Risk Based Internal Audit

Register Now

8-9 Dec 2014 London

Early Bird until 31 Oct £1795 + VAT. Regular price: £2095 + VAT. Group discount available at all times: 5% for 2 and 10% for 3 delegates.

Course Description

The Institute of Internal Auditors defines Risk Based Internal Auditing (RBIA) as a methodology that links internal auditing to an organization’s overall risk management framework. RBIA allows internal audit to provide assurance to the board that risk management processes are managed effectively and appropriately to the risk appetite. 

But every organisation is different in terms of its attitudes to risk, organizational structures, internal processes and procedures. Experienced internal auditors need to adapt these ideas to the needs of their organisation in order to implement RBIA. Once implemented correctly, RBIA offers tremendous advantages to any company. 
 
This intensive 2-day course provides a thorough overview of RBIA processes, planning stages and measurement strategies. You will gain the practical tools to set up, analyse and manage RBIA within your organisation.

What Will You Learn

 By the end of this course you will: 

  • Have a sound understanding of Risk Based Internal Audit function and process and be able to differentiate it from a regular internal audit approach
  • Gain the tools to set up and affectively measure the framework within your organisation
  • Understand the role of COSO and ERM in internal auditing

Main Topics Covered During This Training

  • Traditional Approach versus Risk Based internal approach
  • Stages of Risk Based Internal Auditing
  • Measuring the effectiveness of Risk Based Internal Auditing
  • The COSO risk management framework
  • ERM – Enterprise Wide Risk Management
  • Analysing Risk Maturity
  • RBIA in practice
  • Model Process for Assessing & Evaluating Risks 
  • Risk Assessment Tools
  • Analysing Internal Audit Process

Who Should Attend

This practical hands-on training course is designed for professionals from corporates, financial institutions and risk sensitive organisations. The following job titles/ positions will benefit from attending:

 
  • Board members, especially risk and audit committee chairs and members
  • Chief Risk Officers
  • Heads of market, credit, and operational risk
  • Head of Risk Management
  • Chief Compliance Officers
  • Chief Audit Officers
  • Chief Financial Officers
  • Actuaries
  • Treasurers
  • Auditors (External & Internal)
  • Bank regulators and examiners
  • Risk management consultants
Register Now

8-9 Dec 2014 London

Early Bird until 31 Oct £1795 + VAT. Regular price: £2095 + VAT. Group discount available at all times: 5% for 2 and 10% for 3 delegates.

Group discount: 2 people - 5% discount, 3 people - 10% discount. Delegates have to be from the same company and register at the same time in order to claim the discount.

Risk Based Internal Audit - A 2-Day Programme

What is Risk Based Internal Auditing? 

  • An introduction to Risk Based Internal Auditing
  • Traditional Approach versus Risk Based internal approach
  • Stages of Risk Based Internal Auditing
  • Measuring the effectiveness of Risk Based Internal Auditing
 
Risk Based Internal Auditing – Background 
 
  • Rationale behind Risk Based Internal Auditing
  • Internal Audit – Definitions, objectives and scope
  • The “Expectations Gap”
  • The RISK BASED Internal Audit
  • Comparison to the traditional approach
 
Risk Management
 
  • Understanding risk
  • The attributes of risk – Likelihood & Consequence
  • The Risk Heat Map
  • Audit risk
  • Business risks – classification, internal & external, controllable & non-controllable
 
The COSO risk management framework
 
  • Understanding COSO
  • COSO — An Integrated Risk Management Framework
  • The COSO ERM Framework
  • COSO in Finer Detail
  • Updates to COSO
 
Basic concepts of risk management
 
  • Risk capacity, risk appetite, risk response
  • Inherent & residual risk
  • Entity risk assessment & Business process risk assessment
  • Significant risk
  • Risk register
 
ERM – Enterprise Wide Risk Management
 
  • ERM and the Board of Directors
  • What is covered under ERM
 
Risk Maturity
 
  • What is risk maturity
  • Why it is important
  • Risk maturity levels
  • Scorecard for assessing risk maturity 
  • Analysing the risk maturity results
 
Using a Risk Based Internal Audit (RBIA) Methodology
 
  • Audit is of management of risks and not of risk
  • Key reporting areas in the management of risks
  • Documenting Board assurance requirements and risk appetite
  • Audit strategy & risk maturity
  • Selecting individual risks to audit
  • Frequency of coverage
  • Including the Risks into an Audit Assignment
  • Importance of selecting the right auditable unit
 
Stages of RBIA
 
  • Assessing risk maturity
  • Preparing the audit plan
  • Conducting the assurance audit
  • Reporting to the appropriate level
 
Model Process for Assessing & Evaluating Risks 
 
  • Risk assessment steps and tools
  • Risk identification
  • Business Activities that are Sources of Risk
  • Operational Risk and its categories
  • Risk identification methods
  • Industry risk models
  • Choosing which methods to use
  • Typical risk areas
  • Risk estimation (Risk measurement/ Risk scoring)
  • Risk evaluation
  • Risk Heat map & Actions Needed
  • Using risk scores
 
Risk Assessment Tools
 
  • Market survey
  • Dependency modeling
  • SWOT analyses
  • Event tree analysis 
  • BPEST (Business, Political, Economical, Social & Technological)
  • Fault tree analysis (Root Cause Analysis)
  • FEMA (Failure Mode and Effect Analysis)
 
Internal Audit Process
 
In this section we cover the complete Internal Audit Process including the RBIA methodology. This includes the need for the Internal Auditor to become acquainted with the business and the industry allowing him to assess the risk maturity which determines his/her ability to provide the RBIA assurance and to review the risk assessment done by management and the her/his conclusion whether this risk register may be relied upon.
 
The process covered includes:
 
  • Strategic analysis
  • Enterprise risk assessment
  • Internal Audit Plan development
  • What Risks to Audit – An Alternative Approach
  • Internal Audit execution
  • The Process Risk Matrix
  • Reporting 
  • Issue Resolution tracking
 
Case Study: How the RBIA methodology is applied
 
This is an illustrative case study showing how the RBIA methodology is applied in a real world environment. 
 
Comparing the Two Methodologies 
 
We compare the RBIA methodology to the regular audit methodology and examine them in terms of:
  • Managing risk
  • Setting responsibility for risk management, and
  • Usefulness to the Board of Directors
 
Risk Registers 
 
We examine and discuss examples of the RBIA documentation form the case study including:
  • Risk Register
  • Audit Procedures and 
  • Transaction Files
 
Closing Discussion: Difficulties facing the Internal Auditor 
 
We examine and discuss some of the pitfalls that the Internal Auditor may face in his/her assignment and some potential solutions.
Stanley has an extensive experience in banking and IT specifically in operations, payments, RTGS and the operational risk aspects of banking in the UK, Europe, the USA, Australia and Southern Africa.
 
Commencing his career at the Standard Bank of South Africa he gained a thorough grounding in all aspects of banking ranging from the bank’s branch system, back-office payments processing. He was also closely involved in the development of electronic banking at the Standard Bank.
 
At a banking industry level he was involved in the creation and development of STRATE - Central Securities Depository in South Africa dealing with the dematerialization, clearing and settlement of all financial instruments. He also served as Vice Chairman of the South African Clearing Bankers Association’s ERAG Group - an interbank payments/operations risk initiative established to identify & eliminate operational, legal and other risks in electronic payments, and later as Chairman of the Payments Association of South Africa Operational Risk Committee.
 
On leaving South Africa he joined an international banking software house operating internationally. 
 
His bank operations, payments systems and clearing house experience includes working closely with organisations such as UNCITRAL, Deutsche Bank and CHIPS in New York; APACS, British Bankers Association, CLS and Barclays Bank in London; Crédit Agricole in France; UBS and Credit Suisse in Switzerland, the central bank in the Netherlands; Alpha Bank in Greece; the central bank in Romania; the central bank in Kazakhstan; Bank Leumi and the central bank in Israel and ANZ and Commonwealth Bank in Australia. 

* - Fields marked with a star are obligatory.

Your privacy is important to us and we will not share your details with any third-party.

Submit

Thank you for your interest in our company and your enquiry. We will contact you shortly.

In the meantime, did you have a chance to see what our clients say about us?

Follow us on:


* - Fields marked with a star are obligatory.

Your privacy is important to us and we will not share your details with any third-party.

Subscribe

Thank you for your interest in our company and your enquiry. We will contact you shortly.

In the meantime, did you have a chance to see what our clients say about us?

Follow us on:

Risk Based Internal Audit <p>The Institute of Internal Auditors defines Risk Based Internal Auditing (RBIA) as a methodology that links internal auditing to an organization&rsquo;s overall risk management framework. RBIA allows internal audit to provide assurance to the board that risk management processes are managed effectively and appropriately to the risk appetite.&nbsp;</p> <div>But every organisation is different in ... London