FoAM Form-02

Forms and Templates Fraud Risk Assessment Template

FoAM Form-02 Fraud Risk Assessment Template

Agency Name: Prepared by Date:

Reviewed by Date:
Audit Period: Approved by Date:

The COA auditor should obtain the Understanding the Agency (UTA) template of the IRRBAM portion and review the agency’s Mandate,
Operations, Objectives and Strategies, Critical Success Factor, Key Performance Indicators.

Based on the information gathered from the UTA, the COA auditor should review and assess the information about the agency, and identify the fraud risks
that may affect the agency’s Mandate, Operations, Objectives and Strategies, Critical Success Factor, Key Performance Indicators. Using professional
judgment and guided by FoAM’s fraud categories, the auditor should identify all possible fraud risks and schemes of the agency and document them in the
table as follows:

Page 1 of 3
Last Updated - March 2011 v03-03-11
 FoAM Form-02
Forms and Templates Fraud Risk Assessment Template

FRAUD
OVERALL
CATEGORY FRAUD RISK SUB- SUPPORTING AUDIT
PROCESS3 IMPACT5 LIKELIHOOD6 ASSESSMENT7 RATIONALE 10
AND STATEMENT2 PROCESS4 INFORMATON RESPONSE9
SCHEMES1

Page 2 of 3
Last Updated - March 2011 v03-03-11
 FoAM Form-02
Forms and Templates Fraud Risk Assessment Template

This template will guide us in conducting the Fraud Risk Assessment Planning meeting.

1. Fraud Category and Schemes – list down the category of fraud risk - Corruption, Asset Misappropriation, or Financial statement Fraud. Specify the
potential fraud scheme that corresponds to the fraud risk the agency has.

2. Risk Statement – describe the fraud scheme as to its effect on the agency.

3. Process – identify which process in the agency is affected by the fraud risk identified (e.g. Procurement).

4. Sub-Process - identify which specific area in the process is affected by the fraud risk identified (e.g. bidding).

5. Impact – assess the extent of the identified fraud risks to the agency. Factors that may help define the impact rating may include financial effect,
reputation impacts, ability to achieve key objectives, person likely to commit the fraud, etc.

6. Likelihood – assess the susceptibility of the agency to identified fraud risks. Factors that may help define likelihood may include volume of transaction,
type of asset expose to the fraud (e.g. cash or inventory), ease of committing the fraud, history of past irregularities in the agency, etc.

7. Overall Assessment – assess the combined assessment on the impact and likelihood of the fraud risks within the agency and rank this as low,
moderate, or high.

8. Supporting Information - provide information and documents to support the assessment.

9. Fraud Response – based on the overall assessment, indicate the audit response to all identified fraud risk, e.g. test of controls, performing detective
procedures, or a combination of both. Fraud risks assessed as low usually will not merit an audit response.

10. Rationale – Include the reason for the overall assessment or the reason why we should not pursue any audit response for the fraud risk.

Page 3 of 3
Last Updated - March 2011 v03-03-11