Improve your organization's enterprise risk management audit process with the best practices in this audit report sample.

Recommendations outlined in this sample include documenting enterprisewide policy guidelines; linking strategy and risk appetite to the organization's annual risk assessment; implementing an ethics hotline and company code of conduct; documenting and integrating risk mitigation and oversight; closely monitoring risk-related activities and regularly reporting them to the board of directors (BOD); ensuring that risk perspectives are sufficiently diverse: multiunit, multifunction and multirisk-oriented; using strategic initiatives to report risk; and implementing a model validation program.