Co-sourcing Internal Audit and Risk Management Functions and implementing AIGC’s recommended 3 lines of defense system
Our client wanted to conduct Enterprise Risk Assessments and co-source the Internal Audit and Risk Management functions. The key objectives of the assignment were: to build strong Internal Audit and Risk Management functions and to transfer knowledge to the company’s Internal Audit and Risk Management teams.
Work Conducted by our team included:
- Establish an Enterprise Risk Management function.
- Implement a Risk Based Internal Audit methodology. This included Risk-Based Internal Audit planning, execution, and reporting.
- Conduct Risk Assessment (CRSA) workshops for all key business units.
- Co-source the audit of all key functions.
- Develop appropriate policies and procedures to strengthen the control environment. These included developing a whistle-blowing policy, document retention policy…etc.
- Participate in conducting Fraud investigations.
- Conduct Fraud Awareness sessions.
- Several weaknesses in the control environment and opportunities for improving processes were identified and implemented.
- An Enterprise Risk Management system was successfully implemented.
- Strong Risk Management and Internal Audit teams are now implementing AIGC’s recommended 3 lines of defense methodology.