Best Practices in Internal Auditing

Global Authorized

In a western modern perspective the internal auditor's role is to be recognized as a real business partner of management and a facilitator at all levels of the organization in order to stay "in control". This raises a challenge to rethink of internal auditors senior roles and to identify the new skills required in planning and leading internal audit assignments. However the approach can be successful only if it adapts various organizational contexts and cultures.
New ways of assessing and managing business risk are causing internal audit leaders and their customers to revisit the purpose, scope, and operations of the internal audit function. Driven by revolutionary developments and ever-accelerating changes in markets, industries, and technology, a new internal audit model is necessary and is now emerging. It is of a future-focused “risk authority”
The training is highly practical and interactive with exercises, role plays, simulations
in order to present the latest methods to implement and practice the skills required in the international environment of internal auditing notably communication, cognitive and behavioral skills for effective risk based internal audit.

The new vision of internal auditing
The new definition of internal auditing
The new understanding of internal control (COSO)
Sample audit department mission: Central main power
Why we used Risk-based internal auditing (RBIA)?
Global trends in internal control and auditing
Audio interview (AMR Research)
Compliance versus risk-based approach
Position from rating agencies
Role of audit committees
Exercise: Benchmark questionnaire
Value-added Audit Methodologies
Best practices principles
Risk-based auditing
Business process auditing
Best practice Web site and database
Use of guest auditors
Trends and innovations in audit reports
Enterprise Risk Management
Enterprise risk management? Integrated framework
Results of IIA research study: Four approaches to enterprise risk management and the SOX connection
Examples of ERM
ERM architecture
Sample risk management policy, risk models, risk maps
Diagnostic tool for risk management maturity
Internal auditing's role in ERM
Theory & Definitions
Definition of control
Different categories of risks
Final Exercise: COSO versus ERM model
Modern Internal Auditing
Role of communication
The relation between the auditor and the auditee

Internal audit skills: dos and donts
Internal Audit skills (self assessment kit)
Case application: “Internal Audit Transformation at NatWest Ltd”
Risk-Based Internal Auditing (RBIA) in practice
The Internal Audit Roadmap (refresher)
Risk alerts and flags
Working Programs
Review of templates for RBIA
Review of Internal Audit Standards
Audit Planning
Audit Annual Planning
Audit Activity Planning
Process Modeling
RBIA matrices (COSO)
Use of GRC software
Building the business control framework (Role Play Game)
RBIA tools & techniques
Control Risk Assessment
Analytical Procedures
Interviewing
Reporting tools
Application Case (Wuxi Plant)
RBIA strategies
The Risk Management Process and Frameworks
Degree of maturity of organizations
Cooperation models between IA and the risk management function
Adapting your company culture
Study of illustration Case
Participants evaluate the degree of maturity of their organization and develop a strategy and plan for RBIA

Addressing the full range of audit issues that concern management and give assurance that the processes used by management and business units to identify that all significant risks are effective
Building support for the audit program within their organization
Undertaking risk based audits using the RBIA methodology
Developing and delivering risk based audit reports with real impact and capture attention
Understanding the most successful audit techniques: risk-based, business process, e-commerce, and self assessment
Discovering how world-class audit functions are using participative, qualitative, real-time risk assessment
Adding value to organization by the application of risk-based audit services
Evaluating risk management processes to ensure the response to any risk is appropriate and conforms to the organization’s policies.
Applying the knowledge gaining throughout the course to prepare for a realistic audit, using risk based principles