Risk Assurance


Assurance is a process that provides a level of confidence that objectives will be achieved within an acceptable level of risk.

Assurance Services are an independent professional service, typically provided by a Chartered or Certified Public Accountant with the goal of improving information and the context of information so that decision-makers can make more informed, and presumably better, decisions.  Assurance services provide independent professional opinions that reduce information risk (the risk of having incorrect information).  Another way to describe Internal Audit is an "objective examination of the evidence for the purpose of providing an independent assessment on governance, risk management, control processes for the organisation"

Difference between Risk Assurance and Core Assurance.

Core Assurance

Core Assurance usually involves external, independent audit only.  This is the audit of financial statements and financial documents and is usually a legal requirement.

Risk Assurance

Risk Assurance is the internal process or methodology we employ to create the 'checks and balances' within our governance and risk frameworks by identifying a "gap" between the ideal risk state vs the risk in real terms.  The initial engagements with risk assurance focuses on a 'discovery' period in order to create a scope of works which usually takes a great deal of time.

So why do we have internal audit?

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations.  It is a disciplined approach to evaluate and improve the effectiveness of risk management, controls, treatments, and governance processes.