Audit Process

What is the KirkpatrickPrice Audit Process?

We’re dedicated to streamlining the audit process so that our clients can complete an audit in five basic steps.

1. Gap Analysis

If it’s your organization’s first time having an audit performed, we strongly recommend starting with a gap analysis so that our Information Security Specialists can identify any operational, reporting, and compliance gaps in your organization and advise you on strategies for remediation. Gap analyses ask and answer, “How are we doing compared to what regulations require?” Depending on which audit you select, you may undergo a remote or onsite gap analysis. Once your organization has remedied any identified gaps, the audit can begin.

2. Scoping and Planning

To begin the audit process, we’ll work together to perform scoping exercises to determine an accurate scope of the engagement. These scoping exercises will include analyzing organizational, geographic, and system factors. Scopes that are too wide may result in an overwhelming or too challenging audit, whereas a narrower scope will result in a larger return on investment and a more accurate audit. Once we’ve worked together to define the scope of the engagement, we’ll define an accurate timeline and identify the engagement team.

3. Gathering

With training from KirkpatrickPrice, your organization will utilize the Online Audit Manager to upload documentation and answer questions relating to your internal controls. This will help your team go through an efficient process on your own schedule, communicate directly with your designated Information Security Specialist and Audit Support Professional, receive remediation guidance early in the process, and eliminate intrusive and expensive onsite time. The Online Audit Manager will ultimately help you complete 80% of the audit before KirkpatrickPrice steps through your doors for an onsite visit.

4. Onsite Visit

Onsite visits are for the purpose of reviewing and testing internal controls that cannot be tested remotely and to close out any remaining responses in the Online Audit Manager. During an onsite visit, your designated Information Security Specialist will review and test things like physical security safeguards, walk through your processes, and interview personnel. KirkpatrickPrice Information Security Specialists enjoy conducting their onsite visits because it’s a great time to educate clients, resolve any confusion, and set clients up for success.

5. Report Delivery

Each report from KirkpatrickPrice is written by our team of Professional Writers to ensure that you receive the highest quality report; report writing is never outsourced. After your assessment has finished, a draft report will be sent for your review, then a final report will be delivered through the Online Audit Manager. Following report delivery, you’ll also receive a press kit which includes KirkpatrickPrice-branded compliance logos, the writing and distribution of a press release announcing your recent audit, language to use in marketing materials, and advice on how to best market compliance achievements.