Risk Management for Internal Auditors
Everything internal auditors need to know about risk management, so they can take a risk-based internal audit approach
Understanding risk management is a key knowledge area for internal auditors. If we expect to perform risk-based internal auditing, we have to understand risk managment.
The problem is most internal auditors do not really understand risk management outside of internal control concepts. Our profession tends to use a very specific language that doesn't make sense to other managers of risk in organizations. In fact, when we say things like "the risk of a control not working" career risk managers roll their eyes and believe we have no idea what we are talking about.
And it's not just internal auditors. Many people who work in risk management roles, don't really understand risk that well either. That is why there are so many communication breakdowns and mis-understandings when people discuss risk.
In this course we discuss the basics of risk management and apply them in a practical and everyday example way so you really understand the concepts and can communicate with others in the organization.
Did you know there are several different risk management frameworks, and each one has their own particular definition of certain words? We dig into ISO 31000, COSO Enterprise Risk Management, and the OCEG GRC Capability Model ... three of the most common frameworks used by others in risk management, and show how the basic risk management concepts line up with these frameworks.
Did you know there are various categories, levels and functions of risk management? And depending on who you are talking to in the organization the discussion and understanding of risk may be completely different from the view of internal audit.
This course will give you a basic understanding and vocabulary about risk so you understand others, and can modify your language to be understood by them.
"It is the best risk management class I have taken" - Terry
This course come with a participant workbook so you can take notes and really integrate the information into your daily job and life. Yep, this course will actually help you manage risk in your life better too.
As with all cRisk Academy on-demand courses, you have lifetime access to the videos so you can refer back to it as often as you need.
Field: Specialized Knowledge
Delivery Method: Self Study
CPE Hours: 6.0
Jason Mefford is a rock star in internal audit, risk management and compliance. He typically works with Chief Audit Executives and professionals in audit, risk and compliance with the technical and soft-skills needed to navigate the land mines of organizations. He takes complicated, confusing & hard things, makes them practical, proactive & simple to improve learning and transformation.
Jason is a CAE coach, professional speaker, facilitator and podcast host. He serves the internal audit community through his companies Mefford Associates, cRisk Academy, Mefford CIA Review Course, and the Jamming with Jason Podcast.
StartNature of Risk (30:50)
StartSteps To Risk Management (28:58)
StartRisk Language (12:56)
StartRisk Models (15:05)
StartCategories Levels and Functions (15:58)
StartCalculating Performance Risk and Compliance (47:54)
StartInternal Controls (38:44)
StartRisk Management Frameworks (30:47)
StartCalculating Exposure Example (17:30)
StartCertified Risk Based Internal Auditor