Since 2020, due to the Covid-19 pandemic, many were forced to abruptly adapt and adjust from the traditional "on-site" audit to remote or virtual audit. This transition has been incredibly fast that auditors are still familiarizing themselves with the new procedures.
What is a remote audit?
A remote audit, also known as virtual audit, refers to the use of information and communication technology (ICT) to gather information, interview an auditee, among others, when "face-to-face" methods are not possible or desired. Remote auditing provides a springboard for tools such file and screen sharing, videoconferencing (Skype, Zoom, Google Meet, Microsoft Teams are common platforms) and live data analysis.
Here are some general recommendations that may help you to adapt your audit process and cope up with the challenges of remote auditing.
The use of remote auditing will only be successful if the technology or tool that will be used is available to both the auditor and the auditee and have the necessary competence and resources. Feasibility is also dependent on online connection quality. A limited or weak connection may slow the process to the point of inefficiency.
2. Special consideration for data integrity, privacy and confidentiality
This is critical when using ICT. All requirements must be identified and considered ensuring the effective implementation of the audit. In addition, the auditor and the auditee must agree with the use of ICT and the corresponding safety and security measures to be undertaken.
3. Clarify the new process
The remote audit approach should be clearly explained to the participants as well as the differences with face-to-face audit during the kick-off or planning meeting. The discussion should also cover details such as the list of audit requirements, the rundown of what will happen, who will attend from both sides, what digital tools will be used and the timeline of the audit engagement.
4. Definite and well-planned audit planning
The audit plan should clearly identify what, when and how the audit will be conducted. It is recommended that the duration of remote audit be as brief as possible by focusing your audit on key risk areas. In contrast to on-site audits, technical issues, such as connectivity, sound quality, image quality, among others, could have a huge impact and may require more attention and time to resolve.
5. Optimizing the use of all available tools during the audit
Remote audits will make use of various tools for file sharing, videoconferencing, screen sharing, among others. The auditor should be able to confirm which tools will be used and carry out the necessary risk assessment procedures to ensure that all security and privacy protocols are met.
6. Clear and consistent communication
Sufficient interaction between the auditor and auditee is also very crucial to the success of remote auditing. Paying attention to key audit risks, discussing issues and findings with the auditee and proper documentation of the new process should also be part of the protocols.
With no well-defined end to the pandemic, the industry has no choice but to continue to adapt and develop ways to ensure that remote auditing grows into a recognized and accepted way to ensure quality system and compliance moving forward, which can be achieved through further development of remote auditing technologies based on good quality and regulatory practices along with a risk-based approach.
Cristina Joy C. Dumayas is a senior partner and head of Operations for Audit of PDAC & Co., CPAs (PrimeGlobal Philippines) and a member of Acpapp. The views and opinions in the article are that of the author and do not represent that of these institutions.