Annual Audit Plan & Risk Assessment

The Audit Plan is designed to meet the objective of providing the most effective and efficient deployment of Internal Audit resources in a manner that addresses:
1. areas of highest relative risk,
2. core business activities of the University, and
3. broad coverage across the spectrum of University operations.

Risk can be defined as any issue that impacts an institution’s ability to meet its objectives.

We assess the audit risk using the following methodology:

  • Data Gathering and Analysis
  • Interviews with management and staff
  • Data/financial analysis
  • Surveys
  • Complete Risk Assessment Model
  • Universe of Processes, Functions, Units
  • Scoring Universe Using Predictive Factors

UCSF Risk Assessment Overview (PDF)