Jefferson Lab Home Search Contact JLab
Internal Audit Department


    To identify activities that represent significant emerging business risks or opportunities for the organization is the overriding objective of the audit planning process. The quality of JSA's Audit Plan is a direct function of obtaining individual risk assessments throughout the organization. Management's individual input in prior years has contributed greatly to the overall success of planning the Internal Audit Program.

    Identification of potential audit areas is the result of a critical risk assessment of functional operations, careful consideration of significant contract requirements, review of the Inspector General's plans, communication with JSA's external auditors, and constructive input from Board Directors, Management and other customers.

    In alignment with the overall goals of the organization, the selection process is risk-driven to isolate opportunities that will yield the greatest return on invested audit dollar, e.g., cost savings, cost avoidances, increases in efficiency, boosted quality, and improved policy.

    For reference, provided below are selected risk assessment criteria utilized to evaluate business risk. The risk factors below are not intended to be all-inclusive and are not ranked in any order of priority.

    Selected Risk Assessment Criteria

    • Major Systems Changes to Operations
    • Significant Changes in Customer Needs and Expectations
    • Significant Key Personnel Turnover or Growth
    • Special Management Interest
    • Susceptibility to Misuse, Misappropriation, or Fraud
    • Significant Compliance Requirements
    • Dollar Exposure
    • Volume of Transactions
    • Competence of Management and Staff
    • System of Internal Controls
    • Results of Last Audit
    • High Level of Decentralization

    content by Gail Lucento
    maintained by