Print Page   |   Sign In   |   Register
Claudelle von EckChief Executive Officer of the IIA SA

The New COSO Integrated Risk Management course for the internal audit Prof (NIRM) 18-20 October 2017
Tell a Friend About This EventTell a Friend

King III advocates that Risk Management (RM) is the cornerstone of Corporate Governance. King III RM guidelines are in line with the globally accepted “COSO Integrated Risk Management Framework”. The COSO RM theory and methodology is a globally accepted framework for the basis for effective RM practice yet there are many challenges in successfully implementing it, with one of the main causes being a lack of knowledge, techniques and skills in the practical application of the theory.

2017/10/18 to 2017/10/20
When: 18-20 October 2017
Registration starts at 8:00am
Where: Corporate Conference Centre
Johannesburg, Gauteng 
South Africa
Contact: Project Coordinator: CPD and Events

Online registration is closed.
« Go to Upcoming Event List  

Untitled Document

Presenter/s: Logan Govender
Duration: 3 Days
CPD Hours: 24
ex VAT
incl VAT
R6 175.44
R7 040
R7 485.97
    R8 534



This course is imperative for the IA profession as it goes beyond the traditional boundaries of internal control, enabling the creation of risk-based auditable controls to aid in developing audit strategy/plans and audit execution.


Whilst this new version of the course still covers the much needed knowledge on applying the RM theory in the live environment, it goes further into explaining the role of the IA expanding from its “Core Audit Function” into the “Consulting Role” as well to assist organization to achieve an efficient and effective Risk Management practice.



  • Understand RM Governance within Corporate Governance (CG) in line with King III Guidelines.
  • Understand the COSO Internal Control framework latest Dec 2011 principles and the COSO Integrated RM framework and the association between the two
  • Learn the COSO Application Techniques (using examples, test questions and model answers) applicable throughout the COSO RM components (i.e. RM iterative life-cycle). 
  • Be able to actively participate and contribute in the COSO RM process undertaking with the likes of Risk and IT officials and other senior persons
  • Learn through some case studies of RM failures and successes
  • Obtain an overview of IT Risks and understanding that “IT Risks is Business risk” 
  • You will obtain an overall knowledge of the COBIT 5 IT Risk framework which includes a basic knowledge of what constitutes IT General Controls and   risks associated with IT Applications and IT elements/components associated with business risks.
  • Finally you will be able to:
  • device means to evaluate the whole RM process
  • make recommendations for RM and IA improvements
  • confidently participate and contribute in IA, RM and IT discussions
  • be able to confidently cast an opinion to the Business at large on the effectiveness or lack thereof of the RM process  
  • obtain insights to assist IA to devise audit plans from Risk Assessments


Introduction to ERM

  • Overview of King III on Corporate Governance and Risk Management
  • Separating Governance and Management of risks
  • How does ERM improve the Return on Investment (ROI)?
  • Why has Risk Management taken centre-stage? 
  • Relationship between the COSO Internal Control System and the COSO Integrated Risk Management Framework 
  • The ERM Maturity matrix

The COSO Internal Control System

  • The purpose and structure of the Internal Control System 
  • Why the need for expanding the “Risk Assessment” process into the COSO 
  • Integrated Risk Management Frame work. 
  • Discuss the new Principles-based COSO internal control system and its implications on IA

The COSO Integrated Risk Management Process

  • Overview of the COSO Integrated Risk Management Framework

The Challenges in Implementing RM

  • Experiences and open discussion
  • Establish the Major Challenges
  • Implications on IA

[Group Work – Correlate the Major Challenges to different components of the COSO RM ramework] 

Internal environment

  • What are the elements that make up the “organizational setting” 
  • What are the challenges in creating a conducive environment for ERM
  • What and how to get your organizational setting to be conducive for effective ERM practice 
  • How to approach the implementation of the above and get leadership to “ set the tone from the top”
  • Implications on IA 

Objective Setting Approach and Techniques

  • Risk-based Business Objective setting
  • Roles and responsibilities of Objective setting
  • Techniques involved in Objective Setting
  • What is the impact/interrelationship between Objective setting, risk appetite and risk tolerance and how are all these aligned? 
  • Implications on IA 

[Group Work – Case study & Activity]











Techniques to Identify Risk 

  • Linking risk events with Business Objectives
  • Techniques to effectively identify risk events
  • Implications on IA 

[Group Work – Group Work – Questions, review against model answers]


Techniques to undertake Risk Assessment 

  • Understanding, Selecting and Applying different Methods for undertaking risk assessment
  • Implications on IA 

[Group Work – Questions, review against model answers]


Techniques for Risk Response handling 

  • What and how to apply different strategies to risk responses
  • Implications on IA

[Group Work – Questions, review against model answers]


Techniques on Establishing and Controlling  Activities

  • How  to identify Control Activities to ensure correct responses to risks
  • Managements acceptance of risk
  • The Impact of RM on the development of IA Plans
  • Implications on IA 

[Group Work – Questions, review against model answers]

Techniques for  Risk Information & Communication 

  • Risk Maps
  • RM Information flows
  • Implications on IA 

[Group Work – Questions, review against model answers]

Techniques for  ERM Monitoring

  • How to effectively manage the ERM process 

IA’s overall responsibilities in the RM process

  • RM responsibilities per the IA Charter
  • The RM Maturity Model
  • Building a Roadmap for RM improvement 

Summary of Course

  • Establish what you have learnt through a Business Game 
  • Areas to improve own learning
  • Proposed future learning

Who should attend?


Level 1

Entry or introductory level for those requiring a fundamental understanding of the subject.

Level 2

Internal auditors who are already practicing internal audit and have a basic understanding of the subject

Level 3

 Supervisory/competent/senior internal  auditors: those who already have a      sound, practical grasp of the          fundamentals of internal auditing and manage staff

Level 4
For advanced internal auditors: Auditors with excellent understanding of topics being presented, who are interested in exchanging knowledge with instructors and other participants




 A 10% discount applies if 2 or more participants from the same company attend this course.
Please be advised of the event terms and conditions.
Delegates are also requested to review the content and the levels of the courses presented before booking, to ensure they are attending the right course.

Sign In

Upcoming Events

2018/09/10 » 2018/09/11
Ethics and the Internal Auditor (ETIA) 10-11 September 2018 - Windhoek Namibia