Risk Management Insights

I want to join the BLOG

Acceptance Sampling as a Risk Monitoring and Control Tool

22/04/2015 - Risk Auditing

Acceptance Sampling as a Risk Monitoring and Control Tool
When performed correctly auditing can be a very powerful risk monitoring and control tool. Unfortunately, many organisations often fail to achieve maximum value from their risk monitoring and control resources because they continue to rely on non- scientific auditing and inspection methods.

The biggest weakness with non-scientific auditing is that the accuracy of the audit result remains unknown and can vary from audit to audit. This shortcoming significantly diminishes management’s ability to assess and compare risk control performance across different business systems, processes, groups and suppliers. A situation which can lead to suboptimal decision making or worse still, no decision making at all. 
Interestingly, there is a proven scientific methodology available that can help organisation’s significantly improve their risk monitoring and control capability. It is called acceptance sampling.

There are many types of acceptance sampling but arguably the most popular is the International Organisation of Standardisation’s ISO2859.1: Sampling procedures for inspection by attributes. Equivalent versions of this Standard are published by standards bodies worldwide; e.g. AS1199.1.

As the name suggests, the Standard’s main purpose is to assess whether large quantities of continuously produced items or activities have achieved an acceptable compliance target by examining a much smaller sample.

Although initially developed as a quality control tool for the manufacturing sector, the statistical methods underpinning the procedures and tables in the Standard are equally suited monitoring and controlling other types of risk; e.g. safety, environment, finance, security, fraud, project, reputation, etc.

One of the Standard’s key features is its ability to separate risk control metrics into different risk categories for more efficient and effective data collection and analysis.

For example, important risk controls metric are assigned a risk category with a high compliance target, while less important control metrics are assigned a risk category with a lower compliance target.

The key benefits of this risk-based approach to risk monitoring are twofold. Firstly, it produces more accurate audit results for controls of higher risk management importance. Secondly, it ensures an organisation’s limited auditing resources are always focused on its areas of highest risk exposure.

When compared to traditional non-scientific auditing methods the acceptance sampling methods outlined in the Standard will also lead to less auditing work with improvements in risk control performance.

Once only the province of large organisations, recent advancements in cloud-based software and technology have made it possible for organisations of all types and sizes to benefit from this highly effective and efficient approach to risk monitoring and control.
For further information on acceptance sampling as a risk monitoring and control tool, please contact Genevieve Aboud via email genevieve.aboud@protecht.com.au or phone +61 2 8005 1265.

Share This

You might also be interested in: