How are you thinking regarding risk ratings being used for the findings within an Audit Report? Are there any changes to the approach?

Auditing & LoggingPeer Insights
761 views1 Upvote5 Comments
Sort By:
Oldest
CFO in Travel and Hospitality9 months ago
Risk ratings are always beneficial in understanding the importance of a finding and how critical it can be for the company. This can also give enough guideline to focus on either improving an existing control or introduce a new one to bring down the risk to lower possible.
1
Vice President, Internal Audit in Banking9 months ago
I agree that risk ratings are beneficial in allowing stakeholders to develop risk-based remediation plans (or risk acceptance decisions) and prioritize resources. We have adopted the risk ratings scale in our organization's risk management standards to promote consistency amongst assurance providers.
2
SVP Corporate Audit in Energy and Utilities9 months ago
We use risk ratings for every audit finding that we report.  This is used to drive the speed of implementation of the remediating actions.  However, no matter what the risk rating is the actions need to be completed by the due date, with the Board getting an update each quarter of progress against implementation of actions and any overdue actions.
1
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Vice President - Internal Audit and Enterprise Risk Management in Healthcare and Biotech8 months ago
We rate every finding in our audit reports as we find that it helps out senior leaders understand relative severity in order to assist with prioritization and resourcing taken within the context of the broader set of initiatives their teams are working on.   We've recently revisited our rating scales to ensure that they are still appropriate given the overall company risk appetite. We also made updates to the language we use for our ratings, to improve our ability to communicate the ratings to our internal clients.
2
SVP - External and Regulatory Audit8 months ago
We risk rate all findings that rise to the level of an "issue". That criticality rating drives overall audit rating - Satisfactory, unsatisfactory, needs improvement. All Med and High issues are reported to the Audit Committee, based on status updates from management. Risk definitions are tied to ERM framework. 
1

Content you might like

What is a "must have" meeting for you or your team? If you can please share why/what makes it so great - topic, frequency, etc. - I'm looking to brainstorm some fresh opportunities for my group.

Peer InsightsPeople & Leadership
CIO in Government9 months ago
1. Fortnightly or monthly departmental meeting - to ensure all key messages/updates are shared with the broader group
2. Direct reports - fortnightly 1:1's
3. Successes/celebrations/milestone

Always a good ...read more
3
Read More Comments
23k views9 Upvotes46 Comments

What is your preferred way to read a book?

People & LeadershipPeer Insights

eBook/Kindle16%

Print Edition64%

PDF/Tablet10%

Audio Books (I prefer to listen)8%

Something else?1%

View Results
6.6k views6 Comments

As the controller of a tech company in Europe, I am interested in embedding more Lean and Six Sigma techniques into our workflow to drive improvements in our closing process. Could anyone recommend a third-party provider that offers robust and tactical training in this area? Any tips or recommendations would be greatly appreciated.

Peer InsightsFeedbackFinancial Management+1 more
294 views1 Upvote

In your opinion, what is the main value your organization's marketing department delivers?

Peer Insights
IT Manager in Construction4 months ago
Do you can add some examples of what you are thinking about?
Read More Comments
48.8k views6 Upvotes33 Comments

Assuming that the idea/problem to be solved has been identified, which of these should be the first step for a new startup?

Management ToolsPeer InsightsPeople & Leadership

Market Research12%

Build a Team47%

Build a MVP24%

Make a Business Plan12%

Prepare a Pitch Deck1%

another action (mention in comments)

View Results
5k views2 Upvotes3 Comments