Internal Auditing Project – Al Ain Rotana Hotal
Please Read the instructions very carefully and if you need any clarification please contact me.
Instructions in general (Covers the most important things that has to be in the project report):
Risk management Managers
1.Documenting everything about the process (The process its self).
2.Understand the processes and then get documents to support that this is what we found and this is how its happing and this is what it contains the parts of it, the people who perform it.
3.Then understand the different types at business risk that are related or might take place in this process, understand the basic risk of the organization and define key risk that impact the business objectivities and how they are linked to business processes (most difficult part). The whole organization or look at our part as if its the full organization. (No risk without objectives).
4.Identify the process in which this risk may happen. Which process of the organization may affect that particular objective. Find the link
5.Objective Process Risk = link them together. Risks are always with objectives.
6.Risks are either process based or decision based (Design or performance).
7.Then later put control then monitor and audit develop audit universe.
The auditor work start from step 7, but we need to understand all of the above to develop audit universe.
From step number 6
Audit universe = audit plan (cover every part). E.g . . . . Each part has to do for it audit each x months.
We need to understand risk assessment techniques and how they are used (Chapter 5).
Also awareness at additional risk.
If our organization does not have the first 6 steps, we need to make them for the organization.
In Chapter 4, the main focus is on the following:
1- The COSO Enterprise Risk Management (ERM) Cube, which is Exhibit 4-2.
You have to apply ERM for Al Ain Rotana Hotel – Front Office Department.
In Chapter 5, the main focus will be on the following:
1- Exhibit 5-2 ” Basic Classification Of Business Activities ”.
Please illustrate only the first 2 steps which are (1) Operating Process (2) Management and Support Process related to the (Front Office Department), focusing on the arrival of the guests to the hotel, check in, check out and so on…. with the explanation of both. No Need for (3) Projects.
2- Exhibit 5-3 ” Levels Of Process Depiction” you have to illustrate the process of the (Front Office Department), in addition to the explanation of that process.
3- Exhibit 5-4 ”High – Level Process Map” you have to illustrate it in addition to the explanation of the process as in general.
4- Exhibit 5-6 ” Detailed Level Process Map” which is the most important you have to illustrate it in addition to the explanation of all the details of that process and there will be some process that you will need to write then as a notes as you will see how it’s done it in Exhibit 5-6.
5- Exhibit 5-7 ” Basic Business Risk Model” you have to illustrate only. No need for explanation.
6- Read Exhibit 5-8 only read it and do Exhibit 5-9 ”Identification of Critical Risks”.
Which is the most important to illustrate and write all the key risks that impact the business objectives and missions , and how they are linked to the Department Process, write them in the boxes
7. Exhibit 5-10 ”Objectives and Critical Risk Matrix” illustrate it.
The mission will be the mission of the Department itself which is the (Front Office Department), not the hotel as a whole. and then you have to link the key risks with the objectives. Explanation is required.
8- Exhibit 5-11 ”Risk By process Matrix”
you have to illustrate only.and identify the key and secondary link. Please note: that it has not to be this much process and risks as in the Exhibit 5-11 only put those that you think the key one. or the most important ones.
9- Exhibit 5-14 ”Risk/Control Matrix for Process X”
illustrate it for only one main big process. choose one only and make it.
it should be based on and relates to the other aforementioned Exhibits.