Upon completion of this course, participants will be able to:
• Understand today’s most relevant audit skills, techniques and methodologies.
• Understand the continually evolving expectations by the BOD and executives for auditors.
• Identifying what techniques to use and when to use them.
• Knowing when to use standard programs versus ad hoc.
• Understanding the available tools and technology available for use in today’s audit world.
• Getting your audit reports read.
• Learn how to sell internal audits abilities and results.
• Enhancing team work and the team environment.
I. Internal Audit Today
• Today’s best practices in auditing today
• Common opportunities in improvement and growth for audit
• BOD and Executive expectations for today’s auditor
• IIA CBOK Study – Core Competencies for Today’s Auditor
• Identifying where value-added opportunities truly are in your organization
• Identifying stakeholders and understanding their needs
• Today’s audit model
• Types of audit engagements
II. Risky Business - Risk Assessments and Risk Management
• Identifying and understanding business objectives
• Risk management concepts and terms
• Identifying potential risks to the business objectives - Process Risks, Fraud Risks, Internal vs External, Technology, Audit Risk
• Heat Maps, Value Maps, Risk Ranking, Impact and Likelihood
• Identifying and evaluating existing controls for known risks
• COSO Framework for controls and control issues
• Evaluating and addressing residual risk
III. Planning the Audit – Plan the work, work the plan!
• Aligning audit objectives with business objectives while addressing risk
• Determining the risk-based audit plan annually
• Monitoring and updating audit plan
• Planning individual audits
• Creating the audit plan – scope & objectives
• Staffing needs and roles and responsibilities
• Audit approach and process
• Time and budget
• Utilizing IPPF guidance for audit planning
• Leveraging formal Project Management methodologies for audits
• Involving the business in initial planning
• Kicking off the audit – planning memos, audit announcement, opening conferences
• Audit Planning best practices from leading audit functions
IV. Interviewing Tips, Techniques and Styles
• Understanding how interviewing is used for an audit.
• When to use an interview rather than other audit methods.
• Avoiding pitfalls in during follow up interviews.
• Best practices for planning and conducting interviews.
• Interviewing practice exercises.
V. Process Documentation Options and Methods
• When to formally document a process.
• The Pro’s and Con’s of using: Flowcharts, Narratives, Questionnaires
• Using walkthroughs and various walkthrough methods.
VI. Audit Programs Methods and Models
• Why an audit program?
• Developing the audit program.
VII. Pro’s and Con’s of standard audit programs versus ad-hoc audit programs
• Classifying inherent impacts and likelihoods for various types of risks.
• Understanding types of controls - preventive vs detective, and as automated vs manual.
• Using your narratives, flowcharts and walkthroughs to identify gaps and potential risks.
• Using risk matrices.
• Determining what to test – key controls, high risk processes.
• Determining the testing objectives – aligning with business objectives
• Changes in scope, scope limitations and running out of time.
• Review and evaluation of the programs during execution.
• Stop-and-go auditing.
VIII. Automated Tools – Auditing at the Speed of Light!
• Tools that can be used to automate the audit process.
• Understanding potential uses for automation, data analytics and audit software.
• Interpreting Data and using it in the audit process.
• Making the jump to automation.
• Continuous Auditing and Monitoring.
IX. Plans, Methods and Approaches for Testing, Sampling and Evidence Gathering
• Testing methodologies – manual, automated and others.
• Gathering audit evidence to support objectives.
• Comparison between various sampling and testing approaches.
• Determining the appropriate sampling and testing approach to use for each audit objective.
• Workpapers and why we need them.
• Necessary components of workpapers
• Cross functional uses of workpapers.
• Exercises for planning and testing approaches.
• IIA / GASB / ISACA Standards for evidence
X. Bringing it all Together - Reporting
• The 5 C’s of Audit Reporting.
• Identifying a what makes a report good versus bad and keeps reports from being read
• Determining the readers of audit reports.
• Executive Summaries
• Report organization & layout, and why it matters.
• Using Appendices – why, when, how and what.
• The two-page audit report – your readers will thank you.
• Tying evidence to audit objectives to business objectives.
• Getting the report out the door, quickly.
XI. Selling the Results – If you don’t do this, the rest doesn’t matter!
• Marketing Audit and audit reports or finding to the business.
• Methodologies for “selling” audit findings to stakeholders.
• Factors that help or hinder selling audit findings and recommendations.
• Why timing is crucial.
• Establishing relationships and becoming a business partner.
• How to sell an audit finding.
• Exit conferences and why successful ones are critical to your success.
• Follow up, Monitoring and Action Plans.
XII. Post Audit surveys and questionnaires.
• Getting them to ask for audits!
XIII. The Audit Team – Yes you.
• Why working as a cohesive team is critical.
• How teamwork increases your perceived value as an audit group.
• Suggestions for creating a team environment, and improving teamwork.
• Performance metrics and when to use them.
• Staying within budget and on time. How to make it happen.