About this course:
The purpose of this very unique course is to use workshop discussions to analyze further the challenges that the CAE’s are facing in setting up cutting-edge auditing processes in their departments in accordance to best practices and the IIA.
Enrichment of knowledge: The scope for the course is to assist the participants to understand the needs and best practices for maintaining a Cutting-Edged IAD. All challenges will be discussed openly by all participating delegates coming from various backgrounds and industries.
Updating of skills: During the course via the use of short presentations and the related workshop talks the CAE’s will be discussing, analysing and given directions to achieving a top-notch internal audit department/process.
- Day 1: 09:00 – 13:00
- Day 2: 09:00 – 13:00
- Day 3: 09:00 – 13:00
- Day 4: 09:00 – 13:00
Who Should Attend
This is targeted to the upper level of management of an internal audit department.
- Heads of Internal Audit (CAE)
- Audit Managers and those about to be appointed to that role
- Audit supervisors
- Managers of other assurance functions such as Compliance or
- Quality Assurance
- Directors or VP’s who need to know about the modern IA role
The Modern Internal Auditor
A. Classical V’s Modern Internal Auditor
- How the IA profession has changed
- The transition from a Systems-based Approach to Risk based Auditing
- Risk and Internal Audit complementing each other
- E&Y and Protiviti survey results
- ECIIA research paper – making the most of the IA function
- Customer complaints / employee complaints?
- Whistle Blowing policy?
B. Facing those challenges head on!
- CAE’s other roles beyond Internal Auditing (risk management and compliance – independence and objectivity)
- Assurance services Vs Consulting services
- Developing the Risk-Based Audit Plan
- Quality Assurance audit of the IAD
- Board / AC communication
- Relationship between the IAD & RM
- Close monitoring of the effectiveness of the IAD using the WIP report
- Ensure that the strategies of the IAD are aligned with the company’s strategies
C. Corporate Governance:
- Introduction to Corporate governance
- CEO Vs Chairman of the Board – roles and segregation of duties
- The three-way evaluation of the Board (sample templates will be provided)
- Board Committees and their structures
- Frequency of their meetings
- The relationship of the CAE with the Audit Committee
- The reporting lines of the CAE
- Role in Fraud and Fraud prevention
- Effectiveness assessment of the internal control environment by the AC
- Reporting of the AC Chairman to the Board
- AC and the relationships between the IA and the EA
- Educating the AC!
A fully functional IAD
D. IIA – Bench marking your Internal Audit department
- IAD stakeholders and their expectations
- Is the IAD exceeding these expectations?
- Do you obtain written feedback from your customers? if yes, bravo! If not, Why not?
- Assessment of the effectiveness of the risk management process.
- Assist the Risk manager to embed the risk culture in the organization. How?
- Is the IAD’s employees aware what is “RISK?”
- IAD is aware of its own reputational risk?
- Reputation is the best asset but at the same time it can become its biggest nightmare!
E. Enhancing the existing internal audit team
- Criteria for Recruitment process in the IAD:
- What is your long-term strategy in building your IAD team?
- When recruiting you look both internally and externally if no, why not?
- Specialised knowledge?
- Do you co-source? Do you outsource? or do have it fully internally?
- When you consider recruitment what factors do you consider?
- Professional or not qualifications?
- Experience in the same industry or not?
- Competent internal auditor?
- Communication skills? Etc.
- Leaders versus doers’ mix?
- Use of coaching? Teambuilding? Leadership? Training?
- How often do you perform appraisals on your staff? After every audit?
- Succession planning in the IAD?
F. IIA – Internal Audit cutting-edge methodology
- IAD Charter
- IIA standards
- Policies & procedures manual of the IAD
- Code of Ethics
- Internal controls – hard and soft controls
- The three lines of defense fully analysed and discussed
- ACFE – Report to the Nations 2018 discussed
- Risk management from an internal audit perspective up to and including the risk-based audit plan
- Risk based internal audit methodology
- Writing a Risk based internal audit Report:
- Do’s and Don’ts of an IA report
- Full analysis of a risk-based IA report (template will be provided to delegates)
- The three reports into one:
- Executive summary
- Detailed report
- Report for Risk manager
G. Continuous monitoring
- Why continuous monitoring?
- Who is responsible for continuous monitoring?
- Continuous assurance – new guidance 2320-4
- Continuous auditing and continuous monitoring
- CAAT’s V’s CAATT’s
- The use of CAATT’s for continuous auditing
- Continuous risk assessment techniques
- Examples of continuous auditing
Thinking Out of The Box
H. The applicability of the “Three Lines of Defense Model” and avoiding work duplication
- Third line Vs Second line i.e. Internal Audit, Compliance, Risk Management, AML, Security.
- The relationship between the risk register and the internal audit reports.
- Assisting the Risk manager to update the risk register with your findings.
- Environmental and Social audits where applicable
- First audit of the year should always be, without failure, the Approved Risk Register of the company.
- The organizations Business Continuity Plan (BCP &DR) has it been audited?
I. The challenges of the consultancy role
- The IIA standards
- Why consultancy should be encouraged
- The difference in approach
- How to document these assignments
- Reporting consultancy assignments Audit by workshop
- Facilitation –do’s and don’ts
J. Fraud Investigations
- Internal Audit Vs Fraud Investigations
- Additional skills required to perform a professional and competent investigation:
- Interviewing skills
- Observation skills
- Body language skills
- Financial knowledge
- Custody of evidence
K. Communication challenges
- The Art of a Zen Presentation:
- Techniques and skills required to prepare an effective presentation
- Skills needed to deliver a successful presentation
- Presentation to the AC of the report finding