Professional Documents
Culture Documents
The
Current Practices
Vary according to the organisation
Most Internal Audit functions want to be seen as:
Management of Risk
What if there is no formalised Risk Management
system?
Is risk the same to everyone
Risk Naive
Risk Enabled
Risk Aware
What is the
organisations
risk maturity?
Risk Managed
Risk Defined
No 2
If your organisation does not have a Risk Management
system, how would you try to persuade top management to
take action?
No 3
How would you satisfy the board that risk management
processes were firmly embedded in the day-to-day
management of the business