Common use of Risk Levels Clause in Contracts

Risk Levels. In addition to explaining and giving details about the “Effect, potential impact or risk” in the text of an audit observation, UNDP requires that the auditor also identifies the risk level in the audit report by using one of the following 3 pre-established risk levels: High Action that is considered imperative to ensure that UNDP is not exposed to high risks(i.e. failure to take action could result in major consequences and issues). Medium Action that is considered necessary to avoid exposure to significant risks (i.e. failure to take action could result in significant consequences). Low Action that is considered desirable and should result in enhanced control or better value for money. RECOMMENDATION This aspect suggests how the situation might be remedied. An effective recommendation directly relates to and targets the cause. It isn't enough to state in general terms that management should fix the problem; the recommendation statement should also explain how remediation is to be achieved. A good recommendation maintains the proper balance between the risk presented and the cost to control it. Before making a recommendation, the auditor should consider the following questions: Does the recommendation solve the problem and eliminate or reduce the risk? Can the recommendation be implemented within the current environment? Is the recommendation cost-effective? Will the recommendation act as a temporary bandage or a permanent solution? Examples of effective recommendations include monthly or quarterly physical inventories of all assets and equipment with reconciliation to appropriate records. ADDITIONAL TIPS Whenever possible, similar findings should be combined into 0ne form so that the case for implementing the recommendation is strengthened. Playing devil's advocate can be an extremely helpful exercise. After completing the audit observation and recommendation, auditors should place themselves in the auditees' shoes and challenge/question the validity of the issue. If the issue cannot stand up to this exercise, it probably should not be included in the audit report. Annex 10: SAS 220 - GUIDANCE ON AUDITMATERIALITY Below are some highlights from the Statement of Auditing Standards (SAS) 220 – Audit Materiality. These are meant to provide guidance to the auditors in determining the materiality of observations for reporting purposes and as they might affect the audit opinion. The auditors should refer to SAS 220 for more details. The purpose of the SAS is to establish standards and provide guidance on the concept of materiality and its relationship with audit risk. Auditors should consider materiality and its relationship with audit risk when conducting an audit (SAS 220.1) A matter is material if knowledge of the matter would reasonably influence the economic decisions of users taken on the basis of the financial statements. Materiality may be considered in the context of the financial statements as a whole, any individual statements within the financial statements or individual items included within the financial statements. Materiality depends on the nature and size of the item or error judged in the particular circumstances. Since materiality has both qualitative and quantitative aspects, it is not capable of any general mathematical definition. Auditors should plan and perform the audit so as to provide them with sufficient evidence to give reasonable assurance that the financial statements are free from material misstatement and give a true and fair view. (SAS 220.2) The assessment of what is material is a matter of professional judgement.

Risk Levels. In addition to explaining the and giving details about the “Effect, potential impact or risk” in the text of an audit observation, UNDP requires that the auditor also identifies the risk level in the audit report by using one of the following 3 pre-established risk levels: High Action that Prompt action is considered imperative required to ensure that UNDP is not exposed to high risks(i.e. risks, i.e. failure to take action could result in major negative consequences and issues). Medium Action is required to ensure that UNDP is not exposed to risks that are considered necessary to avoid exposure to significant risks (i.e. failure moderate. Failure to take action could result in significant consequences)contribute to negative consequences for UNDP. Low Action that is considered desirable and should result in enhanced control or better value for money. RECOMMENDATION This aspect suggests how the situation might be remedied. An effective recommendation directly relates to and targets the cause. It isn't enough to state in general terms that management should fix the problem; the recommendation statement should also explain how remediation is to be achieved. A good recommendation maintains the proper balance between the risk presented and the cost to control it. Before making a recommendation, the auditor should consider the following questions: Does the recommendation solve the problem and eliminate or reduce the risk?  Can the recommendation be implemented within the current environment?  Is the recommendation cost-effective?  Will the recommendation act as a temporary bandage or a permanent solution? Examples of effective recommendations include monthly or quarterly physical inventories of all assets and equipment with reconciliation to appropriate records. ADDITIONAL TIPS Whenever possible, similar findings should be combined into 0ne one form so that the case for implementing the recommendation is strengthened. Playing devil's advocate can be an extremely helpful exercise. After completing the audit observation and recommendation, auditors should place themselves in the auditees' shoes and challenge/question the validity of the issue. If the issue cannot stand up to this exercise, it probably should not be included in the audit report. Annex 10: SAS 220 - GUIDANCE ON AUDITMATERIALITY Below are some highlights from the Statement of Auditing Standards (SAS) 220 – Audit Materiality. These are meant to provide guidance to the auditors in determining the materiality of observations for reporting purposes and as they might affect the audit opinion. The auditors should refer to SAS 220 for more details. The purpose of the SAS is to establish standards and provide guidance on the concept of materiality and its relationship with audit risk. Auditors should consider materiality and its relationship with audit risk when conducting an audit (SAS 220.1) A matter is material if knowledge of the matter would reasonably influence the economic decisions of users taken on the basis of the financial statements. Materiality may be considered in the context of the financial statements as a whole, any individual statements within the financial statements or individual items included within the financial statements. Materiality depends on the nature and size of the item or error judged in the particular circumstances. Since materiality has both qualitative and quantitative aspects, it is not capable of any general mathematical definition. Auditors should plan and perform the audit so as to provide them with sufficient evidence to give reasonable assurance that the financial statements are free from material misstatement and give a true and fair view. (SAS 220.2) The assessment of what is material is a matter of professional judgement.

Risk Levels. In addition to explaining the and giving details about the “Effect, potential impact or risk” in the text of an audit observation, UNDP requires that the auditor also identifies the risk level in the audit report by using one of the following 3 pre-established risk levels: High Action that Prompt action is considered imperative required to ensure that UNDP is not exposed to high risks(i.e. risks, i.e. failure to take action could result in major negative consequences and issues). Medium Action is required to ensure that UNDP is not exposed to risks that are considered necessary to avoid exposure to significant risks (i.e. failure moderate. Failure to take action could result in significant consequences)contribute to negative consequences for UNDP. Low Action that is considered desirable and should result in enhanced control or better value for money. RECOMMENDATION This aspect suggests how the situation might be remedied. An effective recommendation directly relates to and targets the cause. It isn't enough to state in general terms that management should fix the problem; the recommendation statement should also explain how remediation is to be achieved. A good recommendation maintains the proper balance between the risk presented and the cost to control it. Before making a recommendation, the auditor should consider the following questions: Does the recommendation solve the problem and eliminate or reduce the risk? ▪ Can the recommendation be implemented within the current environment? ▪ Is the recommendation cost-effective? ▪ Will the recommendation act as a temporary bandage or a permanent solution? Examples of effective recommendations include monthly or quarterly physical inventories of all assets and equipment with reconciliation to appropriate records. ADDITIONAL TIPS Whenever possible, similar findings should be combined into 0ne one form so that the case for implementing the recommendation is strengthened. Playing devil's advocate can be an extremely helpful exercise. After completing the audit observation and recommendation, auditors should place themselves in the auditees' shoes and challenge/question the validity of the issue. If the issue cannot stand up to this exercise, it probably should not be included in the audit report. Annex 10: SAS 220 - GUIDANCE ON AUDITMATERIALITY Below are some highlights from the Statement of Auditing Standards (SAS) 220 – Audit Materiality. These are meant to provide guidance to the auditors in determining the materiality of observations for reporting purposes and as they might affect the audit opinion. The auditors should refer to SAS 220 for more details. The purpose of the SAS is to establish standards and provide guidance on the concept of materiality and its relationship with audit risk. Auditors should consider materiality and its relationship with audit risk when conducting an audit (SAS 220.1) A matter is material if knowledge of the matter would reasonably influence the economic decisions of users taken on the basis of the financial statements. Materiality may be considered in the context of the financial statements as a whole, any individual statements within the financial statements or individual items included within the financial statements. Materiality depends on the nature and size of the item or error judged in the particular circumstances. Since materiality has both qualitative and quantitative aspects, it is not capable of any general mathematical definition. Auditors should plan and perform the audit so as to provide them with sufficient evidence to give reasonable assurance that the financial statements are free from material misstatement and give a true and fair view. (SAS 220.2) The assessment of what is material is a matter of professional judgement.

Risk Levels. In addition to explaining the and giving details about the “Effect, potential impact or risk” in the text of an audit observation, UNDP requires that the auditor also identifies the risk level in the audit report by using one of the following 3 pre-established risk levels: High Action that is considered imperative to ensure that UNDP is not exposed to high risks(i.e. risks (i.e. failure to take action could result in major consequences and issues). Medium Action that is considered necessary to avoid exposure to significant risks (i.e. failure to take action could result in significant consequencessignificantconsequences). Low Action that is considered desirable and should result in enhanced control or better value for money. RECOMMENDATION This aspect suggests how the situation might be remedied. An effective recommendation directly relates to and targets the cause. It isn't enough to state in general terms that management should fix the problem; the recommendation statement should also explain how remediation is to be achieved. A good recommendation maintains the proper balance between the risk presented and the cost to control it. Before making a recommendation, the auditor should consider the following questions: Does the recommendation solve the problem and eliminate or reduce the risk?  Can the recommendation be implemented within the current environment?  Is the recommendation cost-effective?  Will the recommendation act as a temporary bandage or a permanent solutionpermanentsolution? Examples of effective recommendations include monthly or quarterly physical inventories of all assets and equipment with equipmentwith reconciliation to appropriate records. ADDITIONAL TIPS Whenever possible, similar findings should be combined into 0ne one form so that the case for implementing the recommendation is strengthened. Playing devil's advocate can be an extremely helpful exercise. After completing the audit observation and recommendation, auditors should place themselves in the auditees' shoes and challenge/question the validity of the issue. If the issue cannot stand up to this exercise, it probably should not be included in the audit report. Annex 10: SAS 220 - GUIDANCE ON AUDITMATERIALITY Below are some highlights from the Statement of Auditing Standards (SAS) 220 – Audit Materiality. These are meant to provide guidance to the auditors in determining the materiality of observations for reporting purposes and as they might affect the audit opinion. The auditors should refer to SAS 220 for more details. The purpose of the SAS is to establish standards and provide guidance on the concept of materiality and its relationship with audit risk. Auditors should consider materiality and its relationship with audit risk when conducting an audit (SAS 220.1) A matter is material if knowledge of the matter would reasonably influence the economic decisions of users taken on the basis of the financial statements. Materiality may be considered in the context of the financial statements as a whole, any individual statements within the financial statements or individual items included within the financial statements. Materiality depends on the nature and size of the item or error judged in the particular circumstances. Since materiality has both qualitative and quantitative aspects, it is not capable of any general mathematical definition. Auditors should plan and perform the audit so as to provide them with sufficient evidence to give reasonable assurance that the financial statements are free from material misstatement and give a true and fair view. (SAS 220.2) The assessment of what is material is a matter of professional judgementjudgment. Auditors would consider the possibility of misstatements of relatively small amounts that, cumulatively, could have a material effect on the financial statements. For example, an error in a month end procedure could be an indication of a potential material misstatement if that error is repeated each month. In evaluating the fair presentation of the financial statements, auditors should assess whether the aggregate of uncorrected misstatements that have been identified during the audit is material (SAS 220.4).