Aggiornato A.A. 2018-2019
- Overview
The goal of this course is to introduce some preliminary observations on the models, norms, and standards that may guide students when initially carrying out their work activities or services of Internal Auditing. The reference to the notion of business, the curriculum that this course is part, contributes to encouraging a focus on the links between enterprises’ strategic contexts and the auditing activities exercised in these contexts, thus, leaving aside the specific technicalities related to these activities.
- Learning objectives
The learning objectives are focused to the increasing responsibilities assigned to Internal Audit (IA) due to the primarily required ‘assurance’ function of IA, which also coincides with that of ‘advisory', among actors of corporate governance involved in the control system .This implies that the students became familiar to :Internationals analytical Frameworks (COSO I , ERM COSO II); Main international laws and regulations concerning governance and compliance (FCPA, SARBANES OXLEY, ANTIBRIBERY); International Professional Practices Frameworks Standard (IPPF).
Knowledge and Understanding: Analyze consistency between the mission of the organization and the principles and values that the company’s code of ethics is based on; Evaluate if the adoption of a strategic plan regarding market objectives and economic and financial performances is supported by adequate enterprise risks management, if major business risks that may threaten the plan itself have been identified, analyzed and appropriate responses have been defined; Know how to improve audit plans as a moment of continuous monitoring of the firm’s ability to mitigate significant risks.
Applying Knowledge and Understanding: Case studies on ERM with references to different type of companies and industries; Exercise and case studies on tipycal “audit cases” (Fraud audit, Procurement audit, Hse audit etc) illustrated by testimonials invited as speakers at the course.
Making Judgements: Express opinion adequately on the operations and appropriateness of internal control systems and risk management.
Communication Skills: Introducing and discussing about ERM (enterprise risk management) and ICS (internal control system) issues with appropriate vocabulary.
Learning Skills: Analyzing in a critical way concrete situations and case studies, working in team and managing strict deadline.
- Program
The course will be structured according to the following Session:
Session One Some preliminary definitions of risk: The Global Risks Report.
Session Two The Analytical Framework: Integrated Internal Control & Enterprise Risk Management – An Overview.
Session Three The Analytical Framework: Enterprise Risk Management – An Overview.
Session four Mission and task of Internal Audit.
Session five Focus on ERM.
Session Six The IPPF: The International Professional Practices Framework for Internal Auditors.
Session Seven ERM and IT RISK.
Session Eight Main International Laws & Regulations on Governance, Risk, and Control: Institutional references for Internal Auditor.
Session Nine Internal Audit Activity: From planning to implementation.
Session Ten Fraud Audit.
Session Eleven Basic Concepts and Case study on HSE audit and Procurement Audit.
Session Twelve Risk transfer - Case study on Risk transfer - The role of insurance broker.
- Teaching methods The course will be based on: academic lectures, exercises, case studies and lectures by practitioners.
- References The basic reference are:
• “Committee Organizations of the Tradeway Commission (COSO) Enterprise Risk Management, Integrated Framework, sept 2004 – Part one (Executive Summary and Framework).
• “Committee Organizations of the Tradeway Commission COSO), Enterprise Risk Management. Integrating with Strategy and Performance, june 2017 (Executive Summary).
Suggested Reading:
• “Risk and Control Governance – A value creation perspective” by Fabio Accardi (Preface, Alessandro De Nicola; Introduction Vincenzo Atella; Afterword, Saverio Bozzolan; Series Editor’s Preface, Luigi Maria Sicca) edited in January 2017 by Editoriale Scientifica. web link:http://www.editorialescientifica.com/shop/catalogo/libri-in-lingua-straniera/risk-and-control-governance-detail.html, as part of puntOorg book series (General Editor Luigi Maria Sicca) www.puntoorg.net
Learning Material by the teacher and testimonials will be illustrated during the course and made available for the students in the course web site.