Archer Audit Planning & Quality 6.10

Archer Audit Planning & Quality enables internal audit teams to define and risk assess their audit entities and universe, plan for audit engagements in upcoming periods, and manage their audit staff and schedule. Audit Planning & Quality integrates rich management risk and control information, enabling internal audit to ensure their audit objectives are aligned with enterprise risk management and other related groups. The use case puts you in control of the entire audit planning lifecycle, enabling improved governance of audit-related activities while also providing integration with your risk and control functions.

For the key features and benefits of this use case, see the Data Sheet on the Archer Community: https://community.rsa.com/docs/DOC-40093

How Audit Planning & Quality Fits into a Risk and Compliance Program

Audit Planning & Quality is a use case in the Audit Management solution area. The following sections describe the use cases that Audit Planning & Quality requires as a prerequisite, which use cases you can upgrade to as your audit program matures, and which use cases in other solution areas you can integrate for additional business context and functionality.

Prerequisite and Next Use Cases

The following table shows how this use case fits into the overall Audit Management solution area.

Issues Management	Audit Planning & Quality	Explore related use cases in other Solution areas. See the following section.
Establish your business hierarchy Consolidate and coordinate findings and remediation plans from risk, compliance, audits, and other assessments Manage exceptions with appropriate risk sign-off acceptance.	Plan audits based on risk assessments Manage staff and schedule audits Create audit plans Evaluate the audit team
Audit Engagements & Workpapers
Document your audit universe Create audit engagements and workpapers Create a centralized Audit Program Library and workpaper repository Capture audit observations and manage audit findings and remediation plans

Related Use Cases in Other Solution Areas

The following table shows the use cases in other solution areas you can integrate for additional business context and functionality.

For information on these Archer use cases, see the Archer Solutions Help.

Application	Use Cases	Primary Purpose(s) of the Relationship
Control Procedures / Control sets	Controls Assurance Program Management IT Controls Assurance IT Risk Management Risk Inventory and Top-Down Assessment	When you scope Control Procedures as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Control Procedures record.
Risk Register	Risk Catalog Risk Inventory and Top-Down Assessment ISMS IT Risk Management	When you scope Risk Register as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Risk Register record.
Process Narratives	Financial Controls Monitoring	When you scope by Process Narratives into an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Process Narratives record.
Business Unit	IT Asset Catalog Cyber Incident & Breach Response	When you scope by Business Units into an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Business Unit record.
Applications	Audit Engagements & Workpapers Business Continuity & IT Disaster Recovery Planning Third Party Governance IT Asset Catalog IT Controls Assurance Information Security Management System PCI Management IT Security Vulnerabilities Program IT Risk Management Cyber Incident & Breach Response Data Governance Operational Risk Management	When you scope by Applications as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Application record.
Facilities	Audit Engagements & Workpapers Business Continuity & IT Disaster Recovery Planning IT Controls Assurance Information Security Management System PCI Management IT Risk Management Cyber Incident & Breach Response	When you scope by Facilities as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Facilities record.
Business Processes	Audit Engagements & Workpapers IT Controls Assurance IT Risk Management Data Governance	When you scope by Business Processes as an audit entity, this allows the Data Feed Manager to populate the related risks and controls associated with the Business Process record.
Compliance Scope	Control Assurance Program Management	When you scope by Compliance Scope as an audit entity, this Allows the Data Feed Manager to populate the related risks and controls associated with the Compliance Scope record.

Additional Resources

The following additional resources are available for this use case:

• Archer Academy training

The following resources are also available for the Audit Management solution area:

• Audit Management Solution Brief
• Maturity Model Snapshot: Audit Management

Get started

• Learn more about the use case design
• Learn how the use case works
• Install and set up the use case