How do auditors test ongoing monitoring for a credit model?
Auditors should first identify the required monitoring metrics, frequency, thresholds, owners, and escalation path. Then they should test whether monitoring occurred on time, used complete and accurate data, identified threshold breaches, and led to action when performance deteriorated.
For a credit model, monitoring might include population stability, discriminatory power, override rates, approval cutoffs, default performance, missing input fields, and drift in key variables. Internal audit does not need to invent new metrics if policy defines suitable ones, but it should challenge vague monitoring that never triggers action.
The strongest evidence is not a dashboard screenshot. It is a trail from metric calculation to review, breach assessment, assigned remediation, and committee or management follow-up.
Master CIA Part 2 with our CIA Course
45 lessons · 90+ hours· Expert instruction
Related Questions
What should an auditor do if a supervisor weakens a supported finding?
How should auditors prepare for a technical exit meeting?
When should audit quality concerns be escalated beyond the engagement team?
How does business knowledge affect internal audit quality?
Where should an auditor begin a full-company internal control audit?
Related Articles
Join the Discussion
Ask questions and get expert answers.