Internal Audit: Be a Key Player in the Risk Management Process
Authored by Margaret O’Reilly-Allen, accounting department chair at Rider University, and Lawrence Mawn, a director with Deloitte & Touche LLP, for the Fall 2011 issue of Pennsylvania CPA Journal, this article discusses how organizations can implement an effective enterprise risk management (ERM) program. It also addresses how the Internal Audit function can optimize its value by playing a major role in an ERM initiative.
The authors recommend the following general steps to develop a broad ERM program:
- Enlist top-level support
- Communicate the objectives
- Establish appropriate risk management framework
- Identify events and determine risk appetite
- Assess and measure
- Make decisions regarding risk response
- Consider and select controls
- Report and communicate results
This article reprinted with permission from the Pennsylvania CPA Journal, a publication of the Pennsylvania Institute of Certified Public Accountants.