Battle stations, it’s audit time
Thursday, March 22, 2007/
When the internal auditors arrive for a snoop, it’s time to take evasive action and distract them with the trusty Auditor Management Plan.
Battle stations, it’s audit time
There is a quite a commotion in the office this afternoon, distracting me from my crossword. Apparently the internal auditors will arrive soon.
I have nothing to fear personally (due to my adherence to the principle that you can’t be criticised about your decisions if you don’t make any) but we do need to keep the auditors complacent; heaven only knows what would happen if they started to look seriously at what we do here.
So, motivated by self-interest, I have stepped forward to implement an Auditor Management Plan, which I have summarised below for the edification of my readers.
Monday: The auditors will be moved from meeting room to meeting room in search of a data connection. Eventually we will call the IT support team. Hopefully it won’t be the technician who disconnected the cabling on Friday. If so, a bottle of scotch should calm his conscience.
[This is probably the trickiest part. Fellow swimmers in the wall of molasses that is corporate life may have already arched an eyebrow at the thought that the outsourced IT “service providers” will be seen on the same day as a fault is logged, and may think that a three or four-day delay will be even better. To them, I whisper, urgently: no, it will not! A three-day delay will cause a complete reschedule, and we’ll end up back where we started. No, get them out the same day, even if it costs another bottle of scotch.]
Tuesday: The auditors were silly enough to nominate the staff they wished to meet. Of course, we made sure they were available on Monday – when the computer network was not – but somehow on Tuesday they are all attending an off-site training course.
Wednesday: We’ll absorb the morning with a completely unnecessary overview of structure and process by each of the operational heads. Lots of flowcharts and organisational charts (any will do).
In the afternoon, the internal auditors will finally commence their fieldwork. They’ll discover a file (carefully marked in large print with the words “Unauthorised Transactions” and left nearby), which appears to document a series of poorly documented and completely unauthorised transactions.
Thursday: In the morning the auditors will be occupied with frantic investigations, whispered conversations and lots of closed-door meetings and we’ll have some peace. Eventually they’ll emerge and schedule a meeting at which they will make us aware of the apparent irregularities. At that point we will look very concerned and promise a thorough investigation.
Friday: We will provide them with the various missing authorisations that were carefully removed from the files the previous week. The auditors will have no alternative but to provide a clean slate as they move to their next victims (sorry, internal customers).
Of course I have a contingency plan. If all else fails we’ll tell them about the genuine and serious misappropriation in our purchasing department. But I’d prefer to keep that up my sleeve for next year, if at all possible.
To read more Banker of Last Retort blogs, click here.