The value adding capacity of an overall IA activity’s program begins with the foundational risk assessment and planning process. This activity is undertaken annually at an enterprise level, and functionally at an individual engagement level. The alignment and integration of these critically linked processes is essential for ensuring the effective and efficient deployment of IA resources and optimum assurance coverage. This course provides an essential primer on IA risk assessment and planning processes, supported by key related Professional Standards guidance and practical application strategies. In addition, this session also serves in building a vital bridge which connects high quality IA activity level attributes with ongoing maximum impact performance level implementation.
Learning Objectives
- Expand awareness of the critical foundational nature and linkage of IA risk assessment and planning processes
- Enhance understanding of IA risk assessment and planning related Standards
- Clarify distinctions between, as well as the complementary and aligned/integrated nature of, enterprise (macro) and functional (micro or engagement) level IA risk assessment processes
- Reinforce concepts and extend practical application IA risk assessment/planning knowledge to internal control design/documentation level activities and audit program development/updating processes
Major Topics
- IA program foundation(s): IA risk assessment and planning
- IA Risk Assessment and Planning Standards review
- Enterprise (macro) level internal audit risk assessment and planning including entity level/ wide audit scope, frequency and objectives determinations
- Process and engagement (micro) level risk assessment and planning, including the alignment and integration with enterprise risk assessment, planning and engagement level scope and objectives determinations
- Engagement level scope and objectives determinations
- Internal control design and documentation fundamentals
- Audit program development and updating
