Risk Management in Internal Audit Planning  

Oleh:

Tay, Sharon

Jenis: Article from Proceeding
Dalam koleksi: 12th ANQ Congress in Singapore, 5-8 Agustus 2014, page 1-4.
Topik: Risk management; Audit planning; Effective audit; Efficient audit; Internal audit
Fulltext: TQ1-1.2-P0196.pdf (273.83KB)

Isi artikel

Internal audit planning is a critical step in achieving effective and efficient internal audits. This study looks at how risk management approach is used to plan internal audit. Purpose is to reduce the subjectivity and time spent in audit planning. A two-step risk management approach is used. In Step 1, the audit frequency is determined based on the department’s Workplace Environment, Health and Safety (EHS) risk. In Step 2, the level of readiness of a department is determined by looking at the department’s level of documentation and level of measuring and monitoring of processes. From the risk assessment, a 3-year cycle plan is developed to ensure all departments are audited at least once in every 3 years. Higher risk departments would be audited more frequently. A review of risk factors is conducted every 3 years or as and when necessary. The subjectivity in selecting a department for internal audit is reduced. Another significant benefit achieved is the reduction in time spent to do audit planning. With the risk-based audit planning, new staff who is not familiar with audit planning, can complete the audit planning process efficiently and effectively. Through the risk management approach, the internal audit planning is more structured and effective

Opini Anda

Klik untuk menuliskan opini Anda tentang koleksi ini!

Kembali