Customer Support: +353 (0)1 857 6730

Corporate Website About Us
  • Shopping Cart
    There are no items in your cart
Please enter a keyword to search
Advanced search
Home
AS
HB 158-2006

HB 158-2006

Superseded

Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by

Delivering assurance based on AS/NZS 4360:2004 Risk Management

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Superseded date

30-06-2017

Superseded by

HB 158-2010

Language(s)

English

Published date

01-01-2006

Publisher

Standards Australia

Preview
€77.79
Excluding VAT
EUR
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF 1 User - English
PDF 3 Users - English
PDF 5 Users - English
PDF 9 Users - English
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20

1 - HB 158-2006 Delivering assurance based on AS/NZS 4360:2004 Risk Management
3 - Preface
4 - Contents
6 - 1 Scope and objectives
7 - 1.1 Enterprise risk management (ERM)
7 - 1.2 Terminology and definitions
7 - 1.2.1 Assurance
7 - 1.2.2 Inherent risk/Exposure
9 - 1.2.3 Audit
10 - 1.2.4 Controls
10 - 1.2.5 Organisations
12 - 2 Summary of the risk management process
12 - 2.1 General
13 - 2.2 Communicate and consult
14 - 2.2.1 Requirements
14 - 2.2.2 Linkages
14 - 2.3 Establish the context
15 - 2.3.1 Requirements
15 - 2.3.2 Linkages
16 - 2.4 Identify risks
16 - 2.4.1 Requirements
16 - 2.4.2 Linkages
17 - 2.5 Analyse risks
17 - 2.5.1 Requirements
17 - 2.5.2 Linkages
18 - 2.6 Evaluate risks
18 - 2.6.1 Requirements
18 - 2.6.2 Linkages
19 - 2.7 Treat risks
20 - 2.7.1 Requirements
20 - 2.7.2 Linkages
20 - 2.8 Monitor and review
21 - 2.8.1 Requirements
21 - 2.8.2 Linkages
22 - 3 Risk management and assurance
22 - 3.1 Linking risk management to assurance
23 - 3.2 Strategic and organisation-wide approaches to risk management
24 - 3.3 Assurance and the risk management process
25 - 3.4 Internal audit involvement in risk management
27 - 4 Developing an assurance strategy
28 - 4.1 Step 1: Identifying the assurance needs of the organisation
28 - 4.2 Step 2: Identifying who the assurance providers are and their scope of operation
29 - 4.2.1 Organisational management
30 - 4.2.2 Internal audit
30 - 4.2.3 External audit
31 - 4.3 Step 3: Identify and document assurance mechanisms
31 - 4.3.1 The organisation needs assurance that all material risks have been identified
32 - 4.3.2 The organisation needs assurance that risks have been accurately analysed and evaluated
33 - 4.3.3 The organisation needs assurance that controls are both adequate and effective
33 - 4.3.4 The organisation needs assurance that intolerably high risks are being properly addressed by management
34 - 4.4 Step 4: Design the assurance review program
34 - 4.4.1 Identifying key controls
35 - 4.4.2 Planning and prioritising review
36 - 4.5 Step 5: Develop an annual review program
37 - 4.5.1 Scheduling reviews based upon risk
37 - 4.5.2 Scheduling based on information need
38 - 4.5.3 Scheduling based on other factors
38 - 4.5.4 Priority model and resource constraints
39 - 4.5.5 The annual internal audit plan
40 - 4.6 Step 6: Measuring the strategy
41 - 5 Planning an engagement
41 - 5.1 Engagement scope
42 - 5.2 Engagement objectives
42 - 5.3 Engagement procedures
43 - 5.4 Rational use of resources
43 - 5.5 Skills and body of knowledge
45 - 6 Feedback and follow up from assurance processes
45 - 6.1 Reporting lines
46 - 6.2 Reporting the individual assurance engagement
46 - 6.2.1 Communicate and consult
46 - 6.2.2 Establish Context
47 - 6.2.3 Risk identification
47 - 6.2.4 Risk analysis
47 - 6.2.5 Risk evaluation
48 - 6.2.6 Risk treatment
49 - 6.2.7 Monitor and review
49 - 6.3 Ensuring action
51 - 7 Designing and improving controls
51 - 7.1 Identifying and measuring control gaps
52 - 7.1.1 Management responsibilities
53 - 7.1.2 Other assurance activities
53 - 7.2 Designing controls
54 - 7.2.1 Step 1 – Output from the Risk Assessment Process
55 - 7.2.2 Step 2 – Define Design Intent
55 - 7.2.3 Step 3 – Detailed Design
55 - 7.2.4 Step 4 - Evaluation
56 - 7.2.5 Step 5 - Implementation
56 - 7.3 Adding controls to an existing process
58 - 8 Assurance of the risk management process
59 - 8.1 Process element approach
59 - 8.1.1 Element 1 Communication
59 - 8.1.2 Element 2 Setting the context
60 - 8.1.3 Element 3 Risk identification
60 - 8.1.4 Element 4 Risk analysis
60 - 8.1.5 Element 5 Risk evaluation
61 - 8.1.6 Element 6 Risk treatment
61 - 8.1.7 Element 7 Monitor and review
61 - 8.2 Key principles approach
63 - 8.3 Maturity model approach
66 - Appendix A - Example priority model

This Handbook is a practitioners' guide for internal auditors and any other assurance provider such as External auditors; Information system control professionals - internal or external auditors, security professionals etc; Safety, health and environmental auditors; Quality auditors. This Handbook amplifies HB 436:2004 and the IIA's 'Professional Practices Framework' with respect to using and assuring the AS/NZS 4360:2004, Risk management process. In particular it describes how to use the risk management process to: Develop an assurance strategy; Plan an assurance engagement; Report the assurance program; and Design controls.

Committee
OB-007
DocumentType
Handbook
ISBN
0 7337 7843 7
Pages
62
PublisherName
Standards Australia
Status
Superseded
SupersededBy
Supersedes

Originated as HB 158-2002.
Revised and redesignated as GB 158-2004.
Revised and redesignated as HB 158-2006.

HB 254-2005 Governance, risk management and control assurance
AS/NZS 4360:2004 Risk management

AS 8001-2008 Fraud and corruption control

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Get in touch with us