Skip to content
Log in

Enterprise risk management (ERM) integration

Definition

The practice of aligning audit planning with the organisation's ERM risk register so that audit coverage tracks actual risk. When the risk register changes, the audit plan changes accordingly, keeping the programme risk-driven rather than compliance-driven.

Related terms

Audit programme maturity
The degree to which an organisation's audit activities are systematically planned, resourced, executed, measured, and improved. Maturity is usually described on a...
CMMC (Cybersecurity Maturity Model Certification)
A United States Department of Defense framework that certifies defence contractors at one of five tiers of cybersecurity capability. Each tier requires...
Lessons-learned review
A structured post-cycle review that identifies what worked, what failed, and what should change in the next audit cycle. The output is...
Mean time to close (MTTC)
The average elapsed time between the date a finding is formally reported and the date remediation is verified as complete. MTTC is...
Repeat finding rate
The percentage of findings in the current audit cycle that were also identified in the prior cycle. A high repeat finding rate...

Explained in

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account