Course Outline - Training For LGU Internal Auditors - 2024

Center for Internal Advisory Services Philippines
CIASP
TRAINING
for LGU INTERNAL AUDITORS
and other key LGU personnel
SEMINAR INFORMATION
Face-to-face Training: Makati City

Seminar Title Schedule Fee Course Info
Risk Based Internal Auditing June 3, 4, 5, 6 and 7 15,680.00 Click here for
Crown Regency Hotel discounted course outline
Makati City for LGUs Pages 8 to 14
(Live-out)
Online Training through Zoom

Internal Auditing School I October 1, 2, 3, 4, 8, 9, 19,400.00 Click here for
(Complete course on the 10, 11, 14, 15, 16, 17, discounted course outline
internal audit cycle) 18, 21, 22, 23, 24, 25, 28 for LGUs Pages 15 to 30
and 29
Internal Audit Policy and September 9, 10, 13, 16, 19,800.00 Pages 31 to 38
Procedures Manual with 17, 18, 19 and 20
Quality Assurance and
Improvement Program
IT Auditing Fundamentals November 11, 12, 13, 9,408.00 Pages 39 to 42
14 and 15
Fraud Audit Fundamentals November 18, 19, 20, 9,408.00 Pages 43 to 45
21 and 22
Page 1 of 106
Telephone: (63 2) 87887928; Mobile: 0915-7068046
Email: information@ciasp.com.ph or centerforinternalauditservices@gmail.com
Website: www.ciasp.com.ph
Computer Assisted Auditing December 9, 10, 11, 12 9,408.00 Click here for
Techniques (CAATs) and Data and 13 course outline
Analytics Using Excel Pages 46 to 49
Audit Sampling and Root November 9, 16, and 23 9,408.00 Pages 50 to 53
Cause Analysis
Audit 101: Internal Auditing December 2, 3, 4, 5 and 9,408.00 Pages 54 to 59
for Non-Auditors 6
Applying CAATs in Financial August 5, 6, 7, 8 and 9 9,408.00 Pages 60 to 64
Reporting
Applying CAATs in Revenue August 12, 13, 14, 15 9,408.00 Pages 65 to 68
to Collection and 16
Internal Audit and Financial September 9, 10, 11, 12 9,408.00 Pages 69 to 74
Controls for Donor-funded and 13
Projects
Applying CAATs in Inventory September 16, 17, 18, 9,408.00 Pages 75 to 78
Count and Reconciliation 19 and 20 9,408
Audit of Procurement and September 21, 28; 9,408.00 Pages 79 to 82
Payables October 5 and 12
Applying CAATs in Payroll September 23, 24, 25, 9,408.00 Pages 83 to 86
26 and 27
Audit Rating System September 23, 24, 25, 9,408.00 Pages 87 to 91
26 and 27
Preventing and Detecting November 4, 5, 6, 7 and 9,408.00 Pages 92 to 95
Procurement Fraud 8
Internal Audit’s Role in the November 12, 13, 14, 19,800.00 Pages 96 to
Risk Management Process 15, 19, 20, 21 and 22 102
Developing Standardized January 18 and 25, 2025 9,408.00 Pages 103 to
Audit Work Program and Test 106
Templates
Page 2 of 106
List of Local Government Units
that have sent participants to various CIASP seminars such as:
• Risk-based Internal Auditing for LGUs (15 batches)

• Internal Auditing School I
• Internal Audit Policy and Procedures Manual with QAIP
• IT Auditing Fundamentals
• Fraud Audit Fundamentals
• CAATs and Data Analytics Using Excel
• Audit Sampling and Root Cause Analysis
• Audit 101: Internal Auditing for Non-Auditors
• Internal Audit and Financial Controls for Donor-funded Projects
• Preventing and Detecting Procurement Fraud
• Internal Audit’s Role in the Risk Management Process
• Internal Audit Strategic Plan and Risk-Based Audit Plan
PREVIOUS ATTENDEES
• Provincial Government
1. Provincial Government of Agusan del Norte (3 pax)
2. Provincial Government of Agusan del Sur (2 pax)
3. Provincial Government of Albay (2 pax)
4. Provincial Government of Antique (3 pax)
5. Provincial Government of Aurora (4 pax)
6. Provincial Government of Batanes (3 pax)
7. Provincial Government of Bukidnon (6 pax)
8. Provincial Government of Bulacan (5 pax)
9. Provincial Government of Cagayan (5 pax)
10. Provincial Government of Camarines Sur (4 pax)
11. Provincial Government of Capiz (4 pax)
12. Provincial Government of Catanduanes (1 pax)
13. Provincial Government of Davao del Sur (3 pax)
14. Provincial Government of Dinagat Islands (1 pax)
15. Provincial Government of Ifugao (1 pax)
16. Provincial Government of Isabela (5 pax)
Page 3 of 106
17. Provincial Government of Kalinga (1 pax)
18. Provincial Government of La Union (6 pax)
19. Provincial Government of Lanao del Norte (1 pax)
20. Provincial Government of Maguindanao (4 pax)
21. Provincial Government of Misamis Occidental (6 pax)
22. Provincial Government of Nueva Vizcaya (1 pax)
23. Provincial Government of Oriental Mindoro (2 pax)
24. Provincial Government of Pangasinan (3 pax)
25. Provincial Government of Palawan (3 pax)
26. Provincial Government of Quirino (1 pax)
27. Provincial Government of Samar (3 pax)
• City Government
1. City Government of Antipolo (5 pax)
2. City Government of Bacoor (2 pax)
3. City Government of Balanga (2 pax)
4. City Government of Bislig (2 pax)
5. City Government of Bogo (2 pax)
6. City Government of Cabadbaran (3 pax)
7. City Government of Caloocan (2 pax)
8. City Government of Cebu (15 pax)
9. City Government of Danao (4 pax)
10. City Government of Davao (3 pax)
11. City Government of Dipolog (1 pax)
12. City Government of General Trias (8 pax)
13. City Government of Gingoog (2 pax)
14. City Government of Iloilo (5 pax)
15. City Government of Kidapawan (1 pax)
16. City Government of Ligao (1 pax)
17. City Government of Maasin (2 pax)
18. City Government of Makati (9 pax)
19. City Government of Malolos (1 pax)
20. City Government of Mandaluyong (2 pax)
21. City Government of Mandaue (3 pax)
22. City Government of Mati (3 pax)
Page 4 of 106
23. City Government of Muntinlupa (1 pax)
24. City Government of Ormoc (2 pax)
25. City Government of Pasay (3 pax)
26. City Government of Puerto Princesa (3 pax)
27. City Government of Quezon (1 pax)
28. City Government of San Pedro (2 pax)
29. City Government of Santa Rosa (6 pax)
30. City Government of Santiago (5 pax)
31. City Government of Tabuk (9 pax)
32. City Government of Tagbilaran (2 pax)
33. City Government of Tagum (1 pax)
34. City Government of Tuguegarao (2 pax)
35. City Government of Valencia (3 pax)
36. City Government of Vigan (1 pax)
• Municipal Government
1. Municipal Government of Albuera, Leyte (1 pax)
2. Municipal Government of Aloguinsan, Cebu (1 pax)
3. Municipal Government of Angadanan, Isabela (1 pax)
4. Municipal Government of Asipulo, Ifugao (1 pax)
5. Municipal Government of Baao, Camarines Sur (1 pax)
6. Municipal Government of Bacnotan, La Union (1 pax)
7. Municipal Government of Bansalan, Davao del Sur (1 pax)
8. Municipal Government of Bantayan, Cebu (1 pax)
9. Municipal Government of Barobo, Surgao del Sur (1 pax)
10. Municipal Government of Bayambang, Pangasinan (1 pax)
11. Municipal Government of Biri, Northern Samar (1 pax)
12. Municipal Government of Buhi, Camarines Sur (1 pax)
13. Municipal Government of Columbio, Sultan Kudarat (1 pax)
14. Municipal Government of Concepcion, Tarlac (2 pax)
15. Municipal Government of Consolacion, Cebu (1 pax)
16. Municipal Government of Diffun, Quirino (4 pax)
17. Municipal Government of Dulag, Leyte (1 pax)
18. Municipal Government of Dumalinao, Zamboanga del Sur (1 pax)
19. Municipal Government of El Nido, Palawan (5 pax)
20. Municipal Government of Enrile, Cagayan (3 pax)
Page 5 of 106
21. Municipal Government of Esperanza, Sultan Kudarat (2 pax)
22. Municipal Government of Goa, Camarines Sur (1 pax)
23. Municipal Government of Guindulman, Bohol (2 pax)
24. Municipal Government of Hinoba-an, Negros Occidental (1 pax)
25. Municipal Government of Jaro, Leyte (1 pax)
26. Municipal Government of Kalibo, Aklan (1 pax)
27. Municipal Government of Kasibu, Nueva Vizcaya (1 pax)
28. Municipal Government of Kayapa, Nueva Vizcaya (5 pax)
29. Municipal Government of Libon, Albay (1 pax)
30. Municipal Government of Loon, Bohol (4 pax)
31. Municipal Government of Manolo Fortich, Bukidnon (3 pax)
32. Municipal Government of Marcos, Ilocos Norte (1 pax)
33. Municipal Government of Milagros, Masbate (1 pax)
34. Municipal Government of Mina, Iloilo (2 pax)
35. Municipal Government of Mondragon, Northern Samar (1 pax)
36. Municipal Government of Northern Kabuntalan, Maguindanao (2 pax)
37. Municipal Government of Oton, Iloilo (1 pax)
38. Municipal Government of Palanas, Masbate (2 pax)
39. Municipal Government of Pasacao, Camarines Sur (1 pax)
40. Municipal Government of Pasil, Kalinga (6 pax)
41. Municipal Government of Pilar, Cebu (1 pax)
42. Municipal Government of Pinamungajan, Cebu (1 pax)
43. Municipal Government of Real, Quezon (1 pax)
44. Municipal Government of Roxas, Palawan (1 pax)
45. Municipal Government of Sadanga, Mountain Province (1 pax)
46. Municipal Government of San Agustin, Surigao del Sur (1 pax)
47. Municipal Government of San Fernando, Bukidnon (1 pax)
48. Municipal Government of San Juan, Batangas (2 pax)
49. Municipal Government of Santa Barbara, Iloilo (2 pax)
50. Municipal Government of Siocon, Zamboanga del Norte (1 pax)
51. Municipal Government of Sison, Surigao del Norte (1 pax)
52. Municipal Government of South Ubian, Tawi Tawi (1 pax)
53. Municipal Government of Tago, Surigao del Sur (1 pax)
54. Municipal Government of Tapaz, Capiz (1 pax)
Page 6 of 106
55. Municipal Government of Tudela, Misamis Occidental (2 pax)
56. Municipal Government of Tupi, South Cotabato (4 pax)
57. Municipal Government of Valencia, Negros Oriental (1 pax)
58. Municipal Government of Vinzons, Camarines Norte (2 pax)
• Other LGU Facilities

1. PGO Antique - Angel Salazar Memorial General Hospital (1 pax)
Page 7 of 106
RISK BASED INTERNAL AUDITING
(Condensed version of Internal Auditing School I)
PROGRAM DETAILS
Schedule: June 3, 4, 5, 6 and 7, 2024

Duration: Five days
Time: 8:00 am to 12:00 noon; 1:00 pm to 5:00 pm per session day
Venue: Makati City (Crown Regency Hotel)
Knowledge Level: Basic to Intermediate
Competencies: International Professional Practices Framework, Governance Risk and Control,
Business Acumen, Internal Audit Delivery, Communication
Delivery Format: Face-to-Face Onsite Classroom Training
Position Level: Internal Auditors and other key personnel interested to learn about the risk
based internal auditing process
Prerequisite: None
Regular Rate: Php 19,600.00 per participant (inclusive of VAT)
Discounted Rate: Php 15,680.00 per participant (inclusive of VAT) for LGU participants; Live-
out rate
OBJECTIVES
PROGRAM DESCRIPTION
This program will provide a comprehensive, hands-on and systematic approach to

understanding all the key areas of the internal audit process. It will provide the participants
with the critical knowledge, skills and competencies for them to perform their job effectively.
It will also align with any relevant competency framework or training needs analysis for audit
personnel. This program is ideal for new internal auditors as well as for experienced internal
auditors who want to refresh their knowledge on leading practices or benchmark with other
participants and organizations. This will result more value-adding services given to Board,
Local Chief Executive, Head of Agency, management and stakeholders.
PROGRAM OBJECTIVES
At the end of the program, the participants will be able to:
Module 1: Internal Auditing Foundational Elements

Internal Audit Strategic Plan and Risk Based Annual Audit Plan
Page 8 of 106
• Understand the role of internal auditing under a governance, risk management and
control framework;
• Get an overview of the process and components in developing the internal audit strategic
plan;
• Develop the risk-based plan of engagements;
Module 2: Internal Audit Engagements

Planning, Performing, Communicating Results, and Monitoring the Individual Audit
Engagement
• Understand and apply the key steps of the individual engagement process: engagement
planning, performing the engagement, communicating results and follow-up and
monitoring
• Demonstrate the ability to evaluate adequacy of control design and effectiveness of
implementation
• Apply the techniques, principles, and practices of producing a good quality audit
workpaper;
• Develop a systematic method to integrate the data to support the audit engagement
results.
• Learn how to communicate audit findings clearly and report accurately;
PROGRAM METHODOLOGY
The Risk Based Internal Auditing course will be delivered through a combination of:
• Facilitated lectures
• Workshops (using actual data or existing processes of the participant’s organization)
• Sharing of work experiences and presentation of participant outputs
• Pre-Test/Baseline Assessment and Post-Test/Improvement from Baseline
PROGRAM OUTLINE
MODULE 1: Internal Auditing Foundational Elements

I. Internal Auditing under a Governance Framework
• Governance, risk management and control principles
• Governance in the corporate setting, public sector setting or LGU setting
• The role of internal auditing
• Authoritative framework/guidance
Page 9 of 106
o International Professional Practices Framework (IPPF) or Global Internal Audit
Standards
o Other authoritative guidance in the public sector such as IASPPS, LGIAM, and
RPGIAM
II. Developing the Internal Audit Strategic Plan: Overview

• Overview of the internal audit strategic planning steps
• Establish or review the mandate of the internal audit activity
• Revisit and understand the organizational environment
• Discuss with stakeholders their expectations
• Develop or update the internal audit vision, mission and values
• Assess the current situation
• Develop clear road map and initiatives to attain the internal audit vision
• Let the strategic plan drive the annual risk-based audit plan
III. Establishing the Annual Risk-Based Plan of Engagements

• Overview of the risk-based annual audit planning process
▪ Enhance understanding of the organization’s strategic objectives, key projects and
programs, performance measures or outcomes and details of the long-term plan
▪ Facilitate or conduct the risk assessment
o Identify risks relevant to the organization that would affect its vision, mission
and strategic objectives (i.e., risk universe or risk register)
o Analyze impact and likelihood of the risks (i.e., use of risk matrix or criteria)
o Evaluate and determine top risks for the organization (i.e., use of risk map and
development of risk profile)
▪ Establish or refine the audit universe
▪ Identify the priority areas to audit
▪ Determine resources needed
• Consolidate the plan for presentation and approval
• Secure final approval from the President, Board/Audit Committee, Local Chief
Executive or Head of Agency, as applicable
• Fine-tune the reporting process
• Implement a monitoring process for the plan
Page 10 of 106
MODULE 2: Internal Audit Engagements
A. Planning the Engagement
• Audit engagement overview: “The Big Picture”
• Engagement planning considerations
• Key steps in engagement planning
• Set up the audit management files
• Send out audit memorandum or audit engagement letter to the audit client
• Conduct the initial study
• Conduct the entrance meeting
• Understand the process through a preliminary survey. Use common data
gathering tools such as flowcharts, interviews, observations, document review,
internal control questionnaires, and analytical procedures. Involve the process
owner in the data gathering and discussion process.
• Identify and define process or activity objectives
• Identify and define process or activity risks
• Identify, evaluate, and classify the controls. Ensure proper classification of
controls
• Analyze the control design if it is adequate to respond to the risks to meet the
objectives (i.e., assessment of design effectiveness). Provide recommendations
as appropriate.
• Complete the engagement risk assessment to determine the focus areas for
testing
▪ Refine the audit objectives based on the results of the risk assessment
• Identify and use adequate criteria.
• Consider probability of significant errors, fraud, and non-compliance when
developing the engagement objectives
• Refine the audit scope based on the engagement objectives. Scope should
include what is covered such as records, personnel, systems, and physical
properties. Scope should also state what is not covered or any scope limitation.
• Develop the engagement procedures or work program including how to:
• Determine the combination of tools to gather audit evidence
• Provide evidence of approval by chief audit executive or designee
• Determine if the work program can be standardized, if applicable
Page 11 of 106
• Identify the engagement resources needed. Ensure they are sufficient and
adequate.
• Complete the engagement plan
B. Performing the Engagement

• Performing the engagement considerations
• Key steps in performing the engagement
• Gather or validate audit evidence
• Understand the qualities of audit information or evidence (sufficient, useful,
relevant, and reliable)
• Analyze the audit evidence or the test results
• Use the 5 C’s (Criterial, Condition, Cause, Consequence or Effect, and Corrective
Action or Recommendation)
• Draw conclusion
• Provide assessment on the effectiveness of controls to respond to risks to
achieve the objectives (i.e., assessment of operating effectiveness)
• Highlight the top issues (e.g., top three issues)
C. Communicating Results
• Finalize the audit findings worksheet and audit issues worksheet.
• Conduct an alignment meeting, if necessary, to confirm audit evidence and answer
questions of facts
• Present the results in an exit meeting
• Get management response on the recommendations and action plans.
D. Closing the Audit Engagement

• Ensure there is evidence of proper supervision throughout the engagement so that
objectives are achieved, quality is assured and staff is developed.
• Close the engagement file and store properly in manual or electronic form
E. Monitoring Progress
• Establish the follow-up and monitoring system
• Implement the follow-up and monitoring system
• Determine the level of effort (or level of testing) to validate closure
• Evaluate adequacy, timeliness and effectiveness
• Document results
• Conduct periodic reporting and updates
Page 12 of 106
• Report submitted to senior management, Board and General Manager on the
status of implementation of management action plans
• Communicate the acceptance of risk, as applicable
REGISTRATION
To register, please consider either of the following options:

• Option 1: Please visit CIASP website, www.ciasp.com.ph. Click on the “Register”
button for the seminar on Risk Based Internal Auditing. You will be directed to an
online Google form. Please fill in your details on the form and click ‘Submit.’ We will
acknowledge your registration as soon as practicable.
Or click here to register:
https://docs.google.com/forms/d/e/1FAIpQLSfOuXc0OTxNzm-
IUwju_ELv1MlTU1iJUDZMYdNe5mV2DlH6-g/viewform
• Option 2: You can email or communicate with us through information@ciasp.com.ph
and/or centerforinternalauditservices@gmail.com. Please provide your full contact
details (full name, organization, designation, email address, office phone and mobile
phone).
We will provide billing invoice upon receipt of the registration.
FEES AND PAYMENT DETAILS
• Regular Rate - Php 19,600.00 inclusive of VAT

• Discounted Rate – Php 15,680.00 inclusive of VAT for the LGU participants
• Limited slots. Guaranteed seats will be given to those with paid registration.
• Payments can be made in cash or check.
• Payment should be deposited to any BPI branch. Payment can also be done through
online funds transfer (e.g. PesoNet, GCash, Maya, InstaPay, LDDAP, bank wire transfer,
etc.). CIASP bank account details are:
• Bank of the Philippine Islands (BPI)
• Current Account Number: 1621-0070-72
• Account Name: Center for Internal Advisory Services Philippines Inc
• SWIFT Code/BIC: BOPIPHMM
• For check payment, please make it payable to the account name.
• For GCash transfer – bank: BPI; payee: Ciasp; Account number: 1621-0070-72
Page 13 of 106
• Payment through credit card or debit card (Mastercard, Visa, Amex) through Paypal
also accepted.
• Please email scanned copy or picture of deposit slip or online transfer form so we
could confirm receipt and provide the relevant seminar details and procedures.
OTHER SEMINAR DETAILS
• Seminar Inclusions:
• Attendance to the face-to-face classroom sessions
• Copy of presentation or powerpoint slides in pdf
• Templates, sample workpapers, worksheets, audit report format, sample executive
summary, presentation format
• References and other reading materials
• Certificate of completion
• Lunch, morning and afternoon snacks
• Post-seminar consultation
• Consultation with the resource speaker(s) can be made up to one month after
seminar date.
• Consultation can be done for the relevant areas of the modules, such as:
o Guidance on how to fill out and customize the templates for your internal
audit department
o Review of participant outputs or accomplished templates with comments
and recommendations, as applicable
o Possible benchmarking between your existing internal audit engagement
practices and the recommended approach
o Guidance on interpretation of concepts or Standards under the
International Professional Practices Framework
• Consultation can be done through email, call, Zoom meeting or similar means
• Delivery Mode:
• Face-to-face classroom training
• Venue:
• Makati City
o Crown Regency Hotel (Arnaiz Avenue, Makati City)
• Resource Speaker/Facilitator
• Pol B. Mirafuentes
Page 14 of 106
INTERNAL AUDITING SCHOOL I - Package
(Complete course on the internal auditing cycle)
PROGRAM DETAILS
Schedule: October 1, 2, 3, 4, 8, 9, 10, 11, 14, 15, 16, 17, 18, 21, 22, 23, 24, 25, 28 and 29
o Part 1: October 1, 2, 3 and 4, 2024: Internal Audit Strategic Plan
o Part 2: October 8, 9, 10 and 11, 2024: Risk Based Annual Audit Plan
o Part 3: October 14, 15, 16, 17, 18, 21, 22, 23, 24, 25, 28 and 29, 2024: Planning,
Performing, Reporting and Monitoring the Individual Audit Engagement
Duration and Time: Total of 20 sessions at 3.5 hours per session = 70 hours
o 8:30 am to 12:00 noon per session day
Delivery Format: Online Training though Zoom

Knowledge Level: Basic and Intermediate
Prerequisite: None
Competencies:
o Internal Audit Management; Governance, Risk Management and Control
o Business Acumen, Internal Audit Delivery
o International Professional Practices Framework
o Persuasion and Collaboration, Communication, Critical Thinking
Position Level:
o Internal Auditors (with or without experience)
o Chief Audit Executive (CAE) or Head of Internal Audit (HoIA)
o Accountants or supervising administrative officers who are tasked to establish an
internal audit office or designated in an acting capacity (OIC)
o Quality Auditors, Risk and Compliance Officers, Process Owners
o Other personnel interested to know about the risk-based internal audit process
Regular Package Rate: Php 21,560.00 per participant (inclusive of VAT)

Discounted Rate: Php 19,400.00 per participant (inclusive of VAT) for the FIRST 10
participants
Page 15 of 106
OBJECTIVES
PROGRAM DESCRIPTION
This program will provide a comprehensive, hands-on and systematic approach to

understanding all the key areas of the internal audit process. It will provide the participants
with the critical knowledge, skills and competencies for them to perform their job effectively.
It will also align with any relevant competency framework or training needs analysis for audit
personnel. This program is ideal for new internal auditors as well as for experienced internal
auditors who want to refresh their knowledge on leading practices or benchmark with other
participants and organizations. This will result to more value-adding services given to Board,
Local Chief Executive, Head of Agency, management and stakeholders.
PROGRAM OBJECTIVES
At the end of the program, the participants will be able to:
Internal Audit Strategic Plan and Risk Based Annual Audit Plan
• Understand the role of internal auditing under a governance, risk management and
control framework;
• Understand the process and components in developing the internal audit strategic plan;
• Develop the risk-based plan of engagements;
Planning, Performing, Reporting and Monitoring the Individual Audit Engagement

• Explain the overall individual engagement audit process: planning, performing,
communicating results and monitoring progress.
• Apply the key steps and components of engagement planning, performing the
engagement, reporting and monitoring process
• Demonstrate ability to evaluate adequacy of control design and effectiveness of
implementation
• Determine the appropriate workpaper to be produced at each stage of the audit process;
• Develop a systematic method to integrate the data to support the audit engagement
results.
• Learn how to communicate audit findings clearly and report accurately;
• Develop best audit report structure or format to meet management and Board
requirements and improve business performance;
• Write audit findings using the key elements: criteria, condition, cause, consequences, and
corrective action;
Page 16 of 106
• Highlight and document opportunities for improvement and other best practices;
• Learn how to deliver effective presentations to audit clients, top management and other
stakeholders by clarifying content, preparing effective materials and delivering with an
“X-Factor.”
PROGRAM OUTLINE
INTERNAL AUDIT STRATEGIC PLAN AND RISK BASED ANNUAL AUDIT PLAN
A. INTRODUCTION
• Internal Auditing Overview
• Internal auditing in the governance, risk management and control framework
• Key principles in internal auditing
• The International Professional Practices Framework (IPPF) or Global Internal Audit
Standards and other authoritative guidance in the public sector such as IASPPS,
LGIAM and RPGIAM
• Setting the Context
• The need for a strategic plan
• Overview of the internal audit strategic planning process
• Quality assurance considerations
B. THE STRATEGIC PLANNING PROCESS

• Establish or Review the Mandate of the Internal Audit Activity
• Adopt or revise the Internal Audit Charter; or other references for the public
sector such as the Sanggunian resolution, ordinance, department order or
executive order creating the internal audit service
• Revisit and Understand the Organizational Environment

• Understand the relevant industry and its environment
• Revisit the external context of the organization (e.g., PESTLE Analysis) to develop
understanding of the possible sources and nature of externally-driven risks
• Revisit the internal context of the organization (e.g., culture, personnel, process,
technology, capital, and assets) to understand the nature of internally-driven risks
• Revisit the organization’s vision, mission and values and understand how it is
responsive and relevant to the external and internal environment
• Discuss with Stakeholders Their Expectations

Page 17 of 106
• Identify the key internal and external stakeholders of internal audit
• Communicate directly with each key stakeholder
• Ensure stakeholders understand the value and capability of internal audit
• Ensure internal audit is appropriately positioned within the organization
• Manage the ‘expectation gap’
• Confirm and document the expectations
• Develop or Update the Internal Audit Vision, Mission and Strategic Objectives
• Develop or update the vision, mission, strategic objectives and core values based
on the mandate, external and internal context of the organization, stakeholder
expectations and other considerations
• Ensure all internal audit personnel are aligned with the vision and mission
• Assess the Current Situation

• Conduct SWOT analysis for the internal audit activity
• Consider inherent risks in managing the internal audit activity
• Develop Clear Roadmap and Initiatives to Attain the Vision

• Develop roadmap aligned with the vision and the appropriate capability or
maturity model to ensure that internal audit moves up from the current situation
to the desired level
• Develop indicators or critical success factors to determine the achievement of
each stage or milestone of the plan
• Determine key initiatives to attain the milestones
• Let the Strategic Plan Drive the Annual Risk Based Plans
• Divide the strategic plan into manageable units or time intervals (annual plans)
• Establish guidelines in preparing the annual plans
• Determine the audit cycle (e.g., three-year plan of engagements updated
annually)
• Revisit assumptions and parameters underlying the short-term organizational
goals
C. THE RISK-BASED ANNUAL AUDIT PLANNING PROCESS

• Understand the Organization
Page 18 of 106
• Revisit or update understanding the organization’s vision, mission, strategic
objectives, and long-term plan
• Determine if there are emerging strategic and organizational changes
• Conduct the Risk Assessment

• Understand the organization’s risk management process, if already fully
established; if not, facilitate the conduct of the risk assessment:
• Identify the risks relevant to the organization that would affect its vision,
mission, and strategic objectives (i.e., risk universe or risk register)
• Analyze or measure impact and likelihood of the risks (i.e., use of risk matrix
or criteria)
• Evaluate and determine top risks for the organization (i.e., use of risk map and
development of business risk profile)
• Establish or Refine the Audit Universe

• Define clearly the audit universe which can be divided based on:
• Organizational structure (office/department, section/unit, activities); or
• Process (executive, operational and support processes; or mega process,
major process, sub-process); or
• Other classification scheme.
• Determine Priority Areas to Audit

• Conduct the internal audit risk assessment to determine prioritization of audit
areas using any of the following approaches for assurance engagements:
• Direct; Specific risk approach
• Directly link the top risks to the audit universe
• Determine primary and secondary risk owners and stakeholders
• Indirect; Risk factor approach
• Identify risk factors
• Evaluate each auditable area based on the risk factors
• Hybrid approach
• Combine both direct and indirect approach
• Include consulting engagements (if specific and formalized) or provide for
informal consulting engagements
• Include follow-up audits
Page 19 of 106
• Ensure regular discussion with the President, CEO, senior management (or Head
of Agency, LCE, Sanggunian, department heads, as applicable) and other key
personnel to validate the priority areas and adjust as needed
• Consider the work and scope of other internal assurance providers (i.e., 2nd line of
defense) and external assurance providers (e.g., external auditor, CoA, CSC, DILG,
auditors of grant-making agencies, as applicable) when finalizing the scope of the
priority areas to audit
• Determine if there are regulatory guidelines that require some areas to be audited
more frequently than others
• Prepare in good form the annual plan of engagements based on the defined audit
cycle
• Ensure adequate coverage of the audit universe over the term of the plan
• Ensure Adequate Resources to Support the Plan

• Ensure resources are appropriate, sufficient, and effectively deployed
• Appropriate
• Mix of knowledge, skills, and competencies for the audit team; sourcing
strategy such as in-house, co-sourcing or outsourcing
• Incorporate knowledge of internal audit competency framework and
technical competencies
• Sufficient:
• Number of auditors needed; person-days or person-hours per
engagement and total for the year; determine productive work hours and
administrative work hours
• Provision for contingencies or unplanned audit engagements such as
special projects requested by board, LCE and management; fraud audits
• Financial resources (i.e., operating expense and capital expense budget)
• Other resources (e.g., new technology or audit management system)
• Effectively Deployed
• Assignment of auditors based on their skill, expertise, and professional
development considerations
• Duration of deployment (i.e., full-time, part-time, as needed, or based on
agreed-upon procedures)
Page 20 of 106
a. Enable the Approval, Reporting and Monitoring of the Internal Audit Strategic
Plan and Risk Based Annual Audit Plan
b. Consolidate the plan for presentation and approval
c. Use the suggested template or develop one
d. Secure approval for the plan
• Get feedback and endorsement
• Get final approval from the Board / Audit Committee or the functional
reporting authority (e.g., LCE, Head of Agency)
e. Fine-tune the reporting process
• Agree on the frequency, form, and content of the reporting activity
• Deliver effective reports highlighting significant governance, risk
management and control issues and other matters requiring board, LCE, Head
of Agency and senior management attention
f. Monitoring
• Establish a monitoring process
• Ensure periodic review of the plan
• Integrate with the quality assurance and improvement program
PLANNING, PERFORMING, REPORTING AND MONITORING THE AUDIT ENGAGEMENT
F. INTRODUCTION
• Overview of the individual audit engagement cycle

• Planning the audit engagement
• Performing the audit engagement
• Communicating or reporting results
• Monitoring progress or follow-up activity
• Principles in developing quality internal audit workpaper

• Purpose of workpaper
• Identifying users and their perspectives
• Workpaper flexibility
• Qualities of a good workpaper
• Workpaper techniques
• Organization
• Indexing
Page 21 of 106
• Cross-referencing
• Heading
• Sources
• Use of Tick Marks
• Evidence of Review
• Use of the Objectives, Risk and Control (ORC) Matrix as the primary working paper
G. PLANNING THE ENGAGEMENT
• Audit engagement overview: “The Big Picture”

• Engagement planning considerations
• Key steps in engagement planning
• Set up the audit management files
• Send out audit memorandum or audit engagement letter to the audit client
• Conduct the initial study
• Conduct the entrance meeting
• Understand the process through a preliminary survey. Use common data
gathering tools such as flowcharts, interviews, observations, document review,
internal control questionnaires, and analytical procedures. Involve the process
owner in the data gathering and discussion process.
• Identify and define process or activity objectives
• Identify and define process or activity risks
• Incorporate knowledge of fraud risks
• Identify, evaluate, and classify the controls. Ensure proper classification of
controls such as by:
• Placement (directive, preventive, detective, corrective, and monitoring
controls)
• Frequency (per transaction, as needed, and periodic controls)
• Method (manual and automated controls)
• Incorporate knowledge of IT application controls, IT general controls,
and IT security
• Level (transaction-level, department-level, and entity-level controls)
• Criticality (key and non-key control)
• Nature (hard and soft controls)
Page 22 of 106
• Analyze the control design if it is adequate to respond to the risks to meet the
objectives (i.e., assessment of design effectiveness). Provide recommendations
as appropriate.
• Incorporate knowledge of business process mapping, analysis, and
improvement
• Complete the engagement risk assessment to determine the focus areas for
testing
▪ Refine the audit objectives based on the results of the risk assessment
• Identify and use adequate criteria. Apply the audit rating system if already
established. If not adequate, discuss with management on the use of suitable
criteria. Consider expectations of senior management and the Board, LCE or
Head of Agency.
• Incorporate knowledge of audit rating system
• Consider probability of significant errors, fraud, and non-compliance when
developing the engagement objectives
• Refine the audit scope based on the engagement objectives. Scope should
include what is covered such as records, personnel, systems, and physical
properties. Scope should also state what is not covered or any scope limitation.
• Develop the engagement procedures or work program including how to:
• Determine the combination of tools to gather audit evidence
• Incorporate knowledge of CAATs or data analysis tools
• Develop sampling plan and methodology, if applicable
• Incorporate knowledge on attribute sampling and variables sampling
• Provide evidence of approval by chief audit executive or designee
• Determine if the work program can be standardized, if applicable
• Incorporate knowledge on standardized audit work program and test
templates
• Identify the engagement resources needed. Ensure they are sufficient and
adequate.
• Complete the engagement plan
H. PERFORMING THE ENGAGEMENT
• Performing the engagement considerations

• Key steps in performing the engagement
• Gather or validate audit evidence
Page 23 of 106
• Understand the qualities of audit information or evidence (sufficient, useful,
relevant, and reliable)
• Determine if the work program needs to be adjusted based on the evidence
gathered. Ensure that any adjustments are approved promptly
• Analyze the audit evidence or the test results
• Use the 5 C’s
• Criteria: Review the criteria
• Condition: Analyze the test results. Compare with the criteria. If condition
meets the criteria, acknowledge satisfactory performance, or give a
commendation. If condition does not meet criteria, analyze the extent of
the audit observation or finding
• Consequence: Determine and quantify the consequence or effect of the
deviation from the criteria (e.g., financial, operational, regulatory
compliance, reputational, budgetary, physical, health and safety, and
environmental consequence). Determine if it is an audit issue or not based
on risk impact (i.e., risk tolerance or materiality thresholds).
• Cause: Conduct a root cause analysis and discuss with the process owner.
• Incorporate knowledge of root cause analysis tools:
• Qualitative tools such as the Ishikawa fishbone diagram, 5 Whys,
etc.,
• Quantitative tools such as Pareto diagram, check sheets, histogram,
statistical control charts, scatter diagram, stratification, etc.
• Corrective Action or Recommendation: Provide recommendations that
address the root cause. Provide cost-benefit analysis as appropriate.
Recommendations can be classified as: immediate, short-term, and long-
term
• Draw conclusion
• Provide assessment on the effectiveness of controls to respond to risks to
achieve the objectives (i.e., assessment of operating effectiveness)
• Highlight the top issues (e.g., top three issues)
I. COMMUNICATING OR REPORTING RESULTS
• Finalize the audit findings worksheet and audit issues worksheet.

• Conduct an alignment meeting, if necessary, to confirm audit evidence and answer
questions of facts
Page 24 of 106
• Present the results in an exit meeting
• Get management response on the recommendations and action plans.
Management response can be:
• Accept the recommendation. Management will provide the details of the
action plan, the agreed timeline for implementation, the person responsible
and the resources needed.
• Modify the recommendation and submit counter proposal. The internal
auditor must assess feasibility of the counter-proposal to address the risk.
• Reject the recommendation. Internal auditor must assess the exposure to
the open risk. If the auditor finds the exposure as significant and
unacceptable, elevate this issue to higher levels of management. If not
resolved, discuss with the Board, LCE or Head of Agency the significant
exposure and communicate management’s acceptance of the risk
Report Writing
• Framework to writing more effectively
• Effective communications model
• The basics of business communication
▪ Writing to inform
▪ Writing to influence
• Steps to effective communication
▪ Defining the audience
▪ Getting clear on the message
▪ Determining the communication method
• POWER model to writing better
• Plan
• Organize
• Write
• Edit
• Revise
• The elegant finishing touches
• Mechanics: toplining
▪ Headings and subheadings
▪ Lists
▪ Indentations
Page 25 of 106
• Cosmetics
▪ Character formatting
▪ White space
• Writing effective audit observations
• Findings and test results
• What, Who, How
• Format
▪ Observation or test results
▪ Observation or test details
▪ Policy reference
• Tips and techniques
• Writing effective audit issue statements

• What, Who, How
• Format
• Issue (Title)
• Issue details
• Risk or impact
• With classification as to “critical, major, minor” or “high, medium, low”
• Policy references
• Recommendations
• Writing effective audit reports
• What, Who, How
• Format
• Introduction or background
• Purpose, scope or methodology
• Executive summary
▪ Assessment, strong points, top issues, details of other issues, top
recommendations
▪ Audit results and recommendations
• Workshop
Presentation Techniques
• Effective presentation basics
Page 26 of 106
• Review of communication basics – how is it different for presentations
• The framework: introduction, body, recap
• Principles for effective presentation materials
• Guidelines for content
• Guidelines for visual impact
• Discussion of what works and what does not work
• Exercise/case study
• Common presentations done by auditors (and how to rock them)
• The kick-off meeting
• The client update meeting
• The wrap-up and issues discussion meeting
• Management and board presentation
• Exercise/case study
J. CLOSING THE AUDIT ENGAGEMENT
• Ensure there is evidence of proper supervision throughout the engagement so that

objectives are achieved, quality is assured and staff is developed.
• Use of engagement checklist form as a guide
• Send audit client survey and analyze results
• Conduct individual and team appraisals
• Update QAIP or relevant performance measurement metrics
• Close the engagement file and store properly in manual or electronic form
K. MONITORING PROGRESS
• Establish the follow-up and monitoring system

• Proper classification and prioritization of audit findings/issues and relative risk
rating as aligned to the audit rating system
• Confirmation with management on the responses and details of the actions plans
• Procedures on:
• Receiving periodic updates from management
• Evaluation of response
• Verification of response
• Communication process
Page 27 of 106
• Mechanism for tracking observations (manual method or use of tracking
software)
• Coordination with compliance function or other internal assurance providers who
are also monitoring outstanding issues
• Implement the follow-up and monitoring system
• Determine the level of effort (or level of testing) to validate closure
• Table audit
• Testing done by other control groups
• Full follow-up audit
• Evaluate adequacy, timeliness and effectiveness
• Document results
• Conduct periodic reporting and updates
• Report submitted to senior management, Board, LCE, Head of Agency on the
status of implementation of management action plans
• Communicate the acceptance of risk, as applicable
REGISTRATION

button for the seminar on Internal Auditing School I - Package. You will be
directed to an online Google form. Please fill in your details on the form and click
‘Submit.’ We will acknowledge your registration as soon as practicable.
https://docs.google.com/forms/d/e/1FAIpQLSeyFJ6VJuuZNuE3__KnYAHRMMpKzhaU
xVek8Kak5qAgD0HnYw/viewform
phone).
Page 28 of 106
• Regular Package Rate - Php 21,560.00 inclusive of VAT

• Discounted Package Rate – Php 19,400.00 inclusive of VAT for the FIRST 10 paid
participants
also accepted.
• Attendance to the webinar sessions
• Templates, sample workpapers, worksheets, audit report format, sample executive
summary, presentation format
• Post-webinar consultation
• Consultation with the resource speaker(s) can be made up to one month after
webinar date.
audit department
Page 29 of 106
o Possible benchmarking between your existing internal audit engagement
practices and the recommended approach
• Delivery Mode:
• Webinar/Meeting through Zoom
• Resource Speakers/Facilitators
• Pol B. Mirafuentes
• Kristy M. Abello (tentative)
Page 30 of 106
INTERNAL AUDIT POLICY & PROCEDURES
MANUAL with
Quality Assurance & Improvement Program
(Comes with complete set of ready-to-use, comprehensive
Internal Audit Manual with forms, templates & workpapers)
COURSE DETAILS
Schedule: September 9, 10, 13, 16, 17, 18, 19 and 20, 2024
Duration: Eight half-day sessions
Time: 1:30 pm to 5:00 pm per session
Knowledge Level: Intermediate
Competency: Internal Audit Management and Delivery; IPPF
Delivery Format: Online Training through Zoom
Position Level: Internal Auditors (Chief Audit Executive, Manager, Supervisor or Senior Staff)
and other personnel handling risk and control responsibilities
Fee: Php 19,800.00 per participant inclusive of VAT
SEMINAR OBJECTIVES
At the end of the seminar, the participants are expected to:
• Understand the framework and rationale for developing and maintaining the internal
audit policies and procedures manual;
• Determine the components of the internal audit manual based on the size and
structure of the internal audit activity and the complexity of the work; and
• Understand how to improve policies and procedures to be able meet quality
assurance requirements and the expectations of stakeholders
COURSE OUTLINE
D. INTRODUCTION
• Key Principles in Internal Auditing
• Applicable Standards (IPPF)
• Other Guidelines and References (e.g. for Government Sector)
• Quality Assurance Considerations
Page 31 of 106
• Quality Assurance Requirements
• Evidence of Conformance to the Quality Program
• Dialogue with Stakeholders
E. INTERNAL AUDIT MANUAL FRAMEWORK

• Form and Structure
• Types of Manuals
• Common Sections and Components
• Determining the Applicability for the Organization
• Organizational Environment and Operating Policies
• Background
• Management Control Policy
• Management Responsibilities and Accountability
• Internal Control Framework
• Organizational Control Environment
• Key Operating Policies and Proper Business Practices
• The Internal Audit Activity
• International Professional Practices Framework
• The Internal Audit Organization
• Audit Process Overview
• Internal Audit Governance: Polices, Guidelines and Procedures
• Developing the Internal Audit Strategic Plan
• Vision
• Mission
• Core Values
• Critical Success Factors and Objectives
• Key Initiatives
• Internal Audit Charter
• Development, Approval and Regular Updates
• Alignment with Audit Committee Charter and Other References (e.g., PSE, SEC
and other regulatory codes and standards)
• Independence and Objectivity
• Guidelines on Auditor Personal Conduct, Code of Ethics and Independence
• Reporting on Conflict-of-Interest Situations and Other Real or Perceived
Issues on Objectivity and Code of Ethics
Page 32 of 106
• Annual Confirmation on the Organizational Independence of the Internal
Audit Activity
• Guidelines on Taking Additional Roles and Responsibilities Outside of Internal
Auditing
• Guidelines on Accepting Certain Assurance and Consulting Engagements
Where There are Potential Impairments to Independence and Objectivity
• Auditor’s Right to a Third Opinion
• Quality Assurance and Improvement Program
• QAIP Structure
• Performance Measurement System
• Key Performance Indicators
• Audit Productivity Measurement / Process Improvement and Metrics
• Ongoing Internal Monitoring
• Quality Checklists
• Peer Reviews
• Post-Engagement Surveys
• Periodic Internal Assessment
• Periodic Assessment of Standards
• Staff Surveys
• Customer Surveys
• External Assessment
• Self-Assessment with Independent External Validation
• Full External Assessment
• QAIP Reporting and Monitoring
• Internal Audit Staff: Policies and Procedures

• Capability Planning
• Capability Planning Framework
• Sourcing Strategies or Service Delivery Model
• Roles, Responsibilities and Accountabilities
• Position Descriptions
• Proficiency and Due Professional Care
• Managing Third-Party Providers
• Human Resource Management
• Recruitment
Page 33 of 106
• Recruitment Modes
• External (job postings, personal referrals, use of recruitment firms)
• Internal (guest auditors, transfers from other departments)
• Applicant Interviews
• Evaluation and Endorsement
• Retention
• Orientation and Onboarding
• Secondment and Rotation
• Flexible Work Arrangements
• Succession Planning
• HR Policies
• Confidentiality
• Health and Safety
• Travel
• Time Recording
• Performance Measurement
• Performance Appraisals
• 360-degree Process
• Peer Review
• Staff Satisfaction Survey
• Post-Engagement Reviews
• Professional Development
• Competency Framework
• Determining Training/Development Needs
• Preparing Individual Development/Training Plans
• Determining Group Training and Interventions
• Assessing Development/Training Progress
• External Development/Training Evaluations
• Mentoring and Team Meetings
• Professional Certifications
• Membership and Active Involvement in Professional Organizations
• Internal Audit Management: Policies and Procedures

• Annual Planning / Risk Based Plan
• Overview
Page 34 of 106
• Planning Principles
• Understanding the Business and the Organization
• Risk Assessment
• The Audit Universe
• Engagement Work Schedule
• Resource Management
• Human Resources / Scheduling and Assignments
• Technology and Equipment
• Financial Resources and Budget
• Approval of the Risk Based Plan
• Reporting to Senior Management and the Board
• Monthly and Quarterly Reporting
• Unscheduled Communications
• Reporting on Overall Opinion
• Coordination and Reliance on Other Assurance Providers
• External Auditors
• Internal Assurance Providers
• Other External Assurance Providers / Regulators
• Administrative Support to the Audit Committee
• Marketing the Internal Audit Function
• Other Policies
• Record Retention, Release and Disposal
• Library/Reference Materials
• Housekeeping
• Internal Audit Process: Policies and Procedures

• Types of Engagement
• Assurance
• Consulting
• General Guidelines for Accepting Consulting Engagements
• Considerations in Planning, Performing and Monitoring the Consulting
Engagement
• Nature of Work
• Planning the Individual Engagement
• Audit Management
Page 35 of 106
• Initial Study
• Understanding the Process or Activity
• Process Mapping
• Interviews
• Observation
• Internal Control Questionnaires
• Other Tools
• Process/Activity Objectives, Risks and Controls
• Refining Audit Objectives, Scope, Criteria
• Audit Rating System
• Engagement Work Program
• Procedures
• Sampling Plan and Methodology
• Data Analytics / CAATs
• Meeting with Audit Client
• Performing the Individual Engagement
• Gathering Evidence
• Analyzing Evidence
• Referral for Fraud or Further Investigation
• Findings and Conclusion
• Workpaper Documentation and Guidelines
• Communicating Results
• Principles of Communication
• Reporting Process
• Presentation / Exit Meeting
• Draft and Final Reports
• Quality Control and Client Feedback
• Closing the Audit Engagement / Knowledge Management
• Handover of Client and Engagement Information
• Capturing Lessons Learned
• Supervision
• Monitoring and Follow-up
• Monitoring Process
• Database of Audit Action Items
• Follow up Process
Page 36 of 106
• Closing the Action Items
• Acceptance of Risk
• Special Audit Engagements and Services
• Fraud Investigation
• Consulting Services
F. INTEGRATION AND WRAP UP
REGISTRATION

button for the seminar on Internal Audit Policy and Procedures Manual with
Quality Assurance and Improvement Program. You will be directed to an online
Google form. Please fill in your details on the form and click ‘Submit.’ We will
https://docs.google.com/forms/d/e/1FAIpQLSdXbQiayIhLOJtV7ClWqHNKveGO-Kj-
4gQtODnI3zc4UEN9hA/viewform
phone).
• Regular Rate - Php 19,800.00 inclusive of VAT

online funds transfer (e.g. PesoNet, GCash, Maya, InstaPay, bank wire transfer, etc.).
CIASP bank account details are:
Page 37 of 106
• For GCash transfer – bank: BPI; payee: Ciasp; account number: 1621007072
• Attendance to the online training sessions
• Soft copy of complete set of ready-to-use, comprehensive Internal Audit Manual
with forms, templates and workpapers
• Post-webinar consultation
• Consultation with the resource speaker can be made up to one month after
webinar date.
audit department
o Possible benchmarking between your existing Internal Audit Manual and
the recommended Manual
• Delivery Mode:
• Pol B. Mirafuentes; President, CIASP
• Time Schedule for the Webinar Sessions
• 1:30 pm to 5:00 pm per session day
Page 38 of 106
IT AUDITING FUNDAMENTALS
COURSE
COURSE DETAILS
Schedule: November 11, 12, 13, 14 and 15, 2024

Duration: Five half-day sessions
Time: 8:00 am to 12:00 noon per session
Delivery Format: Online Training / Webinar
Competency: Governance, Risk and Control, Business Acumen, Critical Thinking, Internal
Audit Delivery
Position Level: Internal Auditors, IT personnel, Compliance and Risk Officers, Operating
Management, Finance Personnel, or anyone interested to know about the IT Audit process
COURSE OBJECTIVE
The objective of this course is to provide a general overview of IT Auditing, within the context
of today’s business environment that is highly dependent on IT. At the end of the course, the
participants are expected to understand the value of IT and IT controls in Business Operations
and Strategy. They will also understand Information Systems control and auditing frameworks.
COURSE OUTLINE
MODULE 1: OVERVIEW OF IT
MODULE 2: IT GENERAL CONTROLS REVIEW
PART 1: Technology Risk Model
PART 2: IT Security Frameworks
PART 3: Definition of General Controls
PART 4: Areas of General Controls

 Data governance (transfer, storage, retention, disposal)
 User access management
 Privilege access management
 Remote access
Page 39 of 106
 End user controls
 Encryption
 Network security
 Physical and environmental security
 Human security
 Incident management
 Change management
 Business continuity and disaster recovery
 Third party management
 IT project management
 Post implementation review
MODULE 3: IT APPLICATION CONTROLS REVIEW
PART 1: Definition of Application Controls
PART 2: Types of Application Controls
PART 3: Application Controls Risk Assessment

 Data classification
 Authentication
 Authorization
 Encryption
 Auditing and logging
 Error handling
 Session management
MODULE 4: DATA PRIVACY
PART 1: Data Privacy Act
PART 2: Data Privacy Risk Assessment

 Transparency
 Legitimate purpose
 Proportionality
 Collection
 Use and disclosure
 Data quality
 Data security
 Organizational security
Page 40 of 106
 Physical security
 Technical security
 Disposal
 Cross border data flow
Summary and Wrap up
REGISTRATION

button for the seminar on IT Auditing Fundamentals. You will be directed to an
https://docs.google.com/forms/d/e/1FAIpQLScR1YZV_oWolGJePg6uDr7PKuGhVG6I_
wnF8rACgZx4uESagQ/viewform
phone).
• Regular Rate - Php 9,408.00 inclusive of VAT.

Page 41 of 106
also accepted.
• Access to the google drive for viewing of materials and session notes
• Delivery Mode:
• 8:00 am to 12:00 noon per session
Page 42 of 106
FRAUD AUDIT FUNDAMENTALS
COURSE DETAILS

Time: 8:00 am to 12:00 noon per session day
Competency: Governance, Risk and Control; Ethics; Internal Audit Delivery
Position Level: Internal Auditors, Risk and Compliance Officers, Finance and Accounting,
Operating Management and Other Personnel Handling Control Responsibilities
COURSE DESCRIPTION
This seminar will equip the participants with the foundational knowledge of the different
aspects of fraud auditing. Participants will learn about fraud awareness, fraud responsibilities,
fraud risk assessment, fraud prevention and detection program and fraud investigation. At
the end of the seminar, the participants are expected to have the capability to incorporate
fraud auditing into their audit process and contribute to improving the risk and control
environment in their organization.
Module 1
Fraud Awareness
 Fraud definition and elements
 Why IA fails to detect fraud
 Why fraud occurs
 Types of fraud
 Common fraud schemes
Modules 2 & 3
Fraud Responsibilities
 Fraud risk governance
 Roles and responsibilities for fraud risk governance
 Internal audit responsibilities during an audit engagement
Page 43 of 106
Module 4
Fraud Risk Assessment

 Types of fraud risk assessment
 Conducting enterprise-wide fraud risk assessment
 Conducting process-level fraud risk assessment
Module 5
Fraud Prevention and Detection

 Common fraud prevention measures
 Common fraud detection techniques
Module 6
Fraud Investigation
 Composition of the investigation team
 Typical fraud investigation process
 Policies, procedures and guidelines
 Tools and techniques
Module 7
Forming an Opinion
 Types of audit opinion
REGISTRATION

button for the seminar on Fraud Audit Fundamentals. You will be directed to an
https://docs.google.com/forms/d/e/1FAIpQLSfPWMTqHNee-
R7JOQ7vIYfPYD7vIdgSebEXgoFxQKZ8n72txg/viewform
Page 44 of 106
phone).

• For GCash transfer, payee: Ciasp; account number: 1621007072
also accepted.
• Access to the google drive for viewing of materials and session notes
• Delivery Mode:
• 8:00 am to 12:00 noon per session day
Page 45 of 106
COMPUTER ASSISTED AUDITING
TECHNIQUES (CAATs) &
DATA ANALYTICS USING EXCEL
COURSE DETAILS
Schedule: December 9, 10, 11, 12 and 13, 2024

Competency: Critical Thinking, Internal Audit Delivery
Position Level: Internal Auditors; Accounting and Finance Personnel, Operations Personnel,
or any Staff who regularly uses Excel for data processing and analysis
EMINAR OBJECTIVES
COURSE DESCRIPTION
This course will teach you how to accelerate your financial, accounting, operations and audit
process over 10 times faster using simple and innovative functions in Excel. This is the first
part of Excel seminar series that will take your financial, accounting and audit process into
another level. Learn the basic tricks to better performance.
This pioneering program has been developed by Allan Palacio, who is a master in computer
assisted accounting and auditing techniques (CAATs) using Excel, Tableu, ACL and IDEA. This
highly acclaimed program has been conducted in Vietnam, Cambodia and the Philippines
where hundreds of financial executives and audit practitioners have benefited from it.
TOPIC OUTLINE
CAATs Phases
I. Planning your project
II. Acquiring the data
III. Accessing the data
IV. Verifying the integrity of data
V. Analyzing the data
VI. Reporting your findings
Page 46 of 106
CASES
Accelerating Upload of Data

The objective of this case is to demonstrate how we can accelerate and cleanse errors in data
format.
Validating Data
The objective of this case is to demonstrate how to validate data by looking at the transaction
totals, duplicate and missing transactions.
Manipulating data
The objective of this case is to demonstrate how to manipulate dates by slicing and
combining certain components.
Manipulating data I Alpha 1
The objective of this case is to demonstrate how to manipulate alpha characters (“text”) by
slicing and combining certain components.
writing it right.
Normalizing data
The objective of this case is to normalize data so they can be easily understood by ordinary
readers.
Cleansing data
The objective of this case is to master the art of creating the desirable flat file format.
Accelerating reports
The objective of this case is to demonstrate how you can further accelerate completing your
regular reports.
Creating amazing visuals 1
The objective of this case is to demonstrate ways how to create amazing visual presentations
that will be very useful for decision makers.
Presenting to win
The objective of this case is to practice the art of preparing good visual presentations, with
emphasis on the target audience of the presentation. This will test the participant's mastery of
the key learning from this workshop.
The objective of this case is to demonstrate ways on how to quickly prepare impressive charts.
Consolidating data
The objective of the case is to be able to consolidate multiple sheets into desirable data
format.
Page 47 of 106
10 Excel Functions to Accelerate Your CAATs
1. Navigating Advance Excel

2. GET EXTERNAL DATA and MACRO function
3. TEXT TO COLUMN and TEXT functions
4. AGING, CLUSTERING and STRATIFICATION functions
5. FIND, MID, LEN, LEFT, RIGHT, CONCATENATE and & functions
6. DEFINE NAME function
7. LOOKUP, MATCH, INDEX functions
8. Creating, rearranging and formatting PIVOT TABLES
9. SLICER function
10. PIVOT CHART, CONDITIONAL FORMATTING, INSERT OBJECT functions
Participants will bring samples of their financial, accounting and audit data/reports so that the
case studies and exercises can be customized.
REGISTRATION

button for the seminar on CAATs and Data Analytics Using Excel. You will be
https://docs.google.com/forms/d/e/1FAIpQLScUhk6ew2Lu0d3NAYWWkfWSExpOpW
CgxbowYeW-_ZJSaQRWKg/viewform
phone).

Page 48 of 106
also accepted.
• Link/access to the google drive for the seminar materials
• Delivery Mode:
• Webinar through Zoom
• Computer Requirements:
• Webinar participants should use laptop or desktop computers (not mobile
phones) loaded with MS Excel 2010 or higher version
• Allan A. Palacio; Vice-President, CIASP
Page 49 of 106
AUDIT SAMPLING and
ROOT CAUSE ANALYSIS
COURSE DETAILS
Schedule: November 9, 16 and 23, 2024

Duration: Three half-day sessions
Competency: Internal Audit Delivery, Critical Thinking, Business Acumen
Position Level: Internal Auditors, Quality Auditors, Finance and Accounting Personnel, Risk
and Compliance Officers, Process Owners, and Other Personnel Handling Control and
Oversight Responsibilities
COURSE OBJECTIVES
• Determine importance of sampling and root cause analysis in producing quality

results;
• Determine the appropriate sampling approach and methodology;
• Determine various root cause analysis tools;
• Integrate information to provide value-adding audit findings and conclusions; and
• Apply tools and lessons learned when going back to their respective organizations.
COURSE OUTLINE
Module 1 – Internal Auditing Overview

• Internal Auditing Framework
• Applicable Standards and Guidance
• The Audit Engagement Cycle (Planning, Performing, Reporting, Monitoring)
Module 2 – Engagement Planning

• Preliminary Survey and Risk Assessment
• Engagement Work Program
• Audit Objectives
Page 50 of 106
• Audit Scope
• Test Scripts and Procedures
• Developing the Sampling Plan and Methodology
• Determining When Sampling is Appropriate and Efficient to Meet Audit
Objectives
• Sampling Methods
• Statistical
• Non-Statistical
• Types of Risks (sampling risk and non-sampling risk)
• Statistical Sampling Decisions
• Sampling Operations
• Sample Design (sample size, precision, confidence level)
• Sample Selection Procedures
• Estimation Procedures
• Attribute Sampling
• Variable Sampling
• Other Sampling Methods
Module 3 – Performing the Engagement

• Collecting Audit Evidence
• Sufficient, Useful, Relevant and Reliable
• Analyses and Evaluation
• Elements of an Audit Finding (‘Five C’s’)
• Criteria
o Validate Criteria as Stated in Engagement Plan
• Condition
o Analyze and Evaluate Sampling Results and Other Data
• Consequence or Effect
o Financial, Operational, Reputational, Physical, Environmental, etc.
o Use of a Risk and Control Framework
• Cause
• Root Cause Analysis (RCA) Basics
• Three Steps for Resolution
• Seven Basic Tools for RCA
1. Ishikawa Diagrams
2. Check Sheet
3. Control Chart
4. Histogram
5. Pareto Chart
6. Scatter Diagram
Page 51 of 106
7. Stratification
• Corrective Action or Recommendation
• Properly Address the Root Cause
• Reasonable Assurance
Workshop and Case Study
REGISTRATION

button for the seminar on Audit Sampling and Root Cause Analysis. You will be
https://docs.google.com/forms/d/e/1FAIpQLSenegp-
wOck5bLArsXKkEB5XxBKIsotqZ3qAIIuo-pGNRJd7Q/viewform
phone).

Page 52 of 106
• Templates, worksheets, references and other reading materials
• Post-webinar consultation with the resource speaker, as applicable
• Delivery Mode:
• Online training through Zoom
• Eric P. Ebro
• Other resource speakers, as applicable
• Time Schedule for the Online Training Sessions
Page 53 of 106
AUDIT 101: INTERNAL AUDITING FOR
NON-AUDITORS
COURSE DETAILS
Schedule: December 2, 3, 4, 5 and 6, 2024

Knowledge Level: Basic
Competency: Internal Audit Delivery; International Professional Practices Framework
Position Level: Non-audit personnel who are interested to understand the internal audit
process.
Fee: Php 9,408.00 per participant, inclusive of VAT
EMINAR OBJECTIVES
COURSE DESCRIPTION AND OBJECTIVE
This program will provide a basic yet comprehensive view of the internal auditing process. It
is ideal and applicable for non-auditors such as management executives, process owners or
any personnel or unit that is subject to an internal audit. The program aims to answer the
common questions asked of internal auditors and their work.
The program is delivered through facilitated lecture, case studies and hands-on exercises. It is
expected that participants will have a good grasp of the audit process and techniques. This
will enable better understanding and cooperation between auditors and audit clients.
COURSE OUTLINE
Module 1: Internal Auditing Concepts

Common questions:
• What is internal auditing?
• What are the benefits of internal auditing?
• What are the common perceptions (or misconceptions) of internal auditors?
• What is really the work of an internal auditor?
• How does internal auditing bring value to the organization?
Page 54 of 106
Module 2: Understanding Internal Control: The Three Lines of Defense Framework
Common questions:
• Who is responsible for internal control?
• What is the difference between an internal auditor and an external auditor?
• What is the difference between an internal auditor and an internal quality auditor
under ISO? Why is the internal auditor also the ISO auditor?
• Why am I being audited by different auditors (e.g. internal auditor, external auditor,
ISO auditor, compliance officer, regulator, safety auditor, risk officer, etc.)?
• What is ‘audit fatigue’? Can’t these audit groups coordinate their work?
Module 3: The Internal Audit Purpose, Authority and Responsibility

Common questions:
• What are the international and local standards that govern the auditors?
• What is an Internal Audit Charter? Does every organization need one?
• What is the proper functional and administrative reporting line of the internal audit
department?
• Can the auditor have the right to freely access our information, property, facilities
and personnel? What about our concerns on confidentiality and accountability?
• What is meant by ‘independence and objectivity’ of an internal auditor?
• Should an auditor be doing ‘pre-audit’ of transactions (e.g. review of
disbursements, review of payroll, inspection of delivered goods and services)?
• What are the situations where auditor objectivity is presumed to be impaired?
Module 4: The Internal Auditor Staff Profile

Common questions:
• What are the qualifications to become an internal auditor?
• What are the skills and qualities expected of a Chief Audit Executive (Head of
Internal Audit)?
• What is the Certified Internal Auditor (CIA) and how does one get it?
• Do you need to be an accountant/CPA to be an internal auditor?
• Can the auditor adequately review my process even if he is not a ‘technical expert’
or ‘subject matter expert’?
• What is the role of the ‘outsourced’ internal auditor, guest auditor, or consultant?
Page 55 of 106
Module 5: The Risk Based Audit Plan
Common questions:
• How do auditors select the areas they want to audit?
• Why are some units audited more frequently than others?
• What is the risk-based audit plan?
• Do auditors have to consult management and process owners in developing the
risk-based plan?
• How do auditors conduct the risk assessment process to determine the priority
audit engagements?
• What are the consulting engagements or services that auditors can provide? How
can my unit benefit from it?
• What are the various types of audit and how do they differ (e.g. process audit,
performance audit, compliance audit, financial audit, due diligence, etc.)
• What is meant by a ‘special audit’ or fraud audit or investigation?
• What is the scope and output of an IT audit?
Module 6: Planning the Engagement

Common questions:
• What are the components of a good audit engagement plan?
• What do auditors discuss in an entrance meeting and how do we prepare for it?
• How long does an audit engagement usually take?
• What are the various documents requested by auditors? What is the purpose for
requesting them (e.g. flowcharts, policies and procedures manual, budgets,
reports)?
• Do auditors test all transactions or only a sample size? How do they select the
samples?
• What are the common tools used by auditors to gather data? How do we prepare
and respond to them (e.g. interview, observation, walkthrough, internal control
checklist, survey, analytical review)?
• What is a risk and control matrix?
• What is an audit rating system? How are we going to be rated on the adequacy
and effectiveness of risk management and control?
Page 56 of 106
Module 7: Performing the Engagement
Common questions:
• What are the qualities of good audit evidence?
• What are our responsibilities when the auditor is conducting fieldwork and
gathering audit evidence?
• What are the key elements of an audit finding or observation?
• Should we be given advance copy of the findings and observations before these are
reported in an exit meeting?
• What is the proper way to handle disagreements in audit findings?
• What does an auditor do when he finds ‘red flags’ or indicators of fraud?
Module 8: Communicating Results

Common questions:
• What is interim reporting?
• What is discussed in an exit meeting and how do we prepare for it?
• What are the qualities of good audit communication?
• What should be contained in an executive summary? How about the detailed audit
reports?
• How should we properly give our responses to the audit report? How does the
auditor treat and consider them?
• How do we assess if it is a value-adding recommendation?
• What is an overall opinion or conclusion?
Module 9: Monitoring Progress

Common questions:
• How do auditors conduct follow-up work?
• What is our responsibility in the implementation of audit recommendations and
agreed actions (i.e. adequacy, effectiveness and timeliness)?
• What happens if we do not implement the recommendations? What is risk
acceptance and its impact to the organization?
• How do auditors report on the status of implementation of agreed actions to the
top management and audit committee?
Page 57 of 106
Module 10: Quality Assurance
Common questions:
• Who audits the auditors?
• How can we give feedback on the performance of the auditors?
• What are the internal and external quality assurance activities done by auditors?
How does this improve the audit process and enable compliance to the standards?
Module 11: Marketing the Internal Audit Function

• How can we know more about internal auditing?
• What are the ways to improve the partnership between auditors and audit clients?
REGISTRATION

button for the seminar on Audit 101: Internal Auditing for Non-Auditors. You will
be directed to an online Google form. Please fill in your details on the form and click
https://docs.google.com/forms/d/e/1FAIpQLSfGYb2K4w6q6K3eqKoQi8m_3Y1LqJgd
mH3tCJJYAioh4RuWAg/viewform
phone).

online funds transfer (e.g. PesoNet, GCash, PayMaya, InstaPay, bank wire transfer, etc.).
Page 58 of 106
also accepted.
could confirm receipt and provide the relevant seminar details and procedures
• Templates, sample workpapers, worksheets, references and other reading
materials
• Post-webinar consultation with the resource speaker, as applicable
• Delivery Mode:
• 8:30 am to 12:00 noon per session
Page 59 of 106
APPLYING CAATs
(Computer Assisted Auditing and Accounting Techniques Using Excel)
IN FINANCIAL REPORTING
COURSE DETAILS
Schedule: August 5, 6, 7, 8 and 9, 2024

Position Level: Internal Auditors; Accounting and Finance Personnel, Operations Personnel,
or any Staff who regularly uses Excel for data processing and analysis
EMINAR OBJECTIVES
COURSE DESCRIPTION
This course will teach you how to accelerate your financial, accounting, operations and audit
process over 10 times faster using simple and innovative functions in Excel.
Gain great savings on time and cost by letting your data do the talking. With simple
techniques in Excel, you can quickly identify areas of interest and help your team become
more effective in conducting accounting, audit and fraud examination. You will also be
guided on how to access, validate, manipulate, and analyze voluminous transactions.
You will learn to how to solve your difficulty in completing your financial reports on time.
With this advantage, you can spend more time in analyzing these reports and providing
valuable advice to management
The workshop also includes introductory session on Tableau, one of the leading third-party
data analytics and business intelligence software
TOPIC OUTLINE
CAATs Phases
VII. Planning your project
VIII. Acquiring the data
IX. Accessing the data
X. Verifying the integrity of data
Page 60 of 106
XI. Analyzing the data
XII. Reporting your findings
CASES
PART 1: FUNDAMENTALS OF CAATS USING EXCEL
Accelerating Upload of Data

The objective of this case is to demonstrate how we can accelerate and cleanse errors in data
format.
Validating Data
The objective of this case is to demonstrate how to validate data by looking at the transaction
totals, duplicate and missing transactions.
Manipulating data
The objective of this case is to demonstrate how to manipulate dates by slicing and
combining certain components.
slicing and combining certain components.
writing it right.
Normalizing data
The objective of this case is to normalize data so they can be easily understood by ordinary
readers.
Cleansing data
The objective of this case is to master the art of creating the desirable flat file format.
Accelerating reports
The objective of this case is to demonstrate how you can further accelerate completing your
regular reports.
The objective of this case is to demonstrate ways how to create amazing visual presentations
that will be very useful for decision makers.
Presenting to win
The objective of this case is to practice the art of preparing good visual presentations, with
emphasis on the target audience of the presentation. This will test the participant's mastery of
the key learning from this workshop.
The objective of this case is to demonstrate ways on how to quickly prepare impressive charts.
Page 61 of 106
Consolidating data
The objective of the case is to be able to consolidate multiple sheets into desirable data
format.
PART 2: ACCELERATED FINANCIAL REPORTING USING EXCEL
Session 2.1: Recording transactions

The objective of this session is to help you master the preparation of key accounting records
(i.e. sales and collection, purchases and disbursements) that readily tally with certain
regulatory reports (i.e. VAT, Withholding Tax).
CASE 1: The art of recording transactions
Session 2.2: Preparing ledgers and trial balance
The objective of this session is to help you master the preparation of general and subsidiary
ledgers, including trial balance, from the key accounting records (i.e. sales, collections,
purchases and disbursements).
CASE 2: The art of summarizing transactions
Session 2.3: Preparing basic financial reports
The objective of this session is to help you master the preparation of balance sheet, income
statement & statement of cash flows.
CASE 3: The art of reporting transactions
Session 2.4: Preparing value-added reports
The objective of this session is to help you master the preparation of charts and other visual
presentations to help drive the decision-making process of the organization
CASE 4: The art of creating value-added information
CASE 5: The art of working in the cloud
10 Excel Functions to Accelerate Your CAATs
11. Navigating Advance Excel

12. GET EXTERNAL DATA and MACRO function
13. TEXT TO COLUMN and TEXT functions
14. AGING, CLUSTERING and STRATIFICATION functions
15. FIND, MID, LEN, LEFT, RIGHT, CONCATENATE and & functions
16. DEFINE NAME function
17. LOOKUP, MATCH, INDEX functions
18. Creating, rearranging and formatting PIVOT TABLES
19. SLICER function
20. PIVOT CHART, CONDITIONAL FORMATTING, INSERT OBJECT functions
Page 62 of 106
REGISTRATION

button for the seminar on Applying CAATs in Financial Reporting. You will be
Or click here to register
https://docs.google.com/forms/d/e/1FAIpQLSfJITVM_EqALHiTgxAOnul9O9e4QmiTrc
Qx1eHvkyd4jzPzxA/viewform
phone).

also accepted.
Page 63 of 106
• Delivery Mode:
Page 64 of 106
APPLYING CAATs
IN REVENUE TO COLLECTION
COURSE DETAILS
Schedule: August 12, 13, 14, 15 and 16, 2024

Position Level: Internal Auditors, Sales Personnel, Revenue Accounting Staff, Billing and
Collection Personnel, Operations Personnel, or any Staff who regularly uses Excel for data
processing and analysis
EMINAR OBJECTIVES
COURSE DESCRIPTION
This course will teach you how to accelerate your financial, accounting, sales, operations and
audit process over 10 times faster using simple and innovative functions in Excel.
This innovative program will help you solve your difficulty in managing your sales force and
revenue-to-collection process. Participants will have more time in analyzing and auditing the
performance of its sales personnel and its revenue and collection reports, thus providing
more valuable advice to management.
At the end of the seminar, participants will be able to apply the techniques in Excel to make
their review and processing of sales force, revenue, collections and receivables data more
efficient and fun. Cut several days' work into hours and gain more value-added time in
helping management successfully run the organization.
This program is ideal for internal auditors, sales personnel, revenue accountants, accounts
receivable, billing and collection personnel, or anyone who works on Excel.
COURSE OUTLINE
I. Sales force management

a. Sales force planning
b. Performance monitoring
Page 65 of 106
II. Revenue to collection process
a. Pre-assessment of prospective customers
b. Contract management
c. Service/product delivery
d. Billing or invoicing
e. Collections
f. Receivables management
g. Preparing management reports
i. Analysis by customer (name or location)
ii. Analysis by sales representative
iii. Analysis by product
EXCEL FUNCTIONS COVERED
1. Accessing Validating data

a. Get external data
b. Pivot table (total, duplicates & gaps)
2. Manipulating data
b. Text functions
c. Name manager
d. Vlookup
e. Pivot table
f. Len, left, mid, right, trim
g. Proper, upper, lower
h. Text to column
i. If (and/or)
3. Managing and consolidating multiple worksheets
a. Data grouping
b. Power of equals
4. Managing worksheets and data entry
a. Data validation
b. Protecting cells
c. Hiding formula and tabs
5. Creating amazing visualization
a. Pivot chart
b. Conditional formatting
c. Insert object
Page 66 of 106
d. Custom built charts
REGISTRATION

button for the seminar on Applying CAATs in Revenue to Collection. You will be
Or click this link to register:
https://docs.google.com/forms/d/e/1FAIpQLScM6aBUokqlHbBQrWF4LG5IrmktwaSW
1oomOkqnsLqHgO2qEQ/viewform
phone).

Page 67 of 106
also accepted.
• Delivery Mode:
Page 68 of 106
INTERNAL AUDIT AND FINANCIAL CONTROLS
for Donor-funded Projects
(applicable to NGOs, CSOs and agencies receiving grants and donations)
COURSE DETAILS
Schedule: September 9, 10, 11, 12 and 13, 2024

Competency: Governance, Risk and Control; Internal Audit Delivery; Critical Thinking
Position Level: Internal Auditors, Project Officers, Finance and Accounting Personnel, Audit
Committee members, Operating and Executive Management
Fee: Php 9,408.00 inclusive of VAT
COURSE DESCRIPTION
Participants will learn the basics of financial controls, the importance of maintaining a good
risk management process and the elements of good governance as applied to projects and
programs. It will help the participants perform a compliance audit consistent with the
requirements of local and foreign donors, government agencies, and international funding
and grant-making institutions.
Participants will learn the best practices in managing the financial and program aspects of
donor funded projects. This will help the organization strengthen its controls and be well
equipped to meet donor requirements. This will result to effective management of financial,
operational, and reputational risks.
COURSE OUTLINE
I. Role of Internal Audit and Risk Management

• Understanding the importance of your internal audit
• The benefits of maintaining a good risk management and internal control system
• How the audit process can strengthen your organization
• Discussion of common findings and issues
Page 69 of 106
II. Risk Based Audit
• COSO Framework
• Assessment of risk
• Types of control testing
III. Allowable Costs and Activities

• Disallowed or questioned costs
• Shared program costs
• Indirect costs
• Large transfer
• Discussion of common audit issues. Examples:
o Inconsistent or undocumented basis of cost allocation
o Deficient budget-to-actual cost monitoring
o Lack of allocation of proposal development costs and effort reporting
o Deficient payroll process
o Inadequate segregation of duties
o Unusual large transfers
IV. Period of Availability

• Control areas
o Before the grant period
o During the grant period
o After the grant period
o Expenses outside the grant period
o Liquidation (payment) beyond the allowed terms
V. Cash Management
• Nature of transactions
o Cash planning
o Cash receipts
o Cash disbursements
• Drawdowns
• Sub-recipient advances
• Bank reconciliation
o Inadequate review and support for sub-recipient advances and liquidations
o Opportunity cost of having unreasonably low interest and/or advances in
excess of cash needs
Page 70 of 106
o Deficient control over wire transfer and disbursements
o Deficient control over cash count and bank reconciliation procedures
VI. Reporting
• Financial
• Program
o Output based
o Outcome based
o Absence of program reporting framework
o Inadequate maintenance of reporting system and supporting documents
o Inaccurate and untimely reporting
o Absence of policies and procedures
VII. Eligibility
• Primary recipients
• Secondary recipients
o Inaccurate and undocumented beneficiary records
o Inappropriate beneficiaries
o Inaccurate calculation of amounts provided to beneficiaries
o Unreasonable costs provided to beneficiaries
VIII. Procurement
• Key control areas for procurement
o Ineffective procurement planning
o Deficient accreditation of vendors
o Improper maintenance of vendor list
o Inadequate validation of vendor performance
o Deficient procurement process
o Ineffective procurement system
o Non-compliance with anti-terrorism policy
o Inadequate segregation of procurement duties
o Lack of sole source justification
IX. Program Income

• Control areas per type
o Fees for services performed
o Use or rental of real or personal property
Page 71 of 106
o Sale of commodities or fabricated items
o Payments of principal and interest and loans
o Inaccurate assessment and reporting of income
o Inappropriate use of income
o Absence of policies and procedures
X. Equipment & Commodity

• Control areas
o Inadequate control of use and disposal of equipment
o Absence of regular count and reconciliation
o Inaccurate property records
o Loss from disposal of equipment
o Inadequate monitoring of fuel consumption
XI. Sub-recipient Monitoring

• Pre-award assessment
• Award
• Implementation
• On-going monitoring
• Project close-out
o Lack of policy and procedures in sub-recipient monitoring
o Deficient pre-award assessment
o Deficient sub-recipient agreements
o Inadequate sub-recipient monitoring activities and systems
XII. Matching or Level of Effort

• By type of match
o Monetary
o Non-monetary
o Inaccurate valuation of match funds
o Inappropriate source of match funds
o Inadequate assessment of match funds
XIII. Special Provisions

• Control areas
Page 72 of 106
o Non-compliance with anti-discrimination and disability policy
o Inadequate monitoring of taxes and refunds
o Absence of required markings and acknowledgements
o Inadequate special provisions in the sub-grant agreement
REGISTRATION

button for the seminar on Internal Audit and Financial Controls for Projects
Funded by Grants and Donations. You will be directed to an online Google form.
Please fill in your details on the form and click ‘Submit.’ We will acknowledge your
registration as soon as practicable.
https://docs.google.com/forms/d/e/1FAIpQLSdYjImBoQ0MiqX3aTOthuakCCm1XEf45
S-Ycp-_MdMrWxmDYg/viewform
details (full name, organization, designation, email address, office and mobile
phone).

online funds transfer (e.g. PesoNet, GCash, Maya, InstaPay, bank wire transfer, LDDAP,
• For GCash transfer – bank: BPI; payee: Ciasp; Account number: 1621007072
Page 73 of 106
also accepted.
• Access to the google drive for the seminar materials
• Worksheets, references, and other reading materials
• Delivery Mode:
• Alejandro “Allan” A. Palacio
Page 74 of 106
APPLYING CAATs
IN INVENTORY COUNT AND RECONCILIATION
COURSE DETAILS

Position Level: Internal Auditors; Accounting and Finance Personnel, IT Personnel,
Warehouse and Operations Personnel, or any staff handing Inventory Management and
Supply Chain responsibilities
EMINAR OBJECTIVES
COURSE DESCRIPTION
The participants will learn the essentials on what it takes to successfully audit, assess and
complete an inventory count and reconciliation activity.
As part of group activity, simulated cases will reinforce the participants’ understanding of the
process by discussing, deliberating and finding consensus on issues and matters critical to the
success of the inventory count activity. This will prepare the participants for their next count
and avoid the common pitfalls and problems encountered during the count and
reconciliation process.
It will also discuss the key elements of the inventory count instruction covering the
procedures, forms and responsibilities that need to be observed during the actual count and
reconciliation procedures.
Cases covered by the seminar include the use of manual count procedures and partially
automated process using bar gun technology. The seminar does not include RFID enabled
solutions.
Page 75 of 106
COURSE OUTLINE
I. Fundamentals
a. Composition of the count team
b. Roles and responsibilities
c. Principles and leading practices
d. Audit findings and experiences during count
II. Scope of the inventory count activity

a. Type (i.e. cycle count, annual count)
b. Manner (i.e. manual or with the use of bar gun)
III. The inventory count instruction

a. Procedures
b. Forms
c. Flowchart
IV. Processes of the inventory count activity

a. Planning the activity
b. Pre-count activities
c. Conducting the actual inventory count
d. Summarization of the results of count
e. Reconciliation of variances
f. Book-to-physical adjustments
CAATS USING EXCEL – FUNCTIONS COVERED

b. Pivot table (total, duplicates & gaps)
b. Text functions
c. Name manager
d. Vlookup
e. Pivot table
Page 76 of 106
h. Text to column
i. If (and/or)
a. Data grouping
b. Power of equals
a. Data validation
b. Protecting cells
a. Pivot chart
c. Insert object
REGISTRATION

button for the seminar on Applying CAATs in Inventory Count and
Reconciliation. You will be directed to an online Google form. Please fill in your
details on the form and click ‘Submit.’ We will acknowledge your registration as
soon as practicable.
Or here to register:
https://docs.google.com/forms/d/e/1FAIpQLSe91lslgT-cjlR7nSD9tN-tBT-B-aoHubv-
oxhubHH41UObQA/viewform
phone).
Page 77 of 106

also accepted.
• Delivery Mode:
Page 78 of 106
AUDIT OF PROCUREMENT AND PAYABLES
COURSE DETAILS
Schedule: September 21, 28; October 5 and 12, 2024

Duration: Four half-day sessions
Competency: Critical Thinking, Internal Audit Delivery, Business Acumen
Position Level: Internal Auditors; Process Owners, Management; Procurement, Payables and
Operations Staff
EMINAR OBJECTIVES
COURSE DESCRIPTION
The end-to-end process of materials and service management within the supply chain
encompasses Planning to Procurement, and all the way to Payment. In today’s business
context, the best practices of integrating and interlinking these functions have become a
company’s potential source of competitive advantage.
Different models have evolved since the development of Materials Requirement Planning all
the way to the more recent Integrated Business Management framework.
This seminar provides the participants with a comprehensive understanding of all the
components of the P2P process. The training will be delivered through lecture, facilitated
sharing of actual experiences, case studies and group discussions to enable the participants to
apply the lessons learned when conducting audit work.
COURSE OUTLINE
I. Materials and Services Planning

• Sales and Operation Planning (S&OP) and the Integrated Business Planning Process
• Materials Requirement Planning
• PR-PO process (Purchase Requisition to Purchase Order)
II. Planning to Procurement to Payment Process

• Procurement and Sourcing Strategy as Enabler of Company Strategy
• Planning to Procurement to Payment Design
• “7-Steps Procurement Process”
Page 79 of 106
• Costs and Risk Reduction
• Organizational Design Options and Talent Management
• Knowledge Management in the Procurement Function
III. The Sourcing Process
IV. Vendor Master Data and Supplier Management

• Vendor Accounts, Details and Performance
V. Procurement Execution and Control

• Purchase Requisition and Purchase Order
VI. Payables
• Invoice Processing, Monitoring, Adjustments and Recording
• Accounts Payable Account Overview
VII. Ensuring Quality and Innovation

• Scorecard and Metrics; Benchmarking and Best Practices
• The Impact of Technology
• Fraud Prevention
VIII.Implementing the Procurement and Payables Audit

• Planning and Conducting the Audit
• Reporting Results
• Case Study and Group Discussion
Page 80 of 106
REGISTRATION

button for the seminar on Audit of Procurement and Payables. You will be directed
to an online Google form. Please fill in your details on the form and click ‘Submit.’
We will acknowledge your registration as soon as practicable.
https://docs.google.com/forms/d/e/1FAIpQLScPikn3En1rTh0iCbuW6CCWsevMRFju8-
Dj_9Zijwvd7Gyayw/viewform
phone).

• For Gcash transfer, payee: Ciasp; account number: 1621007072; bank: BPI
also accepted.
Page 81 of 106
• Copy of presentation slides in pdf
• Post-webinar consultation with the resource speaker(s) as applicable
• Delivery Mode:
• Eric Emmanuel P. Ebro
• Other resource speakers, as applicable
• Time Schedule for the Training Sessions
Page 82 of 106
APPLYING CAATs
IN PAYROLL
COURSE DETAILS

Position Level: Internal Auditors, Human Resource and Payroll Personnel, Accounting and
Budget Personnel, or any Staff who regularly uses Excel for data processing and analysis
EMINAR OBJECTIVES
COURSE DESCRIPTION
This innovative program will help solve your difficulty in completing your human resources
management activities and payroll processes on time. Participants will have more in time
analyzing and auditing the performance of its personnel and its payroll reports, thus
providing more valuable advice to management.
At the end of the program, participants will be able to apply the techniques in Excel to make
their review and processing of HR and payroll data more efficient and fun. Cut several days'
work into hours and gain more value-added time in helping management successfully run the
organization.
This program is ideal for internal auditors, HR personnel, accountants or anyone who works
on Excel
COURSE OUTLINE
III. Human resources management

a. Manpower planning
b. Performance monitoring
IV. Payroll processing
a. Attendance based compensation and benefits
b. Managing leaves and other credits
Page 83 of 106
c. Managing loans and other deductions
d. Managing other compensation and benefits
e. Preparing monthly payroll
f. Preparing mandatory reports (Alphalist)
g. Preparing management reports
i. Analysis by department (profit or cost centers)
ii. Analysis by salary grade level
iii. Analysis by other criteria
h. Managing payroll costing
EXCEL FUNCTIONS COVERED

b. Pivot table (total, duplicates and gaps)
b. Text functions
c. Name manager
d. Vlookup
e. Pivot table
h. Text to column
i. If (and/or)
a. Data grouping
b. Power of equals
a. Data validation
b. Protecting cells
a. Pivot chart
c. Insert object
Page 84 of 106
REGISTRATION

button for the seminar on Applying CAATs in Payroll. You will be directed to an
https://docs.google.com/forms/d/e/1FAIpQLScQ3Zg6N2yFY5oennA0noHkqwODhr4
qrVDaHYmnkCjM5WcPkA/viewform
phone).

also accepted.
Page 85 of 106
• Delivery Mode:
Page 86 of 106
AUDIT RATING SYSTEM
COURSE DETAILS

Competency: Governance, Risk and Control; Internal Audit Delivery
Position Level: Internal Auditors (Chief Audit Executive / Head of Internal Audit, Supervisor,
Senior Staff), Process Owners, and Other Personnel Handling Control Responsibilities
Seminar Fee: Php 9,408.00 per participant
SEMINAR OBJECTIVES
• Understand the principles of governance, risk management and control as it applies to

the audit rating system;
• Develop ways to build an audit rating system that is responsive to the needs of the
organization;
• Apply the audit rating system when assessing the adequacy and effectiveness of
controls in responding to risks to the objectives
• Apply the lessons learned to improve work performance and deliver added value
COURSE OUTLINE
Module 1 – Establishing the Need for an Audit Opinion

• Consider expectations of:
• Board / Head of Agency / Local Chief Executive
• Senior management
• Other stakeholders
Module 2 – Principles in Formulating Audit Opinion

• Assessment of adequacy and effectiveness of governance, risk management and
control processes
• Principles of adequate control design (or design effectiveness)
• Principles of effective implementation (or operating effectiveness)
Page 87 of 106
• Considerations in establishing suitable criteria for audit opinion
• A clear definition of internal control adopted by the organization (e.g., COSO)
• Management’s understanding of what constitutes a satisfactory level of control
• A clear articulation of management of its risk tolerances or appetite, including
materiality thresholds
• Audit rating systems as a means of delivering audit opinion
• Types of assurance
• Positive assurance: types of audit rating systems
• Binary
• Graded
• Directional
• Negative or limited assurance
• Levels of assurance
• Micro (opinion on a specific objective, process, risk, or business unit)
• Macro (overall opinion based on multiple engagements)
Module 3 – Designing the Audit Rating System

• Based on the context of the organization
• Size and structure of the organization
• Complexity of the business
• Maturity level of the enterprise risk management process
• Establishment of risk limits or thresholds
• Reliability of other internal (2nd line of defense) and external assurance providers
• Level and scope of the existing performance management system
• Based on the context of the industry or sector
• Related issuances or guidelines by regulatory bodies for the industry or sector
• Related issuances applicable for government sector (e.g., SPMS - OPCR / DPCR /
IPCR / UPER, HR Prime; GCG Scorecard; PGS Scorecard; ARTA; Citizen’s Charter)
• Based on the context of the internal audit department
• Proficiency in conducting assurance services
• Proficiency in providing consulting services especially if the organization is
deficient in the pre-requisite components for a good audit rating system such as:
• Policies and procedures are not fully documented
• Performance management system, including criteria, is incomplete
Page 88 of 106
• Risk materiality thresholds are not in place
• Resistance to change from the employees and officers
• Internal audit strategic plan components
• Roadmap and baseline maturity level
• QAIP initiatives
• Annual risk-based plan
• Components of the audit universe (how it is sliced)
• Prioritization approach for engagements (i.e., specific risk approach or
risk factor approach)
Module 4 – Implementing the Audit Rating System

• Selective implementation
• Pilot run
• Limited area or scope
• Full implementation
• Full integration in the performance management system
• Common issues encountered in the implementation
Module 5 – Reporting on the Audit Rating System

• Determine and agree on the appropriate form, content and frequency of reporting
• Determine scope and time period covered in the report, including any limitations
• Reporting for Micro Level Opinion
• Scope, timing, relevance and significance of micro-opinion to the big picture
• Ensure consistency when comparing micro opinions of different objectives,
process, risks and business units
• Acknowledging satisfactory performance
• Reporting for Macro Level Opinion
• Aggregation of various individual assessments
• Ensuring adequate coverage of the audit universe and exercise of due
professional care when coming up with the macro opinion
• Consideration of work of other assurance providers (OAP)
• Assurance mapping, if feasible
• Reliance and coordination on the outputs of the OAP
Page 89 of 106
Module 6 – Monitoring Effectiveness of the Audit Rating System
• Regular assessment, review and revision
REGISTRATION

button for the seminar on Audit Rating System. You will be directed to an online
Google form. Please fill in your details on the form and click ‘Submit.’ We will
https://docs.google.com/forms/d/e/1FAIpQLSfrcFxaeSnsUWbwo8XGfayR62KUzLuNm
DtD-GmoSRa_t9OjIg/viewform
phone).

also accepted.
Page 90 of 106
• Templates, sample workpapers, worksheets, references and other reading
materials
• Post-webinar consultation, as appropriate
• Delivery Mode:
• 1:30 pm to 5:00 pm
Page 91 of 106
PREVENTING AND DETECTING PROCUREMENT FRAUD
(Procurement Fraud Audit with Analytics)
COURSE DETAILS

Competency: Governance, Risk and Control; Ethics; Internal Audit Delivery
Position Level: Internal Auditors; Procurement Staff, Bids and Awards Committee members,
Accounting and Finance Personnel, Operations Personnel, Risk and Compliance Officers, and
Management personnel handling control responsibilities over procurement
COURSE OBJECTIVES
At the end of the seminar, the participants will be able to:

• Understand fraud concepts, fraud risks and controls as it relates to the procurement
process
• Learn how to assess or advise management on the establishment of a strong
procurement fraud prevention program
• Learn how to detect common procurement fraud schemes and determine the
appropriate investigation or fraud examination approach
• Apply common data analysis tools to make the fraud audit work more efficient; and
• Provide value adding recommendations to strengthen the overall governance,
transparency, and risk management in the procurement process
EMINAR OBJECTIVES
COURSE OUTLINE
XIII. Basic Fraud Concepts

a. ACFE Fraud Survey
b. Why auditors fail to identify fraud
c. Why fraud occurs in an organization (i.e., Fraud Triangle / Diamond)
XIV. Warning Signs or Red Flags

a. Top 10 – Personal Characteristics (ACFE)
b. Top 10 – Survey of Internal Auditors
c. Top 10 – Survey of External Auditors
Page 92 of 106
XV. Risk Management in the Procurement Process
a. When should I complete a risk management plan?
b. Whose responsibility is it?
c. Principles of managing risk
d. Risk management process
e. Common procurement risk areas
XVI. Fraud Management Program
XVII. Potential Risks in the Procurement Process

a. Identifying the need and planning the purchase
b. Developing the specification
c. Selecting the purchase method
d. Accomplishing the purchasing documentation
e. Inviting, clarifying, and closing offers
f. Evaluating offers
g. Selecting the successful tenderer
h. Conducting negotiations
i. Adopting contract management
j. Evaluating the procurement process
k. Conducting disposals
XVIII. Contract and Procurement Fraud

a. Elements and Phases of a Contract
b. Common Fraud and Detection Techniques in Pre-solicitation Phase
i. Determining needs schemes
ii. Bid specification schemes (e.g., poorly written specifications, vague specifications,
agreement to amend contracts)
c. Common Fraud and Detection Techniques in Solicitation and Negotiation Phase
i. Bid submission scheme
ii. Bid rigging scheme (e.g. bid rotation, bid suppression, complementary bids,
phantom bids)
d. Common Fraud and Detection Techniques in Contract Performance and
Administration Phase
Page 93 of 106
i. Product substitution schemes
ii. Mischarges (e.g. accounting mischarges, material mischarges, labor mischarges)
XIX. Fraud Tools and Investigation Engagements

a. Fraud Tools
b. Fraud Engagements
i. Fraud Agreed-upon Engagements
ii. Fraud Examination
1. Analysis of financial transactions
2. Analysis of physical and electronic evidence (e.g. document analysis, computer
forensics, data analytics)
3. Interview of persons of interest
4. Public document review and background investigation
XX. Applying Data Analysis in Procurement Fraud Examination

a. Sample of Contract and Procurement Analysis
i. Spending analysis
ii. Pattern analysis
iii. Digit analysis
iv. Time analysis
v. Price analysis
b. Case 1: Divide and Conquer
c. Case 2: Vini, Vidi, Vici
REGISTRATION

button for the seminar on Preventing and Detecting Procurement Fraud. You will
be directed to an online Google form. Please fill in your details on the form and click
https://docs.google.com/forms/d/e/1FAIpQLSc8EaMwUocENCEZ8Vo3Tdq5A7-
2z30LyZqZruwH2dISNFiUWw/viewform
phone).
Page 94 of 106

also accepted.
• Delivery Mode:
Page 95 of 106
INTERNAL AUDIT’S ROLE IN THE RISK
MANAGEMENT PROCESS
(with templates, Audit Procedures Guide
and Risk Management Manual)
COURSE DETAILS
Schedule: November 12, 13, 14, 15, 19, 20, 21 and 22, 2024
Duration: Eight half-day sessions
Competency: Governance Risk and Control, Internal Audit Delivery, Business Acumen,
Persuasion and Collaboration
Position Level: Internal Auditors and other personnel handling risk and control
responsibilities
SEMINAR OBJECTIVES
• Understand Internal Audit’s assurance and advisory role in the risk management
process
• Assess the components and dynamics in the establishment and implementation of the
enterprise risk management system
• Provide valuable insights and recommendations to board, senior management, local
chief executives and other stakeholders to improve the, risk management process.
COURSE OUTLINE
INTRODUCTION

• What is the Knowledge Required to Effectively Assess Risk Management?
o Proficiency in internal auditing
o Understanding the risk management process
Page 96 of 106
o Understanding the business or organization
❖ Application/Workshop:
➢ Competency worksheet
➢ Business or organization profile
• What are the Factors that Could Influence the Role of Internal Audit in Risk
Management?
o Expectations of the senior management and the Board, Local Chief Executive, or
Head of Agency, as applicable
o Requirements under the International Professional Practices Framework (IPPF) /
Global Internal Audit Standards or other authoritative guidance (e.g., for the
public sector)
o Maturity level of the organization
❖ Application/Workshop:
➢ Stakeholder expectations worksheet
➢ IPPF - QAIP assessment worksheet
➢ Maturity level worksheet
• What are the Two Types of Internal Audit Services Applicable for Risk Management?
1. Assurance services
o Assessment approaches
A. Separate engagement or evaluation of the risk management system
o Using ISO 31000 framework
o Key Principles Approach
o Process Elements Approach
o Maturity Model Approach
o Using COSO ERM framework
o Assess if the components, principles, and controls are present,
functioning and operating together
o Other frameworks, as applicable
B. Evaluation derived from the results of multiple individual engagements
conducted under the risk-based annual audit plan
2. Consulting or advisory services
o Informal, or limited scope, or for certain ERM components only
o Formal or full scope
• Considerations in Providing Assurance and Consultancy Services
Page 97 of 106
o Allowable roles; Allowable roles but with caution or safeguards
o Prohibited roles
THE ENTERPRISE RISK MANAGEMENT SYSTEM and

INTERNAL AUDIT’S ROLE IN PROVIDING ASSURANCE AND ADVISORY SERVICES
MODULE 1: ERM Process, Framework and Structure
• ERM Process
o Structured and integrated process
o Appropriate documentation
o Defined scope
• ERM Framework
o Clear and well-organized framework
o Suited to the needs and context of the organization
o Sample frameworks:
o COSO ERM 2017
o ISO 31000: 2018
o Hybrid and customized framework
• ERM Structure
o Clear roles, responsibilities, and accountabilities
o Cohesive, integrated and working together
o Proper allocation of resources (e.g., people, systems, processes)
o Appropriate structure for:
o Strategy setting and oversight
o Implementation
o Coordination
o Assurance
For each Module, there will be a discussion of Internal Audit’s role with focus on the:
❖ Relevant Provisions in the Risk Management Manual
❖ Relevant Provisions in the Audit Procedures Guide of the Internal Audit Manual
➢ Sample procedures for assurance engagements
➢ Sample procedures for advisory engagements
❖ Status, Challenges and Opportunities
➢ Common scenarios, audit issues, findings, and observations
Page 98 of 106
➢ Recommendations to improve the risk management process
Note: The Risk Management Manual and the Audit Procedures Guide are provided as part of
the seminar materials.
MODULE 2: Strategy, Context and Culture
• Organizational Strategy
o Vision, mission, core values, objectives, and strategic plan
o Alignment of the risk management strategy
o Setting of risk appetite or defining risk criteria
o Creation, preservation, and enhancement of the entity’s value
• Context
o External environment
o Internal environment
• Stakeholders
o Identification of external and internal stakeholders
o Stakeholder involvement and analysis
• Culture
o Elements of organizational and risk culture
o Impact of culture on organizational processes and decisions
MODULE 3: Risk Assessment - Risk Identification
• Risk Identification Methodology

o Methods, approaches, and guidelines
o Updates for new, emerging and changing risks, and opportunities
• Risk Inventory
o Risk categories
o Comprehensive profile of risks from entity-level to unit-level
o Risk ownership
MODULE 4: Risk Assessment - Risk Analysis and Evaluation
• Risk Analysis Methodology

o Qualitative and quantitative methods
o Risk severity (impact, likelihood and other factors)
• Risk Evaluation Methodology
o Use of heat map and other tools
Page 99 of 106
o Prioritization of risks
MODULE 5: Risk Response
• Types of Risk Response or Risk Treatment

o Accept, avoid, pursue, reduce, share
o Exploit opportunities
• Considerations in Selecting and Implementing the Risk Response
o Within risk appetite and risk tolerance, achieve stakeholder expectations, aligned
to business context, comply with regulatory obligations, cost-benefit analysis, etc.
MODULE 6: Risk Reporting and Monitoring
• Information, Communication and Reporting

o Data management and information infrastructure
o Communication channels
o Risk reporting methodology
o Reporting structure, mechanism, form, content, and frequency
o Integration with other reports
o Use of dashboard and tools
• Risk Monitoring and Review
o Monitoring scope (all phases of the risk management system)
o Regular update and review of key ERM outputs
o Monitoring and review activities of the Risk Management Committee, risk
management officer, risk champions, other stakeholders, etc.
MODULE 7: Risk Management Assurance
• Risk Management Assurance Providers

o Internal Audit
o Other internal assurance providers
o External assurance providers
• Integrated assurance
MODULE 8: ERM Sustainability
• Development of the ERM Support Platform

o Full integration with the performance management system
o Education and training
o Knowledge management
Page 100 of 106
• Sustaining the Desired Risk Culture
REGISTRATION

button for the seminar on Internal Audit’s Role in the Risk Management Process.
You will be directed to an online Google form. Please fill in your details on the form
and click ‘Submit.’ We will acknowledge your registration as soon as practicable.
https://docs.google.com/forms/d/e/1FAIpQLSe_vXS_IzFUQXFZNU5_Z_UELRDx_VTAi0
CZhY3WQVt3FY8tJg/viewform
details (full name, organization, designation, email address, office and mobile
phone).

also accepted.
Page 101 of 106

• Copy of presentation or powerpoint slides in pdf; or access to google drive
• Templates, worksheets and other references
• Risk Management Manual
• Audit Procedures Guide on assessing risk management (as part of the Internal
Audit Policy and Procedures Manual)
• Post webinar consultation as appropriate
• Delivery Mode:
• 1:30 pm to 5:00 pm per session day
Page 102 of 106

DEVELOPING STANDARDIZED AUDIT WORK
PROGRAM AND TEST TEMPLATES
COURSE DETAILS
Schedule: January 18 and 25, 2025

Duration: Two whole days (with morning and afternoon sessions)
Time:
o 8:00 am to 12:00 noon morning session
o 1:30 pm to 5:00 pm afternoon session
Competency: Internal Audit Delivery; Critical Thinking
Position Level: Internal Auditors, Quality Auditors, Process Owners, Finance and Accounting
Personnel, Risk and Compliance Officers & Other Personnel Handling Control Responsibilities
EMINAR OBJECTIVES
COURSE DESCRIPTION
“Internal auditing is an independent, objective assurance and consulting activity designed to

add value and improve an organization’s operations. It helps an organization accomplish
its objectives by bringing a systematic and disciplined approach to evaluate and improve
the effectiveness of governance, risk management and control processes.”
With this definition, we can establish that an internal audit organization is primarily and
largely focused on core business operations. And most of the time, these core business
operations are already composed of well-established and defined day-to-day processes.
The objective of this course is to help the participants identify these day-to-day processes and
create standardized audit work programs and test templates to effectively and efficiently carry
out internal audit engagements and even periodic controls self-assessment exercises.
SEMINAR OBJECTIVES
At the end of the seminar, the participants will be able to:
• Learn to identify risks/focus areas as it relates to their own organization and business
operations;
Page 103 of 106

• Learn how to create/develop standardized audit work program and test templates
through exercises and examples; and
• Appreciate the advantages of having standardized audit programs and test templates for
recommendation/implementation to their organization.
COURSE OUTLINE
I. Introduction
• A brief review of internal auditing concepts (definition, purpose, importance)
II. Risks
• A discussion of the “risk universe” and how understanding helps define audit focus
areas
▪ Financial risks
o Operating risks
o Compliance risks
III. Understanding the Organization and Business Operations

• A discussion of different types of organizations and key business processes –
including examples and exercises on how to create and document process maps
a. Types of organizations
b. Key business processes
c. Process maps
IV. Developing the Audit Program and Test Templates

• A discussion on how to develop or create standardized audit program and test
templates. Samples for the following processes: Accounting, Accounts Receivable,
Distribution, Selling
I. Accounting
a. Control Objectives
b. Key Attributes and Testing
c. Test of Controls
Page 104 of 106

II. Accounts Receivable
c. Test of Controls
III. Distribution
c. Test of Controls
IV. Selling
c. Test of Controls
V. Workshop
• Participants to develop their own customized audit program and test
templates applicable to the needs of their organization
VI. Self-Assessment
REGISTRATION

button for the seminar on Developing Standardized Audit Work Program and
Test Templates. You will be directed to an online Google form. Please fill in your
details on the form and click ‘Submit.’ We will acknowledge your registration as
soon as practicable.
https://docs.google.com/forms/d/e/1FAIpQLSdpcKOdW6ffOWyd_ovilL6gksEhLcpZU_
NMGxElJDGXK7ahPw/viewform
Page 105 of 106

phone).

online funds transfer (e.g., PesoNet, GCash, Maya, InstaPay, bank wire transfer, etc.).
also accepted.
• Copy of presentation materials and references
• Post-webinar consultation with resource speaker, as applicable
• Delivery Mode:
• Rizza De los Reyes-Cresencio
• 8:00 am to 12:00 noon morning session
• 1:30 pm to 5:00 pm afternoon session
Page 106 of 106

Course Outline - Training For LGU Internal Auditors - 2024

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Course Outline - Training For LGU Internal Auditors - 2024

Uploaded by

Copyright:

Available Formats

Center for Internal Advisory Services Philippines

Face-to-face Training: Makati City

Online Training through Zoom

• Risk-based Internal Auditing for LGUs (15 batches)

• Other LGU Facilities

Schedule: June 3, 4, 5, 6 and 7, 2024

This program will provide a comprehensive, hands-on and systematic approach to

At the end of the program, the participants will be able to:

Module 1: Internal Auditing Foundational Elements

Module 2: Internal Audit Engagements

MODULE 1: Internal Auditing Foundational Elements

II. Developing the Internal Audit Strategic Plan: Overview

III. Establishing the Annual Risk-Based Plan of Engagements

B. Performing the Engagement

D. Closing the Audit Engagement

To register, please consider either of the following options:

FEES AND PAYMENT DETAILS

• Regular Rate - Php 19,600.00 inclusive of VAT

OTHER SEMINAR DETAILS

Delivery Format: Online Training though Zoom

Regular Package Rate: Php 21,560.00 per participant (inclusive of VAT)

This program will provide a comprehensive, hands-on and systematic approach to

At the end of the program, the participants will be able to:

Planning, Performing, Reporting and Monitoring the Individual Audit Engagement

B. THE STRATEGIC PLANNING PROCESS

• Revisit and Understand the Organizational Environment

• Discuss with Stakeholders Their Expectations

• Assess the Current Situation

• Develop Clear Roadmap and Initiatives to Attain the Vision

C. THE RISK-BASED ANNUAL AUDIT PLANNING PROCESS

• Conduct the Risk Assessment

• Establish or Refine the Audit Universe

• Determine Priority Areas to Audit

• Ensure Adequate Resources to Support the Plan

PLANNING, PERFORMING, REPORTING AND MONITORING THE AUDIT ENGAGEMENT

• Overview of the individual audit engagement cycle

• Principles in developing quality internal audit workpaper

G. PLANNING THE ENGAGEMENT

• Audit engagement overview: “The Big Picture”

H. PERFORMING THE ENGAGEMENT

• Performing the engagement considerations

I. COMMUNICATING OR REPORTING RESULTS

• Finalize the audit findings worksheet and audit issues worksheet.

• Writing effective audit issue statements

J. CLOSING THE AUDIT ENGAGEMENT

• Ensure there is evidence of proper supervision throughout the engagement so that

• Establish the follow-up and monitoring system

To register, please consider either of the following options:

• Regular Package Rate - Php 21,560.00 inclusive of VAT

OTHER SEMINAR DETAILS

At the end of the seminar, the participants are expected to:

E. INTERNAL AUDIT MANUAL FRAMEWORK

• Internal Audit Staff: Policies and Procedures

• Internal Audit Management: Policies and Procedures

• Internal Audit Process: Policies and Procedures

F. INTEGRATION AND WRAP UP

To register, please consider either of the following options:

FEES AND PAYMENT DETAILS

• Regular Rate - Php 19,800.00 inclusive of VAT

OTHER SEMINAR DETAILS

Schedule: November 11, 12, 13, 14 and 15, 2024

MODULE 2: IT GENERAL CONTROLS REVIEW

PART 1: Technology Risk Model