You have been hired by a UMUC to conduct an operational and information technology audit of UMUC's myUMUC system. The audit is being requested to address concerns from senior executives that the system is not efficient / effective for the user and management community. This plan will detail the audit objectives and the steps that must be taken to ensure the important issues are covered. The audit plan will consist of two parts.
Part I will be a written, detailed audit plan that covers the following items:
- Summary of UMUC and the myUMUC system that will be reviewed.
- Preliminary identification of audit risks, with special focus on IT-related risks (such as risks related to e-business).
- Recommended framework for how long the engagement should take (including when the audit should begin) and the number of resources required.
- Identification of the audit procedures (including tests) that will be performed.
The length of the audit plan will vary, but ensure you use appropriate formatting with a cover page, table of contents, references as appropriate, and good titles/subtitles. I have gotten "short" audit plans that typical get a lower grade and "long" audit plans that get the higher grades. I am looking for both quality and quantity. It is imperative that you are super detailed in your audit plan. You should be able to give the audit plan to ANYONE who can follow exactly what to do STEP-BY-STEP.
Part II will be an executive summary of Part I. It will be in presentation form. Using PowerPoint, create a summary of your audit plan to deliver to the Executive Audit Committee. Ensure that your PPT is at least 10 slides long excluding the title slide and references slide.