Week 05 – IT Risks and Controls
Week 05 – Wrap up
Class Video: Week 05 – IT Risks and Controls
Class Slides: Week 05 – IT Risk and Controls
Risk Assessment Worksheet: Risk Assessment
This week we learned a few things about the concept of Risk and its relationship to audit and assurance. We learned that:
- Risk is expressed as the product of its impact that the probability of it occurring (R=IxP)
- Risk can be measured quantitatively and qualitatively, each having advantages and disadvantages
- The measure of Risk will always have some level of subjectivity.
We also learned about:
- Inherent Risk
- Residual Risk
- Control Risk
- Detection Risk
- Sampling Risk… although this I mentioned in passing… we will get back to this when we talk about sampling.
For illustration purposes we went through a fairly simply exercise to quantify Risk using All World Airways as an example. We then used the same Risks and assessed them qualitatively.
We ended our session after a quick – very quick – introduction to Controls. Both Risk and Controls are very important so we will spend next week digging a little deeper into these.
Have a great week.