Auditors and risk models
I am pleased that Matthew Leitch has reached out to me to start a dialogue on the skills internal auditors need to assess risk models – in particular those with any level of math.
I recommend his post on the subject.
I am not persuaded that auditors, even after absorbing Matthew’s teachings, will have sufficient insights and understanding to actually assess risk models of any complexity. However, they may have sufficient knowledge to start asking the right questions.
What do you think? What level of expertise is required to assess whether a risk model is appropriate, the assumptions and variables correct, and the logic sound?