Conducting audit risk assessment

You use the audit risk assessment scoring matrix to score assessment factors for each active auditable entity.

Note

  • When you initially access the audit risk assessment scoring table there are no scores, and the audit risk assessment status is Draft.

  • When at least one assessment factor is scored for one auditable entity, the status becomes In progress.

Important

Assessment factor scores reflect the risk level posed by the assessment factor to the auditable entity—the higher the score, the higher the risk. This is critical in the Conclude workflow since the overall scores play a major role in that process.

Score the assessment factors

  1. From the auditable entity’s assessment factor dropdown menu, select a score.

  2. Select Conclude.

Note

  • You must score all active auditable entities by all assessment factors to Conclude.

  • The Audit app automatically saves the selected scores.

  • If the app does not save the changes, The selected scoring could not be saved message displays.

  • If the error persists, contact Support for assistance.

Configure an audit risk assessment

You can configure audit risk assessments to include or exclude auditable entities, update assessment factors, and change the name of the audit risk assessment.

Note

  • Changing an audit risk assessment's auditable entities or assessment factors does not impact previous scoring.

  • While you can change the audit risk assessment name at this point, a new audit risk assessment is not created. The Created on date and all previously entered data remain the same.

  • You cannot change the scale.

  • You can configure an audit risk assessment when it is in Draft or In progress status.

  • The Configure option is not available when the status is Conclude or Completed.

  1. In the Audit risk assessment page, select the audit risk assessment to configure.

  2. Select the More options icon and select Configure.

    The Auditable entities tab opens as the default landing page.

    Note

    You can navigate between the other options to edit them as needed. The audit risk assessment and configure workflows are similar, except the page is named Configure audit risk assessment.

  3. In the Auditable entities tab, include or exclude auditable entities if needed.

  4. In the Assessment factors tab, include or exclude assessment factors if needed.

  5. In the Name tab, update the name of the audit risk assessment if needed.

    Note

    Any updates, inclusions, or exclusions are automatically saved.