Risk-Based Scoring
Understanding the algorithm that drives risk-based audit prioritization.
Scoring Algorithm
AIIA calculates a priority score for each plan item based on multiple factors:
Formula
Priority Score = (Risk Score × 0.4) + (Coverage Gap × 0.3) + (Regulatory Weight × 0.2) + (Management Request × 0.1)
Factor Breakdown
| Factor | Weight | Range | Description |
|---|---|---|---|
| Risk Score | 40% | 1–25 | Aggregate risk score from the Audit Universe (likelihood × impact) |
| Coverage Gap | 30% | 0–10 | Months since last audit (capped at 10, normalized) |
| Regulatory Weight | 20% | 0–5 | Mandatory audits required by regulation (NCA, PDPL) |
| Management Request | 10% | 0–5 | Priority flag set by management or board |
Score Interpretation
| Score Range | Priority | Action |
|---|---|---|
| 80–100 | 🔴 Critical | Must be included in the annual plan |
| 60–79 | 🟠 High | Strongly recommended for inclusion |
| 40–59 | 🟡 Medium | Include if resources permit |
| 20–39 | 🟢 Low | Defer to next year unless specific triggers |
| 0–19 | ⚪ Minimal | No immediate audit needed |
Customizing the Algorithm
Administrators can adjust the scoring weights:
- Navigate to Administration → Settings → Planning
- Adjust the weight percentages (must sum to 100%)
- Click Save — existing plan items are recalculated
AI Scoring Enhancement
The AI companion enhances scoring by:
- Analyzing historical finding patterns to predict emerging risks
- Detecting industry trends relevant to your organization
- Identifying correlation patterns between risk factors
- Recommending score adjustments based on external data
Related Documentation
- Create Annual Plan →
- Audit Universe — source of risk data