Partner
Exam Preparation

CIA® 2
Certified Internal Auditor
Part 2

Rating:
4.9
English
Intermediate
Video preview
FACE 2 FACE
ON SITE TRAINING
LIVE VIRTUAL
TRAINING
COACHING
& MENTORING
SELF-PACED
TRAINING
Select Date
Download Brochure

Course Overview

This course is designed to provide internal auditors with the essential knowledge and practical skills needed to effectively plan, execute, and oversee internal audit engagements. Participants will develop a structured approach to engagement planning, risk assessment, data analysis, evaluation of controls, and communication of results. The course covers best practices in gathering and analyzing audit evidence, leveraging technology for enhanced insights, and ensuring compliance with professional standards. Additionally, it emphasizes effective stakeholder communication, supervision techniques, and the development of actionable recommendations to drive continuous improvement within organizations. 
By mastering these concepts, participants will be equipped to perform value-added audits and contribute to stronger governance, risk management, and control frameworks that align with organizational objectives.

Sarah Al A.
Lead Enrollment Specialist
[email protected]
Let’s talk on WhatsApp

Key Takeaways

1
Develop effective engagement plans by defining objectives, scope, and risk-based evaluation criteria to align with organizational goals.
2
Apply data-driven audit techniques to gather, analyze, and evaluate information for reliable decision-making.
3
Assess internal controls and risk management practices to identify gaps and recommend improvements.
4
Enhance audit supervision and quality assurance to ensure consistency, compliance, and value-added outcomes.
5
Communicate audit results effectively to key stakeholders, providing clear findings, recommendations, and action plans.

The Institute of Internal Auditors
Brand Logo
Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

Course Outline

Part 1: Engagement Planning (50%)
Determining engagement objectives and scope
  • Apply Topical Requirements when determining objectives and scope
  • The elements to be considered in the development of engagement objectives, including regulatory requirements; the organization’s strategy and objectives; governance, risk management, and control processes; risk appetite and tolerance; internal policies; previous audit reports; work of other assurance providers; and whether the engagement is intended to provide assurance or advisory services
  • Identification and documentation of relevant scope limitations during planning
  • Approaches for managing and documenting stakeholder requests
  • Effective methods for addressing changes in objectives and scope
Determining evaluation criteria based on relevant information gathered
  • The most relevant criteria for evaluating the activity under review
  • Determination of whether a set of evaluation criteria is specific, practical, relevant, aligned with the objectives of the organization and the activity under review, and produces reliable comparisons

 

Planning the engagement to assess key risks and controls
  • How to apply Topical Requirements when planning an engagement
  • When planning an engagement, recognize the strategic objectives of the activity under review and their integration with risk management, business performance measures, and performance management techniques
  • When planning an engagement, recognize existing and emerging cybersecurity risks, common information security and IT controls, IT general controls, the purpose and benefits of using an IT control framework, principles of data privacy, and data security policies and practices
  • When planning an engagement, recognize business continuity and disaster recovery readiness concepts such as business resilience, incident management, business impact analysis, and backup and recovery testing
  • When planning an engagement, recognize finance and accounting concepts related to the activity under review such as current and fixed assets, short-term and long-term liabilities, capital, and investments
  • When planning an engagement, recognize key risks and controls related to common business processes such as asset management, supply chain management, inventory management, accounts payable, procurement, compliance, third-party processes, customer relationship management systems, enterprise resource planning systems, and governance, risk, and compliance systems
Detailed risk assessment of each activity under review
  • How to apply Topical Requirements when completing a risk assessment
  • The pervasive financial, operational, IT, cybersecurity, and regulatory risks as they relate to the activity under review
  • The impact of emerging risks on the organization
  • Appropriate methods and criteria to evaluate and prioritize identified risks and controls
  • The impacts of change of people, processes, and systems on risk
  • The impact of different organizational structures and environments on the risk assessment, including centralized versus decentralized, flat versus traditional, and in-person versus remote work
  • The impact of organizational culture on the control environment, including individual and group behaviors and tone at the top
Engagement procedures and work program development
  • Procedures to evaluate control design
  • Procedures to test the effectiveness and efficiency of controls
  • The adequacy of the engagement work program
  • Identification of testing methodologies for an engagement that includes accounting, finance, IT systems, business operations, or cybersecurity
  • Financial, human, and technological resources required for the engagement
  • Evaluation of implications of resource limitations
Part 2: Information Gathering, Analysis, and Evaluation (40%)
Sources of information to support engagement objectives and procedures
  • Suitable methods for obtaining information, including interviews, observations, walk-throughs, and data analyses
  • Suitable documents for obtaining information, including policies, checklists, risk and control questionnaires, and self-assessment surveys
Evaluation the relevance, sufficiency, and reliability of evidence gathered to support engagement objectives
  • Suitable criteria in evaluating the quality of evidence
  • Factors that impact the reliability of evidence, such as obtaining the evidence directly from an independent source, obtaining corroborated evidence, and gathering evidence from a system with effective governance, risk management, and control processes
  • Evidence that would allow an informed and competent person to reach the same conclusions as the internal auditor
Technology options to develop and support engagement findings and conclusions
  • Efficient and effective solutions, including artificial intelligence, machine learning, robotic process automation, continuous monitoring, dashboards, and embedded audit modules
Analytical approaches and process mapping techniques
  • Process workflow segments
  • Process workflows through process mapping, walk-throughs, and responsibility assignment matrices
  • Data types, including structured and non-structured
  • Data analytics processes, including defining objectives, obtaining relevant data, normalizing data, analyzing data, and communicating results
  • Various data analysis methods, such as diagnostic analysis, prescriptive analysis, predictive analysis, anomaly detection, and text analysis
Analytical review techniques
  • Analyzing ratios, variances, trends, financial and nonfinancial information, and benchmarking results
  • Analytical techniques to achieve engagement objectives
The difference and significance between evaluation criteria and existing conditions of each finding
  • Analysis of existing conditions and compare to evaluation criteria
  • Identify root causes and potential effects of deviations from evaluation criteria
  • Appraise factors to establish the significance of findings
Workpapers preparation, including relevant information to support conclusions and engagement results
  • Organize information in workpapers
  • Identification of elements of workpapers that are complete and include sufficient evidence
  • The link between workpapers and the engagement results
  • Factors to be considered when organizing and retaining engagement documentation, including regulatory requirements and internal policies
Summarize and develop engagement conclusions
  • The significance of aggregated findings by applying professional judgement
  • Elements to be considered when developing engagement conclusions, such as the effectiveness of governance, risk management, and control processes
Part 3: Engagement Supervision and Communication (10%)
Supervising audit engagements
  • How supervision applies throughout engagements, including during engagement planning
  • Supervisor responsibilities related to coordinating work assignments, reviewing workpapers and engagement conclusions, and evaluating auditors' performance
Effective communication with stakeholders
  • Effective communication methods (formal or informal, written or oral) during planning, fieldwork, and reporting
  • Identification of the situations that require escalation
  • Determination of appropriate stakeholders for engagement communication

Who Should Attend?

This highly practical and interactive course is tailored for professionals who aspire to achieve the Certified Internal Auditor (CIA) designation and advance their careers in internal audit. It is designed for:

Chief Audit Executives 

Audit Managers

Internal Audit Staff

Risk Management Professionals

Compliance Officers

Finance Professionals

Related Courses

FAQ

What language will the course be taught in and what level of English do I need to take part in an LEORON training program?
Most of our public courses are delivered in English language. You need to be proficient in English to be able to fully participate in the workshop and network with other delegates. For in-house courses we have the capability to train in Arabic, Dutch, German and Portuguese.
Are LEORON Public courses certified by an official body/organization?
LEORON Institute partners with 20+ international bodies and associations. We also award continuing professional development credits (CPE/PDUs) for:1. NASBA (National Association of State Boards of Accountancy) 2. Project Management Institute PDUs 3. CISI credits 4. GARP credits 5. HRCI recertification credits 6. SHRM recertification credits
What is the deadline for registering to a public course?
The deadline to register for a public course is 14 days before the course starts. Kindly note that occasionally we do accept late registrations as well, but this needs to be confirmed with the project manager of the training program or with our registration desk that can be reached at +1071 4 1075 5711 or [email protected].
What does the course fee cover?
The course fee covers a premium training experience in a 5-star hotel, learning materials, lunches & refreshments, and for some courses, the certification fee and membership with the accrediting bodies.
Does LEORON give discounts?
Yes, we can provide discounts for group bookings. If you would like to discuss a discount on a corporate level, we will be happy to talk to you.

Reviews

  • Review:
    IAMM Internal Audit Maturity Model
    In recognition of their dedication and contribution supporting IKEA Saudi Arabia in arranging training programs during 2017 & 2018, looking forward for more development and exciting effort this year. On behalf of IKEA Saudi Arabia, THANK YOU!
    Dalal Kutbi
  • Review:
    Certified Professional in Quality and Patient Safety
    Dating back to 2014, Mobily’s “LEORON” experience has grown from a single collaboration to a long-term partnership. We consider “LEORON” Institute as a strategic partner, whose contribution has been nothing but premium in equipping our staff with field-based knowledge and information. Past three years have resulted with an expanded collaboration with superior customer service and support. Best Regards,
    Turki S. Alsahaan
  • Review:
    Certified Professional in Quality and Patient Safety
    Since the partnership was signed between BAE Systems Saudi Development & Training and LEORON in 2017, we have been working together to offer the Saudi market a complete portfolio of training solutions benefiting from the wide and extensive experience of both parties. Recognizing the great success of this partnership, we are looking for further collaborations in the future that will position both companies as one of the leading training providers in Saudi Arabia. We thank the LEORON team for their full cooperation and continuing support, and look forward to further success together in the years to come.
    Emad Alrajih
  • Review:
    Certified Professional in Quality and Patient Safety
    We have been working with LEORON for the past two years and will be working with them again this upcoming year. The programs they delivered were fruitful and exciting and our organization has received positive feedback from the participants. What our organization aims to do is to provide at no cost training for all the private sector employees so that they may benefit from our offered programs in Innovation and Professional development. LEORON has helped us achieve this goal. We look forward to continuing this service and wish them the best of luck. Regards,
    Nasser M. Al-Subaie