New York Professional Events List

Risk Based Internal Auditing (RBIA)

Jun 05, 2017 - 08:30 AM - 04:30 PM
TBD New York, NY 10001,

New York,
NY ,
ZIP: 10001
Phone: 1 (877) 441-6090

Risk Based Internal Auditing (RBIA) is defined by the Institute of Internal Auditors (IIA) as “a methodology that links internal auditing to an organization’s overall risk management framework”. RBIA allows internal audit to provide assurance to the bank’s/ organization’s board that various risk management processes are managing risks effectively, in relation to the risk appetite of the bank/ organization.

However every organization is different with different attitudes to risk, different management and organizational structures, different processes and procedures, and the need to subscribe to and comply with diverse conventions and regulations. Experienced internal auditors need to adapt these ideas to the structures, processes and language of their organization in order to implement RBIA.

Implemented correctly, RBIA offers tremendous advantages to the organization. RBIA allows internal audit to provide the Board of Directors with the assurance that it needs on three areas:

  • Risk management processes - their design and how well they are working
  • Management of those risks classified as 'key' - including the effectiveness of the controls and other responses to them
  • Complete, accurate and appropriate reporting and classification of risks

This intensive 2-day course is all about RBIA, what it is, how it differs from the conventional internal audit and most importantly of all how it may be planned and implemented within the organization.

Event Tags: Risk Based Internal Auditing, Expectations Gap, Risk Heat Map, Business Risks, COSO, ERM, RBIA, Operational Risk, SWOT, BPEST, FEMA, Risk Matrix, Risk Register, and more...


Learning Objectives:

By using the RBIA approach, the organization’s internal audit should be able to conclude that:

  • Management has identified, assessed and responded to risks within and beyond the organization’s risk appetite
  • That the responses to risks are effective but not excessive in managing inherent risks within this risk appetite
  • Where residual risks are not in line with the risk appetite, action is being taken to remedy this
  • Risk management processes, including the effectiveness of responses and the completion of actions, are being monitored by management to ensure they continue to operate effectively
  • Risks, responses and actions are being properly classified and reported.

Who will Benefit:

This practical hands-on training course is designed for professionals from industry, financial institutions and risk intensive organizations. The following job titles/ positions will benefit from attending:

  • Board members, especially risk and audit committee chairs and members
  • Chief Risk Officers
  • Heads of market, credit, and operational risk
  • Head of Risk Management
  • Chief Compliance Officers
  • Chief Audit Officers
  • Chief Financial Officers
  • Actuaries
  • Treasurers
  • Auditors (External & Internal)
  • Bank regulators and examiners
  • Risk management consultants
Seminar Fee Includes:
AM-PM Tea/Coffee
Seminar Material
USB with seminar presentation
Hard copy of presentation
Attendance Certificate
$100 Gift Cert for next seminar

We are registered with and adhere to the Statement on Standards for Continuing Professional Education programs of the National Registry of CPE Sponsors. Our registration number is 109066. Please check with the governing body of your license and state for specific CPE requirements. Grievances may be forwarded to the company at 650 620 3961. Grievances may also be forwarded to the National Registry of CPE Sponsors-NASBA, 150 Fourth Avenue North, Suite 700, Nashville, TN 37219-2417, 615-880-4200,, e-mail [email protected].


Field of Study:

  • Auditing: 6 CPE Credits
  • Specialized Knowledge and Applications: 5 CPE Credits
  • Communications: 2.5 CPE Credits
  • Behavioral Ethics: 2.5 CPE Credits
  • Business Management and Organization: 2 CPE Credits
  • Management Advisory Services: 2 CPE Credits
  • Total CPE credits earned in this seminar: 20 CPE Credits

Program Delivery Method: Group-Live
Program Level: Intermediate
Advance Preparation/Program Prerequisites: Experience in Traditional Auditing


DAY 01(8:30 AM - 4:30 PM)
  • 08.30 AM - 09.00 AM: Registration
  • 09.00 AM: Session Start
  • What is Risk Based Internal Auditing?
  • An introduction to Risk Based Internal Auditing
  • Traditional Approach versus Risk Based internal approach
  • Stages of Risk Based Internal Auditing
  • Measuring the effectiveness of Risk Based Internal Auditing
  • Risk Based Internal Auditing – Background
  • Rationale behind Risk Based Internal Auditing
  • Internal Audit – Definitions, Objectives & Scope
  • The “Expectations Gap”
  • The RISK BASED Internal Audit
  • Comparison to the traditional approach
  • Risk Management Understanding Risk
  • The meaning of risk
  • The attributes of risk – Likelihood & Consequence
  • The Risk Heat Map
  • Audit risk
  • Business risks – classification, internal & external, controllable & non-controllable
  • The COSO risk management framework
  • Understanding COSO
  • COSO — An Integrated Risk Management Framework
  • The COSO ERM Framework
  • COSO in Finer Detail
  • Updates to COSO
  • Basic concepts of risk management
  • Risk capacity, risk appetite, risk response
  • Inherent & residual risk
  • Entity risk assessment & Business process risk assessment
  • Significant risk
  • Risk register
  • ERM – Enterprise Wide Risk Management
  • ERM and the Board of Directors
  • What is covered under ERM
  • Risk Maturity
  • What is risk maturity
  • Why it is important
  • Risk maturity levels
  • Scorecard for assessing risk maturity
  • Analyzing the risk maturity results
  • Using a Risk Based Internal Audit (RBIA) Methodology
  • Audit is of management of risks and not of risk
  • Key reporting areas in the management of risks
  • Documenting Board assurance requirements and risk appetite
  • Audit strategy & risk maturity
  • Selecting individual risks to audit
  • Frequency of coverage
  • Including the Risks into an Audit Assignment
  • Importance of selecting the right auditable unit
DAY 02(8:30 AM - 4:30 PM)
  • Stages of RBIA
  • Assessing risk maturity
  • Preparing the audit plan
  • Conducting the assurance audit
  • Reporting to the appropriate level
  • Model Process for Assessing & Evaluating Risks
  • Risk assessment steps
  • Risk assessment tools
  • Risk identification
  • Business Activities that are Sources of Risk
  • Operational Risk and its categories
  • Risk identification methods
  • Industry risk models
  • Choosing which methods to use
  • Typical risk areas
  • Risk estimation (Risk measurement/ Risk scoring)
  • Risk evaluation
  • Risk Heat map & Actions Needed
  • Using risk scores
  • Risk Assessment Tools
  • Market survey
  • Dependency modeling
  • SWOT analyses
  • Event tree analysis
  • BPEST (Business, Political, Economical, Social & Technological)
  • Fault tree analysis (Root Cause Analysis)
  • FEMA (Failure Mode and Effect Analysis)
  • Internal Audit Process
In this section the instructor will cover the complete Internal Audit Process through with the RBIA methodology is carried out in a consistent manner. This covers the need for the Internal Auditor to become acquainted with the business and the industry allowing him to assess the risk maturity which determines his/her ability to provide the PBIA assurance and to review the risk assessment done by management and the her/his conclusion whether this risk register may be relied upon.
The process covered includes;
  • Strategic analysis
  • Enterprise risk assessment
  • Internal Audit Plan development
  • What Risks to Audit – An Alternative Approach
  • Internal Audit execution
  • The Process Risk Matrix
  • Reporting
  • Issue Resolution tracking
  • Case Study - How the RBIA methodology is applied.
This is an illustrative case study showing how the RBIA methodology is applied in a real world environment.
  • Case Study - Comair Flight 5191
Operational risks not discovered can have devastating consequences, including loss of life and irreparable reputational damages. Such was the case of Comair Flight 519.
  • Comparing the Two Methodologies
The speaker will compare RBIA methodology to the regular audit methodology. These methodologies will be examine in terms of;
  • Managing risk
  • Setting responsibility for risk management, and
  • Usefulness to the Board of Directors
  • Risk Registers
The speaker will examine and discuss examples of the RBIA documentation form the case study including;
  • Risk Register,
  • Audit Procedures and
  • Transaction Files.
  • Closing Discussion - Difficulties facing the Internal Auditor
The instructor will examine and discuss some of the pitfalls that the Internal Auditor may face in his/her assignment and some potential solutions.

Event Categories
Keywords: applications, business , class , communication , design , Financial , framework , implement, industry , institutio


Events Calendar

28 29 30 31 1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 1

Event Location


VIP Life Time Subscription to our Newsletters!

Forbes Women's Summit 2018
Disrupt SF 2018 - Brought to you by Techcrunch
U.S. Naval Institute Annual Meeting 2018
Breast Cancer Research Foundation
Children’s Health Fund
The World Energy Engineering Congress (WEEC)
                            Oct. 17-19, 2018
                            Charlotte, NC