Leading the Internal Audit Function
Benefits of attending
Why you should attend
- This workshop is targeted specifically at senior Internal audit professionals – and is focussed on the key aspects of a modern internal audit function – and the challenges faced by the ever changing world
- The event represents a superb opportunity to meet your peers from both your sector and others and develop new approaches to the difficult challenges facing audit managers and Heads of Audit today
- The workshop also includes opportunities to discuss issues of your choosing with fellow decision makers in the IA profession
Who should attend?
Who should attend
- Heads of Internal Audit (CAE)
- Audit Managers and those about to be appointed to that role
- Directors responsible for internal audit
- Heads of other assurance functions such as Compliance or Quality Assurance
- This course is specifically for the most senior audit professionals
- This is an intermediate to advanced level course
- Delegates should have a good educational standard (Bachelors degree or above) and/or a professional qualification
- No advance preparation is required
- Delivery method – On-line-live (with exercises and case studies to provide practical application of the tools and techniques)
After completing this course you will be able to
- Benchmark your IA function against worldwide best practice
- Deliver stakeholder assurance more effectively
- Develop the leadership approach and the required skills
- Meet the Governance challenges
- Manage the audit process more efficiently and improve strategic audit planning
- Develop the leadership approach and the required skills
- Ensure IA is seen as a business champion
- Significantly improve strategic audit planning
- Integrate your approach with other providers of assurance
- Extend the audit approach
Participants will earn 9 CPE credits (in the Auditing field of study)
Day 1: The rapidly changing role of Internal Audit
The need for Internal Audit to be a strategic advisor
- New IIA Code of Conduct
- Helping the Board to protect the assets, reputation and sustainability of the organisation.
- Internal audit should have the right to attend and observe all or part of executive committee meetings
- The primary reporting line for the chief internal auditor should be to the chair of the Audit Committee.
- New IIA Audit Executive guidance
- Key messages from the IIA Body of Knowledge survey
- Deciding the strategic direction for your function
- Pulse of the profession survey results
- IIA becoming more effective guidance will be shared
- Ensuring effective communication lines between the CAE and the Board
- Gaining assurance regarding the quality of the function’s work.
- Overseeing the relationship between the IA function and the organisation’s centralised risk monitoring function.
- Exercise 1 – The new challenges facing IA
Ensuring IA is a challenger and a business champion
- Independence & Objectivity
- Reporting lines – the need for independence
- Should you report to the Chief Executive or the Audit Committee?
- Audit Committee relationships
- Key requirements of the role and the implications
- Objective assurance
- Adding value
- Improving the organisation’s operations Assisting the business to achieve its objectives
- Systematic and disciplined approach
- Evaluate and improve risk management, control and governance processes
- Dealing with the misconceptions of the role
- It is not internal audit’s responsibility to :-
- Detect fraud
- Introduce more and more control
- Find management out
- Assess the ability of management and staff
- Train staff
- Tell management what to do
- Exercise 2 – Dealing with the misunderstandings of IA
Auditing the ERM process
- The need to focus audit attention towards the most significant risks
- New IIA guidance – maturity models for assurance
- The need for much higher levels of assurance than ever before
- What level of assurance can really be provided?
- Could working with management to identify and evaluate risks compromise the independence of the function?
Ensure risk is defined as the need to get things right – not what can go wrong
- ‘Ring fencing’ risk exposure – never allow one part of the business to impact the whole organisation
- Determining and communicating your attitude to risk and your required risk culture to managers and stakeholders
- Recognise that reputation is both your biggest asset and the biggest risk you face – and one you cannot insure
- Do not wait until you are required to provide evidence of effective risk management by regulators or legislation – this will usually be too late
- Promote risk as the pulse of the organization and make sure that you have personnel to regularly take this pulse
- Exercise 3 – What steps can IA take to help make risk management a value added process?
Strategic audit planning
- The need to determine which topics to audit (and their frequency)
- The audit universe
- The need for risk-based audit plans
- Tapping into risk assessments carried out by management
- Determining the level of assurance required
- Getting management input
- Dealing with requests
- New IIA guidance on audit plan preparation will be provided
- The need for a structured approach.
- A world-renowned strategic audit planning tool will be shared (the model is used by more than 2500 audit functions across the world)
- Exercise 4 Determining audit priorities using the model
The need to exceed stakeholder expectations
- Who are the stakeholders?
- Are stakeholders’ expectations known?
- Arranging meetings with all stakeholders
- Workshops with key stakeholders?
- Are the expectations clear?
- How can you meet the widely differing expectations?
- Are there any areas where expectations could be exceeded?
- Are there any quick wins?
- What reports should IA provide to stakeholders?
- A new paper on working with stakeholders will be shared
- New advice on auditing strategy
- What every Director should know about IA – new guidance
- Exercise 5 – Meeting the ever expanding requirements of stakeholders – what should the IA role be?
Day 2: Managing and overseeing the IA process
Corporate Governance and the IA Role
- Key challenges of Corporate Governance
- Developments in CG – new paper
- 6 core principles of governance
- The governance warning signs
- New corporate governance insights paper will be shared
- The audit role in the CG process
- A guidance paper on assessing organisational governance will be provided
- The External audit relationship
- Role in Fraud prevention and investigation
- The need to understand the Governance objectives
- Developing a programme to reflect these objectives
- Governance trigger events
- Exercise 6 – The challenges of Corporate Governance
Ensuring full Assurance Mapping is in place
- Ensuring your assurance providers roles e.g. Internal Audit,
- Compliance, Risk Management, Insurance, Security are
- coordinated to avoid duplication of effort
- Why you should incorporate internal audit agreed actions in your risk register Ensure environmental risk is taken seriously (even if you are in a sector such as Financial Services
- Ensure that your Business Continuity plan covers all eventualities and ensure it is fully tested
- Identify new ways to benefit the least able section of the wider community you serve
- New guidance on coordinating RM & assurance
- Exercise 7 –Implementing Assurance Mapping
Extending the audit coverage
- Auditing the least covered business aspects
- Social Media
- The web site
- Strategic planning
- Product/ service development
- Changes in Government policy
- Economic changes impacting the business
- Customer relationship management
- Extreme events
- The regulatory environment
- Business Innovation
- Corporate communication
- Demographic changes and business impact
- Exercise 8 – Delegates will select 2 topics and determine the audit approach
The audit leadership skill set
- What leadership means
- Leadership styles
- Delegation and tips for success
- Analysis of a leader
- Open -mindedness
- Negotiation ability
- Self-motivation and self confidence
- Decision making ability
- Flexibility and ability to co-operate
- Time management
- Flexibility and ability to co-operate
- Self- control
- Results focus
- New IIA paper on influencing skills will be shared
- Exercise 9 Leadership tools
Audit assignment oversight
- Building an understanding of the audit process
- Establishing audit objectives
- The Audit manual
- Developing effective audit programmes
- What makes a good programme?
- Mistakes to avoid
- The dangers of re-inventing the wheel
- Assigning tasks
- Staffing factors
- The need for regular updates for standard programmes
- Supervising and controlling audits – tips for success
- Exercise 10 – Audit management key issues
- The IIA standards
- Why consultancy should be encouraged
- The difference in approach
- How to document these assignments
- Reporting consultancy assignments
- Audit by workshop
- Facilitation –do’s and don’ts
- Exercise 11 – How to convince management that consultancy is the direction for Internal Audit
About Phil Griffiths
Phil Griffiths, FCA
Phil Griffiths is founder and Managing Director of Business Risk Management Ltd.
A Chartered Accountant, he has over 30 years experience in risk management, Corporate Governance, internal audit and fraud prevention as practitioner, professional adviser, facilitator and trainer.
His areas of specialism are:
- Assisting Senior Management to identify, manage and then exploit the risks within their business via facilitated business risk management programmes
- Helping Internal Audit functions to implement world class standards.
- Developing fraud prevention, detection and investigation programmes
- Training both private and public sector organisations in all the above disciplines.
He has extensive experience of the European, Asian, Middle Eastern, and African markets having trained professionals from over 1000 organisations in these regions during the past 15 years
He has extensive experience of managing and auditing major International projects. He has also direct experience of negotiating major contracts (including the largest mobile telecommunications contract in the world at the time)
Phil has developed strategic alliances with professional bodies and world renowned training companies, to deliver training and consultancy services across Europe, Asia, the Middle East and Africa.
He has developed over 300 training courses on all aspects of internal audit, risk management and fraud and delivered them across the globe.
He has led risk management programmes for more than 120 private and public sector clients tailored specifically to include facilitated workshops, development of risk strategies and assistance with implementation
He is an accomplished author. His book ‘Risk Based Auditing’ is an international best seller and his new book ‘Enterprise Risk Management – the key to business success’ is receiving much acclaim
Phil has published research into many aspects of internal audit and risk management best practice, including “Strategic Risk management” “The Need to Co-ordinate Assurance Providers” and “The Expectations of Chief Executives towards Internal Audit and its future”
He is recognised as an accomplished and charismatic facilitator, trainer and lecturer and is in continual demand to speak at the most prestigious events on risk management, internal audit and fraud.
Course Fee and Timings
The fee for the 2-day course is GBP 500 (US$ 650) which includes comprehensive course materials. The course will consist of three 1.5 hour sessions each day.
- 9.00 – 10.30 Session 1
- 10.30 – 10.45 Break
- 10.45 – 12.15 Session 2
- 12.15 – 13.00 Break
- 13.00 – 14.30 Session 3