World Class Internal Auditing & Risk Management Training Workshop

September 10-12, 2019, Hotel Towers Rotana, Dubai, UAE.

Training Objectives

Help participants understand: risk and its effective management; how to identify the risks that matter to the enterprise and its leaders techniques for building an agile audit plan with engagements that matter;auditing governance processes how to address the potential for financial statement fraud; and how to build a world-class internal audit team

Register Now Download Brochure

Instructor of this course

Norman D.Marks

Author, Evangelist and Mentor for Better Run Business
OCEG Fellow, Honorary Fellow of the Institute of Risk Management .

More Detail

You will learn:

  • What the management of risk truly is, and how it can be effectively managed
  • How risk is described in the major risk frameworks/standards (COSO ERM and ISO 31000).
  • How the management of risk is essential to effective decision-making and achieving enterprise objectives.
  • How to integrate the management of risk into daily decision-making across the enterprise
  • The relationship between owning risk and owning performance against an objective
  • The role of internal auditing in risk management
  • How internal audit should communicate their assessment to the board/owners
  • Enterprise risk-based auditing
  • Techniques for identifying and assessing the risks that matter
  • The concept of a flexible audit plan
  • Selling agile auditing to the audit committee or owners
  • The relationship of IT general controls to business risk
  • Why and how to auditing governance processes
  • Fraud risk assessment and investigation: the skills and competency required to address fraud
  • Building and harnessing the capabilities of the audit team
  • Presentation content will be supplemented by Case studies/Group discussion/Exercises
  • Banking
  • Financial Institutions
  • Oil and Gas
  • FMCG
  • Manufacturing
  • Heavy Industries
  • Insurance
  • Healthcare
  • Real Estate
  • Chief Internal Auditors
  • Chief Risk Officers
  • Auditors
  • Vice Presidents, General Managers, Directors, Senior Managers, Managers of: Risk, Audit, Compliance, Corporate Governance, Internal Control, Fraud, etc.
  • Presentations & lectures
  • Group discussions
  • Workshop, exercises & use cases
  • Certificate of Achievement
  • Course material & Handouts
  • USB device
  • Study binder
  • International buffet lunch with coffee/tea breaks.

Course Fee $3,200/Participant

Individual:
15% Discount: Book & pay on or before Jun. 30th, 2019 USD 2,720
10% Discount: Book & pay on or before Jul. 31st, 2019 USD 2,880
Book & pay after Jul. 31st, 2019 USD 3,200

Corporate/Group Discount:
Extra 10% Discount on minimum of 3 Participant

 


World Class Internal Auditing & Risk Management - Course Schedule

Day 1 - Tuesday 10 September, 2019
Understanding Risk and its Management

Opening Session
Presentation
Course details
Presentation of all attendees

Session One

Session 1.1: What is effective risk Management?

  • Before talking about risk-based internal auditing, it is necessary to agree on what is meant by ‘risk’. This topic will address how risk is described in the major risk frameworks/standards (COSO ERM and ISO 31000). It will then cover how the management of risk is essential to effective decision-making and achieving enterprise objectives. 
  • When can an organization’s management of risk be considered effective? Is a periodic review of top risks sufficient? What does it mean to integrate the management of risk into daily decision-making across the enterprise? 
  • Who is responsible for the management of risk? Is it the CRO? What is the relationship between owning risk and owning an objective? How does an organization address the inter-relationship of risk?
  • How much risk is enough? What is risk appetite and does it make sense? What are risk criteria??
  • How can the board or owner of the organization know whether the desired level of risk is being taken?
  • How much risk management is enough?
  • Group discussion
Tea Break & Networking
Session Two

Session 1.2: What is internal audit’s role in risk management?

  • What is internal audit’s mission? What are the core principles for effective internal auditing, and have they changed expectations?
  • What is the difference between internal audit and risk management? What are the three lines of defence?
  • Can internal audit run risk management? Can risk management run internal audit?
  • What is internal audit’s obligation to the board and owners when it comes to the management of risk?
  • Is internal audit an evangelist for risk management?
  • The best question to assess whether management understands whether they are taking the desired level of risk
  • Group discussion
Lunch Break & Networking
Session Three

Session 1.3: Assessing the organization's risk management capability

  • Should internal audit assess how management addresses risk?
  • When should internal audit perform an assurance engagement and when is consulting/advisory work of more value?
  • What constitutes ‘adequate’ when assessing risk management? Is compliance with policy sufficient?
  • Do risk management maturity models help?
  • How should internal audit communicate their assessment to the board/owners
  • Group discussion
Tea Break & Networking
Session Four

Session 1.4: Moving to auditing the risks that matter and helping the organization succeed

  • Is our job to help the organization succeed or to point out deficiencies?
  • What are the risks that matter? Are they the risks that internal audit traditionally audits?
  • What is enterprise risk-based auditing? What are we trying to assess?
  • How do we know what matters? What are techniques for finding out?
  • Can internal audit assess non-traditional areas of risk?
  • Case studies/Group discussion/Exercises
Day 2 - Wednesday 11 September, 2019
Session One

How to identify the risks that matter to the enterprise and its leaders

Session 2.1: The dynamic internal audit plan

  • How often should the audit plan be updated? What is meant by an agile or dynamic audit plan?
  • The concept of a rolling audit plan
  • Explaining agile auditing to the audit committee or owners
  • Who is responsible for the audit plan?
  • Case studies/Group discussion/Exercises
Tea Break & Networking
Session Two

Session 2.2: Defining audit engagements that matter

  • Reliance on ERM
  • When to perform an assurance and when to perform a consulting/advisory engagement
  • When does should internal audit not perform an audit?
  • How many audits does it take to assess an area of risk?
  • Understanding the relationship of IT general controls to business risk
  • What if you don’t have the resources you need?
  • Case studies/Group discussion/Exercises
Lunch Break & Networking
Session Three

Session 2.3: Auditing governance processes

  • What is organizational governance? Is it limited to the board or owners?
  • Why audit governance processes? Where is the risk?
  • When to perform assurance and when to perform advisory work
  • How to communicate the results of the audit
  • Case studies/Group discussion/Exercises
Tea Break & Networking
Session Four

Session 2.4: Internal audit's role in fraud and fraud risk assessment

  • Is it i internal audit’s role to prevent, detect, or investigate fraud?
  • When does internal audit get involved?
  • How do you assess the risk of fraud?
  • The skills and competency required to address fraud
  • An overview of a fraud investigation
  • Group discussion
Day 3 - Thursday 12 September, 2019
Session One

Addressing the potential for financial statement fraud

Session 3.1: Internal audit’s role in addressing financial statement fraud

  • Is there any difference when it comes to financial statement fraud vs other frauds?
  • What leads to financial statement fraud? What are the indicators?
  • Working with the external auditors
Tea Break & Networking
Session Two

Session 3.2: Communicating audit results

  • What is the purpose of an audit report?
  • What needs to be communicated, and to whom?
  • The purpose of a closing meeting
  • Selling audit findings and recommendations
  • Attributes of an effective communication
  • Should we move away from traditional audit reporting?
  • Case studies/Group discussion/Exercises
Lunch Break & Networking
Session Three

Session 3.3: Building a world-class internal audit team

  • Now that you have an audit plan, how do you staff it? What are the skills, experiences, and competencies you need?
  • Harnessing the capabilities of the audit team, motivating them to excellence
  • Where should the staff be based?
  • When should internal auditors be allowed to join other functions?
  • Group discussion
Tea Break & Networking
Session Four and Workshop Concludes

Session 3.4: How do you know when internal audit is world-class?

  • What are the distinguishing characteristics of world-class internal auditing?
  • Does passing a Quality Assurance review guarantee sufficient quality and value?
  • What is the value of internal auditing? Who measures it?
  • OK, you are world-class – what is next?
  • Group discussion

Session 3.5: The future of internal audit

  • The use of technology to enhance the value of internal audit
  • Should internal audit report to the board/owner
  • How can internal audit add value beyond traditional internal auditing?
  • Is tradit traditional thinking around independence good or a limitation?
  • Group discussion
  • Further Q&A, Discussion, Certificate Presentation, Course Close
Course Program
Time Topic
Day 1
08:00 to 08:30Registration & Introduction
Day 1-3
08:30 to 10:00Session One
10:00 to 10:15Tea Break & Networking
10:15 to 11:45Session Two
11:45 to 12:45Lunch Break & Networking
12:45 to 14:15Session Three
14:15 to 14:30Tea Break & Networking
14:30 to 16:00Session Four