Interesting blog on how to prepare an effective risk assessment (RCM)
A long-time vendor of software for internal audit departments, Thomson Reuters, has published a piece by Noah Gottesman. Prior to joining Thomson Reuters in 2012 as Director of Audit Advisory and Innovation, Noah was with EY (which is where I met him, if memory serves me right). In that capacity, he has performed and managed a variety of internal audits.
Get Your Internal Audit Risk Assessment Right This Year has some good suggestions for the traditional internal audit team. It includes “five steps to turning risk assessment principles into positive actions”, as well as sections on:
- Listen to management: the real opportunity
- Lay the foundations: the importance of a robust methodology
- Know your organization’s risk appetite
- Get into the details
- Plan for success
- Understand the business and its culture
Most will see value in these sections.
But, I have significant issues with the approach and assumptions.
My problem starts very…
View original post 604 more words