Michaels Ballet Company

Inherent risk is defined as “the probability of loss arising out of circumstances or existing in an environment, in the absence of any action to control or modify the circumstances” (Vijay Luthra & BusinessDictionary.com). There are a lot of things that need to be considered when it comes to inherent risk. Our readings in Managing the Business Risk of Fraud: A Practical Guide - Appendix D: Fraud Risk Assessment Framework Example tell us the following: (IIA, AICPA & ACFE, p. 55-56)

Identified Fraud Risks and Schemes: This column should include a full list of the potential fraud risks and schemes that may face the organization. This list will be different for different organizations and should be informed by (a) industry research, (b) interviews of employees and other stakeholders, (c) brainstorming sessions, and (d) activity on the whistleblower hotline.

Likelihood of Occurrence: To design an efficient fraud risk management program, it is important to assess the likelihood of the identified fraud risks so that the organization establishes proper anti-fraud controls for the risks that are deemed most likely. For purposes of the assessment, it should be adequate to evaluate the likelihood of risks as remote, reasonably possible, and probable.

Significance to the Organization: Quantitative and qualitative factors should be considered when assessing the significance of fraud risks to an organization. For example, certain fraud risks may only pose an immaterial direct financial risk to the organization, but could greatly impact its reputation, and therefore, would be deemed to be a more significant risk to the organization. For purposes of the assessment, it should be adequate to evaluate the significance of risks as immaterial, significant, and material.

People and/or Department Subject to the Risk: As fraud risks are identified and assessed, it is important to evaluate which people inside and outside the organization are subject to the risk. This knowledge...