Develop a practical internal audit program for visitor management covering [AuditPeriod] across [LocationsList], sampling [SampleSize] records against policy version [PolicyVersion]. Output format: (1) Audit scope & objectives. (2) Control matrix (Objective, Risk, Control, Frequency, Owner, Evidence). (3) Detailed test steps per control with sample selection method (random/systematic/judgmental). (4) Workpaper checklist (Required Evidence, Source, Reviewer). (5) Findings register (Issue, Criteria, Condition, Cause, Effect, Recommendation, Owner, Target Date). (6) Scoring rubric and overall opinion methodology. Include tests for identity verification evidence, badge expiration settings, badge return reconciliation, escort log completeness, and exception closure timeliness. Provide re-performance guidance and independence considerations for [AuditorRole].