a presentation on risk based auditing
TRANSCRIPT
A Presentation on Risk Based Auditing
BY: AMAR DEEP GHIMIRE
Definition
Risk based Audit (RBA) is an internal methodology which is primarily focused on the inherent risk involved in the activities or system and provide assurance that risk is being managed by the management within the defined risk appetite level.It is the risk management framework of the management and seeks at every stage to reinforce the responsibility of management and BOD (Board of Directors) for managing risk.
Components of Risk
Inherent Risk Control Risk Detection Risk
QUESTIONS ??
Risk Assessment
Risk assessment is the determination of quantitative or qualitative estimate of risk related to a well-defined situation and a recognized threat (also called hazard). Quantitative risk assessment requires calculations of two components of risk (R): the magnitude of the potential loss (L), and the probability (p) that the loss will occur. An acceptable risk is a risk that is understood and tolerated usually because the cost or difficulty of implementing an effective countermeasure for the associated vulnerability exceeds the expectation of loss.[1] "Health risk assessment" includes variations, such as risk as the type and severity of response, with or without a probabilistic context
Risk Assessment Process
Establish the Context Identify the Risk Analyze the Risk Evaluate and Prioritize the Risk Tackle the Risk
Impact of Environment on Risk Assessment
Economic Factors Technological Factors Regulatory environment Changes in Risk Management Change in Risk Appetite
QUESTIONS ??
Changes in Risk Management
Continued improvements and changes in risk management approaches and structures.
Increased stakeholder pressure for more effective risk governance. Definition and embedding of risk appetite is cornerstone in risk
management processes but long way to go before truly embedded. Quality of data and systems remain impediments to effective risk
management. Identification and mitigation of emerging risks. Industry and regulator views that there is still a lot of work to be done
Risk Appetite
It is the amount of risk that an entity is willing to accept within its overall Capacity. It provides the threshold of acceptable risk and determining the risk appetite is continuous process, it can't be set once and leave. Risk appetite is developed on the basis of risk level of company like risk hunger company may develop high risk appetite while risk averse company may develop low risk appetite level.
Developing Risk Based Audit Plan
The following aspects are to be considered while preparing the audit plan: Knowledge of Clients Business. Complexities of Transactions and Environment. Degree of subjectivity in the measurement of financial information. Assessment of significant transactions and level of materiality. Assessment of the control environment. Assessment of the Overall risk.
QUESTIONS ??
HAPPY DHAKATOPI DIWASH
THANK YOU ALL