Performance Audit

We treat each performance audit as a unique assurance activity and believe that planning is a key phase of any audit engagement. This is particularly important for performance audits, as the topics can be quite broad in both the depth and breadth of the areas to be assessed. As a result, effective planning of each performance audit typically takes up to 25% of budgeted hours.

The broad range of topics performance audits can cover also requires our team to have the ability to quickly understand the control framework, identify and apply the most applicable best practices and standards to the assessment criteria.

This can include:

• Legislative framework
• Policy and procedures
• Compliance standards such as those of the International Organization for Standardization (ISO)
• Information security standards such as ISO 27001, Australian Cyber Security Centre Essential Eight and
• Information Security Manual, and  National Institute of Standards and Technology (NIST)
• Project management standards such as the Project Management Body of Knowledge (PMBok) and the
• Information Technology Infrastructure Library (ITIL)
• Controls Frameworks such as Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the International Association of Certified Fraud Examiners
• Accounting and auditing standards issued by the Institute of Chartered Accountants – Australia and New Zealand and the CPA Australia
• The Australian Standards for Assurance Engagements (ASAE) issued by the Auditing and Assurance Standards Board.