It draws from The IIAs International Professional Practices Framework with

It draws from the iias international professional

This preview shows page 3 - 7 out of 71 pages.

. It draws from The IIA’s International Professional Practices Framework with respect to using and assuring the ISO 31000:2009 risk management process, and is a welcome addition to any research library. In Australia ISO 31000:2009 is published as AS/NZS ISO 31000:2009. Accessed by MONASH UNIVERSITY LIBRARY on 29 Oct 2016 (Document currency not guaranteed when printed)
3 HB 158—2010 CONTENTS Page SECTION 1 SCOPE AND OBJECTIVES 1.1 GENERAL .................................................................................................................... 5 1.2 ENTERPRISE RISK MANAGEMENT (ERM) ............................................................... 6 1.3 TERMINOLOGY AND DEFINITIONS ........................................................................... 6 SECTION 2 SUMMARY OF THE RISK MANAGEMENT PROCESS 2.1 GENERAL .................................................................................................................. 11 2.2 COMMUNICATE AND CONSULT .............................................................................. 12 2.3 ESTABLISH THE CONTEXT ..................................................................................... 13 2.4 IDENTIFY RISKS ....................................................................................................... 14 2.5 ANALYSE RISKS ....................................................................................................... 15 2.6 EVALUATE RISKS .................................................................................................... 16 2.7 TREAT RISKS ........................................................................................................... 17 2.8 MONITOR AND REVIEW .......................................................................................... 18 SECTION 3 RISK MANAGEMENT AND ASSURANCE 3.1 LINKING RISK MANAGEMENT TO ASSURANCE .................................................... 20 3.2 STRATEGIC AND ORGANIZATION-WIDE APPROACHES TO RISK MANAGEMENT ......................................................................................................... 21 3.3 ASSURANCE AND THE RISK MANAGEMENT PROCESS ...................................... 22 3.4 ASSURANCE OF A RISK MANAGEMENT FRAMEWORK ........................................ 23 3.5 INTERNAL AUDIT INVOLVEMENT IN RISK MANAGEMENT ................................... 26 SECTION 4 DEVELOPING AN ASSURANCE STRATEGY 4.1 GENERAL .................................................................................................................. 28 4.2 STEP 1: IDENTIFYING THE ASSURANCE NEEDS OF THE ORGANIZATION ........ 29 4.3 STEP 2: IDENTIFYING WHO THE ASSURANCE PROVIDERS ARE AND THEIR SCOPE OF OPERATION .......................................................................................... 29 4.4 STEP 3: IDENTIFY AND DOCUMENT ASSURANCE MECHANISMS ....................... 31 4.5 STEP 4: DESIGN THE ASSURANCE REVIEW PROGRAM ...................................... 33 4.6 STEP 5: DEVELOP A RISK-BASED REVIEW PROGRAM ........................................ 39 4.7 STEP 6: MEASURING THE STRATEGY ................................................................... 41 SECTION 5 PLANNING AN ENGAGEMENT 5.1 GENERAL .................................................................................................................. 43 5.2 ENGAGEMENT SCOPE ............................................................................................ 43 5.3 ENGAGEMENT OBJECTIVES .................................................................................. 43 5.4 ENGAGEMENT PROCEDURES ................................................................................ 44 5.5 RATIONAL USE OF RESOURCES .......................................................................... 44 5.6 SKILLS AND BODY OF KNOWLEDGE ..................................................................... 45 SECTION 6 REPORTING ON THE ASSURANCE PROGRAM 6.1 GENERAL .................................................................................................................. 46 6.2 REPORTING LINES .................................................................................................. 46 6.3 REPORTING THE INDIVIDUAL ASSURANCE ENGAGEMENT ................................ 47 6.4 ENSURING ACTION .................................................................................................. 49 Accessed by MONASH UNIVERSITY LIBRARY on 29 Oct 2016 (Document currency not guaranteed when printed)
HB 158—2010 4 Page SECTION 7 DESIGNING AND IMPROVING CONTROLS 7.1 GENERAL .................................................................................................................. 50 7.2 IDENTIFYING AND MEASURING CONTROL GAPS ................................................ 50 7.3 DESIGNING CONTROLS .......................................................................................... 52 7.4 ADDING CONTROLS TO AN EXISTING PROCESS ................................................. 55 SECTION 8 ASSURANCE OF THE RISK MANAGEMENT PROCESS AND FRAMEWORK 8.1 GENERAL .................................................................................................................. 56 8.2 RISK MANAGEMENT PROCESS ELEMENT APPROACH ....................................... 57 8.3 KEY PRINCIPLES APPROACH ................................................................................. 59 8.4 MATURITY MODEL APPROACH .............................................................................. 61 APPENDIX A EXAMPLE PRIORITY MODEL ...................................................................... 64 Accessed by MONASH UNIVERSITY LIBRARY on 29 Oct 2016 (Document currency not guaranteed when printed)
5 HB 158—2010 © Standards Australia Limited and the Institute of Internal Auditors—Australia STANDARDS AUSTRALIA HANDBOOK Delivering assurance based on ISO 31000:2009 Risk management—Principles and guidelines S E C T I O N 1 S C O P E A N D O B J E C T I V E S 1.1 GENERAL

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture