Risk profile: A profile of key business risks by business unit, key business
objectives, and core business processes ranked
Risk Treatments: An initial set of recommendations for management
consideration arising from the risk assessment process
Internal Audit Plan: A proposed set of audits for the coming year, focusing
on areas of risk most appropriate for internal audit to address and key
controls that should be tested