Audit Universe | ‫اﻟﺘﺪﻗﻴﻖ‬ ‫ﳎﺎل‬

Area Auditable Process Description

Finance Financial Statement Review the financial statements preparation
Finance Reconciliations Complete and timely reconciliation for Suppliers, Guarantors, Doctors, Personnel, and other accounts
Finance Accounts Payable Accounts Payables' registration, correctness, completeness, and timeliness
Finance Expenses Expenses' registration, validity, correctness (supported), completeness, and timeliness
Finance Accounts Receivable Receivables' registration, correctness, completeness, and timeliness
Validity of provisions, prepayments and accruals, correct registration (value, nature, and distribution),
Finance Prepayments, accruals, and provisions
completeness, continuity and quarterly update, and comparison to actual transactions

Registration, validity, correctness (supported), completeness, and timeliness of accounts held by banks or
Finance Financial Accounts other financial institutions, checking account, savings account, mutual fund account, investment account,
loan accounts, credit account or debit account
Finance Revenues Revenues' registration, validity, correctness (supported), completeness, and timeliness
Finance Invoicing Price setting and update, invoice creation‐processing‐posting to SAP, outstanding invoices monitoring
Cash management, spot cash count, peripheral versus central cashier reconciliation, correct registration
Finance Cashiers
of incoming and outgoing payments
Fixed Assets Fixed Assets Fixed Assets registration, acquisition, depreciation, disposal, usage, validation, and valuation
Fixed Assets Fixed Assets Inventory FA inventory management, frequency, registration
Bylaws are in place to govern the role of the general adminitration, as well as an Authorization Matrix
General Administration Authorization Matrix and bylaws
depicting the responsibilities and authorities of the key positions
General Administration Strategic planning Plan preparation, approval, monitoring, and reporting
General Administration Decisions implementation Monitoring of decisions implementation and abidance by the set timelines
Contracts tendering process, selection, awarding, deliverables monitoring, advance‐interim‐final
General Administration Contracts Management
payments processing
Emergency response plan, continuity of service, backup procedures, disaster recovery planning, training
General Administration Business Continuity
and testing, insurance
Human Resources Employee Records Employee file management, update, follow‐up, retention
Human Resources Hiring process Vacancies identification, ads, candidates applications, selection, hiring, approval, and contract processing
Organigram with Segregation of Duties and no Conflict of Interest is in place, complied with, includes FTE,
Human Resources Organizational Structure
pay scale, and set Job Descriptions

Internal Audit Manual Page | 1 | ‫ﺻﻔ ﺔ‬ ‫اﻟ اﺧﻠﻲ‬ ‫دﻟ ﻞ اﻟ ﻗ‬

 Audit Universe | ‫اﻟﺘﺪﻗﻴﻖ‬ ‫ﳎﺎل‬

Area Auditable Process Description

Human Resources Employees compensation/payroll
Human Resources Purchasing Contracts Management
Human Resources Employee Turnover
Human Resources Internal Rules
Performance Monitoring and Training Evaluations timeliness, completeness, and management of derived actions | Training Plans approval,
Human Resources
Management
Information Systems Information Systems Governance
External information systems
Information Systems
solutions
Information Systems Change Management
Information Systems Information Security
Information Systems Users Access Rights
Information Systems Users Management
Information Systems IS Projects Process and monitoring
Payroll and benefits calculation, validity (i.e. supported), compliance with internal policies; registration,
HR‐Finance reconciliation; Declarations are correct, complete, and timely
Types of Contracts, application, renewals validity and timeliness
Turnover compared to industry average, exit interview validity, analysis, and derived actions
Setting and monitoring internal HR Rules (code of conduct, appearance, attendance and overtime,
sanctions and rewards, leaves, benefits…)
monitoring, and implementation
Information Systems' governance system is in place (vision, roles with Segregation of Duties, policies,
deliverables, monitoring, performance measurement, risk management)
Management and monitoring of external information systems solutions (monitoring, intergration, service
expectations, data management, threat protection...)
A program maintenance or change framework exist (segregation of duties, different environments,
monitored changes, post implementation reviews, emergency changes, patch management…)
Security controls: physical, logical, cyber
Users' access based on roles/duties and timely updated ‐ Generic/privileged Users
Users' proper and timely provisioning and termination
Procedure in place for managing IS Projects: defined requirement, design documents, roles and
responsibilities, phasing (time and cost estmation), testing, user acceptance, post implementation review,
closure, documentation.
Information Systems Projects' monitoring of integration, resources allocation, progress, approvals,
reporting

Information systems assets' monitoring, maintenance, incident/problem management, license

Information Systems Information Systems Infrastructure
management...

Information Technology conituity in terms of data backup, recovery, and response to technological
Information Systems Business Continuity‐technological
disasters

Internal Audit Manual Page | 2 | ‫ﺻﻔ ﺔ‬ ‫اﻟ اﺧﻠﻲ‬ ‫دﻟ ﻞ اﻟ ﻗ‬

 Audit Universe | ‫اﻟﺘﺪﻗﻴﻖ‬ ‫ﳎﺎل‬

Area Auditable Process Description

Controls in place to ensure adequate confidentiality, integrity, and availability of systems and data: Input
Information Systems Application Controls Controls, Processing Controls, Output Controls, Integrity Controls, Interface Controls, and Transaction and
event logging (leading to configuration or code changes)
Medical Administration Doctors Contracts Management and renewal of contracts, and registration of Doctor's transactions
Medical Administration Residents Contracts Management of Residents contracts, performance, and payments
Clarity of admission requirements, timeliness of guarantor confirmation, rate of admission's guarantor
Patients Affairs Patient Admission
change completeness of patient file (ID guarantor approval medical auditing ) deposit payment
Discharge cycle and coordination between the nursing station‐billing‐out patient services‐cashier;
Patients Affairs Patient Discharge
managing patient's receivables including liabilities
Stores' management: Stock levels management/par levels, Storing conditions, Receiving‐Issuing‐Disposing
Procurement Inventory‐Stores Management
processes | Inventory verification and valuation
Procurement Vendor Management Vendor Management: addition, evaluation, selection
Procurement Purchasing process Purchases initiation, processing, approval and issuance
Procurement Receiving process Purchases receipt and registration
Procurement Tendering Process Terms ad conditions, tender preparation and management, selection and contracts
Services‐Facilities Dorms Management of AWMV facilities to rent out
Services‐Facilities Transportation Vehicles management, renewal, maintenance, disposal; transportation lines management,
Food services management and planning, compliance with infection control and dietary services,
Services‐Food Food services
distribution and collection, waste management
Outsourced services management: contract's preparation and services definition, deliverables monitoring,
Services‐Outsourced Outsourced services
payment processing, contract renewal
Management of access to the facilities, enactment of Management decisions, monitoring equipment, and
Services‐Security Security
security incident management process
Review policies and processes, organizational structure, personnel needs analysis, management of utilized
Standard AWMV Area Standard Auditable Area‐Department resources, types‐validity‐accuracy of processes done and transactions recorded, nature and extent of
reporting in place, compliance with AWMV and internal policies

Internal Audit Manual Page | 3 | ‫ﺻﻔ ﺔ‬ ‫اﻟ اﺧﻠﻲ‬ ‫دﻟ ﻞ اﻟ ﻗ‬