You will be required to undertake an audit of an organisation’s governance and risk management strategy, commitments and practices. The organisation (for-profit or not-for-profit, government or private) will be selected by you and must be drawn from your personal experience as an employee

You will be required to undertake an audit of an organisation’s governance and risk management strategy, commitments and practices. The organisation (for-profit or not-for-profit, government or private) will be selected by you and must be drawn from your personal experience as an employee, manager, stakeholder, volunteer or client.


In this assessment, you are asked to conduct a governance and risk audit of an organisation (It is really a form of mini audit) that you have had some association. It could be a large company, a family business, a school, a hospital, or a not-for-profit organisation.

It could be any organisation that provides a service or conducts any form of social activity that involves:

•Some form of statement to detail what is does and range of. Review the company or organisational mission statement; or marketing material; or any document in which the organisation defines its commitment to abiding by the law, or certain moral codes, or specific cultural or communal commitments. In other words, anything that articulates what the company/organisation stands for with respect to governance and social responsibility.

•Some level of financial management and accountability. This can be at a very high level for a large company, or very modest in a small family business. Either way, there must be some level of financial or resource accountability, and some level of responsibility for what the organisation does in the conduct of its activities.

•A recognised set of risks to the organisation’s well-being, or to the interest of its stakeholders, that are articulated in some way, whether in the form of an organisational risk management strategy, or some other less formal method of assessing and addressing organisational and/or stakeholder risks.

•A defined set of services or products. That is, the organisation’s outputs – what it offers its client or customers.

•A customer or client base. There must be some customer or client base for the audit to make sense, and this needs to be identified, namely, who the organisations serve or supplies.

•Some level of management structure or identifiable managerial accountabilities responsible for organisational governance and risk assessment and management. Review the Board for composition, capability and competence What you are asked to do is to conduct a mini-audit of the organisation that describes the above elements, analyses how well and appropriately the organisation manages its stated governance and risk management commitments and provide a set of recommendations on how the organisation may enhance its governance and risk management

The purpose of the audit is to provide an analysis of the values commitment of the organisation.

You can focus on key issues, or a business unit, or, if the business is small, the whole organisation.

Remember to ask yourself would you invest or support this organisation now and into the future.

Remember to provide relevant contextual overview of the organisation/business unit/issue and information on key personnel/groups/stakeholders.

Where the organisation has a specific governance or CSR statement, this must be included in your documentation.

In effect, you are being asked to provide a gap analysis, i.e. the gap between commitments and action. Therefore, you must provide an account of what the commitments are, and what the organisation has done (or not done) to keep those commitments.

You also need to analyse why you think there is a gap, or no gap between commitments and performance.


This is where you can use the theory presented in the unit along with case study examples.


The Audit will include a front cover, table of contents, executive summary, conclusion etc together with commentary that should include the following;

•An overview of the organisation – what it does and how it promotes itself to its shareholder (where relevant) and stakeholders, through official documents, policies, procedures, and advertising. Provide evidence in the form of attachments, but only important documents, or selections that make your point.

•Values of the organisation – what it says it stands for. Where these are unclear, try to tease them out.

•Describe the processes the organisation has in place that promote, monitor, review, action its value commitments.

•A detailed analysis of the Board and management structure

•Review the history of the organisation over the recent past, say, 5 years. (e.g. Google News)

•If possible, interview a few key stakeholders/staff members for their views. This is not always possible but may be very relevant in some circumstances. This is up to you.

•Draw some conclusions about the company’s integrity Discuss what you have found. No need to be definite or definitive, since this is only a mini-audit. But it can be indicative and serve as the preliminary study for a much deeper investigation. In other words, this is ‘audit lite’, so to speak, in which you do a fairly quick and succinct review of an organisation to see if there is anything that would lead you to look more deeply.

•You need to be specific about the things you find that indicate organisational integrity,

and those that indicate organisational hypocrisy. You are not asked to solve the problems you find, but once you have identified key issues, discuss them in light of the key issues covered in the unit.

•Where possible, draw on examples from the workshops, readings and unit guide, and any other sources that you believe to be relevant. Cite those sources and references that you have actually used.

The audit should include the following requirements:

•Front Cover

•Table of Contents

•Executive Summary

•Description of the organisation

•Audit details/analysis

•Gaps identified and recommended actions (if any)

•Conclusion (Would you invest in this company/organisation?)


•References (In undertaking the written report use a minimum of five references post 2017.)

Recommended Formatting

•Font – Times Roman 12 point

•Line spacing 1.15

•Word limit 2500 words (excluding appendices and references)


•Page numbers

•Headers and Footers

How do I submit?

Your assignment should be submitted as a Microsoft Word document to the Turnitin submission portal indicated on LEO, under the Assessment tile – Assessment 3 Submission Point on LEO.

Checklist for students

My submitted assignment details my name and ID number ☐

My submission followed the detailed instructions, structure, and formatting ☐

My submitted assignment is within the specified word limit ☐

I have included the correct number of appropriate references ☐

I have correctly cited all my sources and references (Harvard style) ☐

I have checked my Turnitin report to ensure the similarity report is acceptable and explainable ☐

I have completed proof reading and checked for spelling and grammar ☐

Some Helpful Websites and Resources


Who can help me?


Academic skills Unit (ASU


John Sturdy email:

I’m having problems

SC: Application for Special Consideration Complete this form if you wish to be exempted from academic penalty because your study has been affected by unforeseen circumstances.

EX: Application for extension of time for submission of an Assessment Task Complete this form if you wish to apply for extension of time for submission of this Assessment Task.


All referencing should be in ACU Harvard style; however if you are coming from another faculty, you may choose to use your usual referencing style. If this is the case you must indicate at the top of your reference list what referencing style you are using (e.g. APA, MLA, Chicago, etc).

Please ensure your assignment makes use of in-text citations and a reference list. Missing citations or references is equivalent to plagiarism.


The full criteria is compiled in a rubric, which can be found on the following page/s.



Approximately 250 words