The Maryland-National Capital Park and Planning Commission

Auditing and Reporting Process

There are four basic parts to the audit process; Planning, Fieldwork, Reporting and Follow-up.

Adequate and careful planning and research of an activity is a key function. Planning is documented and should include:

  1. Establishing audit objectives and scope of work;
  2. Obtaining background information about the activities to be audited;
  3. Determining the resources necessary to perform the audit;
  4. Communicating with all who need to know about the audit;
  5. Performing, as appropriate, a survey to become familiar with the activities, risk, and controls to identify areas for audit emphasis, and to invite auditee comments and suggestions;
  6. Writing an audit program; and
  7. Documenting how, when, and to who audit results will be communicated.

Fieldwork consists of collecting, analyzing, interpreting, and documenting information to support audit results. Information should be collected on all matters related to the audit objectives and scope of work. The information should be sufficient, competent, relevant, and useful to provide a sound basis for audit findings and recommendations.

A signed written report should be issued after the audit examination is completed. Interim reports may be oral and may be transmitted formally or informally. The auditor should discuss conclusions and recommendations at appropriate levels of management before issuing final written reports. The report should be objective, clear, concise, constructive, and timely. It should present the purpose, scope, and results of the audit, and, where appropriate, reports should contain an expression of the auditor’s opinion. The reports may include recommendations for potential improvements and acknowledge satisfactory performance and corrective action. The auditee’s views about audit conclusions or recommendations may be included in the audit report.

Auditors should follow-up to determine that corrective action was taken and is achieving the desired results or that senior management or the Commission has assumed the risk of not taken corrective action on reported findings.