Risk Based Internal Auditing (RBIA) is defined by the Institute of Internal Auditors (IIA) as “a methodology that links internal auditing to an organization’s overall risk management framework”. RBIA allows internal audit to provide assurance to the bank’s/ organization’s board that various risk management processes are managing risks effectively, in relation to the risk appetite of the bank/ organization.
However, every organization is different with different attitudes to risk, different management and organizational structures, different processes and procedures, and the need to subscribe to and comply with diverse conventions and regulations. Experienced internal auditors need to adapt these ideas to the structures, processes and language of their organization in order to implement RBIA.
Implemented correctly, RBIA offers tremendous advantages to the organization. RBIA allows internal audit to provide the Board of Directors with the assurance that it needs on three areas:
- Risk management processes - their design and how well they are working
- Management of those risks classified as 'key' - including the effectiveness of the controls and other responses to them
- Complete, accurate and appropriate reporting and classification of risks
- By using the RBIA approach, the organization’s internal audit should be able to conclude that:
- Management has identified, assessed and responded to risks within and beyond the organization’s risk appetite
- That the responses to risks are effective but not excessive in managing inherent risks within this risk appetite
- Where residual risks are not in line with the risk appetite, action is being taken to remedy this
- Risk management processes, including the effectiveness of responses and the completion of actions, are being monitored by management to ensure they continue to operate effectively
- Risks, responses and actions are being properly classified and reported.
Who will Benefit:
This practical hands-on training course is designed for professionals from industry, financial institutions and risk intensive organizations. The following job titles/ positions will benefit from attending:
- Board members, especially risk and audit committee chairs and members
- Chief Risk Officers
- Heads of market, credit, and operational risk
- Head of Risk Management
- Chief Compliance Officers
- Chief Audit Officers
- Chief Financial Officers
- Auditors (External and Internal)
- Bank regulators and examiners