Uusi IIA Audit Tool: Enterprise and Business Process Risks
IIA:n Standards and Guidance -tiimi on julkaissut uuden auditointityökalun Enterprise and Business Process Risks, joka on linjassa Global Internal Audit Standards™ -standardien ja Three Lines Model™ -mallin kanssa. Työkalu sisältää kattavan käyttöoppaan ja Excel-työkirjan, jotka auttavat sisäisiä tarkastajia ja muita varmistustoimijoita riskien tunnistamisessa, arvioinnissa, hallinnassa ja seurannassa sekä yritystasolla että liiketoimintaprosessien tasolla.
Työkalu on vain jäsenille.
➡️ Jos et ole vielä jäsen, liity nyt – pääset käsiksi IA-lehteen sekä muihin jäsenetuihin!
The IIA’s Standards and Guidance team has released a new IIA Audit Tool, “Enterprise and Business Process Risks,” aligned with The IIA’s Global Internal Audit Standards™ and the Three Lines Model™.
The tool features a comprehensive user guide and companion Excel workbook that help internal auditors collaborate with other assurance providers to support the identification, assessment, management, and monitoring of risks at both the enterprise and business process levels. The tool is meant to be customized by users but includes examples of enterprise and business process risks to get them started.
This user guide and workbook will help internal auditors:
☑️ Identify enterprise risks.
☑️ Use a matrix and heat map to document the enterprise risks’ impact and likelihood, mitigation strategies, strategy importance, and levels of inherent and residual risk.
☑️ Identify business process risks:
Use a matrix and heat map to document their impact and likelihood, mitigation strategies, control importance, and levels of inherent and residual risk.
The Enterprise and Business Process Risks Tool — featuring a comprehensive user guide and companion Excel workbook — is designed to support organizations in launching and managing a structured enterprise risk management program. The tool provides a practical approach to identifying, assessing, managing, and monitoring risks at both the enterprise and business process levels and includes examples of enterprise and business process risks. The risk examples are not exhaustive and can be customized for individual use.
This tool helps users support organizations through:
- Structured risk identification: Pinpointing risks at both the enterprise and business process levels.
- Integrated risk tracking: Monitoring and managing risk mitigation efforts in alignment with the risk appetite.
- Enterprisewide risk view: Providing a comprehensive overview of the organization’s risk landscape to support strategic decision-making.
Aligned with The IIA’s Three Lines Model, this tool supports second line functions in strengthening risk management and control processes. It also enhances the ability of internal audit functions to deliver independent, objective assurance and advisory services on the effectiveness of those processes.
➡️ IIA Audit Tools are available in the Standards Knowledge Center