Risk-Based Internal Audit

Internal auditors are told they need to develop a risk-based audit plan, but many internal audit activities simply risk rank their audit universe and believe that is risk-based auditing. Risk-based internal auditing is about aligning the annual audit plan, and corresponding audit projects and efforts, with the objectives of the organization. This book takes a unique approach to risk-based auditing by incorporating risk management and internal audit concepts to create a new Risk-Based Internal Audit Framework, while still being consistent with internal auditing standards. The risk-based internal auditing framework includes seven related components: Understand, Identify, Assess, Plan, Perform, Report, and Monitor. The focus of this book is to explain how to approach the Understand, Identify and Assess components of the framework in an innovative way, improving the overall value internal audit can provide to its organization, instead of testing the same internal controls over and over again. The principles outlined in this book are applicable to internal audit activities in any organization. This book provides answers and practical how-to information to help internal audit activities take that next step in the evolution of the internal audit profession. It is a must read for any internal auditor.