Thread Options
#454144 - 11/08/05 11:06 AM Audit to policy & procedures or Risk?
Anonymous
Unregistered

Our QC department currently audits to policy & procedures; however, they make modifications to the outcome according to risk. Shouldn't the policies and procedures be modified in lieu of the audit since current policy has already been set? I am in disagreement with this philosophy of allowing leeway since the ultimate risk is not great. I feel it sends a mixed message to the field by saying although our policy & procedures say one thing, we are not going to cite you for this because there is no risk but we will cite for this because our policy & procedures state you have to have it???? (Sorry for the run-on sentences)

Return to Top
Audit
#454145 - 11/08/05 04:04 PM Re: Audit to policy & procedures or Risk?
Anonymous
Unregistered

If you don't enforce adherence to policy/procedure, personnel will not follow it. There should be a consequence for violations, even minor ones - a consequence for a minor violation could be just a verbal reminder the first time. The riskier more serious or repeated violations of policy/procedure should have stronger consequences. If the policy/procedure no longer makes sense, it should be changed. To not enforce policy/procedures or to not change policy/procedures that no longer make sense sends a message to employees that management doesn't care about doing things right.

Return to Top
#454146 - 11/08/05 05:32 PM Re: Audit to policy & procedures or Risk?
Dip Offline
Power Poster
Dip
Joined: Mar 2005
Posts: 6,298
San Diego, CA
yeah, on minor/non-risky errors, we may nto cite them as findings, but we will go over them with management or maybe add them on to the audit report as a comment. if the errors continually ocurr, we can elevate the consequences and make them findings. management shoudl be assessing risk and creating policies and procedures that they want to be followed--once they have p&p's that they are satisfied with, they should be followed 100%.
_________________________
Dabbling in banking, law, accounting...the life of a trustee.

Return to Top
#454147 - 11/08/05 05:54 PM Re: Audit to policy & procedures or Risk?
RR Jen Offline
Power Poster
RR Jen
Joined: May 2003
Posts: 3,759
Running and riding everywhere ...
I agree...a violation of policy/procedures that is a very low risk might not make it as a formal recommendation requiring management response but will be noted as a violation in the findings and discussed with management as a "house keeping" item.
_________________________
I don't need any more negativity in my life...be positive and helpful people or I will kick you in the shins!!!

Return to Top
#454148 - 11/08/05 09:19 PM Re: Audit to policy & procedures or Risk?
A_G Offline
10K Club
Joined: Jul 2004
Posts: 18,958
I agree too. We call these verbal findings and communicate them to mangement during the exit meetings. They show in the workpapers as such. If they are that minor there is no point in overshadowing something of major risk with a minor housekeeping issue.
_________________________
With the lights out, it's less dangerous.

Return to Top
#454149 - 11/08/05 09:22 PM Re: Audit to policy & procedures or Risk?
A_G Offline
10K Club
Joined: Jul 2004
Posts: 18,958
I agree too. We call these verbal findings and communicate them to mangem

Return to Top
#454150 - 11/11/05 04:48 PM Re: Audit to policy & procedures or Risk?
Anonymous
Unregistered

It seems to me that if you ignore a procedural violation because there isn't any risk, you are indicating that there is no accountability for not following procedures.

Return to Top

Moderator:  Andy_Z