How to do your internal audit risk assessment

Interesting blog on how to prepare an effective risk assessment (RCM)

Norman Marks on Governance, Risk Management, and Audit

A long-time vendor of software for internal audit departments, Thomson Reuters, has published a piece by Noah Gottesman. Prior to joining Thomson Reuters in 2012 as Director of Audit Advisory and Innovation, Noah was with EY (which is where I met him, if memory serves me right). In that capacity, he has performed and managed a variety of internal audits.

Get Your Internal Audit Risk Assessment Right This Year has some good suggestions for the traditional internal audit team. It includes “five steps to turning risk assessment principles into positive actions”, as well as sections on:

  • Listen to management: the real opportunity
  • Lay the foundations: the importance of a robust methodology
  • Know your organization’s risk appetite
  • Get into the details
  • Plan for success
  • Understand the business and its culture

Most will see value in these sections.

But, I have significant issues with the approach and assumptions.

My problem starts very…

View original post 604 more words

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s