Practice Guide: Auditing Credit Risk Management
Guidance | March 15, 2020
Copyright Notice All content is protected by international copyright laws. You may reference or quote small portions of this document with proper attribution to The IIA, but unauthorized reproduction, distribution, or use beyond that, other than for your own personal use, is strictly prohibited and may constitute a violation of copyright law, resulting in civil and criminal penalties. Contact copyright@theiia.org for permission to use our materials.
Credit risk has always been considered a key risk for financial services organizations and, for a good number of organizations, maybe the most critical risk. This guidance* provides internal auditors with a baseline skill set that allows them to test and evaluate the effectiveness of their organization’s credit risk management framework and processes.
This guidance will enable internal auditors to:
- Understand the importance of credit risk in a financial services context.
- Understand the regulatory environment and requirements related to credit risk.
- Understand the risk governance and risk management processes surrounding credit risk.
- Describe the nature and basis of measurement of the probability of default.
- Design an audit engagement that assesses the appropriateness and effectiveness of the credit risk management framework and the adequacy of the institution’s credit profile.
- Be able to apply IPPF and risk-based internal audit techniques to assess and audit credit risk in their organization.