Public Financial Management (PFM) Banner

Public Financial Management (PFM)

Public Financial Management (PFM) Icon

Overview of Public Sector Risk Management and Internal Audit (3 days)

Course Details

This course is not presently part of our active schedule and we are monitoring demand. Join our waiting list so our customer service team can include you in the conversation. We can keep you informed and updated when venues/dates are available.
Do you need to train a group of employees?
Tell us your training needs, and we will plan an agenda to address the issues that matter most to your organization.
Enquire Now


We are managing our face to face Public Financial Management course schedule carefully right now. If the training course you want is not available, we may be offering a virtual alternative! View our Virtual Classroom schedule to see what is being delivered live in our online classrooms.

If you don’t see the Public Financial Management training topic, you are looking for, or if you would like an online classroom in another timezone, please tell us.

You can learn more about our virtual, online courses and how they work on our Virtual course FAQ page.

A recent report from the UK’s Chartered Institute of Internal Auditors (CIIA) on the UK public sector found that over a third of organisations did not have effective mechanisms to manage risk. As public sector organisations come under increasing pressures globally to reduce costs and improve accountability and performance, effective risk management and coordination with a strong internal audit function are critical to their success and survival. This course offers an overview of the elements of a successful integrated risk management approach by reviewing best practices in public sector risk management and Internal Audit, from the adoption of enterprise risk management to the implementation of standards issued by the Institute of Internal Auditors (IIA) in the day-to-day operation of the internal audit. Topics covered include why use enterprise risk management, approaches to enterprise risk management used by the public sector and recent updates, the IIA standards to be implemented as best practice; managing the internal audit function, risk assessment and evaluation of internal controls design and testing their operating effectiveness. We will also cover in overview the documentation process for conducting Internal Audit assignments, elements to be included in the working papers and how findings are reflected in the audit report. The course also examines how to structure an Internal Audit Department and the various skills needed with changes in the public sector environment.

The course will answer questions such as:

  • What are the benefits of a coordinated, systematic approach to risk management?
  • What is enterprise risk management and is it appropriate to my public sector organisation?
  • What changes were introduced by the updates to ISO 31000 in 2018 and COSO ERM in 2017?
  • How should risk management be devolved through the organisation?
  • Why is risk management so difficult to embed successfully?
  • How to structure the relationship between operational risk managers, the risk management function and internal audit?
  • How does the internal audit department add values to the organization?
  • Why do some internal audit departments fail to deliver effective assurance?
  • How is internal audit effectiveness measured – objectively and subjectively?
  • What are the key standards for internal audit?

This course has been retired and is no longer available.  Please see our latest courses on this topic below or contact our Customer Services Team.

Learning Objectives

  • Gain knowledge of risk management best practices and recent changes to them
  • Develop understanding of internal audit concepts
  • Review and understand the IIA Standards
  • Learn the details of internal audit engagements
  • Understand the importance of risk management and internal audit in the public sector

Who Should Attend

  • Managers with responsibility for setting up risk management functions in government departments, agencies and local government
  • Risk managers operating in the public sector
  • Internal auditors operating in the public sector
  • Qualified Internal Auditors and risk managers needing to update and refresh their knowledge
  • Those returning to working in risk management or internal audit
  • Personnel within the public sector who need a better understanding on risk management and the internal audit function


  • Introduction
    • Overview
    • Relationship between risk management and internal audit
  • Risk management
    • Risk Management frameworks
    • COSO Internal control framework
    • Applicability of private sector enterprise risk management models (COSO Enterprise Risk Management Framework 2017 and ISO 31000 2018) to the public sector
    • Internal control framework
    • Setting an appropriate risk governance framework
    • Integrating top down and bottom up risk management activities
    • Coordinating the activities of functions with risk management responsibilities
    • Embedding risk management into the organisation
    • Risk management challenges; contracting public expenditure, partnership working, use of the private sector to provide public services
    • Structure of the risk management team
    • Managing the risk management process
  • Internal audit
    • The role of internal audit and the development of standards by the Institute of Internal Auditors
    • Attribute standards
      • Purpose, authority, and responsibility
      • Independence and objectivity
      • Proficiency and due professional care
      • Quality assurance and improvement program
    • Performance standards
      • Managing the internal audit activity
      • Nature of work
      • Engagement planning
      • Performing the engagement
      • Communicating results provisions
      • Monitoring progress
    • Adaptations of International Standards for the Professional Practice of Internal Auditing to the public sector context
  • Working papers and reporting
    • Developing working papers
    • Internal audit report
      • Significant audit findings
      • Engagement results
  • Developing the internal audit function
    • Internal audit capability matrix
    • Performance effectiveness
    • IA Competency framework

Teaching Method

  • Group live instruction in a workshop format
  • Review the main IIA Standards and understand the principles
  • Extensive use of real-world samples, documents, case studies and exercises
  • High level of attention to individual participants
  • Interactive participation is encouraged
  • All participants receive a comprehensive binder containing copies of the presentation slides, handouts and other course materials


The instructor for this course will be drawn from one of our core faculty of subject matter experts. Further details will be published at the earliest opportunity.


Our seminars take place in 4 star professional conference facilities, generally in city-centre hotels like the Marriott, Sheraton or Hilton brands. Detailed Joining Instructions are sent to all registered delegates by email approximately one month before the event. The Joining Instructions will confirm exact venue details and nearby (or onsite) hotel recommendations with bedroom rates where available. Coffee and lunch will be provided.

CPE/CPD Accreditation

IASeminars is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.


Field of study: Accounting


Prior experience in a risk management or internal audit function will be helpful but is not essential. No advance preparation is required for this course.