Who is this article for?

Users who need to plan Risk Assessments.

No special access or permissions are required.

Planning Risk Assessments are created for each Entity-Process and its associated Planning Risks, allowing you to generate ratings for all Auditable Entities in your audit universe and analyse them through the Planning Risk Exposure screen.

1. Understanding planning risk assessments

Each Entity-Process will have a Planning Risk Assessment for each of the associated Planning Risks. These assessments lead to ratings for all the Auditable Entities in the audit universe, which can then be analysed in the Planning Risk Exposure screen.

You can specify on each planning risk an Entity Type and Process Type to refine the number of Planning Risk Assessments created.

2. Viewing planning risk assessment structure

The following example demonstrates how Entity-Processes and Planning Risks work together:

The example above shows Entity-Processes:

• Alexandria Head Office - General Management
• Alexandria Head Office - Legal & Secretarial
• Alexandria Head Office - Treasury

Each of the Entity-Processes is associated with the same Planning Risks:

• Change
• Environmental Factors
• Fraud
• Size
• Reliance on IT Systems
• Sensitivity
• Security

This means that in this example, each Entity-Process will have seven Planning Risk assessments.