ARTICLE: IT RISK EVALUATION
This article describes a methodology to be used in offering concluding remarks to the management of an audited entity as to whether, for each objective assessed during an audit assignment, the situation is satisfactory, requires improvement or unsatisfactory. The aim is to provide a conceptual and practical framework to define and implement an evaluation method for Internal Audit assignments. The main uncertainties are identified and the objectives of Internal Audit are described, then we present an evaluation methodology for risk assessment.
FOR MORE INFORMATION SEE: “IT Risk Evaluation”, Intelligent Risk Journal, Oct. 2011, Vol. 1: Issue 3, pp. 14-19, www.prmia.org/irisk
No comments:
Post a Comment