Which of the following tools would be most useful to an internal auditor performing an assessment of the effectiveness of the organization's risk responses?
A risk register would be most useful for an internal auditor assessing the effectiveness of the organization's risk responses. This tool lists all identified risks along with their severity, ownership, and the actions taken to mitigate them, making it a key resource for evaluating whether the responses have been effective and align with the organization’s risk appetite and management strategies.
IIA guidance on risk assessment and management
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit