Article

Efficiently and effectively auditing your P-Card program

May 29, 2024 · Authored by Kishan Patel, Niamh Boyle

A purchasing or procurement card (P-Card) is a credit or debit-like card that allows employees of an organization to purchase goods and services on behalf of the organization without having to go through the traditional procurement or purchase request and subsequent approval process.

P-Card programs enable employees to complete business transactions more efficiently and allow charges to be reviewed within moments of purchase. While P-Cards can be a great way to support effective and efficient purchases for your organization, P-Cards are at greater risk for misuse and fraud. Additionally, when P-Cards are used for online purchases, there is an increased risk that P-Card data is stolen and used to execute fraudulent transactions. Organizations should monitor and manage P-Card spending and reduce misuse and fraudulent behavior by implementing internal control activities, including the performance of P-Card audits.

The purpose of a P-Card audit is to identify whether controls are working as intended or whether other controls are needed to prevent misuse or fraud and detect instances in which misuse or fraud have occurred. Auditing P-Cards can benefit an organization by identifying opportunities for further process efficiencies and cost-saving benefits and help to reinforce a strong internal control environment around purchasing. Below are some key objectives for an effective P-Card audit.

P-Card audit objectives

Objectives of a P-Card audit may include, but are not limited to, the following:

Determining whether the control environment is sufficient to prevent and/or detect possible fraudulent activities or misuse of organization funds
Assessing whether fraud or misuse has occurred within the P-Card program
Identifying procurement-related efficiencies the organization may implement to optimize financial resources

P-Card audit approach

A P-Card audit may have many different approaches depending on the audit objectives. An audit approach may include, but is not limited to, the following:

Review available documentation such as organizational policies and procedures to identify controls designed to prevent or detect possible instances of misuse or fraud
Examine available documentation to identify organization-specific compliance attributes to inform analytics and testing procedures. Testing procedures may include, but are not limited to:

Related sections

Article Tags

internal audit p-card higher education

What we do	What you get
Assess your organization’s policies and resources related to procurement and P-Card administration and activity	A facilitated discussion with key process owners across the organization to identify opportunities for increased communication and awareness as well as a policy gap analysis to determine what documentation needs to be updated or developed and implemented
Identify the roles and responsibilities between departments that are involved in P-Card administration and the available resources at your organization	A clear understanding and layout of the control environment or collaboration efforts and practices in place to facilitate efficient and effective P-Card program administration and auditing
Evaluate current procedures to assess compliance with organizational policies and alignment with industry leading practices	Actionable recommendations to address identified audit observations, gaps, challenges, risks or enhancement opportunities based on organizational policies and industry leading practices

Efficiently and effectively auditing your P-Card program

P-Card audit objectives

P-Card audit approach

Related sections

Article Tags

Key risks and how to approach them during audit fieldwork

Baker Tilly can help

Case study: P-Card program review and audit in action at higher education system

Client background

Baker Tilly solution

Results achieved