Skip to Main Content

Auditing & Consulting Division of Administration & Business Affairs

Support Page Content

The Audit Process Explained

The audit process is a meticulous and structured examination of an organization's operations, controls, and processes. This systematic review is conducted to assess the accuracy, reliability, and fairness of financial information, as well as to evaluate the organization's compliance with laws, regulations, and industry standards. Audits provide valuable insights to stakeholders, such as investors, creditors, regulators, and management, by offering an independent and objective assessment of the organization's financial health and operational efficiency.

Audit Initiation

Planning

The auditor gathers background information about the audit topic, determines the audit objectives and methodology, and develops an audit program. The audit program indicates what procedures the auditor must follow in identifying the area/activity to examine, questions to ask, and documents to review.

Entrance Conference

Each audit is kicked off with an entrance conference. During the entrance conference, the auditor meets with representatives of the audited area (or auditee) to discuss the audit objectives and scope, estimated timeline and resources needed, and communication of audit results.

Fieldwork

Fieldwork

The evaluation phase of the audit is referred to as fieldwork. To assess the adequacy of internal controls and compliance, the auditor meets with key personnel, reviews departmental records and processes, and tests a sample of transactions in detail.

Status Meetings

Throughout fieldwork, the auditor discusses initial audit observations and outstanding document requests with the auditees during status meetings. These meetings allow for the auditee to clarify or provide additional documentation to resolve any concerns or clear any preliminary observations.

Post Fieldwork and Exit Conference

Post-Fieldwork

After fieldwork, the auditor writes a draft audit report, noting observations identified and corresponding recommendations. This draft report is forwarded to the auditee for discussion during the exit conference.

Exit Conference

During the exit conference, the auditee has the opportunity to propose changes, and any agreed-upon changes are incorporated into the draft report. The auditor also requests that the auditee provide written responses to the recommendations.

Reporting Process

Specific to audit engagements performed by our Chancellor's Office of Audit and Advisory Services (OAAS), the auditor will issue two draft reports and one final report.

Preliminary Draft

This is the first draft of the auditor's report containing the information gathered and evaluated during the engagement. The auditor will send the preliminary draft for our campus to review. At this stage, revisions can still be made if necessary and the campus has seven days to provide any comments, questions, or concerns.

Incomplete Draft

The second draft of the report is sent to campus and is considered to be the "final draft" of the auditor's report. This will incorporate any agreed upon changes from the preliminary draft, and the campus has fifteen days to respond to any recommendations reported by the auditor.

Final Report

The auditor issues the final report to the campus management. The report is then published online, on the OAAS website.

Follow-Up

Recommendation Implementation

The last step of the audit process is to fully implement each recommendation issued by the auditor. When the audit is being conducted by the Chancellor's Office of Audit and Advisory Services (OAAS), open audits are included on a matrix that is presented to the audit committee at each California State University Board of Trustees meeting. The matrix is a status report that shows the total number of recommendations and number of recommendations outstanding for each completed audit.

As the campus completes the corrective action for each recommendation in the report and submits proof of this corrective action, the matrix is updated.