Risk-based Auditing: A Value Add Proposition - Training - The Institute of Internal Auditors (IIA)
IIA On-site Seminars
To schedule your on-site or custom program call 1+407-937-1388 or e-mail onsiteseminars@theiia.org.

On-site & Custom Programs Home

Risk-based Auditing: A Value Add Proposition

Your opportunity to...
  • Understand the importance of corporate governance and enterprise risk management
  • Identify risks to strategy
  • Define key business processes and objectives
  • Perform a risk assessment
  • Develop a risk-based assurance plan
  • Understand entity-wide controls and their relevance in the audit plan
  • Plan a risk-based engagement
Calling all...
  • Chief audit executives, audit directors, audit managers, audit team leaders, and internal auditors who want to initiate risk-based auditing in their organizations or improve their current internal audit processes.
  • Internal auditors and consultants who want to improve their skills in risk-based auditing approaches.
Course Description

Prerequisites: None
Advanced Preparation: None
Delivery Method: Group-Live


Internal auditing is a profession that’s always evolving, always changing, especially in the area of risk-based auditing approaches. This is why successful audit leaders know that it’s imperative that they continue to hone their skills in guiding their organizations’ risk-based auditing, while improving their current internal audit processes.

Through case studies, group discussions, round tables, and supplemental lectures, this seminar will help audit team leaders and other management level audit professionals align their organizations’ strategies, visions, and values with the internal audit process. Furthermore, participants will come to understand the importance of corporate governance and enterprise risk management, while learning to identify risks, perform risk assessments, develop a risk-based assurance plan, understand entity-wide controls, and plan a risk-based engagement.

Course Outline
Role of Internal Auditing By the end of this unit, you should be able to:
  • Identify the value of internal auditing.
  • Define internal auditing.
  • Describe the internal audit Standards related to risk-based auditing.
  • Discuss risk-based auditing in organizations.
Corporate Governance
  • Define corporate governance.
  • Identify Performance Standard 2110: Governance.
  • Identify the various aspects of corporate governance.
  • Identify Assurance Performance Standard 2110.A1 and the elements of a good ethics program.
  • Identify the areas an internal audit must assess, evaluate, and report on to assure adequate corporate governance.
Risk Management
  • Define enterprise risk management (ERM) and risk.
  • Identify the difference between inherent and residual risk.
  • Risk Management Assumptions
  • Identify the assumptions of risk management.
  • Identify the benefits of risk management.
  • Identify the categories of risk.
  • Identify Performance Standard 2120: Risk Management.
Control (and Risk) Frameworks
  • Define Performance Standard 2130: Control.
  • Identify the elements of COSO control and ERM frameworks.
  • Identify the internal control environment factors, risk management factors, control activity factors, information and communication factors, and monitoring factors.
  • Identify the limitations of internal control and factors which override control activities.
  • Identify roles and responsibilities in internal control.
Entitywide Risk Assessment
  • Identify Assurance Performance Standard 2130.A1.
  • Identify the process for performing an entitywide risk assessment.
  • Define business process.
  • Identify the process of developing an audit plan.
Risk-based Audit Engagement
  • Identify the process of performing a risk-based engagement.
  • Identify the attributes of a business process definition or objective.
  • Identify the risk-to-business processes and risk events.
  • Identify the four common ways to manage risk.
  • Identify the definition of controls, the type of controls, and evaluation methods for controls.
  • Identify internal audit Standards 2210, 2210.A1, 2210.A2, 2210.A3, and 2240.
  • Identify the guidelines for reporting the results of a risk-based audit engagement.
© 2010 The Institute of Internal Auditors / 247 Maitland Avenue Altamonte Springs, FL. 32701-4201 USA / +1-407-937-1100 / FAX +1-407-937-1101 • www.theiia.org