Best Practices Bank Internal Audit (Sep. 13, 2003)

Course Objective:

Expose participants to best practices in Bank Internal Audit in order to provide them with tips and hints so they don't have to "re-invent the wheel."


Internal auditors, external auditors, risk managers, compliance officers, information technology security officers, management, educators and any performer in bank auditing.




Internal Audit in Banks

  • The current banking environment: issues, pressures, concerns
  • International, regional and local events and developments
  • External and internal drivers and influences on internal audit
  • The role and work of the Bank for International Settlements and the Basel Committee on Banking Supervision
  • BIS and other guidance on governance, risk management and control
  • Basel 2 and the impact of this and other developments on internal audit
  • Role, responsibilities and ojectives of bank internal audit
  • Authority and reporting lines; essential conditions
  • The scope of work
  • "Types" of audits and audit activities
  • Approaches; developments such as CSA
  • Moving from inspection to providing a risk-focused service to the board
  • What a "typical" bank internal audit unit does: current issues and concerns


Coffee Break


Worst Practices in Bank Internal Audit

  • High profile control and audit failures, e.g. Allfirst, Barings
  • Lessons to be learned

Exercise: How to audit branches -- the seven options


The Basel Committee on Banking Supervision

  • The BCBS guidance on bank internal audit: contents, interpretation, application
  • The 20 Basel principles
  • Internal audit and operational risk

Discussion groups: underestimating and applying the Basel Principles


Lunch Break


Defining Internal Audit's Work

  • Central Bank Circular #77 on Internal Audit (old #1837)
  • Basel/IIA definition
  • Objectives and tasks of the internal audit function
  • Responsibilities of board, management and others

Risk-Based Auditing in Banks

  • Expectations; rationale behind a risk-based approach
  • Principles and practices: the three aspects of risk-based auditing
  • Banking risks
  • Risk-based auditing methodology and techniques
  • Compiling a risk-based audit plan

Exercise in strategic risk assessment and audit planning


Coffee Break


Performing Audits of Strategic and Operational Bank Activities

  • Planning an audit assessment
  • Examples of high level, corporate bank audits
  • Across-the-board audits, e.g. money laundering, customer satisfaction
  • Using control frameworks such as COSO; relevant BCBS guidance
  • Examples of operational level audits

Worked examples and exercise (e.g. the audit of ATMs, credit risk management)


Course summary and close

[Information and help about this website.]