{"id":9563,"date":"2017-03-30T16:56:00","date_gmt":"2017-03-30T15:56:00","guid":{"rendered":"https:\/\/naris-prod.azurewebsites.net\/nooit-meer-strategiepijn-copy\/"},"modified":"2022-01-06T13:37:26","modified_gmt":"2022-01-06T12:37:26","slug":"risk-based-auditing","status":"publish","type":"post","link":"https:\/\/www.naris.com\/nl\/risk-based-auditing\/","title":{"rendered":"Risk based auditing"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Kaplan onderscheid drie soorten risico\u2019s; te voorkomen,\u00a0strategisch<\/a>\u00a0en extern.\u00a0De te voorkomen risico\u2019s zijn te be\u00efnvloeden door de organisatie en daardoor zijn er vaak veel bestaande beheersmaatregelen.\u00a0 Dit kunnen operationele en tactische risico\u2019s en beheersmaatregelen zijn.\u00a0Veel audits focussen zich op de processen. Vaak de financi\u00eble processen maar gelukkig zijn er ook steeds meer business auditors. Deze richten zich meer op de effectiviteit en efficiency van beheersmaatregelen.<\/p>

Risk based auditing<\/a>\u00a0doet steeds meer zijn intrede en hierdoor krijgt audit ook steeds meer betekenis in de gehele organisatie. De audit is geen doel op zich meer maar draagt direct bij aan het verbeteren van de organisatie en dan ook nog daar waar de organisatie echt goed in wil zijn. Dit lukt alleen als de audit is gebaseerd op de belangrijkste risico\u2019s die de doelstellingen van de organisatie in gevaar kunnen brengen.<\/p>

Maar hoe werkt risk based auditen nu eigenlijk?<\/h2>

Geen risk based auditing zonder goed integraal risicomanagement. Bij de inrichting dient het risicomanagement een heldere koppeling te hebben met de doelstellingen en sturing van de organisatie. Ook de cultuur in de organisatie moet om naar \u201cgeen nieuws is slecht nieuws\u201d. Dit betekent dat manager zonder enig risico juist wel een audit kan verwachten immers nobody\u2019s perfect. Daarnaast kan door het reguliere proces een top 10 risico\u2019s per kernwaarde worden vastgesteld. Juist van deze risico\u2019s moet worden vastgesteld of ze \u00a0binnen het risk appetite\u00a0passen van de organisatie.\u00a0Dit doe je door per risico de belangrijkste\u00a0bestaande\u00a0mitigerende beheersmaatregelen te;<\/p>

  • \u00a0inventariseren en<\/li>
  • te toetsen of ze effectief zijn ingericht in opzet, bestaan en werking.<\/li><\/ul>

    Wat levert het op?<\/h2>

    Focus: door risk based auditing krijgt de organisatie grip op de belangrijkste risico\u2019s en kan men sturing geven op de te behalen doelstellingen. Daarbij dient prioritering qua audit en frequentie \u00a0en diepgang (bijv. aantal steekproeven) op basis van het risicoprofiel plaats te vinden.<\/p>

    Voor de top geeft het comfort dat de beheersing vanuit de organisatie op de belangrijkste risico\u2019s goed gebeurt. Voor de ondersteunende (2e<\/sup>) lijn geeft het informatie waar en hoe men kan verbeteren. De uitvoerende (1e<\/sup>) lijn krijgt direct feedback over hoe ze hun werk doen en kan snel leren van de best practice.<\/p><\/div><\/div><\/div><\/div><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

    Kaplan onderscheid drie soorten risico\u2019s; te voorkomen, strategisch en extern. De te voorkomen risico\u2019s zijn te be\u00efnvloeden door de organisatie en daardoor zijn…<\/p>\n","protected":false},"author":20,"featured_media":5748,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[18],"tags":[44,58,49],"class_list":["post-9563","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-artikel","tag-audit","tag-audit-management","tag-risico-analyse"],"_links":{"self":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts\/9563","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/comments?post=9563"}],"version-history":[{"count":9,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts\/9563\/revisions"}],"predecessor-version":[{"id":16553,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts\/9563\/revisions\/16553"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/media\/5748"}],"wp:attachment":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/media?parent=9563"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/categories?post=9563"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/tags?post=9563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}