Best Practices in Internal Auditing

What you will gain from this seminar:
This seminar presents more than 50 practices from world-class internal audit departments. This is not just an overview. You will get their actual tools, techniques and other practices. You will also learn how they apply the tools and how to tailor their practices to your own organization. After the seminar, you will be able to use these examples as models to create or enhance your own value-added practices.

Who should attend

  • CAEs
  • Audit directors and managers
  • Experienced auditors

Two-day seminar outline

The Foundation of Best Practices
The Aspirational Definition of Internal Auditing
The Pivotal Document for Change (COSO)
Sample audit department mission – Central Maine Power

Audit Department Structure and Annual Planning Process
Best practice principles:

  • Align department structure with the business
  • Use relationship managers
  • Risk assessment that is qualitative, participative, and based on the organization’s strategy
Best practice examples from DuPont, Central Main Power, Pacific Telesis
How to plan, monitor, and aggregate results to form an entity-wide opinion

Added Value Audit Methodologies
Best practice principles
Risk-based auditing
Practices That Enhance Audit Projects:
  • Staff Skills Matrix
  • Best practice web site and database
  • Use of guest auditors
  • Criteria for evaluating KPIs
Innovations in audit reports

Assessing the Risk/Control Culture

Five principles for evaluating soft controls
Structured interview guide: Culture of Compliance review
Audit project survey: Rensselaer Polytechnic, University of Minnesota, Precision Drilling
Entity-wide self-assessment survey: Ameritech and keys to success
RCSA workshops: two common techniques, case study
How to select the best evaluation technique for your organization
Metrics and indicators of the effectiveness of the risk culture

Other Assurance and Consulting Services
Business Process Improvement reviews: DuPont
Internal Control Assessment: DuPont
Internal Control Education: DuPont, Ontario Justice Ministries
Audit’s role in mergers & acquisitions: Bank of America
Consulting: FirstEnergy

Internal Audit’s Role in Enterprise Risk Management
IIA position paper
Leading frameworks: COSO and ISO
ERM myths and realities
Three case studies of ERM: Countrywide, Aquila. Texas Comptrollers
ERM architecture

Emerging Practices
Assessing the risk management process
Advising and assessing governance process(es)
Advising and assessing organizational strategy
Auditing social media, mobile devices, the internet of things
Assessing the use of “big data”

Staffing, Work Environment, Marketing and Measuring
Best practice principles: staff with multi-disciplinary experts, create a value-adding culture in your department
Competency model for staffing and career development: FirstEnergy
Marketing internal audit: tips and tricks
Post-audit customer surveys: DuPont, FirstEnergy
Audit department performance metrics: FirstEnergy

How to Get There from Here
How to identify and prioritize your key customers
How to determine your customers’ needs and expectations
How to develop a vital, shared vision
How to develop a strategic plan
Audit Department Strategic Plan: FirstEnergy

Course summary: Profile of a value-adding audit department