The primary role of internal audit is to review and assess independently the adequacy of the system of controls in place which identify and manage key business risks, and in a financial climate where oil prices are low, it is even more important than ever to improve the effectiveness of the internal audit function to ensure that the adequacy of the system of controls in place.
Kuwait Risk Based Audit Conference will be organized during the period 23 – 24 May 2017 in Kuwait as a fully dedicated event for the Internal audit professionals from the Oil & Gas, Banking, Insurance, Telecommunications, Government and other sectors, from Kuwait and GCC countries.
The conference will provide a forum for attendees with an opportunity to debate internal auditing issues in depth with other practicing professionals, internal audit and risk management professionals to seek input on specific work challenges, and for experienced internal auditors to share their knowledge with others who are newer to the profession.
Furthermore, the conference offers participants with the understanding of the importance of corporate governance and enterprise risk management, while learning to identify risks, perform risk assessments, develop a risk-based assurance plan, understand entity-wide controls, and plan a risk-based engagement.
- Understanding risk-based audit reporting and how to use it successfully in your audit plan
- Developing a risk-based auditing and monitoring plan from the identified risk priorities
- Optimizing audit planning using a strategic risk based approach
- Redefining the audit Process for a risk bases function
- Developing a risk based auditing toolkit
- Refocusing the audit role to embrace risk for an effective audit plan
- Evaluating the auditor’s readiness to adopt a risk based approach
- Addressing the audit role and relationship with the board audit committee
By using the RBIA approach, the organization’s internal audit should be able to conclude that:
- Management has identified, assessed and responded to risks within and beyond the organization’s risk appetite
- That the responses to risks are effective but not excessive in managing inherent risks within this risk appetite
- Where residual risks are not in line with the risk appetite, action is being taken to remedy this
- Risk management processes, including the effectiveness of responses and the completion of actions, are being monitored by management to ensure they continue to operate effectively
- Risks, responses and actions are being properly classified and reported.
RBIA allows internal audit to provide assurance to the board that risk management processes are managing risks effectively, in relation to the risk appetite. However, every organization is different. There are different attitudes to risk, different management and organizational structures, different processes and procedures, and the need to subscribe to and comply with different conventions and regulations. Experienced internal auditors need to adapt these ideas to the structures, processes and language of their organization in order to implement RBIA. Implemented correctly, RBIA offers tremendous advantages to the organization. RBIA allows internal audit to provide the Board of Directors with the assurance that it needs on three areas:
- A Risk management processes – their design and how well they are working
- A Management of those risks classified as ‘key’ – including the effectiveness of the controls and other responses to them
- A Complete, accurate and appropriate reporting and classification of risks