Workshop on Fundamentals of Risk-based Auditing Techniques
January 22 – 26, 2024, 1st Run: Lagos & Port Harcourt
July 15 – 19, 2024, 2nd Run: Lagos & Abuja
For Tutor -Led Class: 9am – 4:30pm
Workshop fee: N250, 000 per Participant
For online: Delivery via Zoom
Online course fee: N200, 000 per Participant
Available for In-plant Training
Program overview:
Risk-based auditing ensures that the internal audit activity is focusing its efforts on providing assurance and advisory services related to the organization’s top risks. Through risk-based auditing, the internal audit activity helps executive management and the board understand whether the organization’s risk management processes are sufficient and how to better achieve organizational objectives through good governance, risk management, and control. This requires internal auditors to have a working knowledge of basic concepts, frameworks, tools, and techniques related to risk and risk management.
This course prepares new internal auditors to become effective participants in performing risk-based internal audits. It includes interactive activities based on real-life scenarios that participants can apply to their own organization.
For whom:
This course establishes the essential foundation to conduct risk-based audit engagements, including theory and common framework, plus practical application techniques and strategies. This course is designed for new internal auditors and external auditors who are new to a risk-based approach to internal auditing.
Learning objectives
At the end of the program, participants will be able to:
- describe the role of the internal auditor in risk-based auditing;
- discuss key risk and risk management concepts and principles;
- identify internal and external risk;
- categorize different types of risk;
- identify well-known risk frameworks;
- contrast risk appetite and risk tolerance;
- perform risk analysis using risk measurement criteria;
- describe the nature of inherent and residual risk;
- plana risk-based audit engagement using risk management concepts;
- conduct a control evaluation in a risk-based audit engagement;
- communicate observations in a risk-based audit engagement; and
- develop solutions to common implementation challenges in risk-based auditing.
Course Outline:
Day 1: Risk-based Internal Auditing: Overview
- Definition of internal auditing
- Internal audit standards
- What is risk-based internal auditing?
- Value-added benefits of risk-based internal auditing
- The role of the internal auditor
Day 2: Risk and Risk Management: Principles and Concepts
- Risk overview
- Risk definitions
- Risk management definitions
- Risk management misconceptions
- Objectives
- Uncertainty
- Internal and external risk influences and risk categories
- Other risk considerations
Risk Frameworks
- The purpose of risk management frameworks
- Major control and risk frameworks
- COSO Internal Control – Integrated Framework
- COSOERM – Integrating Risk with Strategy and Performance
- ISO31000 – Risk Management Guidelines
Day 3: Risk Assessment Criteria
- The importance of risk assessment criteria
- Risk appetite definition and concepts
- Integrating risk appetite with risk assessments
- Risk tolerance definition and concepts
- Likelihood and impact
- Other risk assessment criteria
Day 4: Engagement Planning and Risk Assessment
- Risk-based audit engagement
- Internal audit standards related to planning
- Risk-based audit engagement
- Risk maturity
- Risk identification
- Risk assessment – cause and effect
- Risk and control matrix
Day 5: Control Evaluation
- Managing risk
- Internal audit standards
- Types of controls
- Control evaluation phase
- Tools for evaluating controls
Communicating Results
- Internal audit standards
- Communicating an audit observation
- The purpose of communication
Implementation Challenges
- Roadblocks to success
Training Methodology
Lectures, discussions, exercises, and case studies will be used to reinforce these teaching/learning methods.