Skip Ribbon Commands
Skip to main content
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorLearning and EventsBreadcrumb SeparatorCoursesBreadcrumb SeparatorFundamentals of Operational Auditing
Course Description Course Outline Bring Us On Site  

Fundamentals of Operational Auditing

Course Description

Print-friendly Course Description and Outline

​To understand the effectiveness and efficiency of a business process, the internal auditor needs to perform a comprehensive assessment of the process and its corresponding management practices, procedures, and systems. In the ideal setting, the operational audit identifies process-specific good practices, control deficiencies and gaps, process risks and opportunities, and possible opportunities for process improvement.

This introductory course provides a comprehensive overview of key operational auditing concepts that are fundamental for all internal auditors. Participants will explore current and emerging business trends and issues across industry sectors. This course also introduces participants to important operational auditing terminology, risks, controls, and how to apply each within the internal audit process. Finally, the course will examine how to perform internal audit activities against critical business applications including: operational resilience, culture, vendor management, payroll, sales, ecommerce, and customer service center.

Who will benefit from this course?

This course is designed for internal auditors who are looking for a fundamental understanding of operational auditing. It is recommended for internal auditors that are involved in operational audit activities and need to know how to assess the effectiveness and efficiency of critical business processes and the impact of management, process, and control failures. This course also benefits any internal auditors currently focused on financial, compliance or technology audits who would like to expand their skill set to include operational audit knowledge and understanding.

This course is also designed to guide business managers responsible for ensuring effective use and management of corporate resources, who want to evaluate and improve the operational performance of business activities, processes, and/or resources deployed.

Course Objectives

  • Establish the value of conducting operational audits.
  • Define key activities associated with operational audits.
  • Distinguish operational assurance and consulting activities from financial and compliance assurance and consulting activities.
  • Identify the potential opportunities that result from performing data analysis during operational audits.
  • Examine common risks and controls related to business processes.
  • Review common techniques for performing operational audits on various business processes including: operational resilience, culture, vendor management, payroll, ecommerce, sales, and customer service center.
Course Duration: 2 day(s)
CPEs Available: 16
Knowledge Level: Intermediate
Field of Study: Auditing
Prerequisites: 
Tools for the New Auditor and/or previous internal audit experience.
Advance Preparation: 
​None
Delivery Method: eLearning (Group-Internet-Based); On-site Training (Group-Live); Seminar (Group-Live); Live Stream

​Operational Auditing Review

  • Attributes of operational auditing.
  • History of operational auditing.
  • Compare and contrast financial and compliance auditing to operational auditing.
  • Opportunities for conducting operational audits and consulting engagements.
  • Identifying opportunities data analysis usage in operational audits.
  • Business Process Risks and Controls
  • Business objectives.
  • Process objectives.
  • Process risks.
  • Process controls.
  • Evaluating the adequacy of controls to ensure that risks are sufficiently addressed to protect critical assets.

Operational Auditing Practices

  • Evaluate inherent risk.
  • Documenting data flow including IT-controlled and end-user (shadow-IT) controlled input sources.
  • Identify and document the activities associated with the operational audit.
  • Examine alignment of operations objectives with the organization’s mission and strategic objectives.
  • Evaluate performance measurement criteria for operations objectives.
  • Determine which organizational operations drive value creation.
  • Predict potential risk events in relation to operations objectives and goals.
  • Considerations for developing risk statements.
  • Establish measures to assess the impact and likelihood of potential risk events.
  • Review operations focused controls and methods to manage risk and realize opportunities.
  • Determine the appropriate tools and techniques to document operating information.
  • Explore the design of operations focused control and methods.
  • Evaluate the operational performance of risk management strategies.
  • Communicate the observations and recommendations to the audit client.

Operational Resilience Auditing Practices

  • Documenting audit procedures (user stories) and expected results (acceptance criteria).
  • Performing the audit test.
  • Completing the work paper.
  • Developing the observation.
  • Presenting the observation.
  • Understanding the difference between accidental events, management overrides with unintentional negative consequences, vs. fraudulent entries.
  • Identifying, investigating, and communicating suspected fraud.

Culture Auditing Practices

  • Documenting audit procedures (user stories) and expected results (acceptance criteria).
  • Performing the audit test.
  • Completing the work paper.
  • Developing the observation.
  • Presenting the observation.
  • Understanding the difference between accidental events, management overrides with unintentional negative consequences, vs. fraudulent entries.
  • Identifying, investigating, and communicating suspected fraud.

Vendor Management Auditing Practices

  • Documenting audit procedures (user stories) and expected results (acceptance criteria).
  • Performing the audit test.
  • Completing the work paper.
  • Developing the observation.
  • Presenting the observation.
  • Understanding the difference between accidental events, management overrides with unintentional negative consequences, vs. fraudulent entries.
  • Identifying, investigating, and communicating suspected fraud.

Payroll Auditing Practices

  • Documenting audit procedures (user stories) and expected results (acceptance criteria).
  • Performing the audit test.
  • Completing the work paper.
  • Developing the observation.
  • Presenting the observation.
  • Understanding the difference between accidental events, management overrides with unintentional negative consequences, vs. fraudulent entries.
  • Identifying, investigating, and communicating suspected fraud.

Ecommerce Auditing Practices

  • Documenting audit procedures (user stories) and expected results (acceptance criteria).
  • Performing the audit test.
  • Completing the work paper.
  • Developing the observation.
  • Presenting the observation.
  • Understanding the difference between accidental events, management overrides with unintentional negative consequences, vs. fraudulent entries.
  • Identifying, investigating, and communicating suspected fraud.

Sales Auditing Practices

  • Documenting audit procedures (user stories) and expected results (acceptance criteria).
  • Performing the audit test.
  • Completing the work paper.
  • Developing the observation.
  • Presenting the observation.
  • Understanding the difference between accidental events, management overrides with unintentional negative consequences, vs. fraudulent entries.
  • Identifying, investigating, and communicating suspected fraud.

Customer Service Center Auditing Practices

  • Documenting audit procedures (user stories) and expected results (acceptance criteria).
  • Performing the audit test.
  • Completing the work paper.
  • Developing the observation.
  • Presenting the observation.
  • Understanding the difference between accidental events, management overrides with unintentional negative consequences, vs. fraudulent entries.
  • Identifying, investigating, and communicating suspected fraud.

​Most courses can be delivered through on-site training. You might be surprised that the organization leading the profession is just as committed to the delivery of affordable training.

Contact us by calling +1-407-937-1388 or send an e-mail to GetTraining@theiia.org.

LocationsDates