E.2 Practice Review and Internal Audit Risk Assessment Framework

Risk Methodology

  1. The risk methodology framework and strategy can directly impact risk assessments and planning within the internal audit activity. Internal audit will utilize the methodology as one factor in the course of developing risk based plans. The process will help ensure higher risk areas are identified and prioritized in the conduct of the audit plan and assignment of internal audit resources. The risk assessment methodology applies across the entire Office. Each functional leader is responsible for the application of the methodology in its respective area and aligning to the organizational strategic risk management approach.

Identification of Audit Universe

  1. PRIA reviews its audit universe annually as part of the planning process. The audit universe is risk-based and PRIA leverages management and Audit Committee input, as well as internal audit knowledge of operations, financial statements, budgets, professional judgment, comparative system risks, and brainstorming techniques, to identify potential risks. The following factors are considered when developing the audit universe and priorities for the risk based plan consideration:

Identification of audit universe

Last modified:
2019-02-12