SlideShare uma empresa Scribd logo

Risk assessment and internal controls - Internal Audit

Smitesh Bhosale
Smitesh Bhosale

Provides an overview of a risk assessment process, some of the fundamentals and correlations with internal controls of an organisation

NegóciosEconomia e finanças
1 de 10
Internal Audit: Risk management & Control Evaluation Smitesh Bhosale smitesh.bhosale@yahoo.co.in
What is Risk? An event or action that causes a possible threat to the achievement of an organization’s/function’s objectives Risk is just an expensive substitute for information Unwarranted Business Exposures are not Risks….
Risk Assessment Risk Assessment is a three step process of risk analysis and evaluation involving the determination of Management optimistic 1 The level of impact or outcome of risk Consequence 2 The likelihood of risk getting realised Probability 3 The nature of the risk Auditors quite sceptical Inherent Risk Resolving the differences in perception of risk crucial for an effective control evaluation…
Risk Assessment • Where do you devote considerable internal effort in order to control? • What areas receive considerable management reporting? • Where have you devoted significant resources? • What are the analysts and rating agencies most interested in? • What wouldn’t you want on the front page of the newspaper? • What are key obstacles to taking advantage of opportunities? • What is impeding growth? A “WHAT CAN GO WRONG ANALYSIS” prior to field work will provide focus and •What do people complain about within the organization? judgement to the auditor on • If you could fix one thing at the company, what would it be where to deploy his resources • What do your competitors do better? • What keeps you up at night?
Risk Assessment - Comprehensive EXTERNAL RISKS  Capital Availability  Competitor  Customer Needs  Economy  Financial Markets  Industry  Legal  Natural Hazard/Catastrophe  Public Relations  Regulatory  Terrorism  Sovereign/Political  Technological Innovation INTERNAL RISKS Strategic Operational Financial Process  Business Model          Business Portfolio  Delivery Channels  Intellectual Property  Marketing/ Advertising     Alignment Business Interruption Capacity Change Response Compliance Contract Commitment Customer Satisfaction Cycle Time Efficiency Environmental Health & Safety Knowledge Management  Measurement  Partnering  Collateral  Physical Security  Product/Service Development  Product/Service Liability  Product/Service Failure  Product/Service Pricing  Relationship Management  Sourcing  Strategy Implementation  Supply Chain  Transaction Processing  Resource Allocation  Social Responsibility  Counterparty  Credit  Equity Management Information  Organization Structure  Product Life Cycle  Concentration  Default  Marketplace  Planning  Commodities Comprehensive risk assessment is very crucial to priorities controls evaluation across various risk categories          Accounting Information Budgeting & Forecasting Completeness/Accuracy Investment Evaluation Investor Relations Pension Fund Regulatory Reporting Relevance Taxation Human Capital            Integrity Technology  Financial Instruments  Foreign Exchange Accountability Change Readiness Communications Competencies/Skills Empowerment Hiring/Retention Leadership Outsourcing Performance Incentives Succession Planning Training/Development  Conflict of Interest  Employee Fraud  Ethical Decisionmaking  Illegal Acts  Management Fraud  Third-Party Fraud  Unauthorized Acts        Access Availability Data Integrity e-Commerce Infrastructure Reliability Technological Capacity  Interest Rate  Liquidity  Modeling  Opportunity Cost Right Description of risk is also crucial e.g. Employee Overtime V/s Liquidated damages
Behavior of Risks… High 17 RED 14 25 1 23 19 Potentially material Events 24 2 21 27 13 ORANGE 12 15 Probability 9 Materiality Threshold 18 26 6 22 AMBER Low 8 16 11 10 5 GREEN 20 7 4 Impact Risks are on constant move with changes in external environment and your response / mitigation steps
Risk Evaluation and Quantification Supplier concentration risk Potential Impact Likelihood of failure Supplier A Sales Dependency 200 $ Mln 10% of Budgeted Sales for FY 10-11 Margin of such sales 40 $ Mln 13% of Target EBIDTA for FY 10-11 50% ABC Ltd Overall Budgeted Sales 2000 $ Mln Mitigation Impact X Likelihood = Adequate stock to support change over time Share manufacturing facility • Value at Risk Alternative supplier development • 300 $ Mln • • Target EBIDTA Outright market purchase of end product 100 $ Mln of sales i.e. 5% of sales Transfer 20 $ Mln of EBIDTA i.e. 6.5% of EBIDTA • Assessment of likelihood is dependent on suppliers financial status, its exposure to economic factors, plant location, relations with supplier, competitors activities, disruption at its premises, contractual agreements, previous default history among other factors. BI and LOP Policy • Supplier extension clause To evaluate risks one needs to be fully aware of the impact the risk.. Preferably in financial terms
Risk Management Strategies – Some tools Strategic Risks- fully managed internally by the organisation Operations • Elimination /Termination • Avoidance Organisation's Risks Financial Risk Capacity / Appetite Risks - Cannot be managed by Organisation and needs to be transferred Compliance Business is exposed to multiple risks Risks - Partly managed internally by the organisation Ability to manage risk depends on Risk Appetite / capacity • Tolerate / Acceptance • Mitigation and Monitoring • Transfer Significant portion of risks can be transferred through contractual / insurance
Internal Control Framework Governance / Oversight Control Audit Committee, Risk Council Administrative Controls Policies, Guidelines, SOPs Management Controls Self Assessment, Questionnair e based Monitoring Controls On Ground process controls MIS, KPIs, Reports, Risk Radar. Reviews SOD, IT, Access Internal Audit, SOX, Risk Management, Compliance Predictive or Detective Whistle Blower, Independent Forum Extended Controls Customer, Vendor, Regulat or, Bank Controls External Controls influencing internal controls There is a world beyond Risk and Control Matrix (RCM)….
In our journey can we help Business to embrace Risk…… with greater understanding Your greatest growth opportunities are your greatest risks reversed

Recomendados

Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing functionDebashis Gupta
 
Compliance Risk Assessment
Compliance Risk AssessmentCompliance Risk Assessment
Compliance Risk AssessmentCompliance Consultant
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditingFrederick Altum Pokoo-Aikins
 
Ppt on risk based internal audit
Ppt on risk based internal auditPpt on risk based internal audit
Ppt on risk based internal auditAmitaMistry2
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Integrated GRC
Integrated GRCIntegrated GRC
Integrated GRCTranscendent Group
 

Recomendados

Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
Evolving role of internal auditing function
Evolving role of internal auditing functionEvolving role of internal auditing function
Evolving role of internal auditing functionDebashis Gupta
 
Compliance Risk Assessment
Compliance Risk AssessmentCompliance Risk Assessment
Compliance Risk AssessmentCompliance Consultant
 
The Role of Internal Audit
The Role of Internal AuditThe Role of Internal Audit
The Role of Internal AuditArmeniaFED
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditingFrederick Altum Pokoo-Aikins
 
Ppt on risk based internal audit
Ppt on risk based internal auditPpt on risk based internal audit
Ppt on risk based internal auditAmitaMistry2
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Integrated GRC
Integrated GRCIntegrated GRC
Integrated GRCTranscendent Group
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Internal audit
Internal auditInternal audit
Internal auditiPleaders - Re-engineering Legal education, New Delhi
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
COSO ERM Framework
COSO ERM FrameworkCOSO ERM Framework
COSO ERM Frameworkssuser6ea258
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologyManoj Agarwal
 
KRI (Key Risk Indicators) & IT
KRI (Key Risk Indicators) & ITKRI (Key Risk Indicators) & IT
KRI (Key Risk Indicators) & ITMax Neira Schliemann
 
Audit Report Model and Sample
Audit Report Model and SampleAudit Report Model and Sample
Audit Report Model and SampleFlevy.com Best Practices
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessmentManoj Agarwal
 
Coso framework
Coso frameworkCoso framework
Coso frameworkDarryl Woolley
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxHeldaMaryA
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Sazzad Hossain, ITP, MBA, CSCA™
 
Internal Audit Plan 2015
Internal Audit Plan 2015Internal Audit Plan 2015
Internal Audit Plan 2015Mohammad Kashif
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit pptLetzconsult.com
 
Coso illustrative tool
Coso illustrative toolCoso illustrative tool
Coso illustrative toolSARVJEET KAUSHAL
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor RolesIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1 Ismail aboulezz
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessmentcasahiljain1992
 
Powerpoint Risk Assessment
Powerpoint Risk AssessmentPowerpoint Risk Assessment
Powerpoint Risk AssessmentSteve Bishop
 

Mais conteúdo relacionado

Mais procurados

Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit departmentSalih Islam
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 
COSO ERM Framework
COSO ERM FrameworkCOSO ERM Framework
COSO ERM Frameworkssuser6ea258
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologyManoj Agarwal
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessmentManoj Agarwal
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxHeldaMaryA
 
Internal Audit Plan 2015
Internal Audit Plan 2015Internal Audit Plan 2015
Internal Audit Plan 2015Mohammad Kashif
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing PresentationVernon Benjamin
 

Mais procurados (20)

Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal Audit
 
The role of internal audit department
The role of internal audit departmentThe role of internal audit department
The role of internal audit department
 
Internal audit
Internal auditInternal audit
Internal audit
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
 
COSO ERM Framework
COSO ERM FrameworkCOSO ERM Framework
COSO ERM Framework
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
 
KRI (Key Risk Indicators) & IT
KRI (Key Risk Indicators) & ITKRI (Key Risk Indicators) & IT
KRI (Key Risk Indicators) & IT
 
Audit Report Model and Sample
Audit Report Model and SampleAudit Report Model and Sample
Audit Report Model and Sample
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessment
 
Coso framework
Coso frameworkCoso framework
Coso framework
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptx
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 
Internal Audit Plan 2015
Internal Audit Plan 2015Internal Audit Plan 2015
Internal Audit Plan 2015
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
 
Coso illustrative tool
Coso illustrative toolCoso illustrative tool
Coso illustrative tool
 
Internal Auditor Roles
Internal Auditor RolesInternal Auditor Roles
Internal Auditor Roles
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1
 
Basic Internal Auditing Presentation
Basic Internal Auditing PresentationBasic Internal Auditing Presentation
Basic Internal Auditing Presentation
 

Destaque

Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessmentcasahiljain1992
 
Powerpoint Risk Assessment
Powerpoint Risk AssessmentPowerpoint Risk Assessment
Powerpoint Risk AssessmentSteve Bishop
 
Risk assessment principles and guidelines
Risk assessment principles and guidelinesRisk assessment principles and guidelines
Risk assessment principles and guidelinesHaris Tahir
 
11. materiality and audit risk
11. materiality and audit risk11. materiality and audit risk
11. materiality and audit riskSyed Osama Rizvi
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Nidhi Gupta
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit ApproachSalih Islam
 
Risk assessment presentation
Risk assessment presentationRisk assessment presentation
Risk assessment presentationmmagario
 
“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”M Anwarul Hoque Tareque
 
Integrating Data Analytics into a Risk-Based Audit Plan
Integrating Data Analytics into a Risk-Based Audit PlanIntegrating Data Analytics into a Risk-Based Audit Plan
Integrating Data Analytics into a Risk-Based Audit PlanCaseWare IDEA
 
Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Thomas Bradley
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarAviva Spectrum™
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO FrameworkJesús Gándara
 
Supplier Risk Assessment
Supplier Risk AssessmentSupplier Risk Assessment
Supplier Risk AssessmentGary Bahadur
 
OHSAS Hazard identification & Risk assessment
OHSAS Hazard identification & Risk assessmentOHSAS Hazard identification & Risk assessment
OHSAS Hazard identification & Risk assessmentTechnoSysCon
 
Supply Chain Risk Management
Supply Chain Risk ManagementSupply Chain Risk Management
Supply Chain Risk ManagementAnand Subramaniam
 
Case 3_pp_final_v2 gr3
Case 3_pp_final_v2 gr3Case 3_pp_final_v2 gr3
Case 3_pp_final_v2 gr3malenacharur
 
Comprehensive 20 Assessment 1
Comprehensive 20 Assessment 1 Comprehensive 20 Assessment 1
Comprehensive 20 Assessment 1 NorthTec
 
Methods to improve Freedom to Operate analysis
Methods to improve Freedom to Operate analysisMethods to improve Freedom to Operate analysis
Methods to improve Freedom to Operate analysisDauverC
 

Destaque (20)

Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessment
 
Powerpoint Risk Assessment
Powerpoint Risk AssessmentPowerpoint Risk Assessment
Powerpoint Risk Assessment
 
Risk assessment principles and guidelines
Risk assessment principles and guidelinesRisk assessment principles and guidelines
Risk assessment principles and guidelines
 
11. materiality and audit risk
11. materiality and audit risk11. materiality and audit risk
11. materiality and audit risk
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit Approach
 
Risk assessment presentation
Risk assessment presentationRisk assessment presentation
Risk assessment presentation
 
“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”“Risk Based Internal Audit in Bangladesh Bank”
“Risk Based Internal Audit in Bangladesh Bank”
 
Integrating Data Analytics into a Risk-Based Audit Plan
Integrating Data Analytics into a Risk-Based Audit PlanIntegrating Data Analytics into a Risk-Based Audit Plan
Integrating Data Analytics into a Risk-Based Audit Plan
 
Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1Risk Based Quality Audit Part 1
Risk Based Quality Audit Part 1
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches Webinar
 
ISO 27005 Risk Assessment
ISO 27005 Risk AssessmentISO 27005 Risk Assessment
ISO 27005 Risk Assessment
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO Framework
 
Supplier Risk Assessment
Supplier Risk AssessmentSupplier Risk Assessment
Supplier Risk Assessment
 
OHSAS Hazard identification & Risk assessment
OHSAS Hazard identification & Risk assessmentOHSAS Hazard identification & Risk assessment
OHSAS Hazard identification & Risk assessment
 
Supply Chain Risk Management
Supply Chain Risk ManagementSupply Chain Risk Management
Supply Chain Risk Management
 
Risk Management Framework
Risk Management FrameworkRisk Management Framework
Risk Management Framework
 
Case 3_pp_final_v2 gr3
Case 3_pp_final_v2 gr3Case 3_pp_final_v2 gr3
Case 3_pp_final_v2 gr3
 
Comprehensive 20 Assessment 1
Comprehensive 20 Assessment 1 Comprehensive 20 Assessment 1
Comprehensive 20 Assessment 1
 
Methods to improve Freedom to Operate analysis
Methods to improve Freedom to Operate analysisMethods to improve Freedom to Operate analysis
Methods to improve Freedom to Operate analysis
 

Semelhante a Risk assessment and internal controls - Internal Audit

Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & GovernanceEDR
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013Nidhi Gupta
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013Nidhi Gupta
 
Qualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxQualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxamrit47
 
Risk Management - A Journey
Risk Management - A JourneyRisk Management - A Journey
Risk Management - A JourneyDebashis Gupta
 
Enterprise Risk Management.pdf
Enterprise Risk Management.pdfEnterprise Risk Management.pdf
Enterprise Risk Management.pdfSelf Employed
 
Banking update for eastern connecticut chamber of commerce
Banking update for eastern connecticut chamber of commerceBanking update for eastern connecticut chamber of commerce
Banking update for eastern connecticut chamber of commerceJED Consulting Services LLC
 
2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption RiskDr Darren O'Connell AGIA
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?EDR
 
Vendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesVendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesContinuity Control
 
Operational Risk Management & Strategic Planning
Operational Risk Management & Strategic PlanningOperational Risk Management & Strategic Planning
Operational Risk Management & Strategic PlanningEneni Oduwole
 
Managing Reputational Risk
Managing Reputational RiskManaging Reputational Risk
Managing Reputational RiskEneni Oduwole
 
IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop Ersoy AKSOY
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot SpotsRon Steinkamp
 
1 -corinne_berinstein
1 -corinne_berinstein1 -corinne_berinstein
1 -corinne_berinsteinRamaica Ona
 
1 -corinne_berinstein
1 -corinne_berinstein1 -corinne_berinstein
1 -corinne_berinsteinAahil Malik
 

Semelhante a Risk assessment and internal controls - Internal Audit (20)

Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Qualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxQualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docx
 
Risk analysis.pdf
Risk analysis.pdfRisk analysis.pdf
Risk analysis.pdf
 
Risk Management - A Journey
Risk Management - A JourneyRisk Management - A Journey
Risk Management - A Journey
 
Enterprise Risk Management.pdf
Enterprise Risk Management.pdfEnterprise Risk Management.pdf
Enterprise Risk Management.pdf
 
Banking update for eastern connecticut chamber of commerce
Banking update for eastern connecticut chamber of commerceBanking update for eastern connecticut chamber of commerce
Banking update for eastern connecticut chamber of commerce
 
2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk2016 - IQPC - Understanding and Assessing Corruption Risk
2016 - IQPC - Understanding and Assessing Corruption Risk
 
It62015 slides
It62015 slidesIt62015 slides
It62015 slides
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?
 
Vendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesVendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto Series
 
Operational Risk Management & Strategic Planning
Operational Risk Management & Strategic PlanningOperational Risk Management & Strategic Planning
Operational Risk Management & Strategic Planning
 
Managing Reputational Risk
Managing Reputational RiskManaging Reputational Risk
Managing Reputational Risk
 
IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots
 
1 -corinne_berinstein
1 -corinne_berinstein1 -corinne_berinstein
1 -corinne_berinstein
 
1 -corinne_berinstein
1 -corinne_berinstein1 -corinne_berinstein
1 -corinne_berinstein
 

Último

Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...lizamodels9
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdftbatkhuu1
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfOnline Income Engine
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...Suhani Kapoor
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...Any kyc Account
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 

Último (20)

Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdf
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 

Risk assessment and internal controls - Internal Audit

  • 1. Internal Audit: Risk management & Control Evaluation Smitesh Bhosale smitesh.bhosale@yahoo.co.in
  • 2. What is Risk? An event or action that causes a possible threat to the achievement of an organization’s/function’s objectives Risk is just an expensive substitute for information Unwarranted Business Exposures are not Risks….
  • 3. Risk Assessment Risk Assessment is a three step process of risk analysis and evaluation involving the determination of Management optimistic 1 The level of impact or outcome of risk Consequence 2 The likelihood of risk getting realised Probability 3 The nature of the risk Auditors quite sceptical Inherent Risk Resolving the differences in perception of risk crucial for an effective control evaluation…
  • 4. Risk Assessment • Where do you devote considerable internal effort in order to control? • What areas receive considerable management reporting? • Where have you devoted significant resources? • What are the analysts and rating agencies most interested in? • What wouldn’t you want on the front page of the newspaper? • What are key obstacles to taking advantage of opportunities? • What is impeding growth? A “WHAT CAN GO WRONG ANALYSIS” prior to field work will provide focus and •What do people complain about within the organization? judgement to the auditor on • If you could fix one thing at the company, what would it be where to deploy his resources • What do your competitors do better? • What keeps you up at night?
  • 5. Risk Assessment - Comprehensive EXTERNAL RISKS  Capital Availability  Competitor  Customer Needs  Economy  Financial Markets  Industry  Legal  Natural Hazard/Catastrophe  Public Relations  Regulatory  Terrorism  Sovereign/Political  Technological Innovation INTERNAL RISKS Strategic Operational Financial Process  Business Model          Business Portfolio  Delivery Channels  Intellectual Property  Marketing/ Advertising     Alignment Business Interruption Capacity Change Response Compliance Contract Commitment Customer Satisfaction Cycle Time Efficiency Environmental Health & Safety Knowledge Management  Measurement  Partnering  Collateral  Physical Security  Product/Service Development  Product/Service Liability  Product/Service Failure  Product/Service Pricing  Relationship Management  Sourcing  Strategy Implementation  Supply Chain  Transaction Processing  Resource Allocation  Social Responsibility  Counterparty  Credit  Equity Management Information  Organization Structure  Product Life Cycle  Concentration  Default  Marketplace  Planning  Commodities Comprehensive risk assessment is very crucial to priorities controls evaluation across various risk categories          Accounting Information Budgeting & Forecasting Completeness/Accuracy Investment Evaluation Investor Relations Pension Fund Regulatory Reporting Relevance Taxation Human Capital            Integrity Technology  Financial Instruments  Foreign Exchange Accountability Change Readiness Communications Competencies/Skills Empowerment Hiring/Retention Leadership Outsourcing Performance Incentives Succession Planning Training/Development  Conflict of Interest  Employee Fraud  Ethical Decisionmaking  Illegal Acts  Management Fraud  Third-Party Fraud  Unauthorized Acts        Access Availability Data Integrity e-Commerce Infrastructure Reliability Technological Capacity  Interest Rate  Liquidity  Modeling  Opportunity Cost Right Description of risk is also crucial e.g. Employee Overtime V/s Liquidated damages
  • 6. Behavior of Risks… High 17 RED 14 25 1 23 19 Potentially material Events 24 2 21 27 13 ORANGE 12 15 Probability 9 Materiality Threshold 18 26 6 22 AMBER Low 8 16 11 10 5 GREEN 20 7 4 Impact Risks are on constant move with changes in external environment and your response / mitigation steps
  • 7. Risk Evaluation and Quantification Supplier concentration risk Potential Impact Likelihood of failure Supplier A Sales Dependency 200 $ Mln 10% of Budgeted Sales for FY 10-11 Margin of such sales 40 $ Mln 13% of Target EBIDTA for FY 10-11 50% ABC Ltd Overall Budgeted Sales 2000 $ Mln Mitigation Impact X Likelihood = Adequate stock to support change over time Share manufacturing facility • Value at Risk Alternative supplier development • 300 $ Mln • • Target EBIDTA Outright market purchase of end product 100 $ Mln of sales i.e. 5% of sales Transfer 20 $ Mln of EBIDTA i.e. 6.5% of EBIDTA • Assessment of likelihood is dependent on suppliers financial status, its exposure to economic factors, plant location, relations with supplier, competitors activities, disruption at its premises, contractual agreements, previous default history among other factors. BI and LOP Policy • Supplier extension clause To evaluate risks one needs to be fully aware of the impact the risk.. Preferably in financial terms
  • 8. Risk Management Strategies – Some tools Strategic Risks- fully managed internally by the organisation Operations • Elimination /Termination • Avoidance Organisation's Risks Financial Risk Capacity / Appetite Risks - Cannot be managed by Organisation and needs to be transferred Compliance Business is exposed to multiple risks Risks - Partly managed internally by the organisation Ability to manage risk depends on Risk Appetite / capacity • Tolerate / Acceptance • Mitigation and Monitoring • Transfer Significant portion of risks can be transferred through contractual / insurance
  • 9. Internal Control Framework Governance / Oversight Control Audit Committee, Risk Council Administrative Controls Policies, Guidelines, SOPs Management Controls Self Assessment, Questionnair e based Monitoring Controls On Ground process controls MIS, KPIs, Reports, Risk Radar. Reviews SOD, IT, Access Internal Audit, SOX, Risk Management, Compliance Predictive or Detective Whistle Blower, Independent Forum Extended Controls Customer, Vendor, Regulat or, Bank Controls External Controls influencing internal controls There is a world beyond Risk and Control Matrix (RCM)….
  • 10. In our journey can we help Business to embrace Risk…… with greater understanding Your greatest growth opportunities are your greatest risks reversed