As the COSO Internal Control – Integrated Framework (2013) states, “risk assessment involves a dynamic and iterative process for identifying and assessing risks to the achievement of objectives.” Yet many in-house internal audit functions look at the annual internal audit risk assessment process as a check-the-box activity, required mainly to be in compliance with the IIA Professional Practices Framework.
The internal audit risk assessment presents an often missed opportunity for internal auditors to understand their organization’s evolving objectives and implement a more dynamic risk-based approach to the internal audit process.
This whitepaper outlines considerations for a successful risk assessment and takes a look at a typical audit scenario to see where mistakes are commonly made. Read this whitepaper to learn about: • Reviewing standard internal audit procedures • Identifying internal audit risk assessment red flags • Five steps to turn risk assessment principles into positive actions
ABOUT THE AUTHOR Leveraging
his background in internal audit and internal controls, Noah Gottesman
provides industry thought leadership as well as real world client
experiences for Thomson Reuters Accelus. Prior to joining Thomson
Reuters Accelus, Noah was a Senior Manager with Ernst & Young, LLP
(EY)’s Advisory Services Risk and IT Risk practices, where he spent the
last thirteen years serving a variety of global clients on their
internal audit and internal control needs. He performed risk-based
financial, operational, and compliance audits across multiple processes
or cycles including: budget and planning, contract / subcontract,
order-to-cash, collections and receivables, revenue recognition, supply
chain, procure to pay, payroll, financial reporting.
Audit Management Software
As an internal audit management software pioneer, Thomson Reuters
Accelus™ delivers an end-to-end audit management solution with the
best-in-industry implementation. Developed by internal auditors for
internal auditors, the Thomson Reuters Accelus internal audit software
improves audit efficiency and productivity throughout the entire audit
process including risk assessment, scheduling, workpapers, reporting and
issue tracking, helping thousands of corporate and government clients.
Risk Management Solutions bring together trusted regulatory, customer and pricing data, intuitive software and expert insight and services - an unrivaled combination in the industry that empowers professionals and enterprises to confidently anticipate and act on risks - and make smarter decisions that accelerate business performance.
Visit risk.thomsonreuters.com for more information.