RBIA
Risk-Based Internal Audit (RBIA) is an Audit methodology that links an organization's overall risk management framework and provides an assurance to the Board of Directors and the Senior Management on the quality and e ectiveness of the organization's internal controls, risk management and governance related systems and processes.
Why RBIA And Its Relevance
- Automated Assessment of Risk.
- Capture Risk with Audit Evidence & Test Procedures
- Enable Focus on High-Risk and High-Priority Areas.
- Address Business Process Lacunae & Non-Existence of Controls.
- On-Going, Real-Time & Perpetual Audit Records.
- Adherence to RBI Guidelines on RBIA.
- Highlight Significant Observations for Immediate Attention by the EC and the Board.
Elements of RBIA
Approved by the Board of Directors with the Risk Assessment method, Formulation of Risk-based Audit Plan, intervals between testing of risk prone aspects etc.
Identification of risk in Banking operations, inherent risks, etc. Evaluation of control systems, Development of Risk Control Matrixes (RCM).
On the basis of the RCM outcome, IA Dept to draw up the plan for conducting Risk Based Audits.This should be complementary to existing Audits but would be combined with the risk aspects mapped to the RCM.
The RBIA will highlight lapses in controls and deficiencies in control design. This will enable timely action on the control gaps and lead to better governance & oversight.
