Untitled - Hong Kong Management Association

More documents

Recommendations

Info

B. Wororkshop on IT Auditing for Non-IT AudituditororsCourse ObjectivesThe computerisation of organisations and processes poses a major challenge to internal auditorsevaluating the risks and controls in complex environmentsAbove this, international standards for the practice of internal auditing require that: ‘“Internal auditorsmust have sufficient knowledge of key information technology risks and controls and availabletechnology-based audit techniques to perform their assigned work.”Starting in 2005, the Institute of Internal Auditors published the Global Audit Technology Guide whichaims to provide easy-to-understand information technology audit guides to internal audit professionalsand audit committee. The guide is useful to provide a mechanism to quickly address new IT issues andproduce technical audit working programs for one’ s organisation.After attending this session, participants will:• Understand their role and responsibilities and the role of IT auditing: skills, areas and risks involved• Understand the critical areas and approach for non-IT Auditors to be covered; and cooperate withthe IT risk functions• Understand the relationship between financial and IT controls• Know how to evaluate application controls and Common IT General Controls (In a simpleEnvironment)The course will not teach on how to conduct IT audits but will equip internal auditors with sufficient knowledgeto allow them to work effectively with IT auditors, manage information technology related to audit request,and acquire a good command of the technical language for IT auditing. It will cover the main topics of theGlobal Audit Technology Guide for internal auditors to be able to comply with the international audit standards.Who should attend?Internal auditors with no technology background nor experience or anyone with the responsibility to conductinternal audit activities covering processes and information flows supported by IT systems.The course can be attended as a useful complement of the two core-seminars: ‘Internal auditmethodologies’ and ‘Managing the internal audit department’.MediumEnglish. Learning techniques will include short lectures, various examples and simulations.Course content• Overview of GTAG ® guidance• Role of the internal auditor on IT• Organisational aspects of 1T and ITgovernance• IT entity-level controls• Computer assisted audit techniques• Understanding IT controls (applicationand general controls)• Role of IT in top-down risk-basedapproach for internal audit• Methodology & templates• IT knowledge on IT infrastructures andsytems (self-review test)• Understanding IT risks• Measuring IT risks• Risk scoring• Testing application controls• IT General Control reviews• Risks and controls IT Change management• Case study (45 mns')• Introduction of IT audit methodology(COBIT)
C. Managing the Interernal nal Audit DepartmentBuilding Effective Internal Audit Processes, Organisation and LeadershipCourse ObjectivesThis course aims to give participants the opportunity to:• Understand (and prioritise) their responsibilities in their role of managing internal audit activitiesand reassess the full scope of activities in the internal audit department• Perform a short self-review of their internal audit practice and evaluate the current strengths andweaknesses of the internal audit process in your organisation for continuous improvement• Revisit common standards in supervising audit works, papers and the application of internal auditprocedures• Define strategies to enhance collaboration of other parties with the internal audit function inorder to maximize impact and value• Conduct audit planning activities (annual and activity-based)• Report on results to management and the board of directors• Recruit and lead audit teamsWho should attend?Head of Internal Audit, Internal Audit Managers, Internal Audit Directors, Risk managers, or non-auditmanagers with responsibilities to lead internal audit assignments both financial or operational acrossoperations.<strong>Management</strong>-level executives preparing to transfer to audit role positions.Internal or external consultants in charge of outsourcing or co-sourcing internal audit activities.Note: Previous internal audit experience of 1 to 3 years is recommended as a prerequisite forregistration to this. Participants without prior internal audit experience might consider attendingHKMA Internal Audit Methodologies workshop as a prerequisite.MediumEnglish. Learning techniques will include short lectures, followed by individual group exercises, casestudies, interviews and group discussions.Course contentThe Internal Audit Roadmap. Key Standard requirements. Key steps and deliverables. Role on IT andFraud. Best Practices to ensure value adding and impact of Risk-based internal audit. Benchmark exercise.New environment of internal audit. IA Role and value proposition. Measuring the internal auditperformance. Internal Audit Reporting and communication with the board. Reporting practices andrequirements. Case study.Risk-based Audit Planning. Definition. Tools and Techniques. Audit Scoring. Practical steps in the planningphase. Control Risk Self-assessment. Annual Planning. Case Application (Demo).Resource <strong>Management</strong>. Skills requirement and staffing models. Leadership of the internal audit department.Adapting different cultural environments. Internal Audit role on organizational cultures .Self-evaluation tools.Review Test.
Page 2 and 3: A. Internal Audit MethodologiesImpl
Page 6 and 7: D. Internal Control for Senior Mana
Page 8: REGISTRATIONAll interested parties

Untitled - Hong Kong Management Association

Create successful ePaper yourself

Delete template?

Save as template?