Archer Audit Engagements & Workpapers 2024.03

Archer Audit Engagements & Workpapers enables you to track your audit universe, perform audit engagements, maintain workpaper documentation, perform testing, and report on audit results in a consistent and timely manner.

On this page

Benefits of the Audit Engagements & Workpapers Use Case

Archer Audit Engagements & Workpapers helps you transform the efficiency of your audit department, complete better-scoped audits more quickly, and decrease internal audit time and external audit fees.

For the key features and benefits of this use case, see the Data Sheet on the Archer Community: https://www.archerirm.community/t5/solution-use-case-overviews/archer-solutions-amp-use-cases/ba-p/572564

How Audit Engagements & Workpapers Fits into a Risk and Compliance Program

Audit Engagements & Workpapers is a use case in the Audit Management solution area. The following sections describe the use cases that Audit Engagements & Workpapers requires as a prerequisite, which use cases you can upgrade to as your audit program matures, and which use cases in other solution areas you can integrate for additional business context and functionality.

Prerequisite and Next Use Cases

The following table shows how this use case fits into the overall Audit Management solution area.

Prerequisites

What you have

What's next

Issues Management

Audit Engagements & Workpapers

Audit Planning & Quality
  • Establish your business hierarchy
  • Consolidate and coordinate findings and remediation plans from risk, compliance, audits, and other assessments
  • Manage exceptions with appropriate risk sign-off acceptance.
  • Document your audit universe
  • Create audit engagements and workpapers
  • Create a centralized Audit Program Library and workpaper repository
  • Perform audit testing
  • Manage audit findings and remediation plans, and capture audit observations
  • Plan audits based on risk assessments

  • Manage staff and schedule audits

  • Create audit plans

  • Evaluate the audit team

Enterprise Catalog

    

Related Use Cases in Other Solution Areas

The following table shows the use cases in other solution areas you can integrate for additional business context and functionality.

For information on these Archer use cases, see the Archer Solutions Help.

Application

Use Cases

Primary Purpose(s) of the Relationship

Control Procedures / Control sets

Controls Assurance Program Management

 

IT Controls Assurance

 

IT Risk Management

 

Risk Inventory and Top-Down Assessment

When you scope by Control Procedures as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Control Procedures record.

Risk Register

Risk Catalog

Risk Inventory and Top-Down Assessment

ISMS

IT Risk Management

When you scope by Risk Register as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Risk Register record.

Process Narratives

Financial Controls Monitoring

When you scope by Process Narratives into an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Process Narratives record.

Business Unit

IT Asset Catalog

Cyber Incident & Breach Response

When you scope by Business Units as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Business Unit record.

Applications

Audit Engagements & Workpapers

Business Continuity & IT Disaster Recovery Planning

Third Party Governance

IT Asset Catalog

IT Controls Assurance

Information Security Management System

PCI Management

IT Security Vulnerabilities Program

IT Risk Management

Cyber Incident & Breach Response

Data Governance

Operational Risk Management

When you scope by Applications as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Application record.

Facilities

Audit Engagements & Workpapers

Business Continuity & IT Disaster Recovery Planning

IT Controls Assurance

Information Security Management System

PCI Management

IT Risk Management

Cyber Incident & Breach Response

When you scope by Facilities as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Facilities record.

Business Processes

Audit Engagements & Workpapers

IT Controls Assurance

IT Risk Management

Data Governance

When you scope by Business Processes as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Business Process record.

Compliance Scope

Control Assurance Program Management

When you scope by Compliance Scope as an audit entity, this Allows the Data Feed Manager to populate the related risks and controls associated with the Compliance Scope record.

Note: The Audit Planning & Quality use case allows you to scope your audit entities by additional relationships: to risks and control procedures; authoritative sources, policies, and corporate objectives; and to information assets, products and services, and third parties. These relationships are only available if you have also licensed use cases that contains these applications.

Get Started