A zero‐one programming model for internal audit planning

One of the major components of an audit plan is risk assessment. Risk factors vary among organizations, and internal auditors must review their own organizational cultures to determine audit exposure. In order to minimize the risk, the internal audit department must develop an audit plan that ensures a maximum coverage of the areas to be audited. Presents the second phase of a study which aims to identify the relevant risk factors and rank the relevant auditable activities in terms of their riskiness. Develops a mathematical model that will ensure maximum audit coverage, using data from a local hospital. Suggests that the results of this research offer a practical alternative for audit managers.