The audit preparation mistakes that cost your team time every year

Every audit manager has inherited a job where the prior year file tells you almost nothing useful. The work is there. Sections are ticked. Conclusions are signed off. But the thinking is not. Nobody wrote down why they did what they did, what they were worried about, or what they would do differently. The person who knew has moved on to three other clients and barely remembers the engagement.

This is not bad luck. It is a management failure, and it repeats because the profession has quietly normalised it.

The FRC publishes its inspection findings every year. The same failure clusters appear in the same places: revenue recognition, impairment judgements, journals testing, group audit oversight, planning and risk assessment. What those reports cannot show is the management behaviour that produces the findings. They inspect files, not decisions.

This article addresses the decisions.

1. Rolling staff off the job before the knowledge is captured

This is the mistake that makes every other mistake more likely.

The moment fieldwork closes, the pressure is to move people onto the next engagement. Charge codes close. Utilisation targets reset. Within days, sometimes within hours, the team has dispersed. What leaves with them is everything that is not written in the file, which on most audits is most of what actually matters. Why they chose that sample. Which client contact could actually answer a question and which one would stall for a week. Where the risk genuinely sat versus where the planning said it sat. What they would do differently next year.

Working papers are designed to show that procedures were performed. They are not designed to preserve thinking.

The fix is simple and almost never implemented: book every senior and above for an additional day at the end of fieldwork, dedicated solely to producing a written handover document. Not tidying the file. Not chasing open review points. Writing, in plain language, what this audit actually involved, what was harder than expected, what the client's weaknesses are, and what should change next year.

The audience for this document is the person who will manage this audit in twelve months and may never have seen it before.

The firms that do this consistently spend less time in the first week of next year's planning rediscovering things that were already known. The firms that do not repeat the same discovery process every year and call it normal.

2. Treating the post-audit review as a filing exercise

Most teams complete a post-audit review because the methodology requires one.

The quality of those reviews varies considerably, but the most common version has a structural problem: it records what happened rather than what should change. Issues are noted. Observations are logged. The document is filed, and by the time planning begins for the following year, no one has read it.

A review that produces no action is an archive. The distinction matters because the purpose of the exercise is not to document the past. The file does that already. The purpose is to change the future.

A useful post-audit review produces three things: an honest account of what the budget was and where it went, a clear explanation of what went wrong and why, and a named action plan for next year with owners and deadlines. Each item should be reviewed at the start of planning, not filed and forgotten. If it does not produce those three outputs, the time spent on it is largely wasted.

3. Building next year's budget from last year's numbers

Audit budgets anchor. Last year's hours become this year's starting point, adjusted upward for known scope changes and squeezed downward to hit recovery targets. The allocation by area reflects what was done before rather than where the risk sits now.

The problem is that the client has not stood still. An acquisition completed mid-year changes the group structure. A refinancing changes the covenants and the going concern picture. A new finance director changes the reliability of the information the team has historically taken at face value. None of that will surface in a budget built by carrying forward the prior year with marginal adjustments.

The right approach starts from a current risk assessment, not from a prior year file. That means going back to the planning risk assessment genuinely, not as a formality, and asking which areas carry more risk this year than last, which carry less, and whether the prior year allocation reflects that. Often it does not, because the risk assessment was prepared after the budget rather than before it.

The FRC consistently identifies planning and risk assessment as a source of inspection findings. The documentation problem is real, but it usually reflects something more fundamental: the risk assessment is used to justify the plan, not to drive it.

4. Assigning work based on availability rather than capability

Staffing an audit is a resource management exercise, and like most resource management exercises in professional services, it is dominated by one question: who is available?

That is a legitimate question. It is not, on its own, a sufficient one.

Whether the person being assigned has actually performed this type of work before, at a comparable level of complexity, is a separate question. It is routinely either not asked or answered without enough rigour. The result is work assigned to someone who does not know what it involves. The budget was set by a manager who also did not know, or who has not done it recently enough for the estimate to be reliable. When it overruns, the cause gets attributed to client complexity rather than planning.

This compounds the problem described in point one. When there is no structured handover from the prior year team, the manager planning the next engagement has nothing to go on beyond the file and the prior year budget. Both tell them what was done. Neither tells them what was hard.

A capability check at the assignment stage does not need to be a formal competency framework. It is a direct question: has the person being assigned to this area done comparable work before? If not, what does that mean for the budget and the level of review required?

5. Leaving client logistics to chance

Experienced audit managers know that the quality of fieldwork is significantly determined before it starts, by how well the preparation has been managed on both sides. Managers under pressure treat client communication as a relationship matter. It is a logistics matter.

The consequence is familiar. The PBC list goes out late. Items arrive incomplete or prepared to the wrong level of detail. Key contacts are unavailable during fieldwork because no one confirmed their schedules in advance. No escalation point was agreed, so when information is missing there is no clear route to resolving it. Days are lost in the first week that were never in the budget.

None of this is the client's fault, even when it looks like it is.

Managing audit logistics well means a specific PBC list issued early enough for the client to prepare properly, confirmed availability for the contacts the team needs to speak to, a named escalation point on both sides, and a clear agreement on what happens if information does not arrive on time. The firms that do this treat pre-fieldwork communication as project management. The firms that do not treat it as something that sorts itself out. It does not sort itself out.

6. Treating group audit oversight as review rather than supervision

The FRC's 2025 Annual Review of Audit Quality identified an increase in group audit oversight findings compared to the prior year. This will not surprise anyone who has managed a group audit.

The structural problem is straightforward. The group engagement team is responsible for the quality of the overall audit, including the work performed by component auditors. In practice, that responsibility is frequently discharged by issuing instructions at the start of fieldwork and reviewing the component file at the end. What happens in between is largely invisible to the group team until the review stage, at which point it is too late to address substantive issues without significant cost.

Effective group audit oversight is not a review function. It is a supervision function. It requires structured touchpoints during fieldwork, not just instructions before it and a file check after it. It requires the group team to have genuine familiarity with the component's business and risk profile, not just a summary of the component auditor's conclusions. And if challenged, the group engagement partner needs to demonstrate actual engagement with the substance of the component work, not a signed checklist.

ISA (UK) 600 sets out the requirements. The gap between what the standard requires and what group audit oversight looks like in practice on a busy engagement is, in many cases, considerable.

7. Documenting what was done rather than why

This is the documentation version of the continuity failure, and it is the one most likely to surface in an FRC inspection.

Working papers show that procedures were performed. They are very good at that. They are much less good at explaining why a particular approach was taken, why a particular conclusion was reached, or what the auditor was actually thinking when making a significant judgement call. An inspector reviewing the file cannot assess the quality of a decision they cannot see the reasoning behind.

The FRC's findings on estimation and judgement are consistent year after year. It is not always that the auditor made the wrong call. It is often that the file does not show the basis on which any call was made.

The fix is a judgement summary on every significant area. A brief, plain-language note that records what the key judgement was, what range of reasonable outcomes existed, why the team concluded where it did, and what would cause them to revisit that conclusion. It does not need to be long. It needs to exist.

What connects these seven mistakes

They are not independent. They form a chain.

A team rolled off without capturing knowledge leaves the next manager with nothing to plan from. A manager with nothing to plan from builds the budget from last year's numbers and assigns work based on availability. Fieldwork begins with a team that does not fully understand the job, a client that was not prepared, and a file that will eventually demonstrate compliance without demonstrating judgement. The post-audit review notes the overrun, assigns no actions, and gets filed.

Twelve months later, it starts again.

Audit quality in the UK has improved. The FRC's own data confirms that, particularly among the largest firms. But the improvement is concentrated where quality management systems are most mature. For the rest of the market, these patterns remain recognisable. The question is not whether you have seen them. It is which ones you are currently responsible for allowing to continue.