Course Information

Change equals risk. With change comes an increase in risk. The increased risk can be temporary while we work through the change, or it can be permanent. It is our job to determine which. We are in unprecedented times and experiencing a time of significant change for all organizations. The work that we have done, the risk assessments, the forecasts, the audits, all need to be revisited and spot checked to take into consideration what has changed and how it has impacted our assessment of risk and exposures for our organization. This course will examine how auditors and fraud examiners should revisit risk assessments, recent audits and identify, evaluate and prioritize emerging risks as a result of COVID.

Fraud risk is increasing significantly with the changes, adaptions, and work-arounds organizations have had to leverage to keep operating during COVID. This course will examine how to assess the increased fraud risk and what can be done to prevent, detect and deter fraud during these new circumstances.

Upon completion of this course, participants will be able to:

• How to revisit a risk assessment

• Where to start with a risk assessment revisit

• Why you should evaluate everything first from a top down approach

• Quick spot check methods to achieve quick, yet measurable results

• How and why now is the time auditors can add real value to their organizations

Detailed Course Outline:

COVID and Impact to Business

• Business changes

• Lost revenue

• Pandemic timeline and impact of timeline

Identifying, Understanding, Evaluating and Prioritizing New Risks

Focus on the organization’s business objectives

• Changes, adaptation, work-arounds temporary and permanent

• Revenue, people, future and adaptation

Revisiting Risk Assessments

• Why risk assessment revisits need to occur

• How to revisit and what to focus on

• Identifying, understanding and evaluating change to existing risks

• Re-evaluating significance and likelihood

Spot Checking Recent Work

• Determining what to check

• How to “spot” check without a full audit

• Staying targeted and focused

Business Continuity Assessments

• Crisis planning

• Employee health and safety

• Communication

• Security and social engineering

• Technology

• Supply chain

• Reputation

• Legal issues and new regulations

• Survival strategies and accepting risks

Risk Management Assessment

• Reassessing existing risk management process and policies

• Reassessing risk management teams, skills and focus

• Assessing service providers, third-party, and travel

Specific Risks

• Accounting

• Telecommuting

• People and Human Resources

• Processes – changes, modifications, workarounds

• Supply Chain

• Information Technology and Cybersecurity

Fraud Risk

• Identifying new fraud risks

• Personal and organizational risks

• Protecting and educating employees on fraud risks

Leveraging Data Analytics

• Ad hoc assessments and analysis

• Continuous auditing and monitoring

• Fraud detection and deterrence

Professional auditors with at least two years experience.