Control Environment Audit Work Program 1 
Control Environment
Audit Work Program
Project Team (list members):
Project Timing:
Date
Comments
Planning
Fieldwork
Report Issuance (Local)
Report Issuance (Worldwide)
Audit Objectives
The purpose of this audit work program is to assess, at a high level, and validate key controls in place for the Control Environment. Inadequate or ineffective controls in this area may give rise to financial and operational risks.
Risks addressed in this audit work program include:
A code of conduct and other policies does not exist regarding acceptable business practices, conflicts of interest, or expected standards of ethical and moral behavior.
Adequate staffing levels are not maintained to effectively perform required tasks.
An independent governing body that provides oversight for management's activities does not exist.
An ongoing education process does not enable people to deal effectively with evolving business environments.
Company personnel do not have the competence and training necessary for their assigned duties.
Disciplinary actions do not send a message that violations of expected behavior will not be tolerated.
Employees throughout the entity are not assigned authority and responsibility related to their specific job functions.
Executives do not clearly understand their responsibility and authority for business activities and how they relate to the entity as a whole.
Formal job descriptions or other means of defining tasks that comprise particular jobs do not exist and are effectively used.
Incompatible duties are not segregated (e.g., separation of accounting for and access to assets).
Individual compensation awards are not in line with the ethical values of the company, and foster an appropriate ethical tone (e.g., bonuses are not given to those that meet objective, but in the process circumvent established policies, procedures or controls).
Job descriptions do not contain specific references to control-related responsibilities.
Job performance is
Audit Work Program
Project Team (list members):
Project Timing:
Date
Comments
Planning
Fieldwork
Report Issuance (Local)
Report Issuance (Worldwide)
Audit Objectives
The purpose of this audit work program is to assess, at a high level, and validate key controls in place for the Control Environment. Inadequate or ineffective controls in this area may give rise to financial and operational risks.
Risks addressed in this audit work program include:
A code of conduct and other policies does not exist regarding acceptable business practices, conflicts of interest, or expected standards of ethical and moral behavior.
Adequate staffing levels are not maintained to effectively perform required tasks.
An independent governing body that provides oversight for management's activities does not exist.
An ongoing education process does not enable people to deal effectively with evolving business environments.
Company personnel do not have the competence and training necessary for their assigned duties.
Disciplinary actions do not send a message that violations of expected behavior will not be tolerated.
Employees throughout the entity are not assigned authority and responsibility related to their specific job functions.
Executives do not clearly understand their responsibility and authority for business activities and how they relate to the entity as a whole.
Formal job descriptions or other means of defining tasks that comprise particular jobs do not exist and are effectively used.
Incompatible duties are not segregated (e.g., separation of accounting for and access to assets).
Individual compensation awards are not in line with the ethical values of the company, and foster an appropriate ethical tone (e.g., bonuses are not given to those that meet objective, but in the process circumvent established policies, procedures or controls).
Job descriptions do not contain specific references to control-related responsibilities.
Job performance is