Creating Risk Assessment Scorecard Template

Selecting Audit Plan - Risk Factors displays all risk factors available to be incorporated into a risk assessment scorecard. The audit administrator can add, edit, and delete risk factors. There are approximately 30 risk factors delivered with AuditAlert.

Selecting Risk Assessment Template brings up the following screen. AuditAlert allows multiple risk assessment scorecards to be utilized. The audit administrator would create the description of the risk assessment scorecard(s), the category would be selected from the drop-down list, and then each risk factor that will be incorporated into the scorecard will be selected from a drop-down list. If the risk factor is one of 30 that was delivered with AuditAlert, the description and risk levels will be displayed. If it is a new risk factor created by the audit administrator then the risk factor description must be created along with the description of the five risk levels.

Each risk factor must be assigned a weight. AuditAlert will keep track of the total weights for all linked risk factors and display at the bottom of the screen. If the audit administrator wants to close out of this screen and the weights do not equal 100%, he / she will be notified via a pop-up message.

Selecting a scorecard will display all applicable risk factors in the grid list at the bottom of the screen. Clicking on a risk factor displays all applicable information. The audit administrator makes a decision when creating a scorecard if it is to be the default scorecard.

Once an examination is linked to an audit plan the default scorecard is automatically incorporated as part of the examination. The audit administrator can change the default template to another scorecard by selecting from the drop-down list within the examination.

 This drop-down list displays all risk assessment scorecards available.
 This drop-down list displays all risk–related categories available.
 This drop-down list displays all risk factors available. (AuditAlert is delivered with approximately 30 factors.)
 A written description of the risk factor is created. It can be up to 350 characters (this is required only for those risk factors created by the audit administrator).
 A risk weight is assigned to each risk factor.
 There are 5 risk levels (no risk, low risk, average risk, moderate risk and high risk) required in AuditAlert. Each level’s description can be up to 350 characters (this is required only for those risk levels created by the audit administrator).
 The audit administrator can select any numeric value system for each risk level.
We recommend 1 through 5 or 0, 3, 5, 7 and 9. The higher the numeric value the higher the risk. Once the numeric value system is selected this must be used throughout each risk assessment scorecard. The audit administrator can subsequently change this, but AuditAlert will change all outstanding risk assessment scorecards appropriately.
 The risk assessment scorecard is time stamped regarding who created and who last changed it.
 AuditAlert keeps track of the total risk assessment score for the template. It must equal 100%.
 The category assigned to the risk factor.
 The risk factors that comprise the risk assessment scorecard are listed.
 The risk weight assigned by the audit administrator and management.