City of San José, Capital of Silicon Valley  
  City Home City Services About San José Visitors Feedback Search  
department title

Thursday, July 24, 2008
  Auditor Home
 

Auditing City Departments And Programs
Audit Programs
Audit Workplan
Benefits To The City
City Charter Authority
Citywide Risk Assessment
External Quality Control
Office Procedures
Risk Assessment
Sales Tax Auditing

Staff
Organizational Chart

Government Links

Contact Webmaster
 
 

CSJ Site Index
Accessibility Instructions
Problems viewing site

 
 

RISK ASSESSMENT

 

General

The rationale for conducting a risk assessment is that auditors can limit testing and focus on those areas most vulnerable to noncompliance and abuse. This produces a more cost-effective and timely audit.

In conducting a risk assessment, the auditor:

  • Identifies the threats associated with the area or activity under review;
  • Determines the inherent risk associated with the identified threats; and
  • Assesses whether the existing internal controls will prevent, detect, or correct instances when threats actually occur.

The extent of audit testing is directly related to an assessment of the activity's degree of vulnerability. The higher the vulnerability, the more extensive the audit testing needs to be and vice versa. Thus, even though an activity may have a high degree of inherent risk, a strong system of internal controls can reduce the entity's exposure to a low or moderate level. Accordingly, the need to conduct detailed audit tests could be reduced to an appropriate level.

 

 

  Purpose
  General
  Library

 

 

 

Last Modified Date: 5/17/2006
 
 

City Home - City Services - About San José - Visitors - Feedback - Search Engine
 

As a customer-driven organization, the City of San José welcomes any suggestions you might have to help us serve you better.