Internal Auditing and Risk Management in Corporations

Abstract

Global changes force corporate leaders to observe their organizations through the strategic criteria, i.e. business risks they are encountering. New risks, including the new methods of risk assessments and management, have caused the reconsideration of internal auditing’s purpose, scope and activities. Traditionally, internal auditors applied risk assessments by themselves in context of planning their audit engagements. However, modern risk-based internal auditing has changed its focus to the analysis and assessment of managers’ role in the risk management process, i.e. to the adequacy of total risk management system. Adding value to the risk management process by internal auditing depends on the maturity of this process and moves from the consulting services aimed at establishing and improving risk management process to the assurance on the risk management status. This way, internal auditors provide support to all significant business activities and help their corporations to fulfil their missions.