Coordination and Reliance: Developing an Assurance Map

A Practice Guide from the IIA

The purpose of assurance activities is to provide an objective and independent assessment on governance, risk management, and control processes for the organization. Assurance maps offer a visual representation of the organization’s risk coverage, and help identify gaps and overlaps.

This practice guide takes the reader through the process of documenting assurance activities throughout an organization, covering the following topics at a high level:

  • Developing an assurance map
  • Identifying sources of risk information
  • Organizing risks into categories
  • Identifying assurance service providers
  • Gathering information and documenting assurance coverage
  • Reviewing and updating the assurance map
  • Using assurance maps

Webinar: Getting the Most Out of Risk Assurance Mapping (Courtesy of IIA Australia): Are there gaps in your assurance framework which could potentially expose your organisation? Assurance mapping is a tool which enables Internal Auditors to visually present all assurance activities of the organisation, both internal and external, as they apply to the organisation’s risks. For example, the map might depict the top risks such as the most likely strategic risks an organisation faces, or it might set out specific compliance duties that cover director obligations. A clear benefit is that once complete, any gaps or duplications can be identified and corrected.This webinar will take you through the assurance mapping process which can be practically applied in all organisations no matter how big or small.