To identify activities that represent significant emerging business risks or opportunities for the organization is the overriding objective of the audit planning process. The quality of JSA's Audit Plan is a direct function of obtaining individual risk assessments throughout the organization. Management's individual input in prior years has contributed greatly to the overall success of planning the Internal Audit Program.
Identification of potential audit areas is the result of a critical risk assessment of functional operations, careful consideration of significant contract requirements, review of the Inspector General's plans, communication with JSA's external auditors, and constructive input from Board Directors, Management and other customers.
In alignment with the overall goals of the organization, the selection process is risk-driven to isolate opportunities that will yield the greatest return on invested audit dollar, e.g., cost savings, cost avoidances, increases in efficiency, boosted quality, and improved policy.
For reference, provided below are selected risk assessment criteria utilized to evaluate business risk. The risk factors below are not intended to be all-inclusive and are not ranked in any order of priority.
Selected Risk Assessment Criteria