Professional Documents
Culture Documents
Establishing Risk Based Internal Audit Planning
Establishing Risk Based Internal Audit Planning
internal audit
a documented
input of senior
this process.
Process..
These standards require the Head of Internal Audit (HIA) to
develop a risk-based plan. The HIA should take into account
the organisations risk management framework, including risk
appetite levels set by management for the different activities
or parts of the organisation. If a risk management framework
does not exist, the HIA uses his/her own judgment of risks
after consideration of input from senior management and the
board. The HIA must review and adjust the plan, as
necessary, in response to changes in the organisations
business, risks, operations, programs, systems, and controls.
Key Definitions
Event
Risk
Key risks
Inherent risk
Residual risk
Risk appetite
Risk factors