August 2013
Intermediate to advanced
304 pages
7h 3m
English
Content preview from Audit Planning: A Risk-Based Approach
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
3
USING THE CORPORATE RISK REGISTER
Evaluating management's risk processes is different than the requirement that auditors use risk analysis to plan audits. However, information from a comprehensive risk management process, including the identification of management and board concerns, can assist the internal auditor in planning audit activities.
—IIA Practice Advisory 2100-3
INTRODUCTION
This chapter addresses the important topic of the corporate risk register, otherwise known as the risk log/database. There is a growing school of thought that suggests that the audit universe is the risk universe. Moreover, the audit risk that drives audit's plans is primarily derived from risks that drive the organization's activities in managing threats and opportunities. Some commentators go so far as to argue that audit should simply adopt the corporate risk register into their plans and so align themselves entirely with what the entity views as the key risks to its continued success. The model developed here makes use of these ideas, developing them into a more well-rounded view of how and where the corporate risk register may be fed into the audit-planning process.
CORPORATE RISK REGISTER MODEL: PHASE ONE
Our first model looks at the main drivers that affect the audit's role in the organization in Figure 3.1.
Figure 3.1 Corporate Risk Register Model: Phase One
Each aspect of the model is ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.