Risk Assessment for Internal Audit
Hi i need some help regarding risk assessment for Internal Audit. We just conducted our FSSC 22000 Internal audit. Few of us were selected to to do the risk assessment.
Its my first time to do risk assessment and im not that familiar on how to do it properly. Our audit team leader has already made the risk assessment matrix, severity and probability. We just need to come up with the possible risk base on the clauses in the standard.
My task are the following clauses
FS 6.3 Infrastructure
FS 6.4 Work Environment
TS4 - Construction and layout of buildings
TS5.1 - General requirements
TS5.2 - Internal design, layout and traffic pattern
TS5.3 - Internal structures and fittings
TS5.6 - Temporary or mobile premises and vending machines
TS7 - Waste disposal
TS5.4 - Location of equipment
TS6 - Utilities - air, water, energy
TS8 - Equipment suitability, cleaning and maintenance
thanks
Hi i need some help regarding risk assessment for Internal Audit. We just conducted our FSSC 22000 Internal audit. Few of us were selected to to do the risk assessment.
Its my first time to do risk assessment and im not that familiar on how to do it properly. Our audit team leader has already made the risk assessment matrix, severity and probability. We just need to come up with the possible risk base on the clauses in the standard.
My task are the following clauses
FS 6.3 Infrastructure
FS 6.4 Work Environment
TS4 - Construction and layout of buildings
TS5.1 - General requirements
TS5.2 - Internal design, layout and traffic pattern
TS5.3 - Internal structures and fittings
TS5.6 - Temporary or mobile premises and vending machines
TS7 - Waste disposal
TS5.4 - Location of equipment
TS6 - Utilities - air, water, energy
TS8 - Equipment suitability, cleaning and maintenance
thanks
Hi oris,
These may give you some ideas-
http://www.ifsqn.com...cklist/?p=89483
Dear Oris,
Your internal audit plan need to be based on risk assessment.
However you do not need to conduct this risk assessment with occurrence X effect matrix.
All activities/processes need to be internal audited at least annually.
Processes that are more critical you do more often. The frequency should be based on risk assessment.