An Effective Way to Conduct a Risk Assessment Guide

Subscriber Content
Screenshot of the first page of An Effective Way to Conduct a Risk Assessment Guide
From Protiviti’s Guide to Enterprise Risk Management: Frequently Asked Questions

There are many ways to conduct a risk assessment. For example, companies may conduct interviews or surveys of key personnel, review key documents, conduct facilitated workshops, perform targeted reviews, or utilize any combination of these options. This guide outlines and compares various options and approaches to conducting an effective risk assessment, including interviews, online surveys, paper surveys, document review, facilitated workshops and targeted reviews. 

For example, during the interview process the individual stakeholder is asked to identify potential events and prioritize associated risks. The advantage of this method is the interaction provides an opportunity to set the stage, ask the appropriate follow-up questions, probe/understand underlying root causes, clarify questions, if necessary, cover sensitive topics more thoroughly, and add more insight and depth regarding potential future events. The challenges of this method include:

  • They must be delivered by a certain time
  • Challenges with scheduling exist
  • Logistics must be managed
  • The interviewer must subjectively aggregate data points
  • The individual interviews do not directly support consensus-building

Topics
Risk Assessment
Self-Assessment
Enterprise Risk Management
Entity-Level Control
Strategic Risk

Related Resources

Protiviti Booklets

Guide to Enterprise Risk Management

Newsletters

Four Foundational Elements of Risk Management

Audit Reports

Audit Committee Report — Internal Audit Update

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It