Five Project Management Best Practices for More Effective Audits

Five Project Management Best Practices for More Effective Audits

Is your audit team being held back by a fundamental disconnect in how you’re approaching projects? Every audit is a project and successful projects require management, but internal audit managers are rarely trained in the principles of project management. Instead, we promote good auditors into management positions while providing little, if any, formal project management training. As a Project Management Professional (PMP) and longtime champion of process-based execution, I’ve seen how project management best practices can be the key to unlocking your team’s potential for delivering more effective and efficient audits. In this article, I will share what I have learned over more than a decade of incorporating project management principles into the audit function.

How Can Internal Audit Benefit from Project Management Best Practices?

When project management is done correctly, time invested in planning upfront enables every part of the audit to run more smoothly. Audit managers are typically expected to manage the project as well as manage the team, review the team’s completed audit work, liaise with stakeholders, and often to complete portions of the audit as well. Building up our project management capabilities can enable managers and teams to focus on the work that really matters, free from distractions resulting from tasks going off track or timelines spinning out of control. Dedicated project management requires establishing clear, measurable objectives; holding the team accountable for their assigned tasks; proactive, documented stakeholder engagement; risk management; and making use of the right tools and technology. Let’s go deeper into these five key practices. 

“Building up our project management capabilities can enable managers and teams to focus on the work that really matters, free from distractions resulting from tasks going off track or timelines spinning out of control.”

Practice 1: Create Well-Defined and Measurable Project Goals

Establishing the audit requires clear, measurable objectives and well-defined scope that supports the objective. The goals should be quantifiable, leveraging key performance indicators, so the project manager and project team can track their progress toward the objective. In addition, timelines are essential so team members understand expectations, deliverables, and milestones/due dates that have been communicated to other stakeholders. 

Practice 2: Clearly Establish Team Responsibilities and Workflows

Responsibilities for tasks and deliverables are assigned to team members as outlined within the project management plan. At this point, the project manager will map out the project workflow between those performing test procedures and the individuals performing a quality review. The project manager will construct the formal communication plan – who is informed, how often, and what metrics to present. Fully mapping out these data points will be essential to overall organizational buy-in and approval as well as the success of the project.

Practice 3: Maintain Healthy Lines of Communication

Open communication within the audit team is incredibly important to the success of the project and communication will look different depending on the project management methodology employed. If you are following a traditional waterfall approach, the project manager may need to solicit feedback from the team, while an agile approach will establish daily stand-up meetings and sprint reviews. A good communication plan should also include the business stakeholders. Keeping the communication lines open during the audit as it relates to progress, open documentation requests, and potential issues ultimately converts problems into resolutions more quickly and easily.

Practice 4: Plan for Setbacks and Course Corrections

Internal auditors are highly skilled at assessing risk. Ironically though, we often fall short at assessing the risk of an audit project going over budget or over time. A key element in project management is to plan for unexpected events by creating fail-safes, scheduling buffers, and having backup protocols to best mitigate project risks. Defining these risks and planning for mitigating actions, reduces the likelihood of confusion among the team, facilitates decision-making, and prevents overruns due to scope changes. To emphasize the point, incorporating a level of unpredictability into your project plan will safeguard against the unforeseen and allow your project to keep humming when your identified risks become a reality.

Practice 5: Implement Enabling Technology 

The final best practice is to implement technology that enables all the practices already discussed. Using integrated audit project management software makes it much easier to stay on top of the project from start to finish. For example: 

  • Dashboards provide an ongoing view on metrics and KPIs related to the project’s progress toward meeting objectives 
  • Workflows make it easy and accessible for team members to see all their responsibilities and stay on track with notifications
  • A built-in, consolidated communications hub facilitates open conversations among the team and stakeholders without having to leverage multiple applications for next steps and communications. When needed, APIs can also integrate with information ecosystems.
  • In the case of a setback, dashboard visualizations also show status for individuals and for the project to indicate which areas are at risk, providing the project manager access to data that will help you course-correct or pivot.
2024 Focus on the Future Report

Next-Level Auditing Through Project Management

While each project is unique, all successful audit projects are guided by core principles of project management. A common theme throughout these best practices is the need to invest more time during the planning phase of the project. By doing so, the entire process is more likely to run smoothly, saving the project manager from having to put out unnecessary fires during the audit. Incorporating project management best practices can be the difference between simply performing an audit and successfully managing every audit project with precision and professionalism. 

Chris

Chris Grabis, CPA, CISA, PMP, is a Manager of Solutions Advisory Services at AuditBoard. Chris joined AuditBoard from PwC, where he spent over twelve years providing consulting, internal, and external audit services spanning the healthcare, higher education, technology, and consumer/industrial products industries, largely in Southern California. Connect with Chris on LinkedIn.