Student authentication

Is it the first time you are entering this system?
Use the following link to activate your id and create your password.
»  Create / Recover Password



Learning Objectives

The course is aimed to provide students with main concepts on internal auditing and related topics concerning risk management and compliance. The learning objective is introducing the new role of Internal audit as Trusted Advisor of the Company, with increasing responsibilities due to its Mission to be the ultimate line of defence with primarily ‘assurance’ ‘advisory' roles, among actors of corporate governance involved in the control system .This implies that the students became familiar to: International Frameworks (IC IF, ERM ); Main international laws and regulations concerning governance and compliance (FCPA, SARBANES OXLEY, ANTIBRIBERY); International Professional Practices Frameworks Standard (IPPF).

The student is asked to understand how Internal Audit in its modern context can:
- Analyze consistency between the mission of the organization and the principles and values that the company’s code of ethics is based on;
- Evaluate if the adoption of a strategic plan regarding market objectives and economic and financial performances is supported by adequate enterprise risks management, if major business risks that may threaten the plan itself have been identified, analyzed and appropriate responses have been defined;
- Implement audit plans as a moment of continuous monitoring of the firm’s ability to mitigate significant risks.
Students will have to demonstrate the ability to apply these concepts in practical cases and project works

It will be required to to apply and recognize the areas of application of the illustrated methodologies, through: Case studies on ERM with references to different type of companies and industries; Exercise and case studies on tipycal “audit cases” (Fraud audit, Procurement audit, Hse audit etc); interaction with managers invited as speakers.

Students will be able to sxpress opinion on the adequacy and functioning of internal control and risk management systems

Students are asked to learn the technical language and taxonomies of internal audit, with particular reference to the concepts of risk and control. This ability will allow simulating the execution of presentations, such as executive meeting , to illustrate areas of improvement of ERM and ICS system

The student must be able to critically analyze concrete situations and case studies, work in a team and manage rigorous deadlines, using a professional and disciplined approach




The course will be structured according to the following Session:

Session One: Some preliminary definitions of risk: The Global Risks Report.

Session Two: The Analytical Framework: Internal Control Integrated Framework An Overview.

Session Three: The Analytical Framework: Enterprise Risk Management – An Overview and preliminary survey on ESG topics

Session four: Risk Management & Internal Audit - Sinergies for creating value

Session five: Mission and task of Internal Audit.

Session Six: The IPPF: The International Professional Practices Framework for Internal Auditors.

Session seven: Internal Audit Activity: From planning to implementation.

Session Eight: IT RISK - Focus on Cybersecurity, Privacy and Digitalization

Session Nine: Main International Laws & Regulations on Governance, Risk, and Control: Institutional references for Internal Auditor.

Session Ten: Fraud Audit.

Session Eleven: Basic Concepts and Case study on HSE audit and ESG + Procurement Audit.

Session Twelve: Risk transfer - Case study on the role of insurance broker + The role of IA in Crisis Management and Business Continuity Management


Learning Material by the teacher and testimonials will be illustrated during the course and made available for the students in the course web site.


The basic reference are:

- Committee Organizations of the Tradeway Commission (COSO) Enterprise Risk Management, Integrated Framework, sept 2004 – Part one (Executive Summary and Framework).

- Committee Organizations of the Tradeway Commission COSO), Enterprise Risk Management. Integrating with Strategy and Performance, june 2017 (Executive Summary).

Suggested Reading:

- Risk and Control Governance – A value creation perspective” by Fabio Accardi (Preface, Alessandro De Nicola; Introduction Vincenzo Atella; Afterword, Saverio Bozzolan; Series Editor’s Preface, Luigi Maria Sicca) edited in January 2017 by Editoriale Scientifica. web link:http://www.editorialescientifica.com/shop/catalogo/libri-in-lingua-straniera/risk-and-control-governance-detail.html, as part of puntOorg book series (General Editor Luigi Maria Sicca) www.puntoorg.net

Teaching methods

The course will be based on: academic lectures even digital (to be defined), exercises, case studies and lectures by practitioners.

Exam Rules

The exam is based on 10 questions multiple choice and two open questions.

The score is determined by:

-2.0 points for each correct answer to 10 multiple questions

-5.0 points (maximum) for each open choice questions

Laude will be given for all correct answers to mp questions and excellent answers to open questions.