Course Description
Change equals risk. With change comes an increase in risk. The increased risk can be temporary while we work through the change, or it can be permanent. It is our job to determine which. We are in unprecedented times and experiencing a time of significant change for all organizations. The work that we have done, the risk assessments, the forecasts, the audits, all need to be revisited and spot checked to take into consideration what has changed and how it has impacted our assessment of risk and exposures for our organization. This course will examine how auditors and fraud examiners should revisit risk assessments, recent audits and identify, evaluate and prioritize emerging risks as a result of COVID.
Fraud risk is increasing significantly with the changes, adaptions, and work-arounds organizations have had to leverage to keep operating during COVID. This course will examine how to assess the increased fraud risk and what can be done to prevent, detect and deter fraud during these new circumstances.
Learning Objectives
- What a risk assessment revisit is
- Where to start with a risk assessment revisit
- Why you should evaluate everything first from a top down approach
- Quick spot check methods to achieve quick, yet measurable results
- How and why now is the time auditors can add real value to their organizations
Course Outline
COVID and Impact to Business
- Business changes
- Lost revenue
- Pandemic timeline and impact of timeline
Identifying, Understanding, Evaluating and Prioritizing New Risks
- Focus on the organization’s business objectives
- Changes, adaptation, work-arounds temporary and permanent
- Revenue, people, future and adaptation
Revisiting Risk Assessments
- Why risk assessment revisits need to occur
- How to revisit and what to focus on
- Identifying, understanding and evaluating change to existing risks
- Re-evaluating significance and likelihood
Spot Checking Recent Work
- Determining what to check
- How to “spot” check without a full audit
- Staying targeted and focused
Business Continuity Assessments
- Crisis planning
- Employee health and safety
- Communication
- Security and social engineering
- Technology
- Supply chain
- Reputation
- Legal issues and new regulations
- Survival strategies and accepting risks
Risk Management Assessment
- Reassessing existing risk management process and policies
- Reassessing risk management teams, skills and focus
- Assessing service providers, third-party, and travel
Specific Risks
- Telecommuting
- People and Human Resources
- Process – changes, modifications, workarounds
- Supply Chain
- Information Technology and Cybersecurity
Fraud Risk
- Identifying new fraud risks
- Personal and organizational risks
- Protecting and educating employees on fraud risks
Leveraging Data Analytics
- Ad hoc assessments and analysis
- Continuous auditing and monitoring
- Fraud detection and deterrence
Additional Information
Who Should Attend
- Internal auditor staff and management
- Internal control professionals
- Accountants
- Operations staff
Learning Level
Intermediate
Delivery
Group-Live or Group-Internet
Field
Auditing
Recommended Prerequisites
Auditors with at least 1 year experience in order to draw upon their professional audit experience
Session Duration
On Site: 2 days
CPE Credits: 16