Before the Sarbanes-Oxley Act of 2002 -- the government's response to the infamous years of Enron, WorldCom and Adelphia -- the internal audit function focused largely on financial reporting and compliance.  Today, in the growing uncertainty of turbulent market, internal audit functions are being asked to raise their game and deliver increased value to the organization by covering the risks that matter.  This means covering not only compliance and financial risks but expanding focus to include strategic and operational risk areas. The internal audit focus on how to give the added value for organization to meet overall organization objectives by establishing a systematic and disciplined approach to assessing, evaluating, and improving the quality and effectiveness of risk management processes, systems of internal control, and corporate governance processes. Risk Based Internal Auditing is a new approach that can help internal audit function to achieve its new role.

Keywords: Risk Based Internal Auditing, Risk Management, Internal Audit, Risk Register, Risk & Audit Universe (RAU), Assurance Approach, Consultancy Approach