You use this procedure to create an audit risk rating (ARR).
You have completed the following:
You have verified that your audit universe has been defined.
See Audit Universe and Creating an Auditable Entity for more information.
You have confirmed your role authorization for performing an ARR.
See Internal Audit Management Roles for more information.
You have defined and evaluated a set of risk factors and risk scores to factor from Customizing activities in Risk Management under Maintain Risk and Opportunity Analysis.
Note
After you have created at least one ARR, select Copy to copy all the data except audit proposal and audit plan proposal information.
To create an ARR:
Navigate to
.Select Create.
On the General tab, complete the following entries for your ARR:
Name
The name of the ARR you are creating.
Description
A description of the ARR you are creating.
Valid from
The starting valid date for the ARR.
Valid to
The date when the ARR expires.
The Valid to date must be greater than or equal to the Valid from date.
Responsible Person
The person with the authority to change or edit the ARR.
Status
The current status of the ARR. Status can be In Process, Released, or Completed.
On the Auditable Entities tab, select Add to choose from a list of auditable entities.
On the Risk Factors tab, select your ARR risk factors.
Select Add to add the risk factors.
After you have entered your risk factors select OK.
On the Risk Scores tab, select the auditable entity and input the risk score on the Risk Factors table.
Select the Calculate button to obtain a display of the average score.
Select the Risk Level column and enter your risk level definitions or values.
Select the Risk Priority column and enter your risk priority definitions or values.
(optional) Add any comments in either the Auditable Entities or Risk Factors table.
Select the Audit Plan Proposal tab to confirm that you want to generate an audit plan proposal with associated audit proposals.
The auditable entity and the ARR are linked.
For more information, see Generating an Audit Proposal and Audit Plan Proposal.
Select the Attachments and Links tab to upload a file or create a link relevant to your ARR.
Select Export to create an Excel spreadsheet that displays the following information in table form for your ARR:
Auditable Entity
The name of the auditable entity.
Risk Factor(s)
The risk factors you defined for the auditable entity.
Risk Score
The calculated risk score for the auditable entity.
Risk Rating
The rating for the auditable entity.
Risk Priority
The level of importance you place on the auditable entity.
This value is supplied by Customizing activities in Risk Management under Maintain Risk and Opportunity Analysis.
Comments
Descriptive or other helpful information for the auditable entity.
Select Save.