Best Practices In Planning And Conducting Risk-Based Audit


Risk Based Internal Auditing (RBIA) is defined by the Institute of Internal Auditors (IIA) as “a methodology that links internal auditing to an organization’s overall risk management framework”. RBIA allows internal audit to provide assurance to the bank’s or organization’s board that various risk management processes are managing risks effectively, in relation to the risk appetite of the bank or organization. Generally, RBIA is a methodology that supports compliance with international standards. It enables internal audit to be strategically and operationally linked to the business risk and assurance frameworks.

However, every organization is different with different attitudes to risk, different management and organizational structures, different processes and procedures, and the need to subscribe to and comply with diverse conventions and regulations. Experienced internal auditors need to adapt these ideas to the structures, processes and language of their organization in order to implement RBIA.

Implemented correctly, RBIA offers tremendous advantaged to the organization. RBIA allows internal audit to provide the Board of Directors with the assurance that it needs on three areas including risk management processes, management of the risks classified as key and complete, accurate and appropriate reporting and classification of risks.

This 2-day course will cover all the aspects related to planning and conducting effective risk-based internal audit.

Major Benefits Of Attending:

By end of this course, delegates will be able to:

  • UNDERSTAND organisational risk, risk appetite and risk tolerance and how to incorporate this into internal audit planning
  • ACQUIRE the ability to link internal audit planning to organisational risk considerations, and international frameworks and Standards to provide an organizational specific risk focused internal audit plan
  • UNDERSTAND risk assessment and classification, including application to internal audit effort
  • GAIN improved ability to evaluate risk, incorporate risk attributes into the internal audit program, and record fieldwork in a manner that links recommendations and improvement opportunities to controls and risks.
  • OBTAIN an understanding of Risk Based Internal Audit Methodology
  • ATTAIN appreciation for global guidance, international frameworks, and Standards relevant to Risk Based Internal Audit
  • APPLY real risk based internal auditing into their organization
  • LEARN how to write risk based audit reports that make an impact
  • USE a risk based approach to redefine and refocus their audit activities

Who Should Attend?

This training is highly recommended for Internal Audit and Risk Professionals across all industry groups including:

  • Chief Risk Officers
  • Heads of Market, Credit, and Operational Risk
  • Head of Risk Management
  • Chief Compliance Officers
  • Chief Audit Officers
  • Chief Financial Officers
  • Actuaries
  • Treasurers
  • Auditors (External & Internal)
  • Bank Regulators and Examiners
  • Risk Management Consultants
  • Audit & Risk Committee Members

Why you Should Attend?

Internal Audit is an assurance and consulting activity that covers an organisation’s operations end to end. With limited resources, the requirement to do more with less, and management’s expectations for business focused recommendations this course allows the internal auditor to focus on what matters. This workshop provides the tools for an internal auditor to link their internal audit effort to an organisation’s strategic focus. As such it is a not to be missed experience, to link with colleagues, learn from a globally recognised presenter, and leave improved understanding of specific hands on approaches to modern internal audit. This course will explain all the aspects related to planning and conducting effective risk-based internal audit. Attendees will learn how to identify risks, perform risk assessments, develop a risk-based assurance plan, understand entity-wide controls, and plan and conduct a risk-based engagement. In addition, the course will address the importance of corporate governance and enterprise risk management and discuss the IT and Fraud risk issues that auditor should consider while planning and conducting the audits.