Score
100. What intelligence can you gather?
<--- Score
101. How do you gather Risk based internal auditing requirements?
<--- Score
102. Has the direction changed at all during the course of Risk based internal auditing? If so, when did it change and why?
<--- Score
103. What sources do you use to gather information for a Risk based internal auditing study?
<--- Score
104. Have the customer needs been translated into specific, measurable requirements? How?
<--- Score
105. What are the rough order estimates on cost savings/opportunities that Risk based internal auditing brings?
<--- Score
106. What are the core elements of the Risk based internal auditing business case?
<--- Score
107. How is the team tracking and documenting its work?
<--- Score
108. Have all basic functions of Risk based internal auditing been defined?
<--- Score
109. What knowledge or experience is required?
<--- Score
110. How does the Risk based internal auditing manager ensure against scope creep?
<--- Score
111. How do you manage scope?
<--- Score
112. Has everyone on the team, including the team leaders, been properly trained?
<--- Score
113. Are required metrics defined, what are they?
<--- Score
114. When is/was the Risk based internal auditing start date?
<--- Score
115. The political context: who holds power?
<--- Score
116. What are the tasks and definitions?
<--- Score
117. Where can you gather more information?
<--- Score
118. Has your scope been defined?
<--- Score
119. What is the context?
<--- Score
120. Has/have the customer(s) been identified?
<--- Score
121. How do you gather the stories?
<--- Score
122. Is Risk based internal auditing required?
<--- Score
123. Has a team charter been developed and communicated?
<--- Score
124. What was the context?
<--- Score
125. Are roles and responsibilities formally defined?
<--- Score
126. What are the boundaries of the scope? What is in bounds and what is not? What is the start point? What is the stop point?
<--- Score
127. What are the Roles and Responsibilities for each team member and its leadership? Where is this documented?
<--- Score
128. How can the value of Risk based internal auditing be defined?
<--- Score
129. What information do you gather?
<--- Score
130. What defines best in class?
<--- Score
131. What are the Risk based internal auditing use cases?
<--- Score
132. What are the compelling stakeholder reasons for embarking on Risk based internal auditing?
<--- Score
133. How do you build the right business case?
<--- Score
134. Does the scope remain the same?
<--- Score
135. Has a Risk based internal auditing requirement not been met?
<--- Score
Add up total points for this section: _____ = Total points for this section
Divided by: ______ (number of statements answered) = ______ Average score for this section
Transfer your score to the Risk based internal auditing Index at the beginning of the Self-Assessment.
CRITERION #3: MEASURE:
INTENT: Gather the correct data. Measure the current performance and evolution of the situation.
In my belief, the answer to this question is clearly defined:
5 Strongly Agree
4 Agree
3 Neutral
2 Disagree
1 Strongly Disagree
1. What are your primary costs, revenues, assets?
<--- Score
2. What tests verify requirements?
<--- Score
3. How do you verify if Risk based internal auditing is built right?
<--- Score
4. Will Risk based internal auditing have an impact on current business continuity, disaster recovery processes
