The purpose of this spreadsheet is to demonstrate how a list of risks can be used to generate an audit plan. The IIA standards (2010.A1) states, "The internal audit activity's plan of engagements should be based on a risk assessment, undertaken at least annually. The input of senior management and the board should be considered in this process."
Login to download this risk assessment template.