AFTER DOING AN AUDIT, the final report is arguably the most important part of the process. The report provides the means of communicating the project. The purpose of communicating the efforts effectively helps drive management to consider resources and appropriate steps to improve compliance across the IT infrastructure. The primary purposes of the audit report include the following actions:
Communicate the results.
Prevent misunderstanding of the results.
Facilitate follow-up corrective actions.
Various entities and standards provide guidance on what should be included in the final report. These include, for example, the following:
The American Institute of Certified Public Accountants (AICPA) ...