IIA Award in the internal audit planning and assurance framework

Understand the framework within which internal audit planning and assurance are set, the nature of the types of internal audit plans ie strategic, annual and engagement and the need for assurance. Focus on the identification and mitigation of risks affecting internal systems, business processes, projects, applications, data and third parties along with the suitability of the controls in place, the reliability of reporting and the level of compliance with regulation and legislation.


Who should attend?

This course is open to all.


What will I learn?

Upon completion you will be able to:

  • contribute to the creation of the annual internal audit plan
  • explain the purpose of and create an engagement plan / terms of reference
  • outline the stages involved in a risk-based approach to audit planning and engagement
  • identify the features of the framework in which internal audit and assurance operate
  • design an appropriate audit testing programme
  • assess audit evidence
  • report audit findings in an appropriate format
  • conduct effective follow up work.

Course programme

Strategic planning

  • describe the purpose of the audit strategy
  • explain the difference between strategic, annual and engagement plans
  • describe the process of setting the audit strategy
  • outline how the audit strategy can be documented and communicated.

Risk-based internal audit planning

  • outline the stages involved in a risk-based approach to audit planning and engagement, including how to assess risk maturity and the control environment
  • explain why internal audit seeks to assure itself of the reliability of risk management process before developing the audit plan.

Engagement planning

  • provide examples of the key sources of information needed for the preparation of the audit engagement plan
  • explain how the audit scope is determined
  • understand the elements that build the risk matrices.

Undertaking an engagement to provide assurance

  • ability to conduct a fact-finding interview
  • design an appropriate audit testing programme
  • assess audit evidence using RUST
  • report audit findings in an appropriate format including the provision of a level of assurance / audit opinion
  • conduct effective follow-up work including assessing how to follow up and including time to undertake follow up work in the annual internal audit programme.

Assessment of assurance

  • understand the various levels of assurance and the definitions
  • understand the link between positive and negative assurance
  • explore the linkage between engagement assurance and the annual assurance statement.

Pre-course work

There will be some pre-course preparation for this module which you will be advised on upon confirmation of your booking.


CPE competency areas covered

  • Performance (Engagement planning | Engagement outcomes)
  • Leadership and Communication (Internal audit strategic planning | Audit plan and coordinating assurance efforts)

14 CPE points


 All training courses are subject to our Fair Collection Notice and Privacy Policy