Roles and Responsibilities: Corporate Compliance and Internal Audit Course

Course Overview:

The Roles and Responsibilities in Corporate Compliance and Internal Audit course provides participants with an exposure to internal auditing’s mission, scope, and functions with special emphases on risk management and governance.

It encompasses the definition of internal auditing, audit typologies (operational, compliance, financial), and presents the orderly procedure of formulating audit plans based on the risks assessment process.

The students will be taught different approaches for risk assessment, verification of controls and different sampling techniques. The treatment of the course also includes the methodology for effective performance of the audit including audit sampling, interview as well as audit documentation.

It is suitable for entry level auditors and even the seasoned practitioners, its goal is to improve the proficiency in the planning and conduct of risk-based audit and the practice of internal audit.

Course Objectives:

After end of this Roles and Responsibilities Corporate Compliance and Internal Audit course, participants will be able to do:

• Define the scope and function of internal audit within the company
• Distinguish the types of internal audit assignments related to operational, compliance, quality, safety or financial internal audit
• Describe the internal audit planning guidelines and develop a risk-based audit plan
• Apply techniques for risk identification, controls identification and controls testing
• Identify the best sampling techniques in an internal audit assignment considering sample size or sample selection
• Select the appropriate internal audit test tools and list the advantages and disadvantages of each

Who Should Attend?

This training course is suitable for a wide range of professionals, but will greatly benefit:

Delegates with some experience in auditing as well as junior auditors or professionals from finance or other departments looking to develop a focused and best practices approach to the internal audit function. This course is also suitable for supervisors and managers who are interested in updating, upgrading and refreshing their knowledge of the internal audit function.

Course Outlines:

Risk and Internal Audit Overview

• Definition of risk
• Types of risk in an organization
• Strategic, reporting, compliance, operational, financial, and physical
• Scope of corporate governance
• Building blocks of corporate governance
• Internal audit as a function of corporate governance
• Scope of internal auditing
• Reasons to have an internal audit function
• Distinguishing internal from external auditing
• The internal audit charter
• The role of an audit committee
• Risk management process
• Five steps to accomplish an effective Enterprise Risk Management (ERM) framework
• COSO enterprise risk management framework
• Determining the risk appetite
• The role of internal audit activity in risk management

Types of Internal Auditing

• Assurance services: the third line of defense
• Performance auditing      
• Operational auditing
• Contracts auditing
• Financial auditing: accounting cycles audited by the internal audit function
• Security and privacy auditing
• Quality auditing
• Compliance auditing

Risk-Based Internal Audit: Planning the Fieldwork

• Reasons for risk-based audit planning
• Three stages for implementing a risk-based internal audit
• Stage 1: risk maturity assessment
• Actions of internal audit to assess risk maturity
• Overall audit strategy based on risk maturity
• Conclusion on the risk management framework
• Stage 2: Production of the audit plan
• Assurance requirements from board and management
• Actions to achieve production of an audit plan
• Identify processes and responses on which assurance is required
• Categorize and prioritize the risks
• Scoring and weighing risks
• Link risks to audit assignments
• Using assurance maps to determine assurance requirements
• Stage 3: conducting audit engagements

Risk-Based Internal Audit: Conducting Audit Engagements

• Internal audit role in performing the audit
• Assessing risks: inherent, control, detection, and audit risks
• How management and internal audit can minimize risk
• Engagement planning
• Engagement objectives, scope, and criteria
• Engagement work program
• Role of internal audit staff
• Defining management assertions
• Uncover risks during the audit engagement
• Example of internal audit risk assessment scale
• Testing management controls
• Insights on flowcharting for understanding cycles and controls
• Assess the design of internal controls
• Test operating effectiveness of internal controls
• 10 steps to complete the audit stage
• Summarizing audit conclusions for the audit committee

Technical Tools for Internal Auditors

• Tips and tools for audit sampling
• Information gathered by internal auditors
• 4 qualities of information
• Sources and nature of the information
• Assessing the degree of persuasiveness
• Types of engagement procedures
• 15 internal audit test tools
• Observation
• Interviewing: a disliked technique
• Interviewing skills: how to run a successful interview
• Role play: internal auditor in action
• Examining records
• Verification and confirmations
• ​Vouching and tracing
• Re-performing
• Internal audit working papers
• Best practices for managing working papers
• Retention policies
• Communicating fieldwork results and recommendations
• Legal considerations for communicating results
• 4 attributes of observation or recommendation
• Disseminating results and exit meetings

see more: Setting and Controlling Budgets Training Course