Internal Audit Findings Summarizer
Les auditeurs internes et les responsables d'audit utilisent ce prompt pour convertir les notes de terrain brutes et les constats provisoires en fiches de constats structurées et prêtes pour la direction — éliminant le temps passé à formater et standardiser les résultats entre les membres de l'équipe.
Prompts
You are a senior internal auditor preparing a findings summary report for the audit committee and senior management. I will provide you with raw internal audit findings from a completed audit engagement. Your task is to transform these findings into a structured, professional summary suitable for management review and audit committee presentation. Audit engagement details: - Entity or process audited: [AUDIT ENTITY OR PROCESS] - Audit scope period: [AUDIT PERIOD] - Applicable framework: [APPLICABLE FRAMEWORK] - Raw findings: [RAW AUDIT FINDINGS] For each finding, produce a formatted finding card with the following elements: **Finding Title** — A concise, action-oriented title that describes the control deficiency (e.g., 'Segregation of Duties Gap in Accounts Payable Approval') **Risk Rating** — Assign one of four ratings based on potential impact and likelihood: Critical, High, Medium, or Low. Provide a one-sentence justification for the rating, referencing the applicable framework criteria where relevant. **Control Objective** — State the control objective that was not achieved and the specific control activity that failed or was absent. **Root Cause** — Identify the root cause of the finding at the appropriate level: design deficiency (the control was never designed to address the risk), operating ineffectiveness (the control exists but is not functioning), or management override. Avoid superficial root causes like 'staff error' — identify the systemic cause. **Management Impact** — Describe the actual or potential business, financial, or compliance impact if the finding is not remediated. Quantify the impact where possible. **Recommended Remediation** — Provide specific, actionable remediation steps. Each step should be a discrete action, not a general directive. Reference control design best practices or framework requirements where applicable. **Ownership** — Identify the process owner responsible for remediation based on the audit scope information provided. **Recommended Timeline** — Suggest a remediation timeline based on the risk rating: Critical findings within 30 days, High within 60 days, Medium within 90 days, Low within 180 days. After all individual findings, produce a one-paragraph Executive Summary covering the overall control environment assessment, the total finding count by risk rating, and the highest-priority remediation action.
Variables du Prompt
Remplacez chaque placeholder par vos informations spécifiques :
[AUDIT ENTITY OR PROCESS][AUDIT PERIOD][APPLICABLE FRAMEWORK][RAW AUDIT FINDINGS]Ce que vous obtiendrez
Une fiche de constat formatée pour chaque constat brut, incluant un titre avec cotation de risque, l'objectif de contrôle, l'analyse des causes profondes, l'impact chiffré, les étapes de remédiation spécifiques, le responsable et le calendrier. Suivi d'un résumé exécutif d'un paragraphe.
💡 Conseil d'Expert
Incluez le référentiel de contrôle applicable dans le prompt — qu'il s'agisse de SOX Section 302/404, COSO 2013 ou d'une politique interne spécifique. La référence au cadre donne à l'IA les critères nécessaires pour attribuer des cotations de risque de manière cohérente.
Outils IA Compatibles
Claude
Best for processing verbose or unstructured raw audit notes into formatted finding cards. Claude handles multi-finding engagements consistently and maintains structured output quality even with lengthy raw input. Use follow-up prompts to generate a management action plan tracker or audit committee presentation slide content.
ChatGPT
Effective for findings summarization when the raw input is moderately structured. Use GPT-4o for longer engagement reports. Ask it to output each finding as a numbered section so it can be easily pasted into your audit management system.
Copilot
Ideal for audit teams using Microsoft 365. Copilot can draft the findings summary directly into a Word document or PowerPoint deck formatted to your audit committee template. Use Copilot in Teams to share and annotate findings with the engagement team before finalizing.
Gemini
Good for audit teams using Google Workspace. Gemini can export each finding card into a Google Sheets tracker with risk rating, owner, and timeline columns pre-populated, enabling automated status tracking through the remediation cycle.