Enterprise Risk Management Audit Report
Subscriber Content
Best Practices for Conducting and Documenting an Enterprise Risk Management Audit
Improve your organization's enterprise risk management audit process with the best practices in this audit report sample.
Recommendations outlined in this sample include documenting enterprisewide policy guidelines; linking strategy and risk appetite to the organization's annual risk assessment; implementing an ethics hotline and company code of conduct; documenting and integrating risk mitigation and oversight; closely monitoring risk-related activities and regularly reporting them to the board of directors (BOD); ensuring that risk perspectives are sufficiently diverse: multiunit, multifunction and multirisk-oriented; using strategic initiatives to report risk; and implementing a model validation program.