Skip to main content

Effective Risk-Based Audit Planning and Executions (OFFERED VIRTUALLY)

Back to Course Schedule
Date(s): Jul 20, 2020 - Jul 23, 2020
Time: 8:15AM - 12:00PM
Registration Fee: $399.00
Cancellation Date: Jul 14, 2020
Location: Online

Course Description


Risk-based auditing requires a deep understanding of the business and business objectives and operating rules to properly identify, evaluate, and prioritize the risks to the business. Business objectives and operating rules—the primary drivers of risk—have to be fully understood to ensure risks are identified and effectively evaluated.

This course will provide auditors with the skills necessary to plan and execute an effective risk-based audit that delivers measurable results to the organization.

Participants will learn through lecture, group discussion, case studies, and small group exercises to ensure an interactive experience.

Potential CPE Credits: 16.0
Govt Hours: This class meets 16.0 hours of the 24-hour requirement for governmental CPE under Government Auditing Standards (yellow book), in most cases.
Technical Hours: This class meets 16.0 CPE credits of technical training in compliance with Texas Admin. Code Rule 523.102.

Instruction Type: Live
Experience Level: BEGINNING
Category: 02 Auditing

Course Objectives

Upon completion of this course, participants will be able to:

• Understand risk and the types of risk

• Learn to identify, evaluate, and prioritize risk in your organization

• Enhance interview and research skills needed to understand the business and identify risks

• Strengthen one’s skills in developing risk-based audit test steps and work programs

• Learn to utilize tools for planning and executing risk-based, properly scoped audits that are targeted and focused on the most significant areas of the business and processes



This course will cover:

The Role of Audit

• The role of Audit today

• IPPF standards


Audit Development Cycle: Closing the Loop Process

• Defining the closing the loop process

• The importance of planning

• Understanding the business

• Identifying business risks

• Evaluating and prioritizing risks

• Developing Audit objectives and defining scope

• Evaluating the control environment

• Developing testing

• Testing of controls

• Facilitating action


Planning: Understanding the Business

• Identifying and understanding business objectives

• Understanding business rules

• Document review

• Understanding the business processes

• Documenting business processes—narratives/process flow charts/walkthroughs


Planning: Understanding the Business Methodologies

• Document review and research

• Interviewing tools and techniques


Planning: Scope


• Defining Scope—what’s in and what’s out

• Setting expectations with Management

• Scope statements


Engagement Risk Assessment

• Understanding risk

• Types of risks—operational/financial/reputation/regulatory

• Identifying risk

• Evaluating risk

• Prioritizing risk

• Likelihood/significance/duration/velocity

• Tying risks to business objectives


Identifying Control Criteria

• Types of controls

• Control objectives

• Entity-level controls

• Activity-level controls

• Evaluating Controls—design vs. operating effectiveness


Risk-Based Testing and Sampling Methodologies

• Determining testing approach and method

• Determining sufficient, relevant, and reliable evidence

• Weighing evidence


Results and Conclusions

• 5 Cs

• Root causes

• Tying action plans to business objectives and risks

• Framing issues from a business perspective

• Leveraging the 5 Cs in reporting

• Using visualization in reporting



Prerequisites: Professionals with at least 2 years of experience in order to draw upon their experience.

Participants will need an internet connection, a computer, a speaker and a microphone to participate in the course.

[GAGAS, 4.23(q)]


Mike Jacka

Mike Jacka, CIA, CPA, CPCU, CLU, FCLS, worked for 30 in internal audit for Farmers Insurance out of Phoenix, Arizona. During that time he was responsible for projects as far-ranging as development of fraud investigation procedures for a 100-person audit shop, overseeing 30 people as head of Western Regional Auditing Operations, and designing a new auditor training program for a global organization of 200 staff members.

Since his release in January, 2012, he has become Co-founder and Chief Creative Pilot at Flying Pig Audit, Consulting, and Training Solutions (FPACTS), a group dedicated to working with internal auditors to improve their departments, their organizations, and their profession.

Jacka is the co-author of Business Process Mapping: Improving Customer Satisfaction, now in its second edition, and the accompanying workbook. He is also co-author of Auditing Social Media: A Governance and Risk Guide, and The Marketing Strategy: A Risk and Governance Guide to Building a Brand, both published by the IIA.

He has been responsible for the Lighter Side articles which appear in Internal Auditor magazine. Not learning their lesson, the magazine has now made him responsible for the column "The Mind of Jacka". He also writes the associated blog “From the Mind of Jacka”. He holds a Bachelor of Arts in archaeology and a Bachelor of Science in accounting from Arizona State University. He is a member of The IIA’s Phoenix Chapter, the American Institute of Certified Professional Accountants, and the Society of Chartered Property Casualty Underwriters.

Additional Information

TAC Rule 523.142(g) requires the CPE Sponsor to monitor individual attendance and assign the correct number of CPE credits. Participants will be asked to document their time of arrival and departure in compliance with this Rule. Additionally, attendance will be monitored throughout the day and CPE certificates will reflect actual attendance of each participant.

Back to Course Schedule