Professional Documents
Culture Documents
Assignment 7.
Assignment 7.
CONSULTANTS
TAMALE MODULE 1
Presented by:
STUDENT NAME:
STUDENT ID #:
STUDENT INDEX #:
July 2022
RISK ASSESSMENT REPORT
Appendix i: Organizational Health & Safety Risk Assessment of the Gushiegu District Audit Service
Likelihood Actions required to minimize the Intervention Resource
# Risks Identified Occurrence Impact Preventive Measure impact of risks Requirement
1. Fire outbreak. Low High Remove items from Provide first aid kits in Firefighting equipment
electrical cupboards & place. i.e., fire extinguishers,
metering areas. Construct a fire hydrant. fire hydrants, fire
Install battery-powered Train staff on first aid blankets, water, etc.
smoke detectors in the entire administration.
office building in the
interim.
3. Staff sickness Moderate High Provide medical insurance Pay attention to employees’ Financial
with a well-being stress levels. resources.
program/incentives. Provide employees with Additional
Offering staff required medical insurance to cater to human
annual leave for rest and their well-being. resources will
recovery. Log sickness, and trigger be required.
Periodically conduct sickness absence procedures
medical screening for all after one week.
staff. Have a fit-for-purpose
sickness absence policy.
4. Failure of utilities High High Purchase and install a Purchase and install a Financial
causing heat backup generator and/or off- backup generator and/or off- resources
injuries e.g. grid solutions. grid solutions. required
water, and Provide water storage Provide water storage Equipment and
electricity. reservoir on-site or dig own reservoir on-site or dig own material
borehole. borehole. resources
Move to a location where a Move to a location where a required i.e.
stable and reliable supply is stable and reliable supply is backup standby
guaranteed e.g. rural guaranteed e.g. rural generator, water
locations have more/longer locations have more/longer storage facility,
blackouts. blackouts. etc.
Change our processes to
reduce reliance on utilities
e.g. require less water
5. Data security Low High Train employees on security Purchase a cyber liability Financial
breach. awareness. insurance policy. resources
Lockdown hardware e.g. Perform regular vulnerability Data protection
company laptops, and assessments. equipment
disable computer USB Install backup servers to hold required i.e.
ports. data for recovery of lost data in data leak
Network and data case of a breach. prevention and
encryption. recovery tools.
Getting essentials in place
e.g. anti-virus, firewalls,
password use, whitelisting,
access control, etc.
A RISK POLICY RECOMMENDATION
PRESENTED TO
To ensure that the Ghana Audit Service in the Gushiegu District is aware of and
acting upon risks that are reasonably foreseeable to protect the people, property,
finances, reputation, and relationships within the organization. This policy seeks to
form part of the internal control and governance arrangements of the Audit Service in
documents, the roles and responsibilities of the Board, and other key parties. It also
outlines key aspects of the risk management process and identifies the main reporting
procedures. In addition, it describes the process the Board will use to evaluate the
The following key principles outline the approach that those charged with governance
and control and management of the Ghana Audit Service at the Gushiegu District
by the Board
the District Audit Service makes conservative and prudent recognition and
all staffs are responsible for encouraging good risk management practices
key risks will be identified by the Board and closely monitored regularly.
The Board of the Ghana Audit Service in Gushiegu District has a fundamental role to
a. Set the tone and influence the culture of risk management within. This includes:
determining what types of risk are acceptable and which are not
setting the standards and expectations of staff concerning conduct and probity.
b. Determine the appropriate risk appetite or level of exposure for Audit Service.
c. Approve major decisions affecting the organization’s risk profile or exposure.
d. Identify risks and monitor the management of fundamental risks to reduce the
e. Satisfy itself that the less fundamental risks are being actively managed, with the
f. Annually review the District Audit Service approach to risk management and
b. Identify and evaluate the fundamental risks faced by the District Audit Service in
c. Provide adequate information promptly to the Board and its sub-committees on the
Attached to fundamental risks are a series of policies that underpin the internal control
process. The policies are set by the Board and implemented and communicated to
b. Reporting.
The organization’s planning and budgeting process is used to set objectives, agree on
action plans, and allocate resources. Progress towards meeting business plan
d. Self-Assurance Process
The annual self-assurance process is the mechanism by which we assess whether we
are fit to receive public funds. The process assists in assuring that our structures,
plans, policies, and procedures are regularly reviewed and, where necessary, improved
An external audit provides feedback to the Board on the operation of the internal
From time to time, the use of external consultants will be necessary for areas such as
health and safety, and financial and human resources. The use of specialist third
parties for consulting and reporting can increase the reliability of the internal control
system.
This policy paper proposes the District Audit Service operates a risk management
process/framework as follows:
The Board is responsible for reviewing the effectiveness of internal control of the
outlined below.
For each fundamental risk identified above in appendix I, the board will:
review the previous year and examine the organization’s track record in risk
consider the internal and external risk profile of the coming year and consider if
In making its decision the Board should consider the following aspects.
a. Control environment:
delegation of authority
public reporting.
exposure.
the ability of the Audit Service in Gishiegu to learn from its risk problems
report of his/her review of the effectiveness of the internal control system annually for
consideration by the Board of the District Audit Service in the Gushiegu District.