Related Posts
This is my story. Think and act

Floyd modeling his business-professional wear.

Is it easy for engineers to become TPMs?
Additional Posts in Risk Assurance
What makes more money IT Audit or IT GRC?
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.



There should be a drive for IA containing things like that, along with IIA guidance. Someone you know should have the link.
Lol- simple you don’t need any execution guidance.
Look at the environment/business/product or service, is it a high risk, what’s the cadence of execution, what’s the risk. Get your control understanding and design assessment. Then test. Based on cadence of execution and cos it’s anew Control (p.s) if you’re doing OET testing you can judgementally decide an appropriate sample based on risk. (Make sure you justify rationale and how you were able to reasonably conclude sample size is appropriate) if I was a Quality or independent reviewer that’s what I’d be looking for as well. Ive worked in different banks and I know big4 does have audit methodology as they do in banking. But the type of audit we do is specific and we need to build testing from ground up. This among others are one of the most important skills set to audit in FS. Hope that helps
You can access the guide at this link: https://www.nist.gov/publications/developing-effective-test-procedures.