As can be seen from the above menu, the three documents in this section can be taken
off-line, so auditors can take the documents to remote sites, amend the documents
as the audit progresses and ultimately upload the documents back to the LAN for departmental
review and sign-off.
Being essentially word processing documents; all printing, copying and file manipulation
are performed by the industry standard menu options on the top of each screen.
Risk and Control Summary
The Risk & Control Summary is the basis of all working papers. This identifies the
risks associated with an audit area, the expected controls, the actual controls,
comments and an audit evaluation of the control status. Risks must be numbered in
sequence and the controls likewise numbered within risk. The other two documents
are subsidiary to this document.
Upon entering this routine (or, indeed, any of the working papers), APACE will check
whether it is connected to the LAN. If it is it will also check whether any papers
are stored locally and give the user the option of working locally or remotely. It
will then place an indicator in the top of the screen showing which environment it
is working in.
Audit Programme of Compliance Tests
The Audit Programme of Compliance Tests is subsidiary to the Risk and Control Summary.
It links the risk and expected controls to the tests to be undertaken. If a Risk
and Control Summary doesn’t exist for the job you cannot open this document.
Test Working Papers
The Test Working Papers is subsidiary to the Audit Programme of Compliance Tests.
It links the tests performed, findings and conclusion to both the Audit Programme
of Compliance Tests and Risk and Control Summary. If a Risk and Control Summary doesn’t
exist for the job you cannot open this document. This document will record objectives,
records examined, work carried out, findings and conclusions reached. It will ultimately
be signed off by the appropriate manager when finally uploaded back to the LAN.