IIA training and events

IIA Award in the internal audit planning and assurance framework

Presented By
Liz Sandwith CFIIA A past IIA president, Liz is an expert on corporate governance, risk management, assurance, compliance and internal control. She is currently Head of Assurance, Risk and Compliance for a major health care provider.
Gary Ingamells CMIIA Gary is currently an audit manager at the Department for Work and Pensions with responsibility for providing assurance over Information Management and Security. Gary achieved the Advanced Diploma in 2002 and has been a tutor for the Internal Audit Practices module ever since.

Understand the framework within which internal audit planning and assurance are set, the nature of the types of internal audit plans ie strategic, annual and engagement and the need for assurance. Focus on the identification and mitigation of risks affecting internal systems, business processes, projects, applications, data and third parties along with the suitability of the controls in place, the reliability of reporting and the level of compliance with regulation and legislation.


Who should attend?

This course is open to all.


What will I learn?

Upon completion you will be able to:

  • contribute to the creation of the annual internal audit plan
  • explain the purpose of and create an engagement plan / terms of reference
  • outline the stages involved in a risk-based approach to audit planning and engagement
  • identify the features of the framework in which internal audit and assurance operate
  • design an appropriate audit testing programme
  • assess audit evidence
  • report audit findings in an appropriate format
  • conduct effective follow up work.

Course programme

Strategic planning

  • describe the purpose of the audit strategy
  • explain the difference between strategic, annual and engagement plans
  • describe the process of setting the audit strategy
  • outline how the audit strategy can be documented and communicated.

Risk-based internal audit planning

  • outline the stages involved in a risk-based approach to audit planning and engagement, including how to assess risk maturity and the control environment
  • explain why internal audit seeks to assure itself of the reliability of risk management process before developing the audit plan.

Engagement planning

  • provide examples of the key sources of information needed for the preparation of the audit engagement plan
  • explain how the audit scope is determined
  • understand the elements that build the risk matrices.

Undertaking an engagement to provide assurance

  • ability to conduct a fact-finding interview
  • design an appropriate audit testing programme
  • assess audit evidence using RUST
  • report audit findings in an appropriate format including the provision of a level of assurance / audit opinion
  • conduct effective follow-up work including assessing how to follow up and including time to undertake follow up work in the annual internal audit programme.

Assessment of assurance

  • understand the various levels of assurance and the definitions
  • understand the link between positive and negative assurance
  • explore the linkage between engagement assurance and the annual assurance statement.

Pre-course work

There will be some pre-course preparation for this module which you will be advised on upon confirmation of your booking.


CPE competency areas covered

  • Internal audit delivery
  • Internal audit management

14 CPE points


 All training courses are subject to our Fair Collection Notice and Privacy Policy

Sorry, there are no events currently scheduled, please check back again soon