduct that particular audit for. In project templates, we are VERY committed to making sure we include the request list items so we have those ready to go on each audit with zero effort.

Therefore, we find ourselves needing to tie our request items very directly to specific parts of the audit plan. It was also a pain to go switching back and forth between tabs to look at the audit procedures then go over and add a request item.

No longer… now, go through your audit plans step by step and add your request items right in the sidebar of each procedure. Once finished, go to the project-level Request List tab and see all of those items organized and ready to rock. Either invite your client to the project so they can go to work on filling them (works the best) or export an Excel or PDF file and send it to them to work on.

The Results

Overall, you find that request lists just begin to manage themselves… which is what we like. The auditor tacks them on anywhere in the audit procedures they need to and the client sees them and fills them via secure upload.

To get close out the loop on the new, tighter request item/audit procedure associations, we will make our next request list-related post all about assigning the files your client uploads to your system for each item right over to a procedure as audit evidence (no downloading and re-uploading required).

Article and Comments »

As a follow-up on my previous post, just wanted to post a small feature update we’ve added in Workpapers.com. There are now filters on the request list tab so you can easily filter the items in the list by:

1. The contact responsible for providing the item
2. The auditor who requested the item
3. The status of the item (open or received)

Hopefully that helps make sorting through the request items quick and painless.

Article and Comments »

Why do we always send request lists first?

I think we should all change the way we think about request lists. Traditionally, when we have a new audit client, the first thing the audit team rushes to do after signing the engagement letter is send the client a request list for the audit. But why?

Conventional wisdom says it is necessary planning so we can hit the ground running when arriving in the field. Think about this from the client’s perspective though. They immediately get this big list of poorly written requests and are turned off before even meeting the team. I say poorly written because despite best efforts, they almost always are. We are asking for a bunch documentation we usually need but for an environment, culture, process, etc. that we don’t yet understand. The result?

Eight times out of ten, we arrive onsite and the client hasn’t even really started on the request list (likely because they don’t even understand most of what we asked for) So what does the audit team do? Often just sits around until the client starts producing documents.

I suggest a better way.

Lets start the engagement by just letting the client know we need a few minutes to talk with the folks in charge of the areas we’re auditing. Take 15-20 minutes, learn about what they do, get a feel for the culture, and explain to them WHY you need a variety of documentation from them. Now we have a foundation to build on.

With a foundational understanding, go back and craft a gorgeous request list. Sure, there is such a thing… one that is concise, tailored to client systems and processes, uses the same terminology the client uses internally, and most importantly was written then revised for clarity. Sounds like unnecessary work but it is really just appropriate attention to detail and in almost every case enhanced clarity will result in the request items arriving much sooner. Care about the beginning of the audit (the request list) the same way you care about the end (the report).

How Workpapers.com Helps

1. Elegantly crafted request items are individually managed in Workpapers.com. Go through your entire audit plan and create them right from the sidebar of the audit steps so you don’t forget anything (this is IMPORTANT and makes things very efficient).
2. One click email reminders to the contact responsible
3. Once you have a handsome list, invite your client, give them the client access role in the project, and let them go in and easily upload the required documentation.
4. A side benefit of allowing clients access to upload is that the trading documents is 100% encrypted and secured, which receiving them through email definitely is not.
5. When rolling forward project templates or the engagement in future years, all of your request items are automatically rolled-forward and reopened so you can quickly get started collecting them again.

I have been doing a lot of request list management with my clients this way lately. We are continuning to refine the process but overall very effective. Email us or leave comment with questions or tips on how you do it.

Article and Comments »

“Checklists are everything that is wrong with auditing. No auditor that cares about their work ever uses a checklist to conduct an audit. ‘Audit workplan’ and ‘checklist’ are antonyms.”

Dan Zitting

Article and Comments »

As announced in the December newsletter email, we have added a new role to those available inside each audit project. The new role is for the audit client and makes collaboration with clients easy and elegant.

The Thinking We Applied to the Client Role

When we conduct audits, there are always basically three things that we collaborate directly with the client (or in the case of internal audit, the business owner) on. Those are 1) the audit request list, 2) the audit findings, and 3) the status of the project. At the same time however, it is important in many audits that the client does not see the specific audit worksteps so the auditor is able to change those worksteps in response to changes in audit needs and to be able to inject changes and randomness when necessary.

Therefore, that is exactly what we have given the client project role access to. When a person is added to a project with the client role, they will see four tabs:

1. The Request List tab – Allows the client to track the request list open items, edit who is responsible for each item, and securely upload the files requested
2. The Findings tab – Allows the client to see the findings identified in the audit and provide associated management responses
3. The Status tab – Allows the client to instantly check audit status so the auditor does need to prepare manual status updates
4. The Client Dashboard tab – A dashboard that combines information from the three tabs listed above to give the client one screen where they can get an easy overview of the audit and their responsibilities within it

Try out the client role, we’re sure it will make your audits even easier to manage while making things easier for the client also. They will also be extraordinarily impressed with your audit team's ability to use technology gracefully to make the audit easy (something they wish so many auditors before you had done).

Article and Comments »

While writing your next audit report (which if you are anything like myself and most other auditors will almost certainly be at least three times too long), consider this brilliant thought from the book Revising Prose by Richard Lanham.

"When you are revising, the scarcest resource is human attention. Sentences are attention economies."

What a wonderful thought to keep in mind during the editing/review process.

Article and Comments »