Types of Audit Reports


The report process begins after the exit conference.   It involves issuing three reports:   a draft report, a preliminary report, and a final report.

Draft Audit Report

The draft audit report is developed from the exit conference.  It contains the observations and recommendations reviewed during the exit conference, plus sections for the audit scope, objectives and methodology, and background to add context relevant to the audit topic.  The chief audit executive (CAE) reviews the report and provides input.  The draft report is sent to the audit customers for their review and comments as to the accuracy and clarity of the report as well as the reasonableness of the recommendations.  The content will be largely unchanged from the exit conference, so there should not be any surprises to the audit customer.  Even so, it provides another opportunity to review the content.  A deadline of 10 business days is given for submitting responses to the draft report to the CAE.

The CAE or the lead auditor will resolve comments that are received and integrate them with the audit report as applicable.

Preliminary Audit Report

The preliminary audit report is essentially the draft audit report with relevant review comments incorporated.  It is issued by the CAE to the chancellor as a confidential document.  Unless otherwise agreed upon, the chancellor will have five weeks to provide a formal response to the recommendations in the report.  The formal response should include a plan of action for each recommendation and expected date of completion for each action plan.  It will be reviewed and accepted by the CAE.

Final Audit Report

Upon approval of the chancellor’s response to the preliminary audit report, the final report is prepared.  This document is simply a compilation of the preliminary audit report and the chancellor’s response into one document.  The final audit report is distributed to the Board of Regents Audit and Finance Committee and discussed at their next regularly scheduled meeting.

Audit recommendations remain open until they are followed up and determined to have actions plans implemented.   See Follow-up Auditing for the process used to close out open audit recommendations.