Every five years, the Auditor General performs a detailed risk assessment of the operations of the City and those major agencies and corporations included in his mandate. The purpose of the risk assessment is to ensure that all significant areas of the City are evaluated from an audit risk perspective by using uniform criteria and quantitative evaluations to identify areas that may warrant audit attention. Determining which areas to audit and the appropriate allocation of audit resources is essential in maximizing the value of an effective audit process.
The last risk assessment was completed in 2009. There were 56 high risk areas identified during the risk assessment. The majority of these high risk areas will have been the subject of an audit by the end of 2014. We have recently started our 2014 risk assessment. The results of this process will figure prominently in the development of the Auditor General’s Office annual work plans over the next five years. Given its importance, this process will involve a significant amount of audit resources over the next few months.
The results of the risk assessment process will be reported together with the 2015 Audit Work Plan to the first audit committee in 2015.