Delivering Quality Audit Reports

As organizations further their reliance on third party service providers, regulatory bodies around the world have increased their level of scrutiny regarding third party provider’s abilities to properly protect sensitive and internally used data and information assets. Today’s organizations are expected to demonstrate strong, third-party governance and risk management. Organizations that establish a third-party management program gain and maintain a clear understanding of their external provider’s controls and shortcomings through analysis of Statement of Control (SOC) reports, contract administration, service level agreement (SLA) reporting, and annual third-party risk assessments. Internal auditors need a basic understanding of third party risk. Without this knowledge, internal auditors may not fully comprehend IT objectives and the associated risks inherent in using third parties, and may lack the ability to assess or audit the design or effectiveness of controls related to those risks. The self-study Auditing Third-Party IT Risk course delivers an introduction to third-party risk concepts, and emphasizes the significant role that the business units and IT play in establishing and maintaining third-party relationships. Further, this course guides internal auditors in building proficiencies for assessing third-party vendors.

The primary focus of this course is to provide you with an overview of assurance engagement communications.

The internal audit activity is responsible for assessing the organization’s risk management processes and their effectiveness, and one detail that cannot be overlooked is assessing the potential for the occurrence of fraud when planning each engagement.

The primary focus of this course is to provide you with an overview of conducting an assurance engagement. This course describes the various steps necessary to conduct a controls-focused assurance engagement. You will learn the key steps necessary to plan and perform the assurance engagement.