As the COSO Internal Control – Integrated Framework (2013) states, “risk assessment involves a dynamic and iterative process for identifying and assessing risks to the achievement of objectives.” Yet many in-house internal audit functions look at the annual internal audit risk assessment process as a check-the-box activity, required mainly to be in compliance with the IIA Professional Practices Framework.

The internal audit risk assessment presents an often missed opportunity for internal auditors to understand their organization’s evolving objectives and implement a more dynamic risk-based approach to the internal audit process.

This whitepaper outlines considerations for a successful risk assessment and takes a look at a typical audit scenario to see where mistakes are commonly made. Read this whitepaper to learn about:
•    Reviewing standard internal audit procedures
•    Identifying internal audit risk assessment red flags
•    Five steps to turn risk assessment principles into positive actions

Leveraging his background in internal audit and internal controls, Noah Gottesman provides industry thought leadership as well as real world client experiences for Thomson Reuters Accelus. Prior to joining Thomson Reuters Accelus, Noah was a Senior Manager with Ernst & Young, LLP (EY)’s Advisory Services Risk and IT Risk practices, where he spent the last thirteen years serving a variety of global clients on their internal audit and internal control needs. He performed risk-based financial, operational, and compliance audits across multiple processes or cycles including: budget and planning, contract / subcontract, order-to-cash, collections and receivables, revenue recognition, supply chain, procure to pay, payroll, financial reporting.

Audit Management Software

As an internal audit management software pioneer, Thomson Reuters Accelus™ delivers an end-to-end audit management solution with the best-in-industry implementation. Developed by internal auditors for internal auditors, the Thomson Reuters Accelus internal audit software improves audit efficiency and productivity throughout the entire audit process including risk assessment, scheduling, workpapers, reporting and issue tracking, helping thousands of corporate and government clients.


Enterprise GRC Software

Thomson Reuters Accelus™ Enterprise GRC is a comprehensive audit, internal controls management, policy management and compliance software solution purpose-built to address connected governance, risk and compliance requirements.


About Thomson Reuters Risk Management Solutions

Risk Management Solutions bring together trusted regulatory, customer and pricing data, intuitive software and expert insight and services - an unrivaled combination in the industry that empowers professionals and enterprises to confidently anticipate and act on risks - and make smarter decisions that accelerate business performance.

Visit risk.thomsonreuters.com for more information.

Click here to view our privacy policy

Thomson Reuters
© 2016 Thomson Reuters. All rights reserved.


To access this report, please submit the form below: