Skip Ribbon Commands
Skip to main content
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorLearning and EventsBreadcrumb SeparatorCoursesBreadcrumb SeparatorFundamentals of Risk-based Auditing
Course Description Course Outline Bring Us On Site  

Fundamentals of Risk-based Auditing

Course Description

Print-friendly Course Description and Outline

Internal auditing is a profession that is always evolving, especially in the area of risk-based audit approaches. Successful audit leaders know that it is imperative to guide their organizations’ risk-based auditing, while improving their current internal audit processes.

This course provides the fundamental knowledge needed to become effective in performing risk-based internal audits. Foundational concepts such as the nature of risk, risk sources and categories, risk appetite and tolerances, and risk frameworks are provided to help you understand the application to the audit engagement.

During this course, you will participate in interactive activities and real-life scenarios. Be prepared to walk away with best practices and key takeaways you can apply to your organization and its internal audit function. In addition, you will learn the value this approach brings to your organization.

This course is designed for internal auditor practitioners who want to learn the principles and concepts of risk and risk management, as well the tools and techniques used to perform a risk-based audit.

Fundamentals – Pathways to Success

Fundamentals of Risk-based Auditing is the second in a sequence of recommended courses for new internal auditors.

Following this course, consider taking any of these recommended Risk-based courses:

Fundamentals of IT Auditing
Advanced Risk-based Auditing

Course Duration: 2 day(s)
CPEs Available: 16
Knowledge Level: Basic
Field of Study: Auditing
​Participants should have at least 2 years of experience in internal audit.
Advance Preparation: 
Delivery Method: eLearning (Group-Internet-Based); On-site Training (Group-Live); Seminar (Group-Live); Live Stream

​​Risk-based Internal Auditing: An Overview

  • The definition of internal auditing
  • The International Standards for the Professional Practice of Internal Auditing (Standards)
  • The value of risk-based internal auditing

Risk and Risk Management: Principles and Concepts

  • Risk overview and the definition of risk
  • Risk management definitions
  • Risk and risk management misconceptions
  • Objectives as they relate to risk
  • Uncertainty as it relates to risk
  • External risk versus internal risk
  • Risk categories
  • Other risk considerations

Risk Frameworks: An Overview

  • The purpose of risk management frameworks
  • Major risk and control frameworks
    • COSO Internal Control Framework
    • COSO ERM Framework
    • ISO 31000

Risk Assessment Criteria

  • The importance of risk assessment criteria in risk-based auditing
  • Risk appetite definition and concepts
  • Integrating risk appetite with risk assessments
  • Risk tolerance definition and concepts
  • Risk likelihood and impact
  • Other risk criteria

The Risk-based Audit Engagement: Planning and Risk Assessment

  • Risk-based audit engagement purpose
  • Risk-based audit engagement approach
  • Risk maturity
  • Risk identification
  • Risk assessment

Risk-based Audit Engagement: Control Evaluation

  • Managing risks
  • Definition of control
  • Types of controls
  • Evaluating controls
  • Tools for evaluating controls

Risk-based Audit Engagement: Communicating Results

  • Purpose of communicating
  • Why audit reports fail to communicate
  • Communicating an audit observation

Risk-based Audit Engagement: Implementation Challenges

  • Roadblocks to success
  • Personal implementation challenges
  • Possible solutions

​Most courses can be delivered through on-site training. You might be surprised that the organization leading the profession is just as committed to the delivery of affordable training.

Contact us by calling +1-407-937-1388 or send an e-mail to

Details and pricing
October 12-21,