Programme in preparation

Risk-based Audit Methodology


Risk based Internal Auditing helps to prioritize often capacity - limited resources to reviewing and assessing the appropriateness, efficiency and effectiveness of controls that are intended to manage or control the more material risks the business faces.

Working in conjunction with the Risk Management and Compliance teams, risk based internal audit provides assurance to the Board and senior management that such risks are well controlled, or provides an early warning and escalation mechanism if they are not. In addition, risk based internal audits will also highlight instances where risks are being over controlled and consuming excessive resources.

The participants to these webinars will get acquainted with the key concepts of a risk-based audit methodology.

Target Group

Internal auditors (all levels), operational risk analysts, compliance officers, risks controllers, business controllers, Senior & Middle Level management officers who want to learn about cybersecurity from an audit perspective.

Preferred: at least 3 years’ experience in Audit and/or business control of bank’s processes, operations, procedures and organization.

Location & Duration

This content will be divided in 3 sessions of 3.5 hours each delivered via a virtual classroom.


Detailed programme Explode

Introduction to a Risk-based audit methodology

  • The 5 deadly failings of Audit
  • How to eliminate the 5 deadly failings
  • Linking risk management to banking strategy
  • Benefit of risk-based audit
  • The downsides

The risk appetite framework

  • The components
  • Risk capacity
  • Risk appetite
  • Risk policies
  • Risk pricing
  • The risk culture
  • The risk appetite responsibilities and the 3 lines of defense
  • The risk appetite setting and management process
  • Qualitative statements – quantitative measures

Risk based audit process

  • Risk management basics
  • Risk management life cycle
  • Assessment of risk maturity

Compiling risk and audit universe

  • Grouping risks into audit and setting the audit plan – part 1
  • Audit resources allocation
  • Carrying out the audit
  • Audit reports and management information
  • Grouping risks into audit and setting the audit plan – part 2

Join us on  Follow us on LinkedIn Follow us on Twitter