Enterprise Risk Management Audit Report

Subscriber Content
Enterprise Risk Management Audit Report

This document contains two sample audit reports that can be used by auditors to review the enterprise risk management (ERM) function of an organization.

Testing involved activities such as documenting enterprisewide policy guidelines, implementing an ethics hotline and company code of conduct, and documenting and integrating risk mitigation and oversight. The following observations were noted as a result of testing:

  • Considerable progress with development and implementation of the ERM program has been made since the program’s inception.

  • The Operational Risk Management component of the ERM program is in its infancy but evolving rapidly.

  • Executive management’s expectations of the ERM function, beyond the expectation of compliance with regulatory mandate, are not fully defined.

  • The organizational structure complies with stated objectives. Looking forward and considering future program development, there will be the opportunity to reflect on leading ERM practices.


Topics
Performance Management/Measurement
Enterprise Risk Management
Risk Assessment
Strategic Risk
Audit Reporting

Related Resources

Benchmarking Tools

Enterprise Risk Management Key Performance Indicators (KPIs)

Checklists & Questionnaires

Enterprise Risk Management Questionnaire

Checklists & Questionnaires

Risk Oversight and Risk Management Questionnaire

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It