Risk assurance
408
with selection of effective processes that are appropriate for the organization. Selection 
of effective processes requires informed decision making and the successful design 
and delivery of projects. Risk management and internal audit should work together 
to achieve these outputs.
The most important decisions taken by an organization relate to strategy. Risk 
management and internal audit both have roles to play in helping the organization 
reach strategic decisions that result in the development of effective and efficient 
strategy. For example, risk management should ensure that risk assessment work-
shops address strategic decisions and internal audit should evaluate the quality of 
the strategic decision-making procedures.
The required outputs from risk management/internal audit can be summarized as 
fulfilling mandatory obligations, providing assurance, supporting decision making 
and ensuring the existence of effective and efficient core processes (MADE2). Risk 
management and internal audit should work together to achieve these outputs. Due 
regard should always be paid to the desire of internal audit to remain independent 
of executive management as they fulfil their activities. The need to retain this inde-
pendence is another reason why internal audit should not become too closely involved 
in the executive role and responsibilities related to the management of risk.

Download 3.45 Mb.

Do'stlaringiz bilan baham: