To effectively manage and identify fraud risks, entities need to examine their business environments to understand their potential exposure to fraud. Their overarching risk management plans need to effectively target and address fraud risks.

Our fraud risk assessment and planning model gives entities a step-by-step process for self-assessing how they identify fraud risk, control and treat risks, and monitor and report on the risks. It helps entities examine their business environment, develop overarching risk management plans, and conduct their fraud risk assessments in a comprehensive and consistent way.

The model reflects our insights on fraud management from our audit work across entities.

We refreshed the model in 2023 to align with the updated Australian Standard AS/ISO 31000:2018 Risk management – Guidelines; Queensland Treasury’s A Guide to Risk Management (2020); and Australian Standard 8001:2021 Fraud and Corruption Control. It supersedes the Queensland Audit Office’s original model published in 2018 alongside our report Fraud risk management (Report 6: 2017–18).

We have also refreshed our Fraud and corruption self-assessment tool, which entities can use to identify areas where they can improve their fraud controls and focus resources for detection on high-risk areas.