10 risk Management Imperatives for Internal Auditing
The Audit Executive Center of the IIA published a white paper on the role of Internal Auditing in Risk Management.
It addresses a pressing and immediate need — pragmatic advice on how audit departments can help their organizations improve their risk management processes and capabilities and the roles internal auditing can, and should, play.
The steps recommended in the guidance are:
1. Assess the organization's current processes and capabilities. 2. Coordinate with other risk and control functions. 3. Participate in summits with key stakeholders. 4. Help the organization develop near-term strategies. 5. Strengthen top-level communications. 6. Define internal auditing's role. 7. Audit risk management incrementally. 8. Assess audit skills and capabilities. 9. Execute the audit strategy with appropriate reporting. 10. Keep up with evolving practices.