Related Posts
Heads or Tails?

Anyone an EA at Citadel? Do you like it?
Additional Posts in Risk Assurance
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.
Heads or Tails?

Anyone an EA at Citadel? Do you like it?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Download the Fishbowl app to unlock all discussions on Fishbowl.
Copy and paste embed code on your site

Scan your QR code to download
Fishbowl app on your mobile

Unfortunately, there is no last year files. It’s a new project and nothing to go by as a guide.
Risk Framework implementation should be assessed against a standardized risk management framework. The most common one is usually COSO framework, ideally COSO 2017 but if you don’t have the material, COSO 2013 is still acceptable. Understand the main components/principals of the standard, and assess the risk framework against those principals. And also ask for help, ask your project manager and other team members- you shouldn’t be alone in this if you get stuck.
For test of design do you have last year client files? You can try mimicking those
Shoot , I have not come across and engagement like that. Do you have any superiors like a manager to ask for help?
Use a similar-ish underlying business/project.
If it is one of it's kind, unique process than you can only test the assumptions and the people.
From a project related to the implementation of a new risk framework I would first start by understand what framework/s the company is leveraging to build their own. Once you figure that out, along with applying some of your skills/expertise to use, you can come up with some design tests.
And to EY1 - my goodness why is EY so NOTORIOUS for this “just follow last year working paper”. Not everything can follow last year work paper - you need to understand the objective of the task and find the right solution, not just cutting corners by reciting and update last year wp. You’re probably just another victim of an EY manager who told you to do so - that’s why I wholeheartedly believe EY IS THE WORST OF ALL BIG 4, and I envision one of these days there will only the big 3. ✌️
ISACA's website offers standard work programs test steps for free to it's members. I'm pretty sure they've a few for RM framework.
ISACA is geared more towards IT risk. COSO is for general risk framework. Depends on the project on topic
Have you figured it out? I'm struggling with the same