Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Developing an audit work program can be a daunting process, especially when the audit area is one with which the auditor is unfamiliar, and/or has not been audited previously. This course will take the mystery and pain out of the process by introducing a methodology called “Closing the Loop Framework”. It provides a foundation for how to develop audit steps based on audit scope and the evidence required to achieve audit objectives. Less experienced auditors will learn how to build the audit program, and experienced auditors will have an opportunity to refresh their skill-set and consider the Closing the Loop Framework as a tool for improving audit quality. You will have the opportunity to build components of an audit program in a workshop.
In this seminar, we will discuss the critical issues to be considered:

  • Fundamental requirements for audit work programs referencing audit standards and generally accepted practices
  • Planning performance, financial, compliance and IT audits
  • Using the Closing the Loop Framework to ensure completeness and quality of the planning and audit execution process
  • How well-developed audit work programs support the management and quality assurance of audits

Learning Objectives

  • Gain an understanding of the role of the Audit Work Program
  • Become familiar with Standards-based Requirements for Audit Work Programs
  • Strengthen one’s skills in developing audit steps and audit work programs
  • Understanding how Checklists and Internal Control Questionnaires can be used

Course Outline

Setting the Stage: The Role of Audit

  • Defining audit evidence
  • Impact of audit evidence on audit risk
  • Requirements from auditing standards
  • Audit charter
  • Compliance
  • Audit work plan vs. audit checklist

Audit Development Cycle

  • Closing the Loop Process

Planning—Understanding the Business

  • Identifying and understanding business objectives
  • Document review
  • Understanding the business processes
  • Documenting business processes

Planning—Scope

  • SIPOC
  • Defining scope—what’s in and what’s out
  • Setting expectations with Management
  • Scope statements

Interviews

  • Information gathering and fact finding
  • Establishing rapport
  • Whom to interview
  • Interviewing approaches and styles
  • Questioning styles and approaches
  • Conducting the interview
  • Interviewing rules and best practices
  • Communication barriers

Engagement Risk Assessments

  • Understanding risk
  • Types of risks—operational/financial/reputational/regulatory
  • Identifying risk
  • Evaluating risk
  • Prioritizing risk
  • Likelihood/significance/duration/velocity

Identification of Controls

  • Types of controls
  • Control objectives
  • Entity-level controls
  • Activity-level controls
  • Evaluating controls: design vs. operating effectiveness

Documenting Processes and Controls

  • Narratives
  • Flowcharts and process flows
  • Walkthroughs

Developing Audit Objectives and Refining Scope

  • Importance of linking Audit Objectives to Operational and Control Objectives
  • Developing steps that add value
  • Linking to business objectives

Additional Information

Who Should Attend

Internal and external auditors

Learning Level

Intermediate

Delivery

Group-Live

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

At least 2 years’ general audit experience

Session Duration

Online: N/A

On Site: 2 days

CPE Credits: 16