Back to the course Enrol for this module

Module Description

This is the P7 Core Topic Tuition Session

Please see the IIA Diploma and Advanced Diploma syllabi for full details of syllabus understanding
requirement

P7  -  IIA Diploma Modules

Fast Track Tuition

5 Day Course

Details of Course

The 5 day Course will cover the following key Diploma
syllabus areas:

Internal Audit

Day 1 and 2

THE INTERNAL AUDIT ROLE

• How do we define the role of internal audit
• International Professional Practices Framework
• International Standards For The Professional
  Practice of Internal Auditing
• IIA Code of Ethics
• The importance and tensions of independence
       and objectivity
• Governance, risk and control
• Stakeholders including the Audit Committee
• The added value concept
• Assurance and consulting roles

CONTROLS

PLANNING AND CONTROL OF THE AUDIT

• Terms of reference
• Audit Standards
• The audit research and plan
• Maintaining and producing audit documentation

THE AUDIT PROCESS FROM START TO FINISH

• Fact finding techniques
• Testing and ensuring validity
• Recording of Information
• Writing the audit report
• The follow up and managing the response

RISK BASED INTERNAL AUDIT

• The Risk Based Approach
• IIA Position Statements
• The benefits of a Risk Based Approach
• Writing the audit report
• The follow up and managing the response

COMPUTER ASSISTED AUDIT TECHNIQUES

Corporate Governance & Risk Management

Day 3 and 4

The characteristics of good governance in public, private and not-for-profit

organisations including:

• the role of the board and its sub-committees, including the audit committee,and executive and non-executive directors as individuals

• the role of management at all levels
• the role of internal auditors, internal and outsourced
• the role of externalauditors
• reporting responsibilities and processes, including whistle-blowing

UK Governance Code

Management Control Frameworks – COSO

Risk management

The principles of risk management,
including:

• definitions of risk,including (enterprise-wide) risk management and riskassurance, risk appetite and risk management strategies

• the relationship of risk management to corporate governance
• different risk management standards

The structures and processes of (enterprise-wide) risk management, including:

• • structures and roles of the board and of executive and non-executivedirectors, chief risk officer, risk committee, general management, internal audit and functional experts, such as health and safety officers, security,insurance, finance, human resources,information technology

• risk types, including
  operational, reputational and financial
• risk frameworks
• risk identification at all levels
• risk analysis
• risk evaluation
•  routine assurance andembedded monitoring
• organisational earning from risk experience
• risk management assurance
• embedding risk management in the organisation

How organisations manage risks, including:

• risk responses,including tolerate, terminate, transfer or treat
• controls as a meansfor managing risks
• control frameworks
• control models andtypes of control, including preventative, detective,corrective, automated, manual, environmental, managerialand clerical

Day 5

Information Systems Auditing

Security and control of information systems

The requirement for information security and data protection, including the protection of key corporate data, ntellectual property, personal data and customer information

The internal and external threats to nformation systems, including computer fraud and abuse, identity theft, cybercrime, malicious software and viruses,

spyware and keystroke loggers, attack and phishing toolkits

The principles of ensuring confidentiality, integrity and availability of information in static, processed and transmitted data accessed via a local network or remotely

Standards for data security, information security and business continuity, and methods to measure the degree of compliance with best practice

How to appraise an information security policy and summarise its coverage, including the categorisation of data,l evels of access, authentication,

passwords, data retention, internet, social media and email use

An effective structure and process for ensuring emerging technologies and threats are properly secured and data integrity
maintained

Module sessions

Back to the course Enrol for this module