SlideShare a Scribd company logo

Audit Framework presentation.pptx

Download as PPTX, PDF
O
OnwVinx

The document outlines the risk framework for internal auditing at an organization called DrugStoc. It defines internal auditing and its objectives to evaluate risk management, internal controls, and governance processes. It describes the types of audits that make up the framework, including compliance, operational, information systems, and performance audits. The framework also includes standards and procedures for the annual audit plan, fieldwork, reporting results, and issuing a final report. The goals are to significantly reduce risks across the organization's operations, including operational, credit, liquidity, reputation, compliance, and financial risks.

Government & Nonprofit
1 of 14
Download to read offline
1
2
3
4
5
6
Most read
7
8
9
10
Most read
11
12
13
14
Most read
RISK FRAMEWORK Vincent Onwuka
WHAT? ◦ Internal Auditing is an Independent, objective assurance and advisory activity designed to add value and improve an organization’s operations. It helps and organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal controls and governance processes. ◦ {The Institute of Internal Auditors, USA} ◦ The definition of I/A provides comprehensive guidelines for the framework of internal audit. It should always be kept in mind while I/A work is being carried out.
WHY? ◦ The Main Objectives of I/A are: ◦ To provide assurance on the adequacy, efficiency and effectiveness of the whole control environment, ◦ Advise at an early stage in the implementation of any system developments, amendments to processes, making recommendations in the formation of policies, procedures and controls and ◦ Noting deviations from organizational policies, procedures and controls and recommending actions to mitigate the risks arising out of such deviations. ◦ Further I/A provides: ◦ Assurance that the organizations values are preserved, and ◦ That rules, laws and regulations are complied with in their letter and spirit ◦ To ensure that financial statements and other information are accurate and reliable and ◦ That human, financial and other resources are managed efficiently and effectively ◦ Wider anti-fraud and anti-corruption framework ◦ Both feedback and feed forward controls
TYPES ◦ Following types of audits make the framework of I/A: ◦ Compliance Audit: To ensure compliance with rules, regulations and laws applicable to drugstoc. ◦ Operational Audit: To ensure efficient and effective conduct of operations of drugstoc ◦ Information System Audit: To ensure proper functioning of the information system throughout the life of business activities ◦ Performance Audit: To ensure the efficient use of resources to obtain the objectives of drugstoc ◦ Environmental Audits: To ensure compliance with the environmental laws and regulations. ◦ Special Assignments: relate to investigations on fraud and corruption, or any other special service.
THE STANDARDS ◦ Internal auditors carryout their work in accordance with the given set of rules, guidelines, regulations and standards. These standards are provided by the Institute of Internal Auditors, are known as, International Standards for the Professional Practice of Internal Auditing (the standards). The standards provide guidance on assurance and advisory activities of an internal auditor. ◦ The application of these standards is mandatory for internal auditors during their work. ◦ Following are the types of the standards: ◦ Attribute standards: pertain to Drugstoc and team/staff performing the audit work ◦ Performance Standards: are about the nature of internal auditing and provide quality criteria for the performance of the work. ◦ Implementation Standards: provide guidance for each attribute or performance standard to be applicable to assurance (A) or Advisory (A) activity.
AUTHORITY ◦ Internal audit is fully authorized to: ◦ Have complete and unrestricted access to records, personnel, and physical properties/assets relevant to the performance of I/A engagement. ◦ Delegate duties, allocate resources, select team, determine scope of work, budget time & cost and select required techniques/procedures to accomplish objectives. ◦ Obtain necessary assistance of personnel in auditee departments and other specialized services within or outside the organization.
SCOPE ◦ The scope of the internal Auditing encompasses, but not limited to, the examination and evaluation of the adequacy and effectiveness of the organizations governance, risk management, and internal process as well as the quality of performance in carrying out assigned responsibilities to achieve the organization’s stated goals and objectives. ◦ This scope of I/A generally includes the following: Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information. Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws and regulations which could have a significant impact on the organization Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets Evaluating the effectiveness and efficiency with which resources are employed.
ANNUAL AUDIT PLAN ◦ In cooperation with executive management, the following is performed: Conduct a preliminary risk assessment (with Risk team) by utilizing interview or best strategy Gather Top management input on the assessment. Prepare a Draft Risk Based Annual Audit Plan Obtain the formal approval of the Audit Committee or the Board. The plan is subject to reviews during the course of audit work to ensure that the focus continues to be on the higher risk areas. In addition, the need to conduct special assignments requested from the Audit Committee and senior management may also require the deferral of planned audit work.
PLANNING ◦ Evaluating operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned. ◦ Monitoring and evaluating governance processes ◦ Monitoring and evaluating the effectiveness of the organization’s risk management processes ◦ Evaluating the quality of performance of external auditors and the degree of coordination required with internal audit work ◦ Performing consulting and advisory related to governance, risk management and control as appropriate for drugstoc ◦ Reporting periodically on the internal audit activity’s purpose, authority, responsibility and performance relative to its plan ◦ Reporting significant risk exposures and control issues, including fraud risks, governance issues and other matters needed or requested.
PERFORM AUDIT FIELDWORK 1. Carry out fieldwork as indicated in the annual audit plan 2. Obtain cooperation from management and staff as necessary to identify, obtain documentation and conduct interviews, etc. 3. Conduct fieldwork with minimal disruption to operations of drugstoc.
REPORT RESULTS ◦ Share important and sensitive findings with responsible managers upon verification ◦ Make notes of comments/responses of the management/personnel on all observations discussed with them. ◦ Prepare a first draft of the final report and discuss with responsible managers after the audit
FINAL REPORT 1. Issue final report to the management. 2. Prepare checklist of issues to be discussed with the management in the next period audit 3. Write down comments of management on the audit report
O b j e c t i v e s & G o a l s DrugStoc E-Hub Limited 13  This plan is designed to cover all areas of Drugstoc business operations and to significantly reduce to acceptable level the exposure of the organization to all risks that are characterized with the sector. These risks include operational risks, credit risks, reputational risk, IT risk, legal/compliance risk  Risk-Based Internal Audit is essential to evaluate risk management practices, internal control systems and compliance with both corporate and regulatory policies with the aim of bringing to the attention of management and areas of vulnerability and facilitating improvements where necessary.  Our Focus Operational Risk ► Internal and external fraud. ► Employment practices and workplace safety ► Errors. ► Income/ expense leakages. ► Loss/damage of physical asset. ► Incomplete documentation. ► Non-adherence to policies and procedures. Information Technology ► Back up/ offsite storage. ► Disaster recovery and contingency. ► Business continuity plan. ► Access restriction. ► IT Strategic plan. ► Mandate/Report/ minutes of IT steering committee. ► IT equipment- storage facilities & condition. ► Complaints Register review and Review of support services. Credit Risk ► Customers’ unwillingness to pay due to character deficiency. ► Death of a customer. ► Customers not having the capacity to repay loans. Liquidity Risk ► Negative impact of the creation of new business/product. ► Bad loans ► Loss of revenue Reputation, Compliance Risk ► Tax, CIT ► Annual returns ► Non-adherence to laws and regulatory guides. ► Customers surveys, feedbacks mechanisms, complaints resolutions Financial Risk ► Capital Adequacy ► Accounting and Reporting ► Cash management ► Transaction postings/GL proof
14

More Related Content

PPTX
Basic Internal Auditing Presentation
Vernon Benjamin
 
PPTX
Internal Auditor Roles
Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
PDF
Internal Audit Manual
David Griffiths
 
PPT
Internal Control & Risk Management Framework
Treasury Consulting LLP
 
PPTX
Internal Audit Methodology
Manoj Agarwal
 
PPTX
The role of internal audit department
Salih Islam
 
PPTX
Practical approach to Risk Based Internal Audit
Manoj Agarwal
 
PDF
Powerful Audit Report Writing
Sana Baqai
 
Basic Internal Auditing Presentation
Vernon Benjamin
 
Internal Auditor Roles
Iyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Internal Audit Manual
David Griffiths
 
Internal Control & Risk Management Framework
Treasury Consulting LLP
 
Internal Audit Methodology
Manoj Agarwal
 
The role of internal audit department
Salih Islam
 
Practical approach to Risk Based Internal Audit
Manoj Agarwal
 
Powerful Audit Report Writing
Sana Baqai
 

What's hot (20)

PPTX
Internal Audit
Jami Martin
 
PDF
Risk based internal auditing
Frederick Altum Pokoo-Aikins
 
PPTX
Internal audit ppt
Ibrahim Jimalle
 
PPTX
Ppt on risk based internal audit
AmitaMistry2
 
PPTX
Internal Audit Plan 2015
Mohammad Kashif
 
PDF
Internal control and Control Self Assessment
Manoj Agarwal
 
PPT
Introduction to Risk Management
FAA Safety Team Central Florida
 
PDF
For model i balanced score card with parameters defined
Rajeswaran Muthu Venkatachalam
 
PPTX
The Role of Internal Audit
ArmeniaFED
 
PDF
Risk Based Internal Audit and Sampling Techniques
Manoj Agarwal
 
PDF
Internal Audit And Internal Control Presentation Leo Wachira
Jenard Wachira
 
PDF
Internal audit ppt
Letzconsult.com
 
PPT
Risk management: Principles, methodologies and techniques
ILRI
 
PPTX
Risk assessment and internal controls - Internal Audit
Smitesh Bhosale
 
PDF
Internal audit report writing.pdf
kavyashree k
 
PPTX
Operational Risk Management
Asad Hameed
 
PPTX
AUDITING AND ASSURANCE STANDARD BOARD.pptx
bkaviya3
 
PPTX
An introduction to internal auditing
grifff
 
PDF
Risk Management Process And Procedures PowerPoint Presentation Slides
SlideTeam
 
PPT
Internal Process Audit
intellisenseit
 
Internal Audit
Jami Martin
 
Risk based internal auditing
Frederick Altum Pokoo-Aikins
 
Internal audit ppt
Ibrahim Jimalle
 
Ppt on risk based internal audit
AmitaMistry2
 
Internal Audit Plan 2015
Mohammad Kashif
 
Internal control and Control Self Assessment
Manoj Agarwal
 
Introduction to Risk Management
FAA Safety Team Central Florida
 
For model i balanced score card with parameters defined
Rajeswaran Muthu Venkatachalam
 
The Role of Internal Audit
ArmeniaFED
 
Risk Based Internal Audit and Sampling Techniques
Manoj Agarwal
 
Internal Audit And Internal Control Presentation Leo Wachira
Jenard Wachira
 
Internal audit ppt
Letzconsult.com
 
Risk management: Principles, methodologies and techniques
ILRI
 
Risk assessment and internal controls - Internal Audit
Smitesh Bhosale
 
Internal audit report writing.pdf
kavyashree k
 
Operational Risk Management
Asad Hameed
 
AUDITING AND ASSURANCE STANDARD BOARD.pptx
bkaviya3
 
An introduction to internal auditing
grifff
 
Risk Management Process And Procedures PowerPoint Presentation Slides
SlideTeam
 
Internal Process Audit
intellisenseit
 
Ad

Similar to Audit Framework presentation.pptx (20)

PPTX
The Internal Audit Framework
Ahmad Tariq Bhatti
 
PPT
Process Level Auditing Presentation
Vernon Benjamin
 
PPT
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - Jordan
Eng. A.karam Al Malkawi
 
PPTX
Internal audits role in compliance
Salih Islam
 
PPTX
Audit Interview: Commonly Asked Questions & Expert Answers | Academy Tax4wealth
Academy Tax4wealth
 
PPTX
2019_SOU_Internal_Audit.pptx
BingkyAresiaLandaric2
 
DOCX
ISO 19001ISO 19001Student’s NameUniversity Name.docx
priestmanmable
 
PPT
PART II INTERNAL AUDITING in local government.ppt
CamellaCandon
 
PPTX
introduction on auditing
nikhilkumar640177
 
PPTX
Information system control and audit
Astri Stiawaty
 
PPSX
Internal controls
Geetali Tare
 
PDF
CHAPTER-1 Management Audit and Planning procedure.pdf
Dr. Dinesh Mehta
 
PDF
Navigating the Realm of Audits: Understanding, Preparation, and Compliance
amanrajput052046
 
PPTX
Standards of Internal Audit
Karan Puri
 
PPTX
AUDIT - AUDITING STRATEGIES.pptx
Mohamed Fazil M
 
PDF
MPHARM_QA_1Y_2S_203T_Audit&Regul.Compliance.pdf
prachivihol5
 
PPTX
internal audit and its characteristic and features .pptx
Anshuman Parashar
 
PPT
internal-controls akuntansi sistem informasi(1).ppt
DoddychandraDoddy
 
PPT
internal-controls (1) Sistem Informasi akuntansi.ppt
DoddychandraDoddy
 
PPTX
Frequently asked questions on auditing in dubai
Maneesha35
 
The Internal Audit Framework
Ahmad Tariq Bhatti
 
Process Level Auditing Presentation
Vernon Benjamin
 
Auditing Management systems based on ISO19011 By Eng. Karam Malkawi - Jordan
Eng. A.karam Al Malkawi
 
Internal audits role in compliance
Salih Islam
 
Audit Interview: Commonly Asked Questions & Expert Answers | Academy Tax4wealth
Academy Tax4wealth
 
2019_SOU_Internal_Audit.pptx
BingkyAresiaLandaric2
 
ISO 19001ISO 19001Student’s NameUniversity Name.docx
priestmanmable
 
PART II INTERNAL AUDITING in local government.ppt
CamellaCandon
 
introduction on auditing
nikhilkumar640177
 
Information system control and audit
Astri Stiawaty
 
Internal controls
Geetali Tare
 
CHAPTER-1 Management Audit and Planning procedure.pdf
Dr. Dinesh Mehta
 
Navigating the Realm of Audits: Understanding, Preparation, and Compliance
amanrajput052046
 
Standards of Internal Audit
Karan Puri
 
AUDIT - AUDITING STRATEGIES.pptx
Mohamed Fazil M
 
MPHARM_QA_1Y_2S_203T_Audit&Regul.Compliance.pdf
prachivihol5
 
internal audit and its characteristic and features .pptx
Anshuman Parashar
 
internal-controls akuntansi sistem informasi(1).ppt
DoddychandraDoddy
 
internal-controls (1) Sistem Informasi akuntansi.ppt
DoddychandraDoddy
 
Frequently asked questions on auditing in dubai
Maneesha35
 
Ad

Recently uploaded (20)

PDF
Item # 2 - 934 Patterson Specific Use Permit (SUP)
ahcitycouncil
 
DOCX
Alexistogel: Solusi Tepat untuk Anda yang Cari Bandar Toto Macau Resmi
hamzaaashaikhseo
 
PDF
2026 RMHC Terms & Conditions agreement - updated 8.1.25.pdf
Christian Home Educators of Colorado
 
PDF
Strategic Planning for Child Rights and Protection Programming.pdf
Mohammed Nizam
 
PDF
ISO-9001-2015-internal-audit-checklist2-sample.pdf
WaqasBhutto1
 
PPTX
PCCR-ROTC-UNIT-ORGANIZATIONAL-STRUCTURE-pptx-Copy (1).pptx
jayceebernardolachic
 
PPTX
GOVERNMENT-ACCOUNTING1. bsa 4 government accounting
AngelOrale
 
PPT
Adolescent Health Orientation and Health care
kaivalyakkale1612
 
PPT
generalgeologygroundwaterchapt11-181117073208.ppt
SDDMORampurhat1
 
PDF
Abhay Bhutada and Other Visionary Leaders Reinventing Governance in India
Raj Kumble
 
PPTX
GSA Q+A Follow-Up To EO's, Requirements & Timelines
JSchaus & Associates
 
PDF
मुख्यमंत्राी सामूहिक विवाह कार्यक्रम, जनपद बाँदा
COLOURIMPRESSION
 
PDF
Population Estimates 2025 Regional Snapshot 08.11.25
ARCResearch
 
PPTX
Quiz - Saturday.pptxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
DheerajKL1
 
PPTX
11Sept2023_LTIA-Cluster-Training-Presentation.pptx
BenflorBiong2
 
PPTX
Social_Medias_Parents_Education_PPT.pptx
simonkahinga
 
PDF
Bambang PWD Easter Egg Hunting 2025
Bambang PWD Association, Inc.
 
PDF
It Helpdesk Solutions - ArcLight Group
Arclight Group
 
PDF
ISO-9001-2015-gap-analysis-checklist-sample.pdf
WaqasBhutto1
 
PDF
PPT - Primary Rules of Interpretation (1).pdf
arjun623464
 
Item # 2 - 934 Patterson Specific Use Permit (SUP)
ahcitycouncil
 
Alexistogel: Solusi Tepat untuk Anda yang Cari Bandar Toto Macau Resmi
hamzaaashaikhseo
 
2026 RMHC Terms & Conditions agreement - updated 8.1.25.pdf
Christian Home Educators of Colorado
 
Strategic Planning for Child Rights and Protection Programming.pdf
Mohammed Nizam
 
ISO-9001-2015-internal-audit-checklist2-sample.pdf
WaqasBhutto1
 
PCCR-ROTC-UNIT-ORGANIZATIONAL-STRUCTURE-pptx-Copy (1).pptx
jayceebernardolachic
 
GOVERNMENT-ACCOUNTING1. bsa 4 government accounting
AngelOrale
 
Adolescent Health Orientation and Health care
kaivalyakkale1612
 
generalgeologygroundwaterchapt11-181117073208.ppt
SDDMORampurhat1
 
Abhay Bhutada and Other Visionary Leaders Reinventing Governance in India
Raj Kumble
 
GSA Q+A Follow-Up To EO's, Requirements & Timelines
JSchaus & Associates
 
मुख्यमंत्राी सामूहिक विवाह कार्यक्रम, जनपद बाँदा
COLOURIMPRESSION
 
Population Estimates 2025 Regional Snapshot 08.11.25
ARCResearch
 
Quiz - Saturday.pptxaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
DheerajKL1
 
11Sept2023_LTIA-Cluster-Training-Presentation.pptx
BenflorBiong2
 
Social_Medias_Parents_Education_PPT.pptx
simonkahinga
 
Bambang PWD Easter Egg Hunting 2025
Bambang PWD Association, Inc.
 
It Helpdesk Solutions - ArcLight Group
Arclight Group
 
ISO-9001-2015-gap-analysis-checklist-sample.pdf
WaqasBhutto1
 
PPT - Primary Rules of Interpretation (1).pdf
arjun623464
 

Audit Framework presentation.pptx

  • 2. WHAT? ◦ Internal Auditing is an Independent, objective assurance and advisory activity designed to add value and improve an organization’s operations. It helps and organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal controls and governance processes. ◦ {The Institute of Internal Auditors, USA} ◦ The definition of I/A provides comprehensive guidelines for the framework of internal audit. It should always be kept in mind while I/A work is being carried out.
  • 3. WHY? ◦ The Main Objectives of I/A are: ◦ To provide assurance on the adequacy, efficiency and effectiveness of the whole control environment, ◦ Advise at an early stage in the implementation of any system developments, amendments to processes, making recommendations in the formation of policies, procedures and controls and ◦ Noting deviations from organizational policies, procedures and controls and recommending actions to mitigate the risks arising out of such deviations. ◦ Further I/A provides: ◦ Assurance that the organizations values are preserved, and ◦ That rules, laws and regulations are complied with in their letter and spirit ◦ To ensure that financial statements and other information are accurate and reliable and ◦ That human, financial and other resources are managed efficiently and effectively ◦ Wider anti-fraud and anti-corruption framework ◦ Both feedback and feed forward controls
  • 4. TYPES ◦ Following types of audits make the framework of I/A: ◦ Compliance Audit: To ensure compliance with rules, regulations and laws applicable to drugstoc. ◦ Operational Audit: To ensure efficient and effective conduct of operations of drugstoc ◦ Information System Audit: To ensure proper functioning of the information system throughout the life of business activities ◦ Performance Audit: To ensure the efficient use of resources to obtain the objectives of drugstoc ◦ Environmental Audits: To ensure compliance with the environmental laws and regulations. ◦ Special Assignments: relate to investigations on fraud and corruption, or any other special service.
  • 5. THE STANDARDS ◦ Internal auditors carryout their work in accordance with the given set of rules, guidelines, regulations and standards. These standards are provided by the Institute of Internal Auditors, are known as, International Standards for the Professional Practice of Internal Auditing (the standards). The standards provide guidance on assurance and advisory activities of an internal auditor. ◦ The application of these standards is mandatory for internal auditors during their work. ◦ Following are the types of the standards: ◦ Attribute standards: pertain to Drugstoc and team/staff performing the audit work ◦ Performance Standards: are about the nature of internal auditing and provide quality criteria for the performance of the work. ◦ Implementation Standards: provide guidance for each attribute or performance standard to be applicable to assurance (A) or Advisory (A) activity.
  • 6. AUTHORITY ◦ Internal audit is fully authorized to: ◦ Have complete and unrestricted access to records, personnel, and physical properties/assets relevant to the performance of I/A engagement. ◦ Delegate duties, allocate resources, select team, determine scope of work, budget time & cost and select required techniques/procedures to accomplish objectives. ◦ Obtain necessary assistance of personnel in auditee departments and other specialized services within or outside the organization.
  • 7. SCOPE ◦ The scope of the internal Auditing encompasses, but not limited to, the examination and evaluation of the adequacy and effectiveness of the organizations governance, risk management, and internal process as well as the quality of performance in carrying out assigned responsibilities to achieve the organization’s stated goals and objectives. ◦ This scope of I/A generally includes the following: Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information. Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws and regulations which could have a significant impact on the organization Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets Evaluating the effectiveness and efficiency with which resources are employed.
  • 8. ANNUAL AUDIT PLAN ◦ In cooperation with executive management, the following is performed: Conduct a preliminary risk assessment (with Risk team) by utilizing interview or best strategy Gather Top management input on the assessment. Prepare a Draft Risk Based Annual Audit Plan Obtain the formal approval of the Audit Committee or the Board. The plan is subject to reviews during the course of audit work to ensure that the focus continues to be on the higher risk areas. In addition, the need to conduct special assignments requested from the Audit Committee and senior management may also require the deferral of planned audit work.
  • 9. PLANNING ◦ Evaluating operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned. ◦ Monitoring and evaluating governance processes ◦ Monitoring and evaluating the effectiveness of the organization’s risk management processes ◦ Evaluating the quality of performance of external auditors and the degree of coordination required with internal audit work ◦ Performing consulting and advisory related to governance, risk management and control as appropriate for drugstoc ◦ Reporting periodically on the internal audit activity’s purpose, authority, responsibility and performance relative to its plan ◦ Reporting significant risk exposures and control issues, including fraud risks, governance issues and other matters needed or requested.
  • 10. PERFORM AUDIT FIELDWORK 1. Carry out fieldwork as indicated in the annual audit plan 2. Obtain cooperation from management and staff as necessary to identify, obtain documentation and conduct interviews, etc. 3. Conduct fieldwork with minimal disruption to operations of drugstoc.
  • 11. REPORT RESULTS ◦ Share important and sensitive findings with responsible managers upon verification ◦ Make notes of comments/responses of the management/personnel on all observations discussed with them. ◦ Prepare a first draft of the final report and discuss with responsible managers after the audit
  • 12. FINAL REPORT 1. Issue final report to the management. 2. Prepare checklist of issues to be discussed with the management in the next period audit 3. Write down comments of management on the audit report
  • 13. O b j e c t i v e s & G o a l s DrugStoc E-Hub Limited 13  This plan is designed to cover all areas of Drugstoc business operations and to significantly reduce to acceptable level the exposure of the organization to all risks that are characterized with the sector. These risks include operational risks, credit risks, reputational risk, IT risk, legal/compliance risk  Risk-Based Internal Audit is essential to evaluate risk management practices, internal control systems and compliance with both corporate and regulatory policies with the aim of bringing to the attention of management and areas of vulnerability and facilitating improvements where necessary.  Our Focus Operational Risk ► Internal and external fraud. ► Employment practices and workplace safety ► Errors. ► Income/ expense leakages. ► Loss/damage of physical asset. ► Incomplete documentation. ► Non-adherence to policies and procedures. Information Technology ► Back up/ offsite storage. ► Disaster recovery and contingency. ► Business continuity plan. ► Access restriction. ► IT Strategic plan. ► Mandate/Report/ minutes of IT steering committee. ► IT equipment- storage facilities & condition. ► Complaints Register review and Review of support services. Credit Risk ► Customers’ unwillingness to pay due to character deficiency. ► Death of a customer. ► Customers not having the capacity to repay loans. Liquidity Risk ► Negative impact of the creation of new business/product. ► Bad loans ► Loss of revenue Reputation, Compliance Risk ► Tax, CIT ► Annual returns ► Non-adherence to laws and regulatory guides. ► Customers surveys, feedbacks mechanisms, complaints resolutions Financial Risk ► Capital Adequacy ► Accounting and Reporting ► Cash management ► Transaction postings/GL proof
  • 14. 14