Across
- 2. Issue Type that is raised by 2nd line of defense (GCOR)
- 4. Listing of the top risks listing that require coverage beyond cycle-driven planning due to current environment or industry expectations. These risks are critical risks to the company (e.g., industry-wide risks like Artificial Intelligence etc.) and are evaluated annually by SLT
- 7. The new CACR Portal-based module used by audit for Issue Validation work details
- 9. Testing work that is performed by CACR to validate risk mitigation and sustainability of the completed action plan - prior to issue closure for all Severity 1, 2 and Regulator identified issue
- 12. Corporate Audit - Policies & Procedures/ 300-Audit Execution and Reporting/ PP<?number?> Audit Testing
- 13. Issue Type that is raised by a Regulator
- 14. A bank's internal media platform which hosts collection of short videos for user's quick learning (how to/ demo/ tool navigation etc)
- 16. A flaw or weakness in an asset's design, implementation, or operation and management that could be exploited by a threat.
Down
- 1. System of record where Audit Risk Assessment details are maintained by Audit
- 3. I stand for inclusiveness across thought, style, age, sexual orientation, gender identity, race, ethnicity, culture, geography, experience
- 5. <?>= (Probability) x (Impact)
- 6. Current issue management system
- 8. Corporate Audit - Policies & Procedures/PP<?number?>Audit Execution and Reporting
- 10. A system of record where bank (enterprise) policies and standards are stored and maintained
- 11. An audit planning tool (system of record) where audit scope is maintained for each audit (plan ID)
- 14. A platform where I can submit my idea to improve the work we do, drive simplication and efficiency
- 15. An inventory where business defines and maintains their current processes alongwith associated controls
- 17. I am the owner of a Law and Regulation
- 18. This is the portal where I raise my request to CACR centralized Audit Automation team