Course Information
Root Cause Analysis
Course Description
In today’s audit environment there is a lot of discussion around audit functions “adding value.” Audits are time consuming and costly, and they’re often a source of frustration for the audit client. Why? As auditors we often hear that the “auditor(s) just doesn’t understand my business.” The business can feel this way as a reaction to the proposed action and remediation plan. If an audit team doesn’t perform effective root cause analysis, then the recommended action often will not solve the root cause of the issue and problems will persist.
To truly add value, an audit must address the root causes of the issues and exceptions identified, not just the symptoms. This course will introduce the various tools and methodologies used for root cause analysis and show how to apply them to the audit process. Participants will learn interactively through a combination of lecture, case studies, and exercises.
Course Objectives
Upon completion of this course, participants will be able to:
• Understanding Root Cause Analysis (RCA)
• Introduction to the various tools and methodologies that can be utilized for RCA
• Understanding how RCA can be applied within audits
• Understanding when to utilize RCA in an Internal Audit
• Understanding the common challenges when using RCA
• Learning how to apply RCA in practice
Understanding Risk Cause Analysis (RCA)
• What is it?
• A very brief history and background of RCA
• Why should it be done?
RCA in Internal Audit—Why?
• Business responsibility or Internal Audit?
• Adding value
• When should we conduct an RCA?
• At what point in an audit should the RCA be conducted?
• When to use RCA outside of an audit
Standards and Best Practices
• Overview of current IIA guidance
• IIA Practice Advisory 2320-2
RCA Methodologies and Techniques—Most Common in Audit
• Pareto Analysis
• Ishikawa Method—Fishbone diagrams
• Kipling Methodology—5W1H
• 5 Whys
• 5 Cs
The RCA Process
• Defining the issue
• Diagnosing the issue using one of the methodologies
• Identifying potential alternate solutions/recommendations
• Determining if an interim or permanent solution is viable
• Ensuring appropriate controls for recommended solution
• Lessons learned
Adding Value – Linking Root Cause to Findings and Objectives
• Linking the finding to its root cause
• Linking the finding and root cause to the audit and business objectives
• Understanding the control failure root causes
Common Challenges and Obstacles
• Environmental obstacles
• Common mistakes
• Biases that impede RCA
• Drawing the wrong conclusion
• Resolutions that don’t resolve the issue
• Communication—interviewing, Q&A, follow-up
Communicating Root Causes
• Results
• Solutions—MoSCoW Analysis
Instructors
Bret Kobel is Managing Partner for Verracy Training & Consulting and has more than 20 years of professional finance, accounting, audit, risk and compliance experience. Mr. Kobel specializes in internal controls, process improvement, process transformation & implementation with organizations operating under GAAP and/or IFRS Standards. He brings a diverse background to the organization from venture-backed startups to global Fortune 500 companies.
Prior to joining Empower, Mr. Kobel spent two years on assignment in Singapore as the Regional CFO and Controller for an international logistics company responsible for seven countries in the Asia Pacific region. Mr. Kobel was tasked with transforming the financial organization and redesigning the financial processes to ensure timely and accurate financial reporting.
Prior to that, Mr. Kobel spent several years with a large international drilling services company operating in over 40 countries on six continents. He was responsible for developing the company’s initial policies and procedures and implementing the baseline internal controls framework for the company as well as the initial Enterprise Risk Management (ERM) program. Mr. Kobel later led global Internal Audit teams performing the first ever internal audits in the company’s 120-year history.
Earlier in Mr. Kobel’s career, he was part of a team that interpreted the newly released 1992 COSO Internal Control – Integrated Framework that worked to define a set of policies and procedures for one of the largest university systems in the nation and later led teams conducting the initial internal audits for the newly-implemented procedures.
Mr. Kobel received his BS degree from Indiana University and his MBA from The University of Texas at Austin. He is a member of the Institute of Internal Auditors (IIA) and the Association of Certified Fraud Examiners (ACFE) and is currently an instructor and conference speaker for the IIA and ISACA.
Additional Information
TAC Rule 523.142(g) requires the CPE Sponsor to monitor individual attendance and assign the correct number of CPE credits. Participants will be asked to document their time of arrival and departure in compliance with this Rule. Additionally, attendance will be monitored throughout the day and CPE certificates will reflect actual attendance of each participant.
If you are making travel plans to come to Austin, we recommend making "refundable" air and hotel reservations or waiting until 14 days before the class to actually book your reservations. Courses are occasionally canceled or rescheduled due to low enrollment. We determine whether a course has enough participants 16 days prior to the course date. If we cancel or reschedule, we will email the participant and his or her billing contact no later than 14 days before the original class date.
The course coordinator will contact you with parking information. Handicapped parking is free at the meters around the downtown area.
Vending machines with Coca-Cola products and various snack items are available. There is also a refrigerator and microwave in our coffee bar area. Feel free to bring in your own drinks and food if you prefer.
You might want to bring a light sweater or jacket, as room temperatures vary.
To see answers to our Frequently Asked Questions, visit http://www.sao.texas.gov/training/faq.html.