1 / 16

Screen and Prioritize Risks

Screen and Prioritize Risks. Where are we now?. Co-Develop Expectations. Screen and Prioritize Risks. Identify, Prioritize, and Document Risks for Further Considerations in audit. Key Procedures. Identify risks. Prioritize risks. Document risks. Screen and Prioritize Risks.

joel-foster
Download Presentation

Screen and Prioritize Risks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Screen and Prioritize Risks

  2. Where are we now? Co-Develop Expectations

  3. Screen and Prioritize Risks Identify, Prioritize, and Document Risks for Further Considerations in audit Key Procedures Identify risks Prioritize risks Document risks

  4. Screen and Prioritize Risks Prioritize risks Screen and Prioritize Risks

  5. Risk Risk Risk Title Risk Title WP WP Risk Type Risk Type F/S / Risk Risk Significance Significance Likelihood Likelihood ARCD ARC No. No. Ref. Ref. Account . No. and and Location Location Impacted Impacted Description Description Error risk o o o o High High o o High High Principle risk o o Estimate Risk o o o o Moderate Moderate o o Moderate Moderate Critical Information o o Processes risk o o Low Low o o Low Low Financial reporting process o o risk Justification: Justification: Justification: Justification: Disclosure risk o o Fraud risk Fraud risk o o Failure risk Failure risk o o Other agency risk Other agency risk o o Error risk o o o o High High o o High High Principle risk o o Estimate Risk o o o o Moderate Moderate o o Moderate Moderate Critical Information o o Processes risk o o Low Low o o Low Low Financial reporting o o process risk Justification: Justification: Justification: Justification: Disclosure risk o o Fraud risk Fraud risk o o Failure risk Failure risk o o Other agency risk Other agency risk o o RiskTracker Document all risks initially identified. After assessing the significance and likelihood of negative consequences arising from such risks, the IAD should then indicate the disposition for each risk. This assessment will identify the risks that merit further audit consideration.

  6. Screen Risks All auditee risks identified are subjected to ‘screens’ before they result in further examination for audit efficiency. Risks that are screened from further considerations are risks that are: • Not expected to prevent the auditee from achieving its operating objectives and affect its operations materially • Addressed specifically by effective risk management strategies of the auditee

  7. Screen Risks Risk Maps Utilized to support and communicate judgments made on the significance and likelihood of risks. • It is inappropriate to screen any risks just based on historical knowledge of auditee’s risk control processes or unsubstantiated beliefs that auditee’s controls are operating effectively. • Risk maps are prepared by the TL, reviewed and approved or concurred by the Director.

  8. Screen Risks Plot all risks listed in the Risk Tracker on the Risk Map The completed risk map shall be attached to the Risk Tracker document.

  9. Basic Procedures Prepare revised risk maps for the identified risks Screen all identified error and fraud risks Discuss risk maps with senior management The audit team prioritizes the risks based on their relative significance and likelihood. Prioritization will require concerted judgment between Director and the TLs.

  10. With guidance from the Director, the TLs individually screen all identified error and fraud risks as part of the prioritization. • In screening the auditee risks, the Director and TL considers if the risk is not expected to result in operation failure.

  11. After prioritization has been approved by the Director, the TL prepare revised risk maps for the identified risks. The audit team may want to use multiple risk maps to segregate and more clearly communicate failure, error and fraud risks.

  12. Discuss risk map with senior management • The IAD discusses the risk maps to auditee senior management and obtain their inputs. The TLs and the Director update the risk maps as needed based on discussions.

  13. Documentation RBPFAA Template Risk Tracker RBPFAA TEmplate Risk Map

  14. RISK TRA CKER Document all risks initially identified. After assessing the significance and likelihood of negative consequences arising from such risks, the TL and the IADA should then indicate the disposition for each risk. This assessment will identify the risks that merit further audit consideration. Auditee Name: Audit Period: Risk Risk Title WP Process Risk A No. and Description Ref. Risk Type Impacted Location Significance Likelihood . ¡ ¡ High ¡ High ¡ ¡ Moderate ¡ Moderate ¡ ¡ ¡ Low ¡ Low ¡ Justification: Justification: r ¡ D ¡ Fraud risk ¡ Failure risk ¡ Other agency risk ¡ ¡ High ¡ High ¡ ¡ Moderate ¡ Moderate ¡ ¡ ¡ Low ¡ Low process risk ¡ Financial reporting process Justification: Justification: risk ¡ ¡ Fraud risk ¡ Failure risk ¡ Form RBA – Risk Tracker

  15. Screen and Prioritize Risks Form RBA 397A – Risk Map

  16. QUESTION

More Related