Module 1: The Profession Of Internal Auditing (IA)
Definitions and trends
Internal audit role and responsibilities
Why IA is not ‘The Checker.’
Is IA the police, an assurance provider or a consultant?
Why the modern IA role does not focus on weaknesses – but rather opportunities for improvement
Frequently asked questions about the IA role
Misconceptions about the role
What it means to be an internal auditor
Explaining the role to others
Corporate governance and the IA role
The roles IA is not permitted to undertake
The Audit Committee and the audit relationship
Module 2: Internal Audit Standards
The Professional Standards
The Mission Statement
Core principles
Code of ethics
Standards
Professional guidance
Internal Audit role and responsibilities
Key elements – Integrity – Objectivity – Competence – Strategic alignment
The 3 E’s
Assurance and insight
Promoting positive change
Definition and characteristics of fraud
Internal auditor’s role in a fraud case
Module 3: Risk and Internal Audit
Definition of risk
Types of risk in an organization
Functions of management: planning, organizing, implementing and controlling
Internal audit as a function of corporate governance
The scope of internal auditing: the internal audit charter
Reviewing the effectiveness of the risk management process adopted
Determining which risks should be concentrated on in the audit
Discussing risk ownership and identifying gaps
Module 4: Types of Internal Auditing
Performance auditing
Operational auditing
Financial auditing: accounting cycles audited by the internal audit function
Compliance auditing
20 questions directors should ask about the internal audit function
Module 5: Preparing For an Audit
Control framework
Audit planning
Completing the assignment
The audit file
Audit assignment checklist
Guest auditors
Steps in preparing for an audit
How to deal with experts in the field
The need for confidence
Module 6: Meeting With The Audit Customer To Discuss The Audit
Paper with a step-by-step guide will be provided
New IIA guidance on delivering Internal audit assignments
The pre-meeting
Preparation and confidence
The need to treat your customers with respect
Techniques to put management at ease
IIA guidance on influencing skills
Securing management input
Functional and audit objectives
Developing terms of reference for the assignment
Determining sources of information
Module 7: Understanding Controls
Business process analysis techniques
Process objectives and risk
The need to understand the business objectives
Developing a programme to reflect these objectives
Assessing the business objectives
Determining process components
The link between goals and risk
The relationship between risks and controls
Process and business system controls
The connection between inputs and outputs
Trigger events
Types of control
Preventative, corrective and detective controls
Getting to the causes of control failure
The opportunity cost of poor internal control
Questions to ask
How to gather and evaluate information
Documenting controls
Module 8: Fieldwork Guidelines
- Information gathered by internal auditors
- 4 qualities of information
- Sources and nature of information
- Assessing the degree of persuasiveness
- Types of engagement procedures
- 15 internal audit test tools
- Observation
- Interviewing: a disliked technique
- Interviewing skills: how to run a successful interview
- Roleplay: internal auditor in action
- Examining records
- Verification and confirmations
- Vouching and tracing
- Re-performing
- Internal audit working papers
- Best practices for managing working papers
- Retention policies
- Communicating fieldwork results and recommendations
- Legal considerations for communicating results
- Four attributes of observation or guidance
- Disseminating results and exit meetings
Module 9: Completing The Audit File
The audit file structure
The peer review notes
Ensure all areas are covered
Ensuring all working papers and checklists are completed
Identification of key review points
How to write value-added review notes
Tips for electronic working papers
Sampling results
Module 10: Drafting The Audit Report
The need for reports with impact
What management expects
Who reports are for and the implications
The report as your shop window
The common problems with audit reports
Avoiding the pitfalls
Keeping the report as simple as possible
Knowing what to write
Being sure of the facts
How to assess a report
The executive summary – Dos and don’ts
Words and phrases to avoid
The psychological dilemma with reports
Why audit reports are taken as a criticism of management
The main report – Best practice ideas
Presenting results
How to get 95% of your recommendations actioned