Seminar/Workshop on Risk-Based Internal Auditing and Internal Audit Workpapers COURSE DESCRIPTION This seminar/workshop will provide the participants with the knowledge, practical tools and leading practices in the conduct of the internal auditing process to deliver more valueadded services to management and Board and contribute to achieving the organization’s goals. It will also help the Board and management understand the role and importance of internal auditing under a governance and risk framework. The workshop will be delivered through an intensive hands-on approach using actual cases that the participants can immediately apply when going back to their workplace. WHO SHOULD ATTEND This seminar is ideal for internal auditors, risk management personnel, compliance officers, and finance personnel of:
Rural banks Thrift banks Credit cooperatives Multi-purpose cooperatives Electric cooperatives Savings and loan associations Educational institutions; and Other related industries
SEMINAR OBJECTIVES At the end of the seminar, the participants will be able to: Understand the role of internal auditing under a governance, risk management and control framework Explain the risk based audit process and the key elements, procedures and tools Develop a systematic method to integrate the documents and data to support the engagement results
Develop action plans to address gaps and challenges Apply the tools and lessons learned to improve work performance and deliver added value
COURSE OUTLINE A. Module 1 – The Governance Framework I. II. III. IV.
The Role of the Board The Role and Functions of the Audit Committee The Role of Management and External Parties The ‘Three Lines of Defense’ Model for Internal Control
B. Module 2 - The Risk Based Audit Plan I. II. III. IV. V. VI. VII. VIII.
Understanding the Business Revisiting Vision, Mission and Objectives Enterprise Risk Assessment Sourcing Risks to Key Processes Determining Priority Areas to Audit Identifying Resource Requirements Presentation and Approval of the Plan Reporting on the Plan
C. Module 3 – The Individual Audit Engagement I. a. b. c. d.
Planning an Audit Defining clear roles and responsibilities Conducting the initial study Conducting an entrance meeting Understanding the process though a preliminary survey (i.e. flowcharts, interview, walkthrough, narrative) i. Example for Rural banks and thrift banks ii. Example for Credit cooperatives and multi-purpose cooperatives iii. Example for Electric cooperatives
e. f. g. h. II.
Conducting an Audit a. Documenting information through the workpapers i. Workpaper standards ii. Workpaper qualities iii. Workpaper techniques b. Gathering, validating and analyzing evidence i. Types of audit evidence ii. Qualities of audit information c. Developing Conclusions i. Elements of an audit finding ii. Micro and macro level opinions or conclusions iii. Audit rating system
III. a. b. c. d. e. IV.
iv. Example for Savings and loan associations v. Example for Other industries Conducting engagement risk assessment (i.e. risk and control matrix) Defining audit objectives, scope and resources Crafting test scripts, work procedures and selecting credible samples Completing the engagement plan
Reporting the Results of an Audit Preparing information status update Quality of communications Draft reports Exit conference Final reports (executive summary and detailed reports) Monitoring of Issues and Action Plans
D. Module 4 – Quality Assurance Overview I. The Journey to Quality II. Ensuring Quality in All Aspects of the Internal Audit Activity a. Internal audit governance b. Internal audit staff c. Internal audit management
i. Risk-Based plan d. Internal audit process i. Planning, conducting, reporting and monitoring the engagement E. Self-Assessment / Recap
Course materials, lunch and snacks, certificate of attendance
Three Days (3)
24 CPE (for those with relevant IIA certification – CIA
Staff, Supervisor, Manager
Based on Internal Audit Competency Framework (IACF) International Professional Practices Framework Governance, Risk and Control Internal Audit Delivery
Participants to familiarize themselves with their organization’s vision, mission, strategic objectives and long-term plan. Participants to bring the results of their enterprise risk management (ERM) program, if applicable. Participants to bring samples of actual flowcharts of key processes or departments
Public run seminar; In-house training
Case Studies, Group Discussions, Facilitated Review of Group Output, and Resource Speaker Presentation
Maximum Class Size
SPEAKER PROFILE POL B. MIRAFUENTES, CPA, CIA, CCSA Pol has more than 23 years professional work experience, mainly in the power and energy sector, with extensive exposure in the field of internal auditing, planning and budgeting, and financial analysis. He has also taught several subjects in the Certified Internal Auditor (CIA) review program, in-house training, and public-run seminars. Pol also served the Institute of Internal Auditors Philippines (IIAP) as the volunteer Chairman of the TSRC and Professional Development Committees (PDC) from 2010 - 2013, and as full-time Chief Operating Officer (COO) from 2013 - 2014. As PDC Chairman, Pol managed the IIAP CIA review program and the various trainings and Chief Audit Executive forums. As the COO, Pol launched innovative programs that resulted to unprecedented growth in income and training performance of the Institute. Pol is also a CIA topnotcher, a William S. Smith Certificate of Excellence awardee (Global Top 5) in the November 2006 exam. He is also an accredited Quality Assurance validator. Pol has also facilitated this Risk Based Internal Auditing / Internal Audit Workpaper Seminar for: A large thrift/rural bank in Mindanao last October 28-30, 2015 Electric cooperatives for Regions 1 to 3, and CAR through NEA last September 22 – 23, 2015 Various companies, through PICPA – Angeles City, last June 30, 2015 He is also a consultant in internal audit engagements for a savings and loan association and a credit cooperative.