Skip to content
BOL Conferences
Page 1 of 2 1 2
Thread Options
#180937 - 04/19/04 04:02 PM Risk Assessment Internal Audit
SouthernComfort Offline
Platinum Poster
Joined: Aug 2001
Posts: 705
Southern Illinois, USA
We are being examined by the OCC. They have asked me to give them an Internal Audit Risk Assessment. I have looked at the model form in bankers tools, but don't know how to go about determining the risks. Can someone assist?

Return to Top
Audit
#180938 - 04/19/04 04:11 PM Re: Risk Assessment Internal Audit
Kansayaku Offline
Diamond Poster
Joined: Jan 2003
Posts: 1,454
metsuretsu
This is what I did and the OCC approved it without question:

1. Listed all the audits performed at the institution.
2. Took all those classified as high risk areas by the OCC and labeled them as high risk. (BSA, etc.)
3. Looked at past audits of each area to determine where short-comings seemed obvious.
4. Looked at relative risk in each of the areas audited in comparison to past performance.
5. Designated the areas as high, moderate or low risk based upon the combination of both internal weakness in the area and the possible penalties, reputational risk, etc. for poor performance.
6. Formatted the calendar based upon the assessment. (High risk, at least annual; moderate risk, at least every second year; low risk, at least every third year.) Note: frequency can also take into consideration the size of the bank and the number of staff performing the audits.
_________________________
I have many opinions; some are good, some are bad, and some don't contradict.

Return to Top
#180939 - 04/19/04 04:14 PM Re: Risk Assessment Internal Audit
SouthernComfort Offline
Platinum Poster
Joined: Aug 2001
Posts: 705
Southern Illinois, USA
Thank you so much. That helps a lot.

Return to Top
#180940 - 04/21/04 01:50 PM Re: Risk Assessment Internal Audit
SouthernComfort Offline
Platinum Poster
Joined: Aug 2001
Posts: 705
Southern Illinois, USA
I am still having a hard time with this. It seems there wasn't anything audited last year, so there is nothing to compare to. I just don't know how to get started. I know this sounds like I am dense, but I have had no training in internal audit. I will be going to audit school in May and hopefully it will give me a start in the right direction. Unfortunately the OCC is at the bank now and want this risk assessment by Friday. I would appreciate any other help you could give me. I have been looking for information on the internet, but have not fould much in this area.

Return to Top
#180941 - 04/21/04 02:18 PM Re: Risk Assessment Internal Audit
Retired DQ Offline
10K Club
Retired DQ
Joined: Dec 2002
Posts: 40,766
Turnpike Exit 10
Maybe this will give you a head start. If you go to
Auditnet there is a lot of useful programs. Best of luck.
_________________________
Get your facts first, then you can distort them as you please. - Mark Twain

Return to Top
#180942 - 04/21/04 02:23 PM Re: Risk Assessment Internal Audit
Retired DQ Offline
10K Club
Retired DQ
Joined: Dec 2002
Posts: 40,766
Turnpike Exit 10
_________________________
Get your facts first, then you can distort them as you please. - Mark Twain

Return to Top
#180943 - 04/21/04 02:58 PM Re: Risk Assessment Internal Audit
Jokerman Offline
10K Club
Joined: Nov 2003
Posts: 12,846
PM me your e-mail address and I will send you a form I used to submit a risk assessment to the audit committee. (I have not had an examiner review of this risk assessment yet, but it may give you a starting point.)

Return to Top
#180944 - 04/23/04 08:45 PM Re: Risk Assessment Internal Audit
EdOils Offline
Platinum Poster
EdOils
Joined: Jan 2004
Posts: 555
Louisiana
Quote:

I am still having a hard time with this. It seems there wasn't anything audited last year, so there is nothing to compare to. I just don't know how to get started. I know this sounds like I am dense, but I have had no training in internal audit. I will be going to audit school in May and hopefully it will give me a start in the right direction. Unfortunately the OCC is at the bank now and want this risk assessment by Friday. I would appreciate any other help you could give me. I have been looking for information on the internet, but have not fould much in this area.




If you are going to the ICBA audit school, there is a great sample risk assessment in their program to start with. I used it to build my audit program last year and the FDIC thought it was very good. I could send it to you, if you would like. Of course, you would have to adapt it to your bank's needs.

Return to Top
#180945 - 04/26/04 02:20 PM Re: Risk Assessment Internal Audit
AnnRoy Offline
Platinum Poster
AnnRoy
Joined: Jun 2002
Posts: 771
South
I attended the ICBA Audit School in May 2001 & Sept. 2002.....I don't recall an internal audit risk assessment in the notebooks. Which course/notebook addresses it? The material has probably been updated since I last attended the school. Would you mind sending me a copy? PM, so I can give you my emaill address.
_________________________
CAMS

Return to Top
#180946 - 04/30/04 03:24 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered

Audit School in May? Who's, where, etc? I am a CPA with public acctg experience and significant years in private industry accounting and finance. I recently joined IA to help develop it inhouse. I am very receptive to Bank Specific Internal Audit classes, "schools", etc.
Thanks!

Return to Top
#180947 - 04/30/04 03:35 PM Re: Risk Assessment Internal Audit
SouthernComfort Offline
Platinum Poster
Joined: Aug 2001
Posts: 705
Southern Illinois, USA
This school is put on by the ICBA. it will be next week.

Return to Top
#180948 - 04/30/04 03:42 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered


Return to Top
#180949 - 04/30/04 03:44 PM Re: Risk Assessment Internal Audit
EdOils Offline
Platinum Poster
EdOils
Joined: Jan 2004
Posts: 555
Louisiana
The ICBA school is very good. It may be basic for your audit experience, but it would be good for you because it is Banking specific. You can also obtain another certification, CCBIA. There is a disscussion about this on another thread. Also check out the ICBA's website . You can also check with your state's banker's association. My state's association has some seminars a couple of times a year.
_________________________
You gain education by reading the fine print. You gain experience by not.

Return to Top
#180950 - 04/30/04 05:06 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered

If you send me an e-mail to "sriley@fnbl.com" I will be happy to give you a copy of my risk assessment which the OCC felt was more than sufficient (we are a $400 million commercial bank in CT).

Return to Top
#180951 - 05/04/04 08:34 PM Re: Risk Assessment Internal Audit
IAM Offline
New Poster
Joined: May 2004
Posts: 1
1. Determine the audit universe. The audit universe is a detailed listing of the bank’s operations that are potentially subject to internal audit, i.e. the balance sheet and income/expense statement.
2. Establish a risk assessment criteria.
3. Complete the risk assessment.
4. Write a summary.

If you email me, I will send you the risk assessment criteria I created and utilize. It is too lengthy to include here.

Return to Top
#180952 - 05/05/04 04:40 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered

I am very interested in your Risk Assessment information. I am currently starting to compile the risk assessment information for my bank and I would love to compare notes. If you get a chance, would you mind sending me your information? My email address is jhalliday@bankofkc.com.

Thanks IAM

Return to Top
#180953 - 06/04/04 12:57 PM Re: Risk Assessment Internal Audit
mike Offline
New Poster
Joined: Aug 2003
Posts: 3
Thanks so much for offering to send the risk assessment information. My e-Mail is ms111676@aol.com

Thanks

Return to Top
#180954 - 06/07/04 12:36 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered

I am an internal Auditor of a bank. We are trying to incorporate risk assessment in our Internal Audit reviews and i would like to do the assessment.I have been in a number of sites including the auditnet and IIA they are very helpful. However, iwould like to compare my understanding with the rest of you. please send me your list at lfmakiriye@nmbtz.com. It is good to be in the family

Return to Top
#180955 - 06/07/04 05:46 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered

I too would like a copy of your risk assessment. Thank you for sharing. dglass@americanhorizonsbank.com is my email address.

Return to Top
#180956 - 06/08/04 03:03 PM Re: Risk Assessment Internal Audit
sportsmom Offline
Junior Member
Joined: Jan 2004
Posts: 37
Louisiana
I would appreciate receiving your risk assessment information. My email address is marsha@bankofwinnfield.com. Thank you.

Return to Top
#180957 - 06/08/04 07:23 PM Re: Risk Assessment Internal Audit
RR Sarah Offline
Power Poster
RR Sarah
Joined: Mar 2004
Posts: 2,505
Up North
We have an OCC exam coming up next month and would appreciate a copy of your risk assessment also. s_hinneberg@yahoo.com
_________________________
Sometimes you have to burn a few bridges to keep the crazies from following you.

Return to Top
#180958 - 06/15/04 04:53 PM Re: Risk Assessment Internal Audit
BBartlett Offline
New Poster
BBartlett
Joined: Apr 2003
Posts: 4
Destin, FL
Sorry I forgot to sign it. I would like a copy also. My email is brookeb@destinbank.com . Thanks IAM!

Return to Top
#180959 - 06/15/04 06:48 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered

I would also appreciate a copy of your risk assessment. My email address is jhipps@tnbg.net. Thank you.

Return to Top
#180960 - 06/29/04 07:51 PM Re: Risk Assessment Internal Audit
Linda S Jones Offline
Junior Member
Joined: Jun 2004
Posts: 37
Oregon
Would you share the risk assessment with me, also?
linda@columbiacommunitybank.com

THANK YOU

Return to Top
#180961 - 06/29/04 08:25 PM Re: Risk Assessment Internal Audit
Anonymous
Unregistered

Send me your e-mail address and I will give you the form we use. The OCC has found it more than acceptable.

sriley@fnbl.com

Return to Top
Page 1 of 2 1 2

Moderator:  Andy_Z