The Risk Assessment Process (RAP)
On an annual basis the Office of Audit Services, performs an inventory of departments and critical business functions that exist on campus. Since the department has limited resources at hand, it is extremely important that the department's efforts are focused on the most critical business functions. Detailed below are examples of some of the factors that are utilized by the department during the RAP.
RISK ASSESSMENT FACTORS
MATERIALITY/SIZE
Are operations significant to the operations of the University?
PRIOR RECOMMENDATIONS
Are there open audit recommendations from prior audits?
COMPLIANCE REQUIREMENTS
Are there internal policies, statutory, and/or federal regulations that govern the area?
COMPLEXITY OF OPERATIONS
Are operations complex simply due to the inherent nature of operations?
VISIBILITY
Are operations highly visible to non-institutional stakeholders?
TIME SINCE LAST AUDIT
Were operations audited recently?
COST SAVINGS/REVENUE POTENTIAL
Is there potential for cost savings and/or opportunity for increased revenues within the area?
OTHER CONCERNS
Have administrators, faculty, or staff expressed concerns about the area?