Risk-Focused Internal Auditing

Introduction:

The concept of risk is fundamental to internal auditing. Understanding an organization’s operations is essential for identifying potential risks. The greatest threat to any organization is complacency. This article examines the analysis of risks related to an organization’s activities and internal relationships, focusing on how these risks can threaten stability.

Objectives:

At the end of this Risk-Focused Internal Auditing course, participants will be able to:

• Discuss the dynamics of internal audit consultation necessary for formulating a risk-based internal audit plan without hindering the process with excessive input.
• Connect risk management principles with the risk-based internal audit approach to provide assurance in key information risk areas.
• Justify and enhance the value of developing a risk-based internal audit strategy.
• Bridge gaps between senior management and the audit committee regarding the internal audit function.
• Address issues related to resource adequacy and engage in constructive discussions without appearing overly resource-dependent.
• Develop supervisory plans, annual plans, and additional activity schedules within the risk-based internal audit program.
• Use the planning process to strengthen the relationship between the audit authority and senior management.
• Ensure effective implementation of the risk-based approach to internal auditing.
• Identify systematic corporate risks and evaluate the adequacy of the internal audit function in transitioning to risk-based auditing.
• Create a comprehensive strategy for implementing risk-based auditing.

Training Methodology:

• Case Studies
• Interactive Workshops
• Simulations
• Group Discussions
• Role Plays
• Scenario Analysis

Course Outline:

Unit 1: Understanding the Business & the Process

• Understanding the business and processes of the Auditee being audited/assessed.

Unit 2: Risk Assessment

• Define risk classes and subtypes, and conduct internal risk assessments.

Unit 3: Audit Performance

• Focus on risks in the Engagement File.
• Structure the Draft information request list with a risk-based emphasis.
• Perform Business Process Analysis (BPA) considering risk.
• Conduct risk-based audit testing.
• Ensure compliance with laws and regulations within the internal audit function and external regulation.
• Conduct internal audits and/or benchmarking related to risks.
• Prepare working papers with a focus on risk-based internal auditing.

Unit 4: Preparing Internal Audit Report

• Identify key elements necessary for issuing the Internal Audit Report, including risk conclusions.
• Prepare a risk-based draft report according to the nature of the work performed.
• Write the Internal Audit Report with risk analysis in each section.

Unit 5: Follow-up Audit

• Conduct follow-up audits to retain previously documented risks and assess their significance.