Book by 26 October 2008 and receive a free copy of Phil

Griffith’s acclaimed ‘Risk Based Auditing’ book!

Risk Based
Auditing
14 - 18 December 2008 • Dusit Thani Hotel, Dubai, UAE

Keep Risk In Check With Modern Auditing Techniques

Don’t miss out on participating in the live interactive voting session on Sunday, 14 December.The
innovative voting system will give you the chance to voice your own opinion and set the agenda for the
future of Auditing in the Middle East! Also: Discover how your industry peers approach risk based auditing!

Attend This Highly Interactive Who Should Attend?

Course And Discover How To:
This training course is created for audit
•A
 ddress the full range of audit issues that professionals interested in controlling audit
concern management risks significantly and reducing the chances of
•  nderstand how to identify, mitigate and
U surprises. From Auditors and Accountants to
control risks effectively Finance Directors and Financial Controllers this
•  hallenge management and sell the benefits
C course is for everyone interested in improving
of proactive risk management their knowledge and practice in risk based
•  udit major areas of risk for your business
A auditing.
with confidence
•  dd value to your organisation through the
A
application of risk-based audit services
Advance your knowledge
•  ain confidence in your audit plans by
G
and practice with audit
understanding the role of risk
expert Phil Griffiths
•  lan a risk based audit assignment
P
•  evelop and use high productivity techniques
D
and tools
•  aster all the modern auditing techniques
M
•  evelop and deliver risk based audit reports
D
with real impact
•  easure success effectively
M
Organised by Official Regional Recruitment Partner Official Media Monitoring Partner

971-4-3352437 971-4-3352438 register@iirme.com www.iirme.com/rba

Dear Auditing Professional,

Risk Based Auditing is an essential ability for

you to develop in order to maintain your position
as an effective, competitive auditor in your company.
Once you are able to conduct efficient auditing
while analysing key risk components, the corporate
value-added of your auditing role will increase
substantially.

To enable you to reach this goal, Phil Griffiths,

IIR’s acclaimed auditing trainer, will take you through
the essential steps of Risk Based Auditing in
an interactive format with many essential exercises
and case studies. Phil Griffiths, with over 25 years
of experience in risk management, internal audit and
risk management, is sure to impress you with his
training ability.

Even more, on the first day of this course, you will

participate in an interactive voting session covering
more than 50 topics! By reviewing the results of
this voting session, you will gain essential insight into
auditing that you won’t find anywhere else.

Furthermore, if you register early, by 26 October

2008, you will receive a free copy of Phil Griffith’s
‘Risk-Based Auditing’ book.

So what exactly will you be exploring?

• Day One: Risk And Internal Audit
• Day Two: Risk Management And The Audit Role
• Day Three: Essentials Of Risk Based Auditing
• Day Four: Risk Based Auditing In Practice
• Day Five: Audit Reporting In The Risk Arena

Act now to take advantage of this exceptional

course with Phil Griffiths. You can be sure that
the knowledge you gain from this course will
significantly advance your ability to be a Risk
Based Auditor. Register today!

Your course leader, Phil Griffiths, and I look forward

to seeing you in December.

Yours sincerely,

Keith Parker
Conference Manager

P.S. Participate in interactive voting on

Day One, covering over 50 topics!
P.P.S. Register before 26 October 2008
and receive a free copy of Phil Griffith’s
‘Risk Based Auditing’ book!

register@iirme.com www.iirme.com/rba
Meet Your Expert Course Leader

Phil Griffiths is founder and Managing

Director of Business Risk Management Ltd.

A Chartered Accountant, he has over 25

years experience in risk management,
internal audit and fraud prevention as a
practitioner, professional adviser, facilitator
and trainer. He has held top management positions with a
number of international groups, in roles embracing finance, IT
and general management.

He specialises in:
• Assisting
 senior management to identify, manage and then
exploit the risks within their business via facilitated business
risk management programmes
• Helping internal audit functions to implement world class
standards
• Developing fraud prevention, detection and investigation
programmes tailored specifically to clients requirements
• Training
 both private and public sector organisations in all
the above disciplines.

Phil is recognised as an accomplished and charismatic

facilitator, trainer and lecturer having advised many renowned
organisations, coordinated top-level events and addressed
national and international conferences on a wide range of
critical business topics.

He has extensive international experience, having helped

organisations in Europe, the Far East, and the Middle East to
exploit their potential by managing their strategic risks and/or
enhancing the effectiveness of their internal audit services.

Upcoming Related Events:

BW018  Internal Audit - Distance

Learning
Beginning 19 October 2008
www.iirme.com/distancelearning8

A0936 The 15th Annual Internal Audit

Congress
9 – 13 November 2008
www.iirme.com/iacongress

BC2763  The Essentials Of Internal

Audit
23 - 27 November 2008
www.iirme.com/eia

Hear What Delegates Have Said About

Mr Griffith’s Previous Auditing Courses:

“I have attended many courses in my life, but this

course study, I will miss a lot when I go back home.”
Ebrahim Abdulkarim, Manager, Internal Audit
Mena Telecom, Bahrain

“I found this course very useful!”

Mona Hussain, Assistant Manager
Dubai World Trade Centre, UAE

971-4-3352437 971-4-3352438
Course Timings
Registration will be at 08:00 on Day One. The course will commence at 08:30 and conclude at 14:30 followed by lunch. There will be two
networking and refreshment breaks at appropriate intervals.

Day One: Sunday, 14 December 2008 Day Two: Monday, 15 December 2008
Risk And Internal Audit Risk Management And The Audit Role
Course Introduction Assessment Of Risk Mitigation
• The need for separate mitigation workshops
Risk Based Audit • How to assess risk mitigation
• Definitions • Identification and evaluation of risk exposures
• Trends (from the BRM Internal audit best practice database) • Dealing with the exposures (The 4 Ts – Terminate, Tolerate, Treat or
• The transition from systems based to risk based assurance Transfer)
• The different approaches to audit • Exploiting opportunities
• Audit’s primary roles, objectives and concerns • Establishment of action plans
• What is best practice?
• Perceptions of internal audit – various survey results Exercise 4: Risk Exposures
• The role of the function – policeman, risk assessor or consultant
• How to ensure you adopt best practice Exercise 5: Interactive Risk Workshop – Mitigation
• The key challenges resulting
Risk And Internal Audit
Exercise 1: Challenges For Internal Audit • The changing scope of modern internal audit
• Identifying, appraising and evaluating risk during the audit process
• The need to widen the coverage – to become less financially based • Translating key risks from the business risk process into the basis of
• RBA in specific sectors (banking, oil, government and so on) the audit programme
• The need to introduce a broad business based approach and the • Options for involvement
actions required • Monitoring of action plans and audit committee reporting
• The steps needed to embrace a risk based approach • Evaluation and reporting of actual versus perceived controls
• Determining which key risks are not readily auditable
The Nature Of Risk • Coordinating efforts with other assurance providers
• The concept of risk
• The relationship between risk and objectives Exercise 6: Risk And Its Consequences
• Why senior management may lack a full understanding of the risks
• Risk culture Embedding The Process
• Surprises and risk • Ensuring compliance with governance requirements and adopting best
• Measurement of risk: probability and impact (or likelihood and practice
consequences) •Q uarterly board reporting to review progress in addressing the exposures
• Categories of risk • Risk Management Committee reporting
• Inherent and residual risk • Bi-annual evaluation of key risks to ensure new risks identified and
included
Business Risk • Integrating the programme into the overall risk agenda – e.g. strategic
planning, health, safety and environmental management, regulatory
Exercise 2: Analysing A Disaster requirements, insurance procedures and so on

• The wider business agenda – understanding strategic risks

• How risk management has grown from being a useful tool to being Day Three: Tuesday, 16 December 2008
the very pulse of the organisation
• Corporate governance and the challenges posed Essentials Of Risk Based Auditing
• Building an appreciation of your organisation’s risk appetite
• The AUS/NZ Risk Management Standard 2004 The Internal Audit Role
• The COSO standard • Audit’s primary roles, objectives and concerns
• Steps to take in establishing a business risk management programme • What is best practice?
• Leading the programme – skills required • The audit charter and terms of reference
• Outline of a best practice process • The role of the function – policeman, risk assessor or consultant
• The reputation of the function and how to assess it
Risk Identification And Evaluation
• Approaches and techniques Exercise 7: Success Measures
• Explanation of a risk workshop approach
• The need for facilitation skills and the characteristics required The Internal Audit Function
• How to identify, sift and group the risks • Structure and reporting lines
• The use of diagnostic questions and thought-provokers • Outsourcing and partnering
• Measuring the consequences and the likelihood of occurrence of each • Perceptions of internal audit – various survey results
key risk • Audit personnel – numbers, skills, experience and so on
• Risk scoring • Measuring the value added
• The use of risk matrices to prioritise the risks • Marketing the function

Exercise 3: Interactive Risk Workshop Exercise 8: Marketing Of The Audit Function

Strategic Audit Planning

• Strategic audit planning
• The audit universe
• Tactical planning
• Best practice audit risk planning model (an electronic version will be
provided)

Exercise 9: Audit Planning Using The Model

971-4-3352437 971-4-3352438 register@iirme.com www.iirme.com/rba

 Risk Based Auditing
Tactical Audit Planning Fraud
• Audit programme development • How to build a picture of the major fraud risks and exposures in your
• Sources of audit work organisation
• Assignment planning and control • The key elements of a best practice framework
• Managing audit requests • How to develop specific strategies and measures against fraud
• Fieldwork techniques • The use of data mining as a fraud prevention tool
• Technology – CAATS, audit automation and so on • Evaluating the effectiveness of controls – proactive programmes for
• Audit coverage – geographic and business units internal audit
• How to cover specialist areas • How to ensure an effective balance between prevention and
• The need for future orientation detection

Day Four: Wednesday, 17 December 2008 The Auditor’s Fraud Toolkit will be shared

Risk Based Auditing In Practice Day Five: Thursday, 18 December 2008

The Converging Roles Of The Assurance Providers
Under The Risk Umbrella Audit Reporting In The Risk Arena
• The increasing emphasis on governance, assurance and control
• How should the various assurance providers rise to the risk challenge? The Need For Reports With Impact
• Synchronising regulatory compliance with internal audit and the risk • Objectives of reporting
management functions • Reports and the reporting process
• The need to coordinate quality assurance, security, insurance and the • What make a good report?
health and safety functions in relation to risk management • What management expects
• Linking external auditors into the process • Audit’s response to those expectations
• The need to coordinate risk reporting • Professional standards
• How reports need to be adapted to focus on risk
A best practice model for optimising assurance will be:
Understanding The Problems With
Relationships With The Board And Audit Committees Traditional Audit Reports
• Board requirements of internal audit
• Developing regular contact with the chief executive Exercise 12: 40 Best Practice Questions To Allow You To
• Role of the audit committee Assess Your Own Reports
• The audit committee relationship – how to develop this
• Evaluating the audit committee requirements Why Traditional Reports Need To Change To
• How to anticipate requests Encompass Risk
• How to develop effective audit committee reports • The psychological dilemma – why audit findings tend to be taken as a
criticism of performance by management
Exercise 10: The Audit Committee Report • Why conclusions and recommendations do not often encourage
changes in attitude or act as a vehicle to promote fundamental change
Planning A Risk Based Audit in an organisation
• Why audit reports may be seen as distant and overly subjective
Case Study: • Risk reporting – the route to securing action
Undertaking A Risk Based Audit (Interactive) – A Worked Example Of • How to link objectives, risk and audit findings
A Risk Based Audit Of HR • Risk as a vehicle for promoting fundamental change
• Brainstorm the functional objectives
• Build a picture of the risks Exercise 13: Analysis Of A Typical Report
• Consider threats and opportunities
• Plan the assignment Determining A New Approach
• Determine types of tests and techniques to use • Drafting reports that make an impact
• Determine the threats to success • How to express audit opinions – forget the scoring!
• How to ensure reports are taken seriously
Exercise 11: Working In Teams, Specific Audits Will Be • How to significantly enhance the percentage of recommendations
Selected By You And The Assignments Planned Using A Risk implemented
Based Approach • How to reduce the time between completion of fieldwork and final
report to less than two weeks
• Brainstorm the functional objectives • What to include in the executive summary
• Build a picture of the risks
• Consider threats and opportunities Exercise 14: The Executive Summary
• Plan the assignment
• Determine types of tests and techniques to use The Best Practice Report
• Determine the threats to success • Best practice format
• Essential “do’s” and “don’ts”
• The main report
• Words and phrases to avoid
• How to sell a new approach to management
• How to ensure success and measure the benefits
• 20 steps to success

A best practice report template will be made available to

all of you

971-4-3352437 971-4-3352438 register@iirme.com www.iirme.com/rba

 Risk Based Auditing
IIR Middle East certified by

14 - 18 December 2008 • Dusit Thani Hotel, Dubai, UAE

IS0 9001: 2000

FIVE EASY WAYS TO REGISTER

971-4-3352437 IIR Holdings Ltd.
PO Box 21743, Dubai,
971-4-3352438 UAE

register@iirme.com GCS/IIR Holdings Ltd.

PO Box 13977,
Muharraq,
www.iirme.com/rba
Kingdom of Bahrain
BC2796

YES, I want to register for:

Event Date Book by 5 October 2008 Book between After
5 - 26 October 2008 26 October 2008
R
 isk Based Auditing 14 – 18 December 2008 US$ 4,250 US$ 4,550 US$ 4,750
(Save US$ 500) (Save US$ 200)

If you have eight or more delegates who needs this training, contact IIR In-House on +971-4-335 2439 or inhouse@iirme.com

For further information and Group Discounts contact +971-4-335 2483 or email info@iirme.com
Course fees include documentation, luncheon and refreshments. Delegates who attend all sessions will receive a Certificate of Attendance.

PERSONAL DETAILS:
Title First Name Surname Job Title Department Email
1st Delegate
2nd Delegate
3rd Delegate
4th Delegate

To assist us with future correspondence, please supply the following details:

Head of Department

Training Manager

Booking Contact

Company: ....................................................................................................................................................................................................................................................................................
Address (if different from label above): ...............................................................................................................................................................................................................................
Mobile:.................................................................................................................................. Postcode: ................................................ Country:...................................................................
Tel: ............................................................. Fax: .................................................................
 YES! I would like to receive information about future events & services
No. of employees on your site: via email.
1000+  500-999  250-499  50-249  0-49  My Email address is: .....................................................................................................

Nature of your company’s business: ....................................................................................................................................................................................................................................

Payments Cancellation Event Venue:

A confirmation letter and invoice will be sent upon receipt of your registration. Please note If you are unable to attend, a substitute delegate Dusit Thani Hotel,
that full payment must be received prior to the event. Only those delegates whose fees have will be welcome in your place. If this is not suitable, Dubai, UAE
been paid in full will be admitted to the event.You can pay by company cheques or bankers a US$ 200 service charge will be payable. Tel: +971-4-262 4444
draft in Dirhams or US$. Please note that all US$ cheques and drafts should be drawn on a Registrations cancelled less than seven days before
New York bank and an extra amount of US$ 6 per payment should be added to cover bank the event must be paid in full. Accommodation Details
We highly recommend you secure your
clearing charges.
room reservation at the earliest to
Avoid Visa Delays - Book Now
avoid last minute inconvenience.You
Delegates requiring visas should contact the can contact the IIR Hospitality Desk for
Card Payment hotel they wish to stay at directly, as soon as assistance on:
 Please charge my credit card:  Visa  Mastercard  American Express possible. Tel: 971-4-4072693
Name on Card: ............................................................................................................................................... Visas for non-GCC nationals may take several Fax: 971-4-4072517
weeks to process. Email: hospitality@iirme.com
Card Number: ..................................................................................... Exp. Date: ....................................... Due to unforeseen circumstances, the programme may change
and IIR reserves the right to alter the venue and/or speakers.
Signature: ......................................................................................................................................................... MH G201 AUDIT
© Copyright I.I.R. HOLDINGS B.V.