![]() |
![]() |
Main Menu About the Internal Audit Department Types of Services FAQs Ethics and Compliance Hotline (This hotline is independently operated to help ensure confidentiality) What is Fraud? Whistleblower Policy What is Risk Assessment? What is Internal Control? Links of Interest Policies Governing Internal Audit |
|
|
Risk Assessment Concepts When beginning a risk assessment, the manager should start by analyzing the two circumstances most likely to endanger unit objectives, change and inherent risk. In evaluating the potential impact of risk, both quantitative and qualitative costs need to be addressed.
Change. The risk to reaching objectives increases dramatically during a time of change (turnover in personnel, rapid growth, or establishment of new services, for example). Some examples of circumstances that expose a business to increased risk are the following:
Additional situations which could pose a threat to your departments:
The steps in the Risk assessment process: Step 1 Assessment of your Operations Ask yourself the following questions:What can go wrong? Step 2 Prioritizing the items from your assessment One you’ve identified some of the risk factors, the next question should probably be:
After assessing and prioritizing the financial and compliance risks (steps 1 and 2), the next step of the process is to identify the appropriate controls to manage the risks. Legitimate questions might be: Step 3 Are there adequate controls in place to offset these risks Are there other controls in existence that will “mitigate” this situation? You should now have a “good idea” of items you need to be concerned about, their magnitude, AND how you can mitigate these concerns. The College Wide Risk Assessment Questionnaire helps you consider other items as you make this assessment of your operation. |
|