Professional Documents
Culture Documents
AND BOTTOM-UP
COMPANY SNAPSHOT
12
AXA Equitable’s
objectives and strategies
BUILD A HYBRID AUDIT PLAN
are evaluated in a top-
down, bottom-up audit AXA Equitable’s Top-Down and Bottom-Up Audit Planning Approach
planning approach.
Management Interviews
Use management interviews
to evaluate risks associated with
organizational objectives, key activities,
changes in people, process, systems,
and the environment, and provide the
basis for a traditional risk assessment.
13
AXA Equitable examines
business unit strategic
TOP-DOWN AUDIT PLANNING APPROACH
plans and supporting
projects to confirm link Business Unit Strategic Plans and Projects Review Process
to enterprise objectives.
■■ Business strategic plans and Sample Questions Internal Audit Uses to Evaluate Assumptions in Business Strategic Plans and Projects
projects will be added to the
Enterprise Level (Aggregate Level)
audit plan if uncertainty or
■■ Can we tie the project to the company’s strategic objectives?
impact is high.
■■ Can we validate the supporting information?
■■ Were the principles used in determining this course of action appropriate?
■■ What is the impact to the market segment?
■■ Is there recognition of changes to external assumptions (economic, regulatory, political)?
■■ What other critical issues could derail the strategies?
14
Internal Audit’s focus on
objectives in its interview
BOTTOM-UP AUDIT PLANNING APPROACH
process assists the
inclusion of traditional AXA Equitable’s Management Interview Process
and nontraditional
engagements in the
Input: Interview Prep Packs Output: Risk Assessment
audit plan.
Consider enterprise and BU level strategies as well Complete based on enterprise and BU level strategies
as external and internal risks. as well as external and internal risks.
■■ Internal Audit asks
Interview Prep Pack Risk Assessment Survey
management detailed
questions around specific Enterprise and BU Level Strategy Department: Interviewee:
initiatives, providing insight ■■ Top 10 Strategies—A list of the most important IAD Team:
into the potential success strategies for the company as well as from the
and failure of strategies. Date:
parent company
Factors Rating:
■■ Project Proposals—Details on proposed
■■ Internal Audit completes risk Enterprise and BU Level Strategy
and approved projects and initiatives for
assessments after each
that business area 1. Organization Objectives L/M/S/H
interview based on 10
External and Internal Risks and Key Activities
factors, four of which
are related to enterprise ■■ Twenty Things to Think About—A list of risk 2. Business Plans-Short Term/Long L/M/S/H
and BU level strategies. areas or issues to consider in interviews based Term
on external research 3. Group Strategic Initiatives L/M/S/H
■■ Assessment ratings inform for AXA Equitable
■■ List of Critical Risks—Top risks identified and
which risks and projects
assessed by the Operational Risk Management 4. Business Processes Changes- L/M/S/H
are added to the audit plan.
group Current/Future
External and Internal Risks
5. Organization People and Changes L/M/S/H
6. Systems & IT Environment L/M/S/H
Changes—Current/Future
7. Risks Identified with Operational L/M/S/H
Risk Management
8. Risks Identified by Group Audit L/M/S/H
9. Fraud Susceptibility L/M/S/H
10. Concerns/Requests/Comments L/M/S/H
From the AUDIT DIRECTOR ROUNDTABLE®
of the FINANCE AND STRATEGY PRACTICE
www.adr.executiveboard.com
Source: AXA Equitable Life Insurance Company.
© 2010 The Corporate Executive Board Company.
All Rights Reserved. ADR6353110SYN
15