Overview of Public Sector Risk Management and Internal Audit (3 days)

Course code: 3902


A recent report from the UK’s Chartered Institute of Internal Auditors (CIIA) on the UK public sector found that over a third of organisations did not have effective mechanisms to manage risk. As public sector organisations come under increasing pressures globally to reduce costs and improve accountability and performance, effective risk management and coordination with a strong internal audit function are critical to their success and survival. This course offers an overview of the elements of a successful integrated risk management approach by reviewing best practices in public sector risk management and Internal Audit, from the adoption of enterprise risk management to the implementation of standards issued by the Institute of Internal Auditors (IIA) in the day-to-day operation of the internal audit. Topics covered include why use enterprise risk management, approaches to enterprise risk management used by the public sector and recent updates, the IIA standards to be implemented as best practice; managing the internal audit function, risk assessment and evaluation of internal controls design and testing their operating effectiveness. We will also cover in overview the documentation process for conducting Internal Audit assignments, elements to be included in the working papers and how findings are reflected in the audit report. The course also examines how to structure an Internal Audit Department and the various skills needed with changes in the public sector environment.

The course will answer questions such as:

  • What are the benefits of a coordinated, systematic approach to risk management?
  • What is enterprise risk management and is it appropriate to my public sector organisation?
  • What changes were introduced by the updates to ISO 31000 in 2018 and COSO ERM in 2017?
  • How should risk management be devolved through the organisation?
  • Why is risk management so difficult to embed successfully?
  • How to structure the relationship between operational risk managers, the risk management function and internal audit?
  • How does the internal audit department add values to the organization?
  • Why do some internal audit departments fail to deliver effective assurance?
  • How is internal audit effectiveness measured – objectively and subjectively?
  • What are the key standards for internal audit?


  • Introduction
    • Overview
    • Relationship between risk management and internal audit
  • Risk management
    • Risk Management frameworks
    • COSO Internal control framework
    • Applicability of private sector enterprise risk management models (COSO Enterprise Risk Management Framework 2017 and ISO 31000 2018) to the public sector
    • Internal control framework
    • Setting an appropriate risk governance framework
    • Integrating top down and bottom up risk management activities
    • Coordinating the activities of functions with risk management responsibilities
    • Embedding risk management into the organisation
    • Risk management challenges; contracting public expenditure, partnership working, use of the private sector to provide public services
    • Structure of the risk management team
    • Managing the risk management process
  • Internal audit
    • The role of internal audit and the development of standards by the Institute of Internal Auditors
    • Attribute standards
      • Purpose, authority, and responsibility
      • Independence and objectivity
      • Proficiency and due professional care
      • Quality assurance and improvement program
    • Performance standards
      • Managing the internal audit activity
      • Nature of work
      • Engagement planning
      • Performing the engagement
      • Communicating results provisions
      • Monitoring progress
    • Adaptations of International Standards for the Professional Practice of Internal Auditing to the public sector context
  • Working papers and reporting
    • Developing working papers
    • Internal audit report
      • Significant audit findings
      • Engagement results
  • Developing the internal audit function
    • Internal audit capability matrix
    • Performance effectiveness
    • IA Competency framework

Teaching method

  • Group live instruction in a workshop format
  • Review the main IIA Standards and understand the principles
  • Extensive use of real-world samples, documents, case studies and exercises
  • High level of attention to individual participants
  • Interactive participation is encouraged
  • All participants receive a comprehensive binder containing copies of the presentation slides, handouts and other course materials


Prior experience in a risk management or internal audit function will be helpful but is not essential. No advance preparation is required for this course.

Course benefits

  • Gain knowledge of risk management best practices and recent changes to them
  • Develop understanding of internal audit concepts
  • Review and understand the IIA Standards
  • Learn the details of internal audit engagements
  • Understand the importance of risk management and internal audit in the public sector


See what past participants said about this course:

Perfect training - no improvements. It was a very well structured training. The trainer has a wide knowledge of the subject. His presentation skills are outstanding. A lot of good examples. I would highly recommend this training.

Who should attend?

  • Managers with responsibility for setting up risk management functions in government departments, agencies and local government
  • Risk managers operating in the public sector
  • Internal auditors operating in the public sector
  • Qualified Internal Auditors and risk managers needing to update and refresh their knowledge
  • Those returning to working in risk management or internal audit
  • Personnel within the public sector who need a better understanding on risk management and the internal audit function

CPE / CPD Accreditation


IASeminars is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org. 

Field of study: Accounting

ICAEW Partner in Learning

IASeminars is proud to have been named as an ICAEW Partner in Learning, working together to offer the ICAEW IFRS Certificate to our clients worldwide. ICAEW (The Institute of Chartered Accountants in England and Wales) is a world leading professional membership organisation that promotes, develops and supports over 145,000 chartered accountants worldwide. CPE certificates obtained from attending IASeminars courses are an ideal way for ICAEW members and others to demonstrate their continuing professional development, provided that the topic is relevant to their learning and development needs.

Texas State Board of Public Accountancy

IASeminars is registered with the Texas State Board of Public Accountancy as a CPE sponsor. Our CPE Sponsor ID is: 009689. This registration does not constitute an endorsement by the Board as to the quality of our CPE Program.


  • Our London seminars take place in 4 star professional conference facilities, generally in city-centre hotels like the Radisson (Vanderbilt), Marriott, Sheraton or Hilton brands. Detailed Joining Instructions are sent to all registered delegates by email approximately one month before the event. The Joining Instructions will confirm exact venue details and nearby (or onsite) hotel recommendations with bedroom rates where available. Coffee and lunch will be provided.


  • Alan Mayo

    Alan Mayo is a UK chartered accountant and highly experienced instructor in the field of international financial reporting, with a particular professional interest in IFRS for oil and gas companies, IPSAS financial management for the public sector and financial statements analysis. Alan has delivered oil and gas in-house programmes for such organisations as ENI, Gazprom, the Nigerian Petroleum Development Company and National Oil Corporation of Kenya. His recent in-house IPSAS clients include UNICEF, ECOWAS and The International Centre for Genetic Engineering and Biotechnology. Alan began his professional career as an auditor with PwC before co-founding their client training business in the UK. During this time he worked on the privatisation of British Gas, taught financial reporting and financial controllership programmes for Shell and managed a team providing training and change management support to UK public sector entities as they transitioned from cash to accruals based accounting, including the Foreign and Commonwealth Office and the Ministry of Defence. On leaving PwC, after nearly 20 years, he set up his own financial training business, which focuses on supporting local authority staff in all aspect of financial management. Alan is a member of the ICAEW Financial Reporting and Business and Management Faculties and the Institute of Internal Auditors.

In House

To bring this course in-house please contact us and we will be pleased to assist

Course details

Course schedule

Select a start date for more details

28 Aug 2019 London

Course level:
24 hours
Start date:
28 Aug 2019
Start time:
Finish date:
30 Aug 2019
Finish time:
GBP 2,700
Subject to UK VAT (Read more)
< Return to course search Top ↑
Print Email