Fundamentals of Risk-Based Auditing

Focus & Features

This course provides the fundamental knowledge needed to become effective in performing risk-based internal audits. Foundational concepts such as the nature of risk, risk sources and categories, risk appetite and tolerances, and risk frameworks are provided to help you understand the application to the audit engagement planning.

During this course, you will participate in interactive activities and real-life scenarios. Be prepared to walk away with best practices an understanding of the risk assessment process and the impact on an audit engagement. The course will offer and key takeaways you can apply to your organization and its internal audit function department. In addition, you will learn the value this approach brings to your organization.

Course Objectives

• Explain the role of the internal auditor in risk-based auditing.
• Identify key risk and risk management concepts and principles.
• Identify internal and external influences of risk.
• Identify risk categories.
• Identify well-known risk frameworks, including COSO and ISO 31000.
• Explain the importance of risk appetite and risk tolerance.
• Define risk measurement criteria that support the analysis of risk.
• Interpret the nature of inherent and residual risk.
• Apply risk and risk management concepts in planning a risk-based audit engagement.
• Apply tools to conduct a control evaluation in a risk-based audit engagement.
• Develop best practices for effectively communicating observations in a risk-based audit engagement.

What You Will Learn

Risk-based Internal Auditing: An Overview

• The definition of internal auditing
• The International Standards for the Professional Practice of Internal Auditing (Standards)
• The value of risk-based internal auditing

Risk and Risk Management: Principles and Concepts

• Risk overview and the definition of risk
• Risk management definitions
• Risk and risk management misconceptions
• Objectives as they relate to risk
• Uncertainty as it relates to risk
• External risk versus internal risk
• Risk categories
• Other risk considerations

Risk Frameworks: An Overview

• The purpose of risk management frameworks
• Major risk and control frameworks

o COSO Internal Control Framework

o COSO ERM Framework

o ISO 31000

Risk Assessment Criteria

• The importance of risk assessment criteria in risk-based auditing
• Risk appetite definition and concepts
• Integrating risk appetite with risk assessments
• Risk tolerance definition and concepts
• Risk likelihood and impact
• Other risk criteria

The Risk-based Audit Engagement: Planning and Risk Assessment

• Risk-based audit engagement purpose
• Risk-based audit engagement approach
• Risk maturity
• Risk identification
• Risk assessment

Risk-based Audit Engagement: Control Evaluation

• Managing risks
• Definition of control
• Types of controls
• Evaluating controls
• Tools for evaluating controls

Risk-based Audit Engagement: Communicating Results

• Purpose of communicating
• Why audit reports fail to communicate
• Communicating an audit observation

Risk-based Audit Engagement: Implementation Challenges

• Roadblocks to success
• Personal implementation challenges
• Possible solutions

Who Should Attend

This course is designed for internal auditor practitioners who want to learn the principles and concepts of risk and risk management, as well the tools and techniques used to perform a risk-based audit. This course would be beneficial for individual currently performing internal control testing that are transitioning to a risk-based audit approach.

Privacy Notice: We collect your personal information to register you in our training/ membership events and photos/videos will be taken for evidentiary purposes in relation to IIAP events. We will use this information to provide services regarding your attendance and if you agree, to send you marketing information. By giving us your personal information you consent to our use of it for the purposes described in this Privacy Notice.