Questions On Risk Assessment Process Essay

944 Words4 Pages
Risk Assessment Process
Every firm faces risks, both internal and external, that must be dealt with. In order to assess risk, the auditor must understand what roll the area that’s being audited plays in the business. The purpose of risk assessment is to identify and evaluate the risks relevant to that area of the business and to determine how to manage these risks. The auditor then identifies the internal controls that regulate those risks – these are the internal controls the auditor should focus on. As a result of identifying the relevant risks, the auditor should be able to develop a scope for the audit. The goal is to provide a framework in which to develop the audit plan.
Internal Auditing Process
In order to conduct an internal audit, the department needs to secure a few key components. They need to create the audit charter, which grants authority from the board of directors to conduct the audit and defines the accountability and responsibility of the department. They also need to establish a mission statement to state how to internal audit department plans to add value to the company. They need to have a good understanding of the audit universe; this was briefly mentioned earlier. The department should understand each auditable area of the company and how each affects the business as a whole. The team must perform a risk assessment (described above) and use all of the proceeding information to develop the audit plan. The audit plan outlines the overall approach to
Get Access