Risk Reviews and Audits

Although risk reviews and audits come in a variety of forms and formats, there are sufficient common elements to discuss them as a whole. The key for any quality risk review is to acknowledge that it is a comprehensive examination rather than a review of a single risk event in isolation. The objective of a risk review is to reevaluate the risk environment, the risk events, and their relative probability and impact. A risk audit is a more exhaustive assessment that involves a task-by-task, risk-by-risk analysis, as well as an examination of the process efficacy as a whole.