Risk-based Auditing
TeamRisk is a powerful risk assessment tool that works the way you do, letting you decide what works best as you design, perform and report your risk assessment.
TeamRisk assists auditors in creating risk assessments that are compatible with the following auditing standards:
- Institute of Internal Auditors: “Standards for the Professional Practice of Internal Auditing”
- Basel Committee on Banking Supervision: “Internal Audit in Banks and the Supervisor’s Relationship with Auditors”
- COSO Report: “Internal Control – Integrated Framework”
- King Code of Corporate Practices and Conduct 2002 Turnbull Committee
Integrate and Automate your Audits
Integration with the rest of the TeamMate suite helps streamline your audit process:
- Projects identified during the risk assessment can be scheduled in TeamSchedule.
- Audit workpapers can be created for identified projects in TeamMate EWP.
- Access to project history from TeamSchedule and TeamMate EWP permits risk assessors to review vital project information such as project cycle time, prior risk scores, final project risk ratings, and previous contacts responsible for an audit universe entity.
TeamRisk eases data collection. With Self Assessmentfunctionality, Risk Assessors can request business contactsor a distributed audit team to:
- Score selected risks
- Populate custom measures
- Document background narrative online
Online results incorporate into the overall assessment that iscompleted by the Risk Assessor.
Design Thorough Risk Assessments
Design your risk assessment to mirror your organization, and populate your risk universe with objectives, risks and controls. Then, setting up scoring is simple:
- Determine scoring formulas and scoring bands.
- Choose scoring metrics, like impact and likelihood, which best describe your approach to risk determination.
- Decide on metric dimensions to view risk factors before control (Inherent), after control (Residual) or both.
- Stipulate custom measures to add a dimension of importance to business units and processes.
Self-assessors can score risks through an easily accessible web interface.
Assessing Risk
Performing the assessment is simple:
- Capture custom measure values for the organization under review.
- Select objectives, risks and controls from the risk universe.
- Invite self assessors to rate risks; populate custom measures and background narrative.
- Link risks to affected entities and score on an Inherent and/or Residual basis.
- Comment on assessments made on a per-risk basis.
- Import self assessment data to augment the risk assessment.
- Attach supporting documentation to assessments.
- Filter objectives and risks for the entire enterprise or for a specific organizational entity.
Build a Project File
Project files containing work programs and workpapers are created based on information in the risk assessment database, and are automatically populated with a Risk Assessment Detail (RAD) Report, highlighting risks and controls for auditors to address.
An easy to use, graphic rich project selection wizard guides auditors in the
identification of higher risk entities and functions that are to receive audit attention.
Flexible Reports Tailored to Your Needs
Report Templates are customizable, allowing you to tailor layouts that conform to your reporting standards. Reports can be exported to PDF, Excel, HTML and RTF.
Identify where audit attention is needed with the Heat Map Audit Universe Viewer. You can also automatically produce an Annual Audit Plan with Supporting Project Details schedules, based on your risk assessment.
A range of other narrative and graphical report templates are available, including:
- Risk Assessment Detail Report
- Audit Universe Heat Map Report
- Risk Matrix Report
- Risk Category Heat Map Report
TeamRisk’s heat-map formatted Audit Universe Viewer makes it easy to identify
Organizational Units and Business Processes that require audit attention.