Risk Based Audit Model Presentation (Final) Audit Risk Assessment
Risk Based Audit Model Presentation (Final) Audit Risk Assessment
Risk Based Audit Model Presentation (Final) Audit Risk Assessment
AUDIT MODEL
Presented by Mr. Tahir Khurshid
RISK BASED INTERNAL AUDIT MODEL – Info System SELECTION
Risk Appetite
Application and IT’ Selection for
RBIA on the basis of their
individual risk profiling
RISK BASED INTERNAL AUDIT MODEL – Info System SELECTION
COVERAGE: Audit of all the critical Information Systems are done every year
[Every application to be audited at least once in every 03 years]
MANDATORY SELECTION:
d) Applications that were Signed Off in preceding year (i.e. Jan-Dec 2018).
e) All Systems or changes to legacy systems done in 2018 shall be audited in 2019.
After Mandatory selection, remaining Info Systems would be selected in terms of:
02 Regulatory Requirements
05 Changes in Systems
RISK BASED INTERNAL AUDIT MODEL -
MANAGEMENT FUNCTIONS
However, the risks were assigned to the respective functions, primarily, keeping in
view: