INTERNAL AUDIT DEPARTMENT

CONTENTS
Objectives ................................................................................................................ 3
Introduction .............................................................................................................. 3
The Audit Approach .................................................................................................... 4
Planning an Audit ....................................................................................................... 5
What you need to know planning an audit ..................................................................... 5
Preliminary Audit Engagement Activities ....................................................................... 6
Planning Activities ................................................................................................... 7
Audit Objectives ...................................................................................................... 9
Setting the Audit Scope ........................................................................................... 10
The Audit Methodology ........................................................................................... 11
Risk Assessment..................................................................................................... 12
Identifying Key Business Processes and Performing Control Environment Reviews ................. 13
Audit Criteria and Risk Rating ................................................................................... 17
FieldWork ............................................................................................................ 21
Communications Management Processes ..................................................................... 24
Documenting The Audit Plan .................................................................................... 24
Summary ................................................................................................................ 25
References .............................................................................................................. 26
APPENDIX ................................................................................................................ 27
OBJECTIVES

The objectives that are intended to be achieved by this guide are to:-

1 Provide auditors with practical examples, professional guidance, tools and

information for planning and conducting an audit.
2 Provide a systematic and disciplined approach to the audit of governance, risk
management and control processes.
3 Enhance audit productivity and quality by outlining the procedures and processes
for planning an audit in accordance in the Institute of Internal Auditors (IIA)
Standards for the Professional Practice of Internal Audit.

INTRODUCTION

This guide will provide procedures and guidelines, practical examples, tools and
information as it relates to planning an audit. It is intended to help auditors to
improve the quality of their performance and promote professional competence in
planning and conduction audit engagements. The guide will address the performance
concerns of management while meeting the needs of auditors as it explains key
considerations for planning and conducting an audit in keeping with the Institute of
Internal Auditors Standards (IIA Standards) for the Professional Practice of Internal
Auditing.

THE AUDIT APPROACH

One of the key roles of internal audit is to provide assurance that the risks of an
organization are being properly managed. As a professional institution the Internal
Audit Department can best achieve its mission to add value to and improve the
operations of government ministries and departments by positioning its work in the
context of the audited organization’s own risk management framework. This
approach is call a risk based approach. It is an approach that is applied to produce
the most meaningful audit result in the most efficient and cost effective way. To
establish a risk based framework for timely delivery of high-quality audit reports and
avoid performing unnecessary tasks and activities a SMARTEST approach must be
undertaken. Auditors must ensure that:-

 Sound judgement is used throughout the audit process.

 Methodologies selected are appropriate and designed to capture an
appropriate range of data.
 Audit questions set can be concluded against.
 Risks are properly analyzed and managed.
 Tools selected are best suited to achieve the objectives of the audit.
  Evidence is sufficient, relevant and reliable to support the audit findings.
 Significant conclusion possibilities are considered from the planning phase to
the end of the audit.
 Transparency approach is adopted with the audited entity.

PLANNING AN AUDIT

According to the International Standards for the Professional Practice of Internal

Auditing (Standard - 2200) Internal auditors should develop and record a plan for
each engagement, including the scope, objectives, timing and resource allocation
(IIA, 2005, p 349). It is important to plan well because audits vary in nature. In
planning the audit the auditor must gain an understanding of the nature of the
program; the activity, organization or initiative being audited; determine and asses
the risks; and determine the most appropriate objectives, scope and criteria to be
utilized.

WHAT YOU NEED TO KNOW PLANNING AN AUDIT

Planning an audit helps the auditor to:-

 Minimize the risk of providing a wrong opinion,

 Improve audit efficiency and meet the audit objectives with minimum effort,

 Employ the correct audit strategies to detect all relevant risk areas, and

 Determine the timing and extent of tests of controls and substantive

procedures.
It must be noted that planning is not a linear or discrete phase of an audit but,
rather, a continual and iterative process that begins before an audit and continues
until the completion of the audit.

PRELIMINARY AUDIT ENGAGEMENT ACTIVITIES

In keeping with IIA standard 2210.A1 1 (p.355), as auditors you should perform the
following preliminary activities prior to beginning to plan the audit so that they can
get an overview of the area to be audited. This will help to gain a foundation on
which to prepare a risk based audit program that concentrates on those matters
which are of paramount interest to management.-

 Develop a sound understanding of the program, activity, organization or

initiative being audited including its management practices, business
processes, policies and procedures, and internal and external environment
with particular focus on important aspects of risk management, control and
governance processes in relation to what is to be audited.

 Determine if the entity to be audited is compliant with legal, ethical and

industry requirements.

 Define the information and resource needs for management and control
purposes.

 Establish the procedures for maintaining the client relationship and for
conducting the specific audit engagement.

1
IIA Standard 2210.A1- Risk Assessment in Engagement Planning – Internal auditors should conduct
preliminary assessments of risk relevant to the activity under review. Engagement objectives should
reflect the results of this assessment. P355
  Establish an understanding of the terms of the audit engagement.

These preliminary activities will allow the auditor to get to know the staff,
understand the operations of the organization and focus on the objectives, controls
and risk. This will equip the auditor with knowledge to effectively plan the audit.

PLANNING ACTIVITIES

The nature and extent of the planning activities that are necessary depend on the
size and complexity of the audited entity, your previous experience as an auditor,
and changes in circumstances that occur during the audit. Planning of the audit
involves defining the objectives; setting the audit scope, determining the audit
methodology and documenting the detailed audit plan as depicted below.

Figure – Steps to Planning an Audit

When developing an audit plan you should review existing data about the entity
including:-

 Relevant laws and regulations

 Policies, procedures and standards, manuals and other directives

 Results of previous audits or evaluations by internal auditors and any other

reviews or internal assessments that are relevant

 Organizational charts and personnel listings

 Job descriptions

 Process charts

 Organizational strategic plans and objectives

 Management studies and reports

  Management meeting minutes

 Budget and other financial allocations and actual performance in previous

years

 Operational and financial data and related reports to gain an understanding of

the nature and volume of transactions

 Matters affecting the industry in which the entity operates, such as financial
reporting practices, economic conditions, and technological changes

 The extent of recent changes, if any, in the entity, its operations, or its
internal control over financial reporting

 Risk assessments

Other activities may include discussions with the engagement client, interviews
with the individuals affected by the activity (for example customers and other
stakeholders), and on-site observations (IIA Standards, 2005, p357).

AUDIT OBJECTIVES

WHAT ARE AUDIT OBJECTIVES AND WHAT IS THEIR PURPOSE?

Information gathered through the preliminary audit engagement activities help

auditors to gain perspective and enable the management team to decide on the
direction the audit should take. The knowledge gained through those assessments
helps with framing good audit objectives in accordance with IIA standard 2210 2 .
Audit objectives are broad statements developed by the auditor which define what is
to be accomplished by the audit. Their purpose is to help to determine the steps
and actions that would be needed to complete the audit. Therefore the objectives
must be specific and related to the nature of the work to be conducted. Each audit
objective must include an action achievement verb, a single key result to be
2
IIA Standard 2210 – Engagement Objectives – Objectives should be established for each engagement.
 accomplished, a target completion date or time period and a specific action that
would lead to a result. Please see the example given below.

An example of an audit objective

To provide assurance that the Procurement Unit made an accurate forecasting of the materials needs for the

completion of scheduled repairs to the Ministry of Home Affairs.

From the example given you will observe that the following were included:-

 Action achievement verb – accurate forecasting

 A single key result to be accomplished – forecasting of material needs
 A target completion date or time period – scheduled (can be verified)
 A specific action that would lead to a result – Forecasting of materials which would
lead to timely repairs.

SETTING THE AUDIT SCOPE

The scope defines the boundaries of the audit, in other words it outlines how deep
the audit will go and what specific activities and timelines will be subject to the
audit evaluation. It is not practical or efficient to cover every possible aspect in a
single audit. Consequently, it is important to restrict the nature, timing and extent
of audit procedures to a limited number of issues of concern so as to complete the
audit and maximize the use of resources needed. However, the established scope
must be sufficient to achieve the objectives of the engagement -IIA Standard 22003.
The scope is determined through a review of the audited organization’s activities,

3
IIA Standard 2200 – Engagement Planning – Internal auditors should develop and record a plan for
each engagement, including the scope, objectives, timing, and resource allocations.
discussions with management and the auditor’s judgement. It should clearly state
the time period to be audited and the activities not audited to delineate the
boundaries of the audit. Below is an example of an audit scope statement.

An example of an audit Scope

Audit of Scholarships and Training

This audit will examine the objectivity, efficiency and effectiveness of the governance and
monitoring practices that support the approval and oversight functions for the administration of
government offered scholarships and training – Training Division. It will assess the management
control framework and operational practices in place for the period 2008 to 2017. This work will
establish the number of students that received scholarships and training over that last 10 years.
Determine the number of students that were due to return to the country to serve in accordance
with their student bonds for the period 2012 to 2017. Establish the current level of arrears owed by
students who have dishonored their bonds between 2012 and 2017. This audit relates specifically
to government offered scholarships and training overseas.

THE AUDIT METHODOLOGY

The audit objectives and scope influence the design of the methodology for
conducting the audit. Consideration must be given to each of the following
activities which occur during the execution of the audit:-

 The entry meeting with management and other representatives of the audited
entity
 Conducting the field work and documenting evidence
 Evaluating the evidence and establishing findings
 Drawing conclusions based on established criteria
 Identifying causes and effects of any deficiencies
  Developing preliminary recommendations
 Exit meeting with management and other representatives of the audited
entity

In addition to these activities the communication, resource, budget (time and

money),and quality requirement should be considered. Thinking of these activities
and requirements will assist auditors with employing the best procedures for
communicating with management and key personnel identifying, analyzing,
evaluating and recording information during the engagement- IIA standard 2240.A1-
Work Programs (p 363).

RISK ASSESSMENT

A risk assessment is the identification of any risk factors or potential hazards that
could threaten the existence of an organization, its operations or its employees. As
an auditor you must be able to analyze the risk that such an event or action may
adversely affect the audited organization for example by assessing the probability
that event or action under consideration may cause financial loss, reputational
damage or prevent the organization from performing its functions efficiently and
effectively. The relative significance of the risks identified must also be analyzed
by looking at the likelihood of occurrence and the possible impact. Consideration
must also be given to the actions taken by the organization to mitigate those risks.

Auditors perform audit risk assessment to:-

 Gain an understanding of the risks that threaten the audited organization’s

achievement of the strategic objectives;
 Develop a strategy to identify the key business processes that mitigate the
organization’s strategic risks related to its operations;
  Review the control environment;
 Document any issues identified; and
 Provide a basis for the detailed development of the audit plan.

In order to complete the risk assessment the following must be undertaken:-

 Identify key business processes and perform a control environment review;

 Establish the criteria and risk rating;
 Identify and prioritize risks.

IDENTIFYING KEY BUSINESS PROCESSES AND PERFORMING CONTROL

ENVIRONMENT REVIEWS

To remain compliant with IIA Standard 2201- Planning Considerations4 (IIA, 2012, p
13) it is important to identifying key business processes and performing control
environment reviews. This involves reviewing the plans and objectives of the
organization, its structure and the core business functions. The work activities
related to those functions which are necessary to accomplish the objectives must be
examined to identifying who is responsible for the tasks and the procedures for
completing them. Below is an example of some core business process activities:-

Core Functions

4
IIA Standard 2201 can be accessed from
https://na.theiia.org/standards-guidance/Public%20Documents/IPPF%202013%20English.pdf
 Core Functions of An Organization

Information
Sales Administration Accounting Payroll
Tecnology

Records System
Invoicing General Ledger Benefits
Management Administration

Information
Inventory Authorization Purchasing Salaries & Wages
Security

Sales Contract Onboarding/ Cash

Claims Communication
Management Offboarding Management

The control environment review requires an examination of control activities such as

record keeping, segregation of duties, monitoring, authorization and security.
Consideration must also be given to the political, social, technological and
environmental factors that could affect performance and the achievement of the
overall objectives. Below is a graphic example of some of the factors to consider
when conducting an environmental review.

Environmental Factors That Affect Organizations

Employing a risk based strategy would call for a review of various controls for an
audit perspective. Below is a sample questionnaire that auditors may as a guide for
the examination of internal controls.

Table Sample Internal Control Questionnaire

INTERNAL CONTROL REVIEW FACTORS QUERY

COMPONENT
 Are organizational lines or authority
Assignment of Authority
and Responsibility
and responsibilities clearly defined and
aligned with organizational goals and
objectives?
 Do employees know how their actions
interrelate to others?
 Do employees know and who they
report to?
 Are employees aware of internal
 controls?
 Are policies and procedures in places
CONTROL for hiring, orienting, training,
HR Policies and Procedures evaluating, promoting, compensating,
ENVIRONMENT REVIEW disciplining and terminating
employees?
 Are employees provided a proper
amount of supervision?
 Does the entity have a strategy and
risk assessment plan that considers
objectives and relevant sources of risk
from internal and external sources?
 Has the entity established a control
Entity-wide Objectives structure to address those risks?
 Are there activity-level (program)
objectives that are linked with the
entity’s overall objectives and
strategic plans?
 Do the activity-level objectives include
a measurement criteria?
 Does management comprehensively
identify risk using various
methodologies as appropriate?
 Do adequate mechanisms exist to
Risk Identification identify risks to the entity arising from
external factors?
 Do adequate mechanisms exist to
RISK ASSESSMENT identify risks to the entity arising from
internal factors?
 Does the entity have mechanisms in
place to anticipate, identify, and react
to risks presented by changes in
economic, industry, regulatory,
operating and other conditions that
Managing Risk During can affect the achievement of
Change organization-wide or activity-level
goals and objectives?
 Does the entity have a plan to mitigate
risks presented by changes that can
have a profound effect on the entity?
 Do appropriate policies, procedures,
and mechanisms exist for each of the
General Application entities activities?
 Are control activities appropriate and
working as intended?
 Are reviews conducted to track major
achievements in relation to its plans?
 Does the entity effectively manage the
organization’s workforce to achieve
results?
 Common Categories  Does the entity employ a variety of
control activities suited to information
processing systems to ensure accuracy
and completeness?
 Does the entity have physical controls
CONTROL ACTIVITIES to secure and safeguard assets?
 Are key responsibilities and duties
segregated to reduce the risk of fraud,
error or waste?
 Does the entity have a plan that
describes the general security program
and policies and procedures that
support it?
General Controls  Has the entity implemented effective
security-related personnel policies?
 Does the entity monitor the security
program’s effectiveness and make
chances as needed?
 Does management have a strategy to
ensure that ongoing monitoring is
effective and will trigger separate
evaluations where:-
On-going Monitoring  Problems have been identified;
 Systems are crucial; and
 Testing is periodically desirable?
 Is there appropriate organizational
supervision to provide help and
oversight of internal control functions?
MONITORING

 Have past audit findings been resolved?

Audit Resolutions  Is management responsive to the
findings and recommendations of
audits and other reviews aimed at
strengthening internal control?
Information  Do employees have the information
needed to enable them to carry out
their duties and responsibilities
efficiently and effectively?
Communication  How is internal communication?
Form and Means of  What means of communication are
INFORMATION AND Communication used to deliver important information
COMMUNICATION to employees and others?
SYSTEMS

AUDIT CRITERIA AND RISK RATING

The audit criteria are the references against which audit evidence collected can be
compared. The criteria must be objective, relevant and attainable from
recognizable sources. These are some examples of sources of audit criteria are:-

 Generally Accepted Accounting Principles (GAAP)

 Statutory or regulatory requirements that relate to the organization’s industry
 Organization’s processes, policies and procedures
 Performance Standards

Audit evidence will be collected during the audit to check how well the organization
meets the established audit criteria for example how well:-

 Accounting requirements are being followed

 The organization has complied with regulations and other requirements
 Processes are operating
 Policies are implemented
 Procedures are applied
 The organization is performing
 Employee, information and assets are managed
 Risks are managed

After conducting risk assessments using established criteria it is important to assess the
impact of the risks identified. The magnitude of the impact of risks may be rated using a
five point scale as follows:-

 Low or insignificant (1)

 Low to moderate or minor (2)
 Moderate (3)
 Moderate to high or major (4)
 High or catastrophic (5)

Below is an example of how to apply the risk ratings:-

Table Business Risk Assessment Rating

 Business Risk Assessment Rating
Level Description
1 Low or insignificant
2 Low to Moderate or
Minor
3 Moderate
4 Moderate to High
5 High of Catastrophic
Example of a Descriptor
 Issue can be resolved by delegating to Junior
management or staff
 Insignificant impact on service delivery
 No impact on internal operations
 Insignificant impact on budget
 Insignificant impact on reputation
 No injuries
 Issue can be resolved by middle management
 Low to moderate impact on service delivery
 Low to moderate impact on internal operations
 Low to moderate impact on budget
 Low to moderate impact on reputation
 Light injuries ( First aid required)
 Issue can be resolved by senior management
 Moderate impact on service delivery
 Moderate impact on internal operations
 Moderate impact on budget
 Moderate impact on reputation
 Light injuries (Medical treatment required)
 Issue must be resolved by top management
 Moderate to high impact on service delivery
(may stop service delivery)
 Moderate to high impact on internal operations
(may stop internal operations)
 Moderate to high impact on budget
(requires a significant portion of the budget)
 Moderate to high impact on reputation
 Serious injuries (possibly life threatening)
 Issue must be resolved at the Ministry level
 High impact on service delivery
(service delivery stops)
  High impact on internal operations
(internal operations cease)
 High impact on budget
(monitoring at the Ministry level)
 High impact on reputation
 Life threatening injuries

Adopted from: https://www.overstrand.gov.za/en/documents/policies/1716-internal-audit-methodology

Likelihood of Risk Occurrence

In assessing the risks identified it is important to consider the likelihood of its

occurrence in relation to the process or event being considered. For example what is
the likelihood that the accounting practices of the organization would differ from the
GAAP?

Table Likelihood of Risk Occurrence

Likelihood of Risk Occurrence

Level Description Descriptor
1 Rare May occur in exceptional circumstances
2 Unlikely Low probability of occurring but could occur
3 Possible Moderate probability of occurring
4 Likely Will probably occur in most instances
5 Almost Certain Expected to occur in most instances

Once the risks have been identified and the likelihood of occurrence, the possible
impact must be established. This important because one of the objectives performing
a risk analysis is to help management to determine the significance of the risks
identified. The relationship between risk and the likelihood of occurrence and the
impact can be shown like this:-

Table Risk Matrix

Almost Certain High High Catastrophic Catastrophic Catastrophic

Likely Moderate High Catastrophic Catastrophic Catastrophic

Possible Low Moderate High Catastrophic Catastrophic

Unlikely Low Low Moderate High High

Likelihood of Risk

Rare LL Low Low Moderate High High

Insignificant Minor Moderate Major Catastrophic

Impact of Risk

By rating the risks in order of significance management of the organization can decide
how they will respond to or manage this risk. The significance and response can be
described as:-

 Catastrophic – Immediate action required

 High – Senior management attention is needed
 Moderate – Management responsibility must be specified
 Low – Manage by the application of routine procedures

FIELDWORK
The importance for risk matrix to the auditor is that based on the nature of the risk
audit procedures are designed for conducting fieldwork and analyzing the
information gathered. Depending on the risks identified the scope and objectives of
the current engagement may be refined and additional procedures for substantive
testing may be used. An example of when this may occur is if some irregularities
were discovered that caused suspicion of fraud. A new objective specific to the issue
identified would be developed and the necessary procedures to collect sufficient
appropriate audit evidence would be utilized from which conclusions can be drawn.
Procedures used can include for example:-

 Observation,
 Inspection of records and documents,
 Vouching (Tracing transactions from the accounts to source
documents to check the occurrence, accuracy, completeness etc.)
 Tracing (using source documents to check existence, valuation,
completeness etc. of transactions)
 Scanning (following transactions from beginning to end for example
from the point of sale to when the revenue has been deposited to
the bank)
 Confirmation, and
 Analytical procedures
 Account balance comparisons (compare balance amounts with
previous years balances)
 Computation of significant ratios (current year’s ratios compared to
industry ratios or prior years ratio to determine)
 Computation of ratio using financial and non-financial data (cost of
asphalt per square foot of road)
 Other Statistical analyses

Generally, a combination of audit procedures is used to accomplish the audit

objectives. Once the procedures have been decided the sources of the information
should be noted. Auditors must be guided by the ethical principles regarding their
professional responsibilities in the performance of their duties. The key principles of
independence and objectivity, proficiency and due professional care as established
by the IIA apply. Excerpts of these standards by which audits must be guided can be
reviewed below.

Excerpts of IIA Standards

IIA Standard 1100 – Independence and Objectivity

The internal audit activity must be independent, and internal auditors must be objective in
performing their work.

Interpretation: Independence is the freedom from conditions that threaten the ability of the
internal audit activity to carry out internal audit responsibilities in an unbiased manner. To achieve
the degree of independence necessary to effectively carry out the responsibilities of the internal
audit activity, the chief audit executive has direct and unrestricted access to senior management and
the board. This can be achieved through a dual-reporting relationship. Threats to independence must
be managed at the individual auditor, engagement, functional, and organizational levels.

IIA Standard 1120 – Individual Objectivity

Internal auditors must have an impartial, unbiased attitude and avoid any conflict of interest.

Interpretation: Conflict of interest is a situation in which an internal auditor, who is in a position of

trust, has a competing professional or personal interest. Such competing interests can make it
difficult to fulfill his or her duties impartially. A conflict of interest exists even if no unethical or
improper act results. A conflict of interest can create an appearance of impropriety that can
undermine confidence in the internal auditor, the internal audit activity, and the profession. A
conflict of interest could impair an individual's ability to perform his or her duties and
responsibilities objectively.

IIA Standard 1200 – Proficiency and Due Professional Care

Engagements must be performed with proficiency and due professional care.

IIA Standard 1210 – Proficiency

Internal auditors must possess the knowledge, skills, and other competencies needed to perform
their individual responsibilities. The internal audit activity collectively must possess or obtain the
knowledge, skills, and other competencies needed to perform its responsibilities.

Interpretation: Knowledge, skills, and other competencies is a collective term that refers to the
professional proficiency required of internal auditors to effectively carry out their professional
responsibilities.

IIA Standard 1220 – Due Professional Care

Internal auditors must apply the care and skill expected of a reasonably prudent and competent
internal auditor. Due professional care does not imply infallibility.

IIA Standards, 2012.

COMMUNICATIONS MANAGEMENT PROCESSES

Communications Management includes these four processes:

1. Communications Planning, during which audit information and communication

needs and requirements are determined;
2. Information Distribution, which includes making needed information available
to audited entity and other stakeholders in a timely manner;
3. Performance Reporting or status reports on progress measurement; and
4. Managing Stakeholders, which entails managing communications to satisfy
engagement requirements and resolving any unresolved issues pertaining to
stakeholders.

Timely and successful completion of these processes depend largely on building a

rapport with the client and effective communication skills

DOCUMENTING THE AUDIT PLAN

Documenting the audit plan requires documenting the details of the agreed approach
to conducting the audit. A practical approach is to outline the tasks necessary to
achieve the objectives and map out:-

 Key events and actions that will be undertaken,

 How they will be done,
 Where and when they will be done and by whom
 All the resources (time, money, tools, material and people) required and
 Sources of information
 Communication strategy

Coordinating these details and grouping similar tasks will save time and effort.

SUMMARY

Each stage of planning an audit engagement is equally important regardless of the

complexity of the engagement. Planning ensures consistency between the conduct
of engagements which provides the foundation for quality and performance
improvement. Included in the appendices is a template which can be used to
document an audit plan.
REFERENCES

Internal Auditor (2012). International Standards for the Professional Practice of Internal Auditing

(Standards). Retrieved from

https://na.theiia.org/standardsguidance/Public%20Documents/IPPF%202013%20English.

pdf

Internal Auditor (2013). Due Professional Care: What is reasonable and competent? Retrieved

from

https://iaonline.theiia.org/due-professional-care-what-is-reasonable-and-competent
International Standards on Auditing (2009). Materiality in Planning and Performing an Audit.

Retrieved from

http://www.ifac.org/system/files/downloads/a018-2010-iaasb-handbook-isa-320.pdf

APPENDIX

Appendix 1 Template for Planning an Audit

 Audit Planning Template
Name of Audit:
Lead Auditor:
Audit Start Date: Audit End Date:
Audit Scope:
Objectives:

Methodology Source of Data Date

Organizational Scan:

Audit Procedures for Fieldwork:

Risk Assessment:

Identified Risks

Criteria

Risk Exposure Rate

Implication

Tests of Controls:

Substantive Tests:

Analytical Procedures (relationships between financial and non-

financial data; causes of any significant discrepancies, etc.):
Resources:
Communication Strategy
Communication Objective Medium Frequency Audience Responsibility Deliverable Date
Type
Engagement Letter
Kick-off Meeting
Project Status
Update
Exit Conference

Approval

Signature:___________________________ Job Title:____________________________ Date: __________

Signature:___________________________ Job Title:____________________________ Date: __________

Created by Meredith Connor © 2018