Skip to Content
Press Enter

Practice Guide: Auditing Model Risk Management

Guidance | March 15, 2018

Copyright Notice All content is protected by international copyright laws. You may reference or quote small portions of this document with proper attribution to The IIA, but unauthorized reproduction, distribution, or use beyond that, other than for your own personal use, is strictly prohibited and may constitute a violation of copyright law, resulting in civil and criminal penalties. Contact copyright@theiia.org for permission to use our materials.

Short of a crystal ball, there is no fool-proof way to predict outcomes in the financial services industry. However, models provide a powerful tool to empower organizations to make important decisions using information from a variety of sources. The IIA’s Practice Guide: Auditing Model Risk Management helps ensure that these models are working as effectively as possible for an organization.

This practice guide* provides an overview of key areas related to model risk management including business significance, regulatory requirements and expectations, and model components. It is designed to help chief audit executives and their audit teams understand their roles in assessing model risk management and empower them to implement an audit plan coverage approach and program tailored to the size, scale, and risks facing their organization.

*Under Review: This practice guide contains some outdated material and references. It remains available while a review is underway.

The IIA

The Institute of Internal Auditors

Learn more with our other resources

Webinar

Beyond Compliance: Driving Impactful Change as Public Sector Internal Auditors

Webinar

Public Sector Internal Audit: Risk in Procurement

Essential News for Audit Leaders Network

CAE Bulletin Issue: June 27, 2025

Tone at the Top

AI in the Boardroom

Learn about IIA programs and partners.

We are continually searching for innovative products and services to enhance our members' ability to meet their rising stakeholder demands.