Internal Audit & Enterprise Risk Management

  • Internal Audit (IA) performs an annual risk assessment to develop an audit plan
  • Enterprise Risk Management (ERM) facilitates ongoing risk identification and analysis
  • Sharing of information and coordination of risk activities between IA and ERM
    • Chief Audit Officer serves as a member of ERM Advisory Group
    • Chief Audit Officer, Chief Compliance Officer, and Chief Risk Officer meet regularly to discuss issues
    • ERM informs IA of plan and activities
    • IA provides inputs to ERM process
    • IA provides validation and assurance of risk mitigation activities.