Risky Business!
(Impact of the risk)
(Impact of the risk)
A data breach at a hospital exposes patient records.
What is loss of confidentiality?
All purchase orders require dual signatures and are compared with actual deliveries.
What is effective?
Checking documentation to see if reconciliations are performed monthly.
What is testing control?
Data backups are performed, but not regularly tested for recovery.
What is a medium-risk finding?
This element has the chemical symbol ‘AU’.
What is gold?
Supply chain disruption halts production for two weeks.
What is operational downtime?
The CEO approves all expense reports before reimbursement.
What is ineffective?
Recalculating the total value of invoice amounts for accuracy.
What is substantive testing?
Unrestricted access to financial systems for all staff.
What is a high-risk finding?
The largest mammal on Earth.
What is the blue whale?
The CEO’s unethical action was publicized by the media.
What is loss of stakeholder trust?
Only the Internal Audit team can authorize access to sensitive files within the organization.
What is ineffective?
Reviewing system logs to check if access restrictions were enforced.
What is a test of control?
Some monthly reconciliations are performed late, but are always complete.
What is a medium-risk finding?
The largest organ in the human body.
What is the skin?