The role of internal audit is changing. The Sarbanes-Oxley legislation in the US and the Combined Code for Corporate Governance in the UK focused on the need to demonstrate the active management of risks and report on this subject to shareholders. Boards of Directors are therefore increasingly requiring their Internal Audit functions to provide a much higher level of assurance in this regard. Phil Griffiths' Risk-Based Auditing explains the concepts and practice behind a risk-based approach to auditing. He explores the changing environment in both the private and public sectors and the associated legislation and guidance. The book then provides a blueprint for refocusing the internal audit role to embrace risk and to help plan, market, undertake and report a risk-based audit. The text includes a detailed risk-based audit toolkit with 14 sections of tools, techniques and information to enable a risk-based approach to be adopted. This is an essential guide for internal and external auditors seeking to manage the realities of the audit function in the turbulent and fast-changing business environment that has emerged since the end of the last century.