Self-assessment is a recognized best practice and has been applied to risks and controls for many years.
Systematically applied across the organization at the entity and process levels, self-assessment is a pre-determined approach whereby individuals self-review or self-audit the controls for which they are responsible and communicate the results to appropriate management. In response to the upward reporting of process owner assessments, follow-up is taken where necessary. While self-assessment may be limited to financial controls to support Sarbanes-Oxley compliance, the process is flexible enough to apply to other risk areas, such as compliance with other laws and regulations, and operational effectiveness and efficiency.
This questionnaire provides a format to evaluate current self-assessment practices and identify areas for improvement.