Practice Guide: Engagement Planning Assessing Fraud Risks
This practice guide describes the characteristics of fraud and the process of identifying and assessing fraud risks during engagement planning. The exact process of incorporating a fraud risk assessment into engagement planning may vary according to the needs of the individual organization, internal audit activity, and engagement. However, the process generally includes the following steps:
- Gather information to understand the purpose and context of the engagement, as well as the governance, risk management, and controls relevant to the area or process under review.
- Brainstorm fraud scenarios to identify potential fraud risks.
- Assess the identified fraud risks to determine which risks require further evaluation during the engagement.
The guide describes how to gather information, brainstorm fraud scenarios, identify fraud risks and rate their significance to determine which fraud risks should be evaluated further during the engagement.