It's a Risky Business: A Practical Guide to Risk Based Auditing (Fully Revised Second Edition)

cover - it's a risky business


This guide provides practical advice on how to audit each of the key elements of good risk management. It includes a risk-based planning process and techniques, linked to the organisation’s key risks and objectives.




Apr 2005



£295.00 excl VAT

Add to basket

The regulatory bodies of the main public sectors have issued codes of guidance and requirements that make specific reference to the implementation of risk management. Reporting on the development and implementation has become a key part of the annual reporting requirement in the form of Statements on Internal Control and is seen as an integral part of good corporate governance.

This new guide is a revised and updated version of It's a Risky Business, first published in 1996. It has been aligned to the CIPFA publication Risk Management in the Public Services and provides practical advice on how to audit each of the key elements of good risk management:

  • Vision, commitment and ownership
  • Structures, roles and responsibilities
  • Identifying the risks
  • Categorising and prioritising the risks
  • Action and response
  • Monitoring and review
  • The extended enterprise
  • Embedding risk management within the organisation.

The guide also provides a risk-based planning process and techniques which are linked to the key risks and objectives of the organisation. It examines internal audit's role in enterprise-wide risk management and how to fulfil this role and provide an opinion over:

  • design and operation of the risk management process
  • responses adopted to reduce risks, and
  • adequacy and effectiveness of the system of internal control in mitigating risks.

The provision of assurance is key to the Statement on Internal Control. Various formats and sources of assurance are provided in the guide along with some useful case study process diagrams.

How will it assist you in your day-to-day role?

  • it will help you to audit the various elements of the risk management process
  • it will help you to advise your organisation in the introduction of and developing risk management processes
  • it will help you to plan your audit work on a risk basis
  • it will help you to review the overall assurance framework, and
  • it will help you to make a valuable contribution to your organisation's statement on internal control and corporate governance framework.

This essential guide is also available in hard copy.

The contents of the guide are bookmarked on the CD-ROM for ease of use, and, of course, modified and updated checklists can be downloaded readily and tailored for local application. As all editing and updating can be conveniently done on a PC, the CD-ROM will enable organisations to apply the principles swiftly and, most importantly, with ease. Moreover, acquisition of the CD-ROM grants the purchaser a licence and ability to network the guide to all bona fide employees and non-executive personnel of the purchasing organisation.

Download contents and sample

pdf 38.66 KB

Add to basket