Building the Risk Based Audit Plan

Today, the connection and communication between internal audit, risk management and compliance functions is more important than ever.

Too often, internal audit plans fail to address the risk areas that may have the most impact on the organization’s objectives in the right way and at the right time. Failure to use information, metrics and assessments performed by risk and compliance often leaves internal audit in the dark about what really matters, or at least creates redundancy and waste of resources as audits are performed.

The more mature approach, being driven by leading internal audit teams, is to maintain ongoing communication and sharing of information through a common database that allows internal audit, risk and compliance to each view and use what they need when they need it. Internal audit assists in developing approaches to measurement and metrics that both aid the risk and compliance teams in their own operations and supports efficient and meaningful audits. And decisions about audit priorities align with strategic objectives and real risk assessments.

Join our expert panel for a discussion about building the risk based audit plan and learn how cutting edge approaches can help you to mature your own audit, compliance and risk capabilities.

Learning Objectives:

• Define how to use risk and compliance capabilities to improve and define audit plans and processes
• Identify example key risk indicators (KRIs) and key compliance indicators (KCIs) that may impact audit priorities or timing
• Develop a maturity lifecycle for risk based audit planning

Presenters:

• Carolyn Saint, Vice President, Internal Audit, 7-Eleven
• Patrick Potter, GRC Strategist, RSA
• Melissa Bayer, Process & Strategic Excellence and Governance, Risk Management & Assurance Leader, Bank of America
• Carole Switzer, President, OCEG

Sponsored by RSA