GuardianERM.Net Help       Table of Contents

Strategic Audit Planning

The Strategic Audit Planning function involves risk ranking a number of risk areas (auditable units) and allocating audit resources to the risk areas on a three year basis.

A risk area can be anything that is subject to an audit.  Although not necessary, it is common to use the organisation units set up in the Risk Management module as risk areas.

There are three main functions as found on the Strategic Audit Planning menu page:

Risk Area Maintenance

Risk Factor Maintenance

Risk Area Ranking

To produce a suggested three-year strategic audit plan:

  1. Establish a risk area group and add risk areas to it.  You can create more than one risk area groups.
  2. Create a set of risk factors to be used to evaluate the risk of the risk areas in a risk area group.
  3. Create a scenario, assign risk rating for each risk factor in each risk area.
  4. Risk rank the risk areas.
  5. Produce a three-year audit plan.

Click the above links for help on each of these functions.