In today’s business environment in which companies are struggling to comply with Sarbanes-Oxley and other regulations, audits are not perfunctory formalities that rubber stamp and recap past performance; rather, they are actionable documents that play a major role in the business’s strategic planning, compliance strategies, and corporate governance.

Risk-based audit planning focuses on the strategic, regulatory, financial, and business risks to which an organization has exposure. In an increasingly visible and valuable role, today’s internal auditors are expected to examine, evaluate, report, and recommend improvements on management’s risk management processes. Risk-based auditing can maximize the impact of audit’s assurance and consulting work.

The second book in the new Practical Auditor Series—cobranded with The Institute of Internal Auditors (IIA)— Audit Planning: A Risk-Based Approach helps internal auditors plan a dynamic, proactive audit. With step-by-step guidance, it covers:

• New approaches to setting the audit context and plans
• A step-by-step plan for addressing corporate risk in the audit plan
• Practical ways to implement some of the IIA’s professional standards
• Sample models that break down and explain complicated concepts
• Controls and reviews that ensure that work meets quality standards
• Case studies of various audits
• Diagrams and checklists to help build real-world auditing skills

There is no “one size fits all” audit. The goal is to customize a dynamic, defensible audit plan that addresses the needs and the risks of the particular organization. This book provides the practical guidance and tools to get auditors up to speed quickly with a real-world, risk-based approach to auditing.