Abstract
The role of internal auditor in enterprise risk management (ERM) implementation is being highlighted by Institute of Internal Auditors (IIA) in 1999 where internal audit scope is to include assurance and consulting activities in risk management, control and governance. Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its integrated framework in 2004 (updated in 2017). After announcing of the released COSO framework in 2004, IIA then released a statement in the commencement of internal auditor’s role in risk management. Both internal and external audit are said to play a key role in the effectiveness of risk management within their organization. However, even though ERM has been introduced in 2004, the implementation is still not widely used and outgrowing. Since many organizations are still in developing their own risk management procedure, there are many arguments and debates over the involvement and the role of internal audit in risk management. The purpose of this paper is to highlight the issues and challenges which are faced by internal auditors in conducting their role in auditing risk management of an organization.
Highlights
The increase in the issue of financial irregularities and mismanagement leading to fraud has resulted in an increase in the adaptation of risk management systems in business
The role of internal auditor in enterprise risk management (ERM) implementation is being highlighted by Institute of Internal Auditors (IIA) in 1999 where internal audit scope is to include assurance and consulting activities in risk management, control and governance
This paper highlight two most important findings and it associated recommendation. It highlights the growing importance of roles play by internal auditor in assuring the effectiveness of Enterprise Risk Management towards accomplishing organization strategic goal
Summary
The increase in the issue of financial irregularities and mismanagement leading to fraud has resulted in an increase in the adaptation of risk management systems in business. In order to produce an effective risk management system, organizations began to change their traditional approach in managing risk management separately from one department to another. A system known as Enterprise Risk Management (ERM) that integrates all risk management processes involved in an organization has become an alternative to the organization to address this issue. ERM implementation involves the board of directors in dealing with risk management for an organization as they are the most influential party in an organization
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
