We establish our audit plan for the coming three years. We conduct a risk analysis of various departments to determine the most important issues and those which can be audited. In fact, a department may have risks which are related, for example, to political issues, or other ones which cannot be audited.
We establish a three-year plan and conduct an analysis to determine which departments will always be audited, such as the Department of National Defence or the Revenue Agency, and those which will be audited once every six or seven years, such as the Department of Justice.