Академический Документы
Профессиональный Документы
Культура Документы
in Planning and
Conducting Risk-
Based Internal
Audit
2 day Workshop
15 - 16 April 2019
Overview
This course will explain all the aspects related to planning and conducting effective risk-based
internal audit. Attendees will learn how to identify risks, perform risk assessments, develop a
risk-based assurance plan, understand entity-wide controls, and plan and conduct a risk-based
engagement. In addition, the course will address the importance of corporate governance and
enterprise risk management and discuss the IT and Fraud risk issues that auditor should consid-
er while planning and conducting the audits.
Risk Based Internal Auditing (RBIA) is defined by the Institute of Internal Auditors (IIA) as “a
methodology that links internal auditing to an organization’s overall risk management frame-
work”. RBIA allows internal audit to provide assurance to the bank’s or organization’s board
that various risk management processes are managing risks effectively, in relation to the risk
appetite of the bank or organization. Generally, RBIA is a methodology that supports compli-
ance with international standards. It enables internal audit to be strategically and operationally
linked to the business risk and assurance frameworks.
However, every organization is different with different attitudes to risk, different management
and organizational structures, different processes and procedures, and the need to subscribe to
and comply with diverse conventions and regulations. Experienced internal auditors need to
adapt these ideas to the structures, processes and language of their organization in order to
implement RBIA.
Implemented correctly, RBIA offers tremendous advantaged to the organization. RBIA allows
internal audit to provide the Board of Directors with the assurance that it needs on three areas
including risk management processes, management of the risks classified as key and complete,
accurate and appropriate reporting and classification of risks.
This 2-day course will cover all the aspects related to planning and conducting effective
risk-based internal audit.
Benefits of attending
Risk-based Internal Audit (RBIA)
• Introduction to modern internal audit Standards
• The principles of risk-based internal auditing
• Control, Governance, and risk management processes
• Understanding the difference between inherent and residual risk
• Risk assessment and management principles
ERM-Based Internal Audit:
• Understanding the elements of COSO control and ERM frameworks
• Understanding the process for performing an entity wide risk assessment
• Applying Audit Analytical Procedures to identify risky areas
Identifying RBIA Objective:
• Defining business process and the process of developing an audit plan
• Determining the audit objective, scope and staffing requirement
• Understanding the process of performing a risk-based engagement
• Identifying the attributes of a business process definition or objective
• Identifying the risk-to-business processes and risk events and how the organization can
manage them.
Planning RBIA Engagement:
• Understanding how to prioritize the risks to address in the audit plan
• Interpreting the results when multiple engagements are performed that address the same
high-level risk
• Performing Fraud Risk Assessment and Fraud Audit
• Assessing an organization's risk maturity
Conducting and reporting RBIA Engagement:
• Understanding how to conduct effective internal audit risk-based engagements
• Testing Internal Control and Transactions based on the risk areas
• Analyzing the results of the testing based on the residual risks
• Additional considerations related to Fraud and IT Risk-based planning
• Reporting engagement results based on the audit plans
This training is highly recommended for Internal Audit and Risk Professionals across all
industry groups including:
• Chief Risk Officers
• Heads of Market, Credit, and
• Operational Risk
• Head of Risk Management Chief Compliance Officers Chief Audit Officers
• Chief Financial Officers Actuaries
• Treasurers
• Auditors (External & Internal) Bank Regulators and Examiners Risk Management
Consultants
• Audit & Risk Committee Members