Anda di halaman 1dari 2

Date: June 22,2019 --------- Designed by : Malik Halawah

Risk based Audit (RBA)

Is an internal methodology which is primarily focused on the inherent risk involved in the activities
or system and provide assurance that risk is being managed by the management within the
defined risk appetite level. It is the risk management framework of the management and seeks
at every stage to reinforce the responsibility of management and BOD (Board of Directors) for
managing risk.

Components of Risk

Inherent Risk

Control Risk

Detection Risk

Risk assessments the determination of quantitative or qualitative estimate of risk related to a


well-defined situation and a recognized threat (also called hazard). Quantitative risk assessment
requires calculations of two components of risk (R): the magnitude of the potential loss (L), and
the probability (p) that the loss will occur. An acceptable risk is a risk that is understood and
tolerated usually because the cost or difficulty of implementing an effective counter measure for
the associated vulnerability exceeds the expectation of loss. [1] "Health risk assessment" includes
variations, such as risk as the type and severity of response, with or without a probabilistic context

Risk Assessment Process

Establish the Context

Identify the Risk

Analyze the Risk

Evaluate and Prioritize the Risk

Tackle the Risk

Impact of Environment on Risk Assessment

Economic Factors

Technological Factors

Regulatory environment

Changes in Risk Management

Change in Risk Appetite

1
Risk Appetite

It is the amount of risk that an entity is willing to accept within its overall Capacity. It provides the
threshold of acceptable risk and determining the risk appetite is continuous process, it can't be
set once and leave. Risk appetite is developed on the basis of risk level of company like risk Hunger
Company may develop high risk appetite while risk averse company may develop low risk appetite
level.

Impact of Environment on Risk Assessment

Economic Factors

Technological Factors

Regulatory environment

Changes in Risk Management

Change in Risk Appetite

Developing Risk Based Audit Plan

The following aspects are to be considered while preparing the audit plan :

Knowledge of Clients Business.

Complexities of Transactions and Environment.

Degree of subjectivity in the measurement of financial information.

Assessment of significant transactions and level of materiality.

Assessment of the control environment.

Assessment of the Overall risk.

Changes in Risk Management

Continued improvements and changes in risk management approaches and structures.

Increased stakeholder pressure for more effective risk governance.

Definition and embedding of risk appetite is cornerstone in risk management processes but long
way to go before truly embedded.

Quality of data and systems remain impediments to effective risk management.

Identification and mitigation of emerging risks.

Industry and regulator views that there is still a lot of work to be done

A Presentation on Risk Based Auditing


BY: AMAR DEEP GHIMIRE