
Learn how to plan internal audit engagements by setting objectives, scope, and criteria through risk assessment, and develop effective working papers and staffing strategies.
Identify engagement objectives across efficiency, effectiveness, safeguarding assets, profitability, cost and revenue, and reliable reporting, then assess fraud risk, compliance, and data protection to inform planning.
Plan the engagement by conducting a documented risk assessment to identify significant risks and controls, using risk inventories, heat maps, and flowcharts to prioritize risk responses.
Develop and implement an engagement work program that documents objectives, risks identified through risk assessment, test procedures, and assurance activities to cover the full internal audit scope.
Plan and prepare internal audit engagements from annual plan to audit preparation, conduct kickoff meetings, collect data, assess risks, design and test controls, and draft reports with recommendations.
Master information gathering for internal audits using walkthroughs, observation, interviews, process mapping, and benchmarking against ISO standards to perform risk assessments and gap analyses.
Explore how to conduct walkthroughs, identify root causes of control omissions, and develop training, escalation, and control design improvements to enhance internal audits.
Explore interview approaches for internal audits, including structured, behavioral, and situational methods; learn effective skills like active listening, observing nonverbal cues, and using open and closed questions.
Examine process maps and workflows to distinguish current, ideal, and performed paths, identify risks and inefficiencies, and apply internal, competitive, industrial, and best-in-class benchmarking for audit improvement.
Learn how to use risk control matrices to link objectives with inherent risks and controls, assess design and operating effectiveness, and focus audit work on high-risk areas.
Build a risk control matrix by clarifying objectives using COSO's framework, assess inherent risks, design and test controls, and conclude with a findings report.
Explain statistical and non statistical sampling methods, highlighting risk based sampling to identify exceptions in high risk areas like gifts or employee expenses, and how results relate to the population.
Study attribute sampling, ratio estimation, and stratified and cluster sampling in internal audits for representative error estimation.
Discover how normal distribution and central tendency concepts—mean, median, and mode—and variance and standard deviation are used in internal audit to analyze data, identify outliers, and assess policy impacts.
Apply analytical tests such as numerical analysis, regression analysis, data mining, and continuous monitoring to detect anomalies. Use Bedford's Law, proportional analysis, and trend analysis to assess relationships.
Develop automated continuous auditing with a data repository and embedded audit modules that monitor transactions and generate exception reports for thresholds like 10,000 euros.
Explore sufficiency, reliability, and relevance of information that persuades audit conclusions, including replication and sample sizes, and how 95% confidence and credible sources align with internal audit standards.
Identify and compare types of evidence used in internal audits, including direct (primary) evidence, secondary evidence, corroborative and analytical evidence, internal vs external documents, and testimonial evidence.
Explore ratio analysis as a tool to compare performance across entities and time, using KPIs like inventory turnover, days sales outstanding, and liquidity ratios to assess efficiency and solvency.
Assess performance appraisals within internal audit standards by integrating post engagement evaluations and supervisor feedback to reduce recency bias and ensure balanced annual performance judgments.
Assign clear areas of responsibility to auditors and rotate tasks to develop skills, address blockers in weekly meetings, and require formal sign-offs to ensure engagement, supervision, and timely audit objectives.
Review working papers to link risks, objectives, and tests, ensuring high quality documentation that supports efficient signoffs, clear observations, and a well-organized final internal audit report.
Learn to communicate engagement results effectively through a structured confirmation process, verify findings with stakeholders, and finalize audit reports with agreed responses for management and the audit committee.
Corroborate audit findings with the audit client across multiple levels to reduce risk of disagreement in the final report. Clarify recommendations and the client's action plan at the confirmation meeting.
Communicate interim progress to flag immediate attention items and continuous impact, and when issues are resolved but closed during the audit, include them with an update in the final report.
Articulate the finding's risk and its implications, identify root causes, and propose actionable recommendations that remedy the root cause while mitigating the risk for sustainable improvements.
Apply smart criteria—specific, measurable, achievable, relevant, time-based—to craft lean audit recommendations, findings, action plans, deadlines, and owners with clear purpose and scope. Include an executive summary and minimize filler text.
Learn how internal auditors communicate acceptance of risk and escalate findings. Present to the board for risk appetite decisions and determine whether actions mitigate or accept risk.
We are glad to bring you a course to learn how to perform an internal audit.
This course is ideal for new or future internal auditors, as well as anyone who wants to learn how to assess operations, including people working in controls functions such as Risk Management, Internal Control, Compliance or Information Security.
The course will give you the knowledge and tools necessary to perform internal audits, starting from how to plan them, how to perform and how to report on the results of the engagement.
It is taught by Adrian Resag, an experienced Chief Audit Executive who has also been teaching for nearly 2 decades.
You will learn:
How to perform internal audit engagements.
The workflow of internal audit engagements.
To plan audits and determine their scope and objectives.
Audit techniques for gathering information.
To create process maps, working papers and risk-control matrices.
To use statistical and non-statistical sampling methods and analytical tests.
About the persuasiveness of information and about different types of evidence.
About engagement supervision and performance appraisals for internal audits.
How to write internal audit reports and communicate engagement results.
About the acceptance of risks and the monitoring of progress.
The course covers:
Planning Engagements
Understand how to properly plan engagements by determining their objectives, criteria and scope.
Create working papers which conform with the Standards and learn about different ways an internal audit can be staffed.
Performing Engagements
Learn how to collect engagement information and then analyze and evaluate it. Learn how to supervise engagements.
Communicating Engagement Progress and Results
Learn how to communicate engagement results and the process of acceptance of risks. Learn how to monitor progress on the implementation status of internal audit recommendations.