Surgent’s IA Module 3 — Critical Knowledge Foundations for Internal Auditors: Governance, Risk Management, and Control (GRC) (SSAA821/24)
The definition of Internal Auditing promulgated by The Institute of Internal Auditors (IIA) speaks to the critical areas of value adding coverage and services Internal Auditors can and must bring to their organizations. These include the key areas of: governance, risk management, and (internal) control (GRC). Internal auditors play vital assurance and consulting roles for organizations and their stakeholders. The significant reliance placed on internal auditors by organizational management teams, boards of directors/audit committees, external auditors, regulators, and other key stakeholders, cannot be overstated. An integral component in supporting these roles are the knowledge foundations that auditors bring to the fore in applying their technical and analytical skills when assessing core areas of organizational governance; risk management (including fraud related risk management); compliance; and (internal) control (GRC). This course lays the critical foundation for strengthening the knowledge base of auditors at all levels in these critical areas of organizational GRC processes and performance.
Internal audit (IA) professionals at all levels, including consultants providing IA outsourcing, co-sourcing and/or related services; and external auditors providing IA services andor who coordinate coverage with, and place reliance on, the work of IAs.
Identify the core roles and responsibilities of Internal Auditors with regard to organizational governance, risk management, and controls (GRC) Strengthen understanding of major IIA and COSO GRC guidance and frameworks Clarify distinctions and expectations of internal auditors regarding regulatory compliance and internal control assurance Expand knowledge of GRC principles, concepts, and practical audit application and integration strategies
Governance, Risk Management, and Compliance/Control (GRC) – Internal Auditor’s positioning, roles, and responsibilities IIA GRC guidance overview COSO (Committee of Sponsoring Organizations) history, guidance, and frameworks overviews Critical knowledge foundations and fundamentals: Governance Risk Management/Enterprise Risk Management (ERM) Internal Control Compliance Fraud Deterrence/Fraud Risk Management IT/Cyber security risks/controls Effective GRC coverage related alignment/integration opportunities and strategies for IAs Industry specific guidanceconsiderations
Experience/interest in or general knowledge of internal auditing