Below are some of the auditing steps which you may find useful while performing purchases or P2P audit:
1) Check the budget and approvals as per authorized Delegation of authority(DOA) matrix
2) Review the vendor selection process. There is a greater risk of fraud in this area. Look out for any anomaly such as the same supplier selected for multiple times, quotations in word or editable format, related party as vendors, fake vendors, etc. This can be done by applying some excel based formula on the various reports received by management.
3) Check the requisitioning of goods/services. Without a requisition, there should not be any purchase.
4) Payment to suppliers without goods or services receipt.
5) Invoice amount higher than a purchase order
6) Approvals matrix not followed or splitting of purchase orders to bypass higher approvals
7) Absence of exception approvals
8) Review creditors aging and process followed by the company
9) Rejections process- payment made for a rejected goods or service
10) Accounting: for sample, check the accounting done in the books, duplicate payments, excess payment, etc
11) Check for any missing discount opportunities in purchases made
12) Review actual procurement vis-a-vis budgeted and obtain clarification for the variance. Also, check for approvals as per DOA