Risk-Based Auditing and Annual Audit Planning

Course Category : Audit

An advanced programme that develops the capability to design risk-based annual audit plans and direct audit resources towards the most significant organisational priorities.
Duration: 5 Days
Level: Advanced

Introduction

Changing organisational environments require internal audit functions to adopt more precise methods for prioritising engagements and allocating resources. Risk-based auditing provides a professional foundation for aligning audit activities with strategic objectives and significant risks that may affect performance and sustainability. This course examines audit universe development, risk assessment, prioritisation, annual planning, and plan monitoring. It also strengthens participants’ ability to provide effective assurance, support governance, improve internal control, and increase the organisational value delivered by the internal audit function..

Targeted Audience

  • Internal Audit Directors
  • Audit Unit and Team Leaders
  • Internal Auditors
  • Enterprise Risk Management Officers
  • Governance and Compliance Professionals
  • Audit Committee Members
  • Internal Control Managers
  • Professionals involved in annual audit planning

Targeted Skills

  • Risk-Based Auditing Methodology
  • Audit Universe Development
  • Risk Identification and Assessment
  • Risk Matrix Preparation
  • Audit Engagement Prioritisation
  • Annual Audit Plan Development
  • Resource and Time Allocation
  • Audit Plan Performance Monitoring

Expected Outcomes

  • Explain the core principles of risk-based auditing.
  • Align the annual audit plan with organisational strategic objectives.
  • Develop a comprehensive audit universe covering key activities and processes.
  • Assess risks based on likelihood, impact, and control effectiveness.
  • Prioritise audit engagements according to risk and organisational significance.
  • Prepare a balanced and achievable annual audit plan.
  • Allocate audit resources according to priorities and available capacity.
  • Monitor and update the audit plan in response to changing risks.

Training Topics Index

  • Definition and objectives of risk-based auditing
  • Transition from cyclical auditing to risk-focused auditing
  • Relationship between internal audit, governance, and risk management
  • Professional independence and objectivity requirements
  • Role of the Global Internal Audit Standards in planning

  • Identification of auditable processes, units, and activities
  • Development and maintenance of the audit universe
  • Identification of strategic, operational, and financial risks
  • Alignment of risks with objectives and processes
  • Use of the enterprise risk register

  • Assessment of risk likelihood and impact
  • Measurement of inherent and residual risk
  • Evaluation of control design and effectiveness
  • Development of risk scoring models and matrices
  • Classification of audit topics by priority

  • Definition of annual audit plan objectives and scope
  • Selection of assurance and advisory engagements
  • Estimation of time and resources for each engagement
  • Balancing priorities with available capacity
  • Presentation and approval of the annual audit plan

  • Monitoring annual audit plan implementation
  • Managing urgent engagements and emerging risks
  • Updating priorities and making necessary adjustments
  • Developing internal audit performance indicators
  • Reporting to senior management and the audit committee

Course Features

  • Updated and Interactive Content
  • Hypothetical Examples and Case Studies
  • Pre- and Post-assessments to Measure Impact
  • Verified Certificate with a QR Verification Code