CERM® – Aerospace™ Risk Assurance Domain (1 1/2 Days)

Risk assurance domain introduces participants to risk assurance and auditing  frameworks, principles, and applications including ISO 19011, US Government Auditing Standards, and Institute of Internal Auditor standards.  Risk assurance (Value Added Auditing) follows a 1. Risk based approach; 2. Is compliant and harmonized to critical federal and state statutes; and 3. Can be used to offer a professional opinion and/or attestation.

Learning Objectives

  • Learn how to identify risk and determine when to use a risk based, process approach to conduct an audit to determine SMS other forms of compliance.
  • Learn how to determine which publicly held companies, Federal agencies, and States are requiring risk- based, operational process assessments.
  • Learn how to conduct risk-based audits that comply with federal requirements.
  • Use GAO Yellow Book and IIA Red Book standards to develop risk controls.
  • Apply a step-by-step approach to plan a risk-based audit.
  • Learn how-to conduct a successful risk based audit.
  • Report audit findings and if required issue an opinion.

Domain Outline

Value Added Auditing and Process Fundamentals.

Planning the Value Added Audit.

  • Step 1: Understand audit and business objectives.
  • Step 2: Notify/visit audited.
  • Step 3: Understand auditee’s system, process and product documentation.
  • Step 4: Develop audit plan.
  • Step 5: Develop audit survey.
  • Exercise: Developing a scope of work and audit plan.
  • Casestudy: GAGAS audits.

Conducting the Value Added Audits.

  • Step 1: Assess organizational maturity.
  • Step 2: Assess process capabilities.
  • Step 3: Assess system/process risks.
  • Step 4: Evaluate control effectiveness.
  • Step 5: Assess evidence.
  • Step 6: Issue opinion.
  • Step 7: Conduct exit meeting.
  • Exercise: ‘Plan the work’ and ‘Work the plan.’
  • Exercise: Implement plan for risk-control evaluations.

Reporting Value Added Audit Results.

  • Step 1: Communicate audit results.
  • Step 2: Decide audit report format.
  • Step 3: Correct – Prevent – Predict – Preempt.
  • Step 4: Maintain audit file.
  • Exercise: Report on the audit and results of fieldwork.

Leave a Reply

Your email address will not be published. Required fields are marked *