A risk-based internal audit approach prioritizes audit resources based on:
-
A
Alphabetical order of business units
-
B
The relative risk exposure and significance of auditable entities
-
C
Management's personal preferences for audit coverage
-
D
The age of the previous audit engagement