Date(s) - 04/07/2022 - 06/07/2022
8:30 am - 2:00 pm
About this course:
Internal auditing is a profession that is always evolving, especially in the area of risk-based audit approaches. Successful audit leaders know that it is imperative to guide their organizations’ risk-based auditing, while improving their current internal audit processes.
This course provides the fundamental knowledge needed to become effective in performing risk-based internal audits. Foundational concepts such as the nature of risk, risk sources and categories, risk appetite and tolerances, and risk frameworks are provided to help you understand the application to the audit engagement.
During this course, you will participate in interactive activities and real-life scenarios. Be prepared to walk away with best practices and key takeaways you can apply to your organization and its internal audit function. In addition, you will learn the value this approach brings to your organization.
This course is designed for internal auditor practitioners who want to learn the principles and concepts of risk and risk management, as well the tools and techniques used to perform a risk-based audit.
- Day 1: 08:00 – 12:00
- Day 2: 08:00 – 12:00
- Day 3: 08:00 – 12:00
- Explain the role of the internal auditor in risk-based auditing.
- Identify key risk and risk management concepts and principles.
- Identify internal and external influences of risk.
- Identify risk categories.
- Identify well-known risk frameworks, including COSO and ISO 31000.
- Explain the importance of risk appetite and risk tolerance.
- Define risk measurement criteria that support the analysis of risk.
- Interpret the nature of inherent and residual risk.
- Apply risk and risk management concepts in planning a risk-based audit engagement.
- Apply tools to conduct a control evaluation in a risk-based audit engagement.
- Develop best practices for effectively communicating observations in a risk-based audit engagement.
Risk-based Internal Auditing: An Overview
- The definition of internal auditing
- The International Standards for the Professional Practice of Internal Auditing (Standards)
- The value of risk-based internal auditing
Risk and Risk Management: Principles and Concepts
- Risk overview and the definition of risk
- Risk management definitions
- Risk and risk management misconceptions
- Objectives as they relate to risk
- Uncertainty as it relates to risk
- External risk versus internal risk
- Risk categories
- Other risk considerations
Risk Frameworks: An Overview
- The purpose of risk management frameworks
- Major risk and control frameworks
o COSO Internal Control Framework
o COSO ERM Framework
o ISO 31000
Risk Assessment Criteria
- The importance of risk assessment criteria in risk-based auditing
- Risk appetite definition and concepts
- Integrating risk appetite with risk assessments
- Risk tolerance definition and concepts
- Risk likelihood and impact
- Other risk criteria
The Risk-based Audit Engagement: Planning and Risk Assessment
- Risk-based audit engagement purpose
- Risk-based audit engagement approach
- Risk maturity
- Risk identification
- Risk assessment
Risk-based Audit Engagement: Control Evaluation
- Managing risks
- Definition of control
- Types of controls
- Evaluating controls
- Tools for evaluating controls
Risk-based Audit Engagement: Communicating Results
- Purpose of communicating
- Why audit reports fail to communicate
- Communicating an audit observation
Risk-based Audit Engagement: Implementation Challenges
- Roadblocks to success
- Personal implementation challenges
- Possible solutions