Skip Ribbon Commands
Skip to main content
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorLearning and EventsBreadcrumb SeparatorCoursesBreadcrumb SeparatorAdvanced Risk-based Auditing
Course Description Course Outline Bring Us On Site  

Advanced Risk-based Auditing

Course Description

Print-friendly Course Description and Outline

The need to manage risks is increasingly recognized as essential to effective corporate governance and to maintaining an effective system of internal control. Internal audit plays a key role in providing assurance that risks to the organization are properly managed. Risk-based auditing links internal audit to an organization’s overall risk management framework.

This course provides participants with the knowledge to develop an audit universe and risk-based internal audit plan. This course also addresses emerging and advanced risk management topics such governance risk, strategic risk, fraud risk, information technology risk, and auditing the risk management process. During this course, you will participate in interactive activities and real-life scenarios. Be prepared to walk away with concepts and tools to develop a value-added, risk-based audit plan for your organization.

This course is designed for senior internal audit practitioners and audit managers who want to build on their knowledge and increase their value to the organization by developing effective risk-based audit plans that address emerging risks.

Risk – Pathways to Success

Advanced Risk Based Auditing is the second in a sequence of recommended risk courses for internal auditors.

Following this course, consider taking this recommended risk course:

Enterprise Risk Management: A Driver for Organizational Success​

In-person classes are 2 day(s). For online courses, please click on the Details & Pricing link to review session times and dates.

Course Duration: 2 day(s)
CPEs Available: 16
Knowledge Level: Intermediate
Field of Study: Auditing
​Participants should be senior internal audit practitioners or internal audit managers. Completion of the Fundamentals of Risk-based Auditing course is recommended.
Advance Preparation: 
Delivery Method: eLearning (Group-Internet-Based); On-site Training (Group-Live); Seminar (Group-Live); Live Stream

​Risk Management Principles and Concepts: A Review

  • Risk definitions
  • Risk management definitions
  • Major control and risk frameworks
  • Risk management assessment criteria

Corporate Governance Risk

  • Overview, definition, and standards
  • Relationship between governance, risk and control
  • Governance breakdowns
  • Corporate governance principles
  • Governance principles and COSO frameworks
  • Audit activities and approach

Strategic Risk

  • Strategy overview
  • Definition of strategic risk
  • Internal audit’s consideration of strategic risk
  • Strategy related audit
  • Strategy risk audits
  • Strategy process audits

Fraud Risk Assessment

  • Definition and principles
  • Standards and guidelines
  • Anti-fraud program
  • Role of internal audit
  • Internal audit approach
  • Types of fraud
  • The fraud triangle

Information Technology Risk

  • The IT risk landscape
  • IT risk assessment frameworks
  • Internal audit considerations
  • Internal audit focus
    • Cybersecurity
    • Information security
    • Governance

Auditing the ERM Process

  • Enterprise risk management audits: Internal audit considerations
  • Assessing enterprise risk management
  • Maturity assessment approach
  • Comprehensive assessment approach

Developing the Risk-based Audit Plan

  • Auditable universe: General attributes
  • Audit universe risk assessment: Examples
  • Assessment criteria: Sophistication factors
  • Risk identification
  • Risk measurement
  • Risk prioritization

​Most courses can be delivered through on-site training. You might be surprised that the organization leading the profession is just as committed to the delivery of affordable training.

Contact us by calling +1-407-937-1388 or send an e-mail to