Progress on Risk Assessment......continued Ms. Albana Gjinopulli, MPA Mr. Stanislav Buchkov.

Slides:

Advertisements

Similar presentations

PROJECT RISK MANAGEMENT

Advertisements

SYSTEM OF EVALUATION AND MANAGEMENT CONTROL RESULTS-BASED BUDGETING THE CHILEAN EXPERIENCE Heidi Berner H Head of Management Control Division Budget Office,

Development of internal control: methodology and responsibility

Building a Better Business Model Start with a discussion of Risk Higher Education Policy Commission Board of Governors Summit August 2, 2014.

Proprietary and confidential. © 2006 Perot Systems. All rights reserved. All registered trademarks are the property of their respective owners.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Auditing A Risk-Based Approach To Conducting A Quality Audit

Internal Control in a Financial Statement Audit

Risk Assessment Frameworks

project management office(PMO)

8 Managing Risk Teaching Strategies

Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.

What is Business Analysis Planning & Monitoring?

RISK ASSESSMENT 2010/2011 M.J Ramakgolo. THE PURPOSE The aim of the risk assessment session is to develop the Strategic Risk Profile for the municipality.

Results of Pre-event survey on Risk Assessment Ms. Edit Németh – RA WG – Budva, Montenegro.

Audit objectives, Planning The Audit

Unit 8:COOP Plan and Procedures  Explain purpose of a COOP plan  Propose an outline for a COOP plan  Identify procedures that can effectively support.

From risk to planning Making the bridge from risks to audit plans Richard Maggs Astana September 2014.

Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.

Internal Control in a Financial Statement Audit

Marina Signore Head of Service “Audit for Quality Istat Assessing Quality through Auditing and Self-Assessment Signore M., Carbini R., D’Orazio M., Brancato.

Internal Control in a Financial Statement Audit

October Training 8 HR Ref. Content Overhead Utilities Risk Assessments Task Safety Environmental Analysis Health and Safety Plan Components of a HASP Questions?

1 The Impact of SAS 112 on Governmental Financial Statement Audits GAQC Member Conference Call January 4, 2007 Presented by Chuck Landes, CPA.

© 2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Quick Recap Monitoring and Controlling. Phases of Quality Assurance Acceptance sampling Process control Continuous improvement Inspection before/after.

How To Build a Testing Project 1 Onyx Gabriel Rodriguez.

Risk Assessment and Management. Objective To enable an organisation mission accomplishment, by better securing the IT systems that store, process, or.

Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.

Management & Development of Complex Projects Course Code MS Project Management Perform Qualitative Risk Analysis Lecture # 25.

1 Commonwealth Project Management Division Bob Haugh Project Management Division November 15, 2010 Revision of.

2nd PEM-PAL plenary Zagreb January 28, 2011

Workshop on Implementing Audit Quality Practices Working Group on Audit Manuals and Methods March 2006 Vilnius (Lithuania) Hungarian Experiences.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.

SOFTWARE PROJECT MANAGEMENT

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.

Section Topics Risk and control terminology Risk elements

Project Risk Management Planning Stage

The Risk Management Process

The FDES revision process: progress so far, state of the art, the way forward United Nations Statistics Division.

Onsite Quarterly Meeting SIPP PIPs June 13, 2012 Presenter: Christy Hormann, LMSW, CPHQ Project Leader-PIP Team.

Working group on Quality Assessment Steps done and plans for the future.

Project Management Processes for a Project Chapter 3 PMBOK® Fourth Edition.

BSBPMG508A Manage Project Risk Manage Project Risk Unit Guide Diploma of Project Management Qualification Code BSB51507 Unit Code BSBPMG508A.

June 2009 Regulation on pesticide statistics Pierre NADIN ESTAT E1- Farms, agro-environment and rural development

Company LOGO. Company LOGO PE, PMP, PgMP, PME, MCT, PRINCE2 Practitioner.

1 Friday 26 th July 2013 Gibson Hotel Jason Dowling CPA RISK MANAGEMENT & CORPORATE GOVERNANCE.

Risk Assessment: A Practical Guide to Assessing Operational Risk

AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.

Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Managing Project Risk – A simplified approach Presented by : Damian Leonard.

Improving public financial management. Supporting sustainable development. PEFA and fiscal transparency OECD CESEE SBO Ljubljana, Slovenia July 8, 2016.

RISK MANAGEMENT SYSTEM

An Overview on Risk Management

Monitoring and Evaluation Systems for NARS organizations in Papua New Guinea Day 4. Session 12. Risk Management.

Assessment of the Evaluation Culture

Security SIG in MTS 05th November 2013 DEG/MTS RISK-BASED SECURITY TESTING Fraunhofer FOKUS.

COSO and ERM Committee of Sponsoring Organizations (COSO) is an organization dedicated to providing thought leadership and guidance on internal control,

PEM PAL IA COP AiP Working Group Guidance to Audit Engagement Planning

The role of the Passport Indicators in Monitoring PFM Strategy

Budget Community of Practice (BCOP)

Edit Nemeth, Vice Chair of IACOP

Edit Nemeth, Vice Chair of IACOP

Budget Community of Practice (BCOP)

Assessment of Quality in Statistics GLOBAL ASSESSMENTS, PEER REVIEWS AND SECTOR REVIEWS IN THE ENLARGEMENT AND ENP COUNTRIES Mirela Kadic, Project Manager.

DG Environment, Unit D.2 Marine Environment and Water Industry

Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.

DG Environment, Unit D.2 Marine Environment and Water Industry

DG Environment, Unit D.2 Marine Environment and Water Industry

Presentation transcript:

Progress on Risk Assessment......continued Ms. Albana Gjinopulli, MPA Mr. Stanislav Buchkov

Introduction Good Practice Internal Audit Manual Template, developed by IA CoP, defines the importance and the impact that an effective audit strategy and audit plan can have on meeting the overall goals, objectives and the mission of the internal audit unit. Planning provides a systematic approach to the internal audit work and requires knowledge and competency in a broad number of areas such as risk assessment and internal control.

Risk Assessment is a process used to assign a number or score to potential risk areas based upon specific factors related to auditee’s operations, internal controls, and liability to the organization. Examples of specific risk factors used to formulate the risk assessment model include the amounts of budgeted expenditures, complexity of transactions, time since last audit, compliance with laws and regulations. The complete list of risk factors and RA process will be described further in the methodology.

The development of Internal Audit Plan, using the risk assessment model as an integral component, is a dynamic process. The Internal Audit Unit should have access to current information about departments to use in the risk assessment process on an ongoing basis. The risk factors and scoring process will be reviewed and refined periodically as needed.

The purpose of RA Methodology The main purpose of the Risk Assessment Methodology is to provide for an objective and transparent basis for the preparation of Audit Plan. The purpose of Risk Assessment is for internal audit to give priority to higher risks for the organization. Therefore, the risk assessment methodology is one of the cornerstones of the internal audit activities.

The risk assessment process shall be described in detail and should cover: –Identification and definition of appropriate risk categories; –Identification and definition of risk criteria for impact and probability; –Definition of risk scoring content and an explanation of the rationale for assigning a score of high, medium or low to a particular risk.

Definitions of Risk Assessment Risk is an uncertain future event which could adversely affect the achievement of an organization’s objectives. Risk likelihood- is the probability that a risk occurs. The factors that should be taken in the determination of the likelihood are: the source of the threat, capability of the source, nature of the vulnerability and existence and effectiveness of current controls.

Likelihood can be described as: high- an event is expected to occur in most circumstances; medium- an event will probably occur in many circumstances and low- an event may occur at some time; Risk impact- is the potential effect that a risk could have on the organization if it arises. The magnitude of impact can be categorizes as: high- serious impact on operation, reputation, or funding status; medium- significant impact on operations, reputation or funding status and low- less significant impact on operations, reputation or funding status.

Steps undertaken Establishment of working group in Ohrid Development of survey Analysis of survey results Development of final objectives of working group Development of action plan

Establishment and Composition of Risk Assessment Working Group Albana Gjinopulli, leader Stanislav Bychkov, co-leader Joop Vrolijk, OECD/SIGMA Jean-Pierre Garitte, OECD/SIGMA expert Other members of IA COP

Objectives and results to be achieved..... Inventorize current practices Develop good practice model Develop good practice guidance, which can be used by various countries as a basis for their risk assessment

Next steps work to be done Develop content of each topic to be included in the model (between June and October 2012) Expose draft model to members of the IA COP (October 2012) Discuss draft and comments in next meeting of RAWG (plus ongoing discussion) Develop Good Practice Risk Assessment Template ( January and on going)

Intermediate results, Consolidation of inputs

Table of Content I.Introduction II.Purpose and Principles of Risk Assessment III.Objectives of the organization and Audit Universe Strategic objectives Specific objectives Role of internal audit with regard to objectives IV. Process of Risk Assessment IV.1 Definitions of Risk IV.2 Objective of Risk Assessment IV. 3 The process IV.4 Risk factors

V. Types of risk (categories) VI.Risk identification VI.1 Source of information VI.2 Techniques to gather information VII. Risk assessment VII.1. Inherent risk, residual risk VII.2. Criteria for risk assessment VII.3. Classification VII.4 Risk scoring VII.5 Risk rating VII.6 Risk matrix

VII. Processes (owners) Risk owners Priority processes to be audited VIII. Addressing risk assessment VIII.1. Prioritization VIII.2 Frequency of audits VIII.3 Coverage with resources IX. Validation of risk assessment results X. Documentation of risk assessment in audit plan XI. Monitoring process of Risk Assessment

Annex 1: Risk Assessment questionnaire Annex 2: Practical examples of risk factors scores and weight Annex 2:Glossary of terms ANNEXES

Thank you for the attention....

What needs to be done? Take a deep dive into one process: identify sub-processes. Identify risk categories applicable to MoF. Identify risk criteria for impact and probability (or vulnerability). Identify risk scores (plus explanation) for selected sub-process.