The Risk Evaluation goes one level higher than the Internal Controls Evaluation. It focuses on identified
risks (e.g. ERO Risks or risks specific to the organization).
The Risk Evaluation:
Has a medium time horizon – starts to look at broader issues related to these identified risks going beyond specific Standards
Is ideal for organizations that have internal control programs in place around particular Standards and want to begin examining internal controls around broader risk areas.
If you have any questions or would like to request a Risk Evaluation, please visit our Contact Us page and direct your question to the Entity Engagement group.