resume risk based internal auditingDeskripsi lengkap
Overview of RBI (Risk Based Inspecton) conceptFull description
Full description
Descripción: Internal Audit Risk Assessment
Audit Planning MemorandumFull description
Audit MemorandumFull description
Gamp5 Whire Paper
Risk Assessments for ACTIVITY BASEDFull description
Gamp5 Whire Paper
Shell Risk Based Inspection Approach pptFull description
Risk based inspection testDescripción completa
Audit Planning Memorandum
Descripción: API 581 Y 580 DE TK A PRESION RECIBIDOR DE AMONIACO DE CAMILO ANDRÉS SANTA CRUZ R.
Audit Program for Creating a Risk Based Audit Plan AUDIT PROCEDURES
Evaluate risks existing within the organization 1. Likelihood of risk occurring 2. Significance of the risk related to the organization
Risk-based auditing begins by reviewing the organizational objectives, then considers the risks that impact on the achievement of those objectives, and examines the methodologies in place to mitigate those risks. Risks can be avoided, shared, or transferred rather than controlled. Risk-based auditing also explicitly accepts that there will always be some risk that must be accepted; but the acceptable amount must be kept within the limits established by the Board and management. Audit Services identifies risk factors and evaluates them. The evaluation of risk factors includes, but is not limited to, discussions with management, observations made during previous audits, and the past history of the unit. Some examples of risk factors are: Example 1 of Risk Factors Size of the unit Recent changes in accounting or administrative systems Complexity of operations Liquidity of assets Recent changes in key personnel Economic condition of the unit Rapid growth or decline of the unit’s personnel Time since last audit Pressure on management to meet objectives Level of employees’ moral Example 2 of Risk Factors the date and results of the last audit financial exposure potential loss and risk requests by management major changes in operations, programs, systems and controls opportunities to achieve operating benefits changes to and capabilities of audit staff.
Example 3 of Risk Factors A. Financial Impact 1. Proposed revenues and expenses for fiscal year 2. Expenditures and revenue trend over last three years
Ref.
3. Fund type 4. Negative fund balances 5. Value of fixed assets 6. Capital expenditures 7. Proposed budget cuts B. Results of Prior Years Audit 1. Occurrence of fraud 2. Information obtained from external reviewers 3. Date of last audit C. Changes in Organization and/or Management 1. Management and staff capabilities 2. High employee turnover or new management 3. Management accountability D. Systems 1. Stability and reliability of information technology 2. Disaster recovery E. Political and/or Economic Environment 1. Regulations of a specific program’s activities 2. Adverse criticism or public embarrassment F. Impact of Not Providing Service 1. Central control responsibility 2. Complexity of operations 3. Dependency on centralized processing Based on the evaluation, assign a “Risk Rating” (low, medium or high) and a “Priority Level” of 1, 2 or 3 (with 1 being the highest priority).
Select audits based on the identification and evaluation of significant risk exposures as mentioned above. By focusing on the risk, internal auditors are able to identify controls that are absent or ineffective, as well as those that are no longer relevant. Consider requests originating from other sources including the Board, the Audit Committee, Administration or deparmental management.
Done By
Time Spent
Date Expected
Date Finished
Remarks
Checked By:
Audit Program
Audit Procedure
Control Objective
Risk if Objective Not Met
Control Technique
Workpaper Reference
Performed By
Date Expected
Date Completed
Budget Hours
Actual Hours
Document Reference
Source
Reviewed By
Remarks/Comments
AREA:
Process
Control Objective
Risk
Control Considerations
Assertion E,A,C,V,P
Description of control
Documentation W/P Ref.
Do controls meet objective? Yes/No
Test W/P Ref
Testing exceptions noted? Yes/No
Resolution / remediation/ comments W/P Ref
Potential Risk Factors Business strategic risks IT strategic operations risk Financial return Competitive impact Regulatory impact
Size of the unit Recent changes in accounting or administrative systems Complexity of operations Liquidity of assets Recent changes in key personnel Economic condition of the unit Rapid growth or decline of the unit’s personnel Time since last audit Pressure on management to meet objectives Level of employees’ moral
