Audit Management Implementation

Question 1

Audit admin (sn_audit.admin)

Answer 1

Set up the Audit Management application
Coordinate and facilitate configuration requests
Delete engagements, audit tasks, test templates, and test plans

Question 2

Audit manager (sn_audit.manager)

Answer 2

Create audit plans and engagements, including records necessary to conduct the audit, such as milestones, tasks, and evidence requests
Approve audit tasks, workpapers, and engagements
Track and monitor audit findings

Question 3

Audit user (sn_audit.user)

Answer 3

Perform fieldwork (walkthroughs, interviews, control testing, etc.)
Document the work and findings
Resolve and/or follow up with audit findings
Create test templates and test plans
Read-only access to Policy and Compliance and Risk Management applications

Question 4

Engagement project manager (sn_audit_advanced.engagement_project_manager)

Answer 4

Complete advanced planning with audit plans and engagements

Create resource and costs plans and approve time cards

Question 5

External auditor (sn_audit.external_auditor)

Answer 5

Assigned as auditor for an engagement and audit tasks
Perform audit against specific regulation
View closed engagements and tasks
View published policies, controls, and risks in the Monitor state

Question 6

GRC business user (sn_grc.business_user)

Answer 6

Leveraged across GRC applications. Audit-specific activities include:

Partner with the auditor on the action plan
Respond to observations and evidence requests
Resolve issues converted from the observation

Question 7

What is an audit plan?

Answer 7

An audit plan helps to manage different types of audits in a periodic manner and group engagements in a logical manner.

Question 8

What is an audit engagement?

Answer 8

An audit engagement is an audit project that may include audit tasks that accomplish a set of objectives or goals.
Audit engagements are scoped with auditable units or entities
An entity type called ‘auditable units’ is created for auditable units.

Question 9

What are the 4 audit tasks?

Answer 9

An engagement’s four types of tasks are: control tests, interviews, walkthroughs, and/or activities

Question 10

How are audit issues created?

Answer 10

Automatically, if the indicator result is failed or not passed.
Automatically, if the attestation result is not implemented.
Automatically, if the control test effectiveness is Ineffective and the state of the test is closed complete.
Manually to document audit observations, the intention of remediations, or to accept any problems.

Question 11

Do you recall the conditions which move the audit engagement into the Closed state?

Answer 11

The engagement is closed as incomplete during the Scope, Validate, or Fieldwork states.

Incorrectly unchecked
There are no open audit tasks, observations, or issues after the engagement is approved. In this case, the engagement automatically moves from Awaiting Approval to the Closed state.

Incorrectly unchecked
All of the follow up tasks, observations and issues are closed. In this case, the engagement automatically moves from the Follow Up state to the Closed state.