Auditor's Risk Management Guide: Integrating Auditing and ERM is designed to be a comprehensive "how-to" book that provides the reader with guidance on performing a risk management-based audit. The guide covers the Enterprise Risk Management Integrated Framework issued by the Committee of Sponsoring Organizations (COSO).
This is not a research study or a conceptual thesis; rather, it is a practical guide designed for the audit practitioner. Following the passage of Sarbanes-Oxley and its strict corporate governance and accountability provisions, developing better risk management techniques is becoming more important to help meet higher audit committee expectations. That's where this guide comes in.
The book is organized into two parts: Risk Management-Based Auditing and Case Studies. The first part provides a broad understanding of corporate governance, ERM principles, and different auditing approaches, and also provides step-by-step instructions on how to execute the risk management-based audit and a chapter on frequently asked questions. The second part includes 10 detailed case studies that illustrate the risk management-based audit methodology and tools in different scenarios, beginning with a business risk assessment and working through common audit areas such as closing the books, accounts payable, and accounts receivable. Practice Pointers and Observations provide additional commentary to assist the reader in understanding the methodology.
A free, companion CD-ROM is included with the book and provides an electronic version of the various work programs, checklists, and other tools illustrated throughout the book. The programs and checklists are presented in a question format to help the auditor understand what questions need to be asked and answered as he or she executes the methodology.