Ongoing Change Indicators Worksheet

Ongoing Change Indicators for Completed Risk Assessments Questionnaire

Agency:______

Certification Year:______

Risk Assessment:______

Person(s) Responsible:______

/ Yes: / No:

Has there been any significant change(s) in the operating environment since the risk assessment was last completed/updated?

Has there been any significant change(s) in leadership orpersonnel since the risk assessment was last completed/updated?

Has there been any change(s) in information technology equipment or information systems (e.g. software, operating systems, etc.) since the risk assessment was last completed/updated?

Has there been any expansion or reduction(s) in personnel or funding of the business process area since the risk assessment was last completed/updated?

Has there been any change(s) in service delivery models, legislation, program requirements, products or activities since the risk assessment was last completed/updated?

Has there been any audit findings (Internal, OLA, Federal, External, etc.) associated with business process area since the risk assessment was last completed/updated?

Has there been any indication of failure in control activities since the risk assessment was last completed/updated (e.g. media reports, legal issues, litigation, fraud, customer or public complaints, etc.)?

Have any other issues developed or relevant incidents occurred since the risk assessment was last completed/updated that should be considered or evaluated?

Total (add up the number of “yes” and “no” responses in each column):

Based on the responses to the questions in the changefactors questionnaire above, does this risk assessment area need to be reviewed and updated? (Note: Arisk assessment that scored three or more “yes” responsesmay provide a strong indication of needing review and updating).

______

If you answered ‘yes’ to question ‘A’ above, what is your plan and timing for updating this risk assessment and the supporting documentation?

______

______