Introduction:
Risk based internal auditing is about identifying the key objectives of an organization and selecting the top risks threatening the attainment of those objectives. This course enables participants to effectively identify the top objectives and risks in their organizations to provide input on developing a risk based internal audit plan. We discuss risk management basics on how to identify, assess, evaluate, mitigate, and monitor risks; to aid in understanding risk management principles necessary to perform risk-based audits. Differences between traditional internal auditing and how to audit using a risk-based approach are discussed. Through lectures and practical group interaction, discussions, and exercises, participants will develop the skills necessary to effectively plan and perform risk based internal auditing at their organization.
Risk Based Internal Auditing (RBIA) is defined by the Institute of Internal Auditors (IIA) as “a methodology that links internal auditing to an organization’s overall risk management framework”. RBIA allows internal audit to provide assurance to the bank’s/ organization’s board that various risk management processes are managing risks effectively, in relation to the risk appetite of the bank/ organization.
However, every organization is different with different attitudes to risk, different management and organizational structures, different processes and procedures, and the need to subscribe to and comply with diverse conventions and regulations. Experienced internal auditors need to adapt these ideas to the structures, processes, and language of their organization in order to implement RBIA.
Course Objectives
By the end of the course, participants will be able to: