Self-assessment is a recognized best practice that has been applied to risks and controls for many years.
Systematically applied across the organization at the entity and process levels, self-assessment is a pre-determined approach whereby individuals self-review or self-audit the controls for which they are responsible and communicate the results to appropriate management.
These questions help assess:
- The compliance level to the code of conduct within an organization
- The existence of a functional ethics and compliance hotline
- Audit and HR policies within an organization
- Policies and procedures for information management
- Controls to monitor the results of the operations of the business units against objectives and expected results
- Internal audit’s presence within an organization