Course Information

As responsibilities and expectations for today’s auditor increases, and budgets and resources continually shrink, understanding the latest methodologies, tools and techniques being used in the audit industry can be critical to the success of an audit team. This class aims to introduce, review, and evaluate the most up-to-date practices being utilized to help auditors become highly effective and efficient. Each area of the audit process; risk assessment, planning, interviewing, process documenting, sampling and testing, and reporting will each be examined in-depth. We will also cover selling the audit function and results to the business and best practices for audit teamwork.

This interactive course incorporates practice exercises, case studies, and demonstrations in addition to lecture to ensure concepts are thoroughly understood and can be immediately applied in the workplace.

 Upon completion of this course, participants will be able to:

• Understand today’s most relevant audit skills, techniques and methodologies.

• Understand the continually evolving expectations by the BOD and executives for auditors.

• Identifying what techniques to use and when to use them.

• Knowing when to use standard programs versus ad hoc.

• Understanding the available tools and technology available for use in today’s audit world.

• Getting your audit reports read.

• Learn how to sell internal audits abilities and results.

• Enhancing team work and the team environment.

I. Internal Audit Today

• Today’s best practices in auditing today

• Common opportunities in improvement and growth for audit

• BOD and Executive expectations for today’s auditor

• IIA CBOK Study – Core Competencies for Today’s Auditor

• Identifying where value-added opportunities truly are in your organization

• Identifying stakeholders and understanding their needs

• Today’s audit model

• Types of audit engagements

II. Risky Business - Risk Assessments and Risk Management

• Identifying and understanding business objectives

• Risk management concepts and terms

• Identifying potential risks to the business objectives - Process Risks, Fraud Risks, Internal vs External, Technology, Audit Risk

• Heat Maps, Value Maps, Risk Ranking, Impact and Likelihood

• Identifying and evaluating existing controls for known risks

• COSO Framework for controls and control issues

• Evaluating and addressing residual risk

III. Planning the Audit – Plan the work, work the plan!

• Aligning audit objectives with business objectives while addressing risk

• Determining the risk-based audit plan annually

• Monitoring and updating audit plan

• Planning individual audits

• Creating the audit plan – scope & objectives

• Staffing needs and roles and responsibilities

• Audit approach and process

• Time and budget

• Utilizing IPPF guidance for audit planning

• Leveraging formal Project Management methodologies for audits

• Involving the business in initial planning

• Kicking off the audit – planning memos, audit announcement, opening conferences

• Audit Planning best practices from leading audit functions

IV. Interviewing Tips, Techniques and Styles

• Understanding how interviewing is used for an audit.

• When to use an interview rather than other audit methods.

• Avoiding pitfalls in during follow up interviews.

• Best practices for planning and conducting interviews.

• Interviewing practice exercises.

V. Process Documentation Options and Methods

• When to formally document a process.

• The Pro’s and Con’s of using: Flowcharts, Narratives, Questionnaires

• Using walkthroughs and various walkthrough methods.

VI. Audit Programs Methods and Models

• Why an audit program?

• Developing the audit program.

VII. Pro’s and Con’s of standard audit programs versus ad-hoc audit programs

• Classifying inherent impacts and likelihoods for various types of risks.

• Understanding types of controls - preventive vs detective, and as automated vs manual.

• Using your narratives, flowcharts and walkthroughs to identify gaps and potential risks.

• Using risk matrices.

• Determining what to test – key controls, high risk processes.

• Determining the testing objectives – aligning with business objectives

• Changes in scope, scope limitations and running out of time.

• Review and evaluation of the programs during execution.

• Stop-and-go auditing.

VIII. Automated Tools – Auditing at the Speed of Light!

• Tools that can be used to automate the audit process.

• Understanding potential uses for automation, data analytics and audit software.

• Interpreting Data and using it in the audit process.

• Making the jump to automation.

• Continuous Auditing and Monitoring.

IX. Plans, Methods and Approaches for Testing, Sampling and Evidence Gathering

• Testing methodologies – manual, automated and others.

• Gathering audit evidence to support objectives.

• Comparison between various sampling and testing approaches.

• Determining the appropriate sampling and testing approach to use for each audit objective.

• Workpapers and why we need them.

• Necessary components of workpapers

• Cross functional uses of workpapers.

• Exercises for planning and testing approaches.

• IIA / GASB / ISACA Standards for evidence

X. Bringing it all Together - Reporting

• The 5 C’s of Audit Reporting.

• Identifying a what makes a report good versus bad and keeps reports from being read

• Determining the readers of audit reports.

• Executive Summaries

• Report organization & layout, and why it matters.

• Using Appendices – why, when, how and what.

• The two-page audit report – your readers will thank you.

• Tying evidence to audit objectives to business objectives.

• Getting the report out the door, quickly.

XI. Selling the Results – If you don’t do this, the rest doesn’t matter!

• Marketing Audit and audit reports or finding to the business.

• Methodologies for “selling” audit findings to stakeholders.

• Factors that help or hinder selling audit findings and recommendations.

• Why timing is crucial.

• Establishing relationships and becoming a business partner.

• How to sell an audit finding.

• Exit conferences and why successful ones are critical to your success.

• Follow up, Monitoring and Action Plans.

XII. Post Audit surveys and questionnaires.

• Getting them to ask for audits!

XIII. The Audit Team – Yes you.

• Why working as a cohesive team is critical.

• How teamwork increases your perceived value as an audit group.

• Suggestions for creating a team environment, and improving teamwork.

• Performance metrics and when to use them.

• Staying within budget and on time. How to make it happen.

TAC Rule 523.142(g) requires the CPE Sponsor to monitor individual attendance and assign the correct number of CPE credits. Participants will be asked to document their time of arrival and departure in compliance with this Rule. Additionally, attendance will be monitored throughout the day and CPE certificates will reflect actual attendance of each participant.

If you are making travel plans to come to Austin, we recommend making "refundable" air and hotel reservations or waiting until 14 days before the class to actually book your reservations. Courses are occasionally canceled or rescheduled due to low enrollment. We determine whether a course has enough participants 16 days prior to the course date. If we cancel or reschedule, we will email the participant and his or her billing contact no later than 14 days before the original class date.

The course coordinator will contact you with parking information. Handicapped parking is free at the meters around the downtown area.

Vending machines with Coca-Cola products and various snack items are available. There is also a refrigerator and microwave in our coffee bar area. Feel free to bring in your own drinks and food if you prefer.

You might want to bring a light sweater or jacket, as room temperatures vary.

To see answers to our Frequently Asked Questions, visit http://www.sao.texas.gov/training/faq.html.