The purpose of a fraud risk assessment is to contribute to the identification, assessment and testing of fraud risk related controls and is aimed at identifying actual, potential and/or perceived fraud risks within the organisation.
The aim is not only to assess those areas where frauds have been committed or perceived to have been committed and listed in the organisation’s fraud risk register, but should ideally also include areas that may be impacted, or may be vulnerable to fraud related activities perpetrated by, or resulting from unethical or inappropriate practices emanating from internal and/or external sources.
Fraud risk assessments should consider all areas of business and business continuity when assessing the risk of fraud within its environment. These assessment should also consider, the local, regional, and global impact that the economy, organisational and social culture and political influences may have on the likelihood of fraud occurring within the organisation.
In brief, the purpose of a fraud risk assessment is to create a platform through which an organisation will be able to identify, react to, and monitor the actual, potential and/or perceived vulnerabilities and related mitigation implemented thereafter, within the organisation, or its various departments, and business units.
In brief, the purpose of a fraud risk maturity assessment is intended to identify and report on current levels of implementation, and the effectiveness of the ethics-compliance / FRM status and perceived reputation of the organisation. Key areas of actual and/or perceived concerns raised through the assessment, as well as gaps and priorities identified will contribute to the focussed planning and implementation of a revised and or enhanced FRM program.
The outcomes of a fraud risk maturity assessment should place an organisation in a position to develop, enhance and implement quick fix practices associated with identified vulnerabilities pending the development of a full FRM program.