As if managing your organisation’s own risk profile isn’t challenging enough today, management must concern itself with how every one of their suppliers and vendors addresses risk. That’s right -management are responsible for the risk-related action or inaction of everyone in their service and supply-chain network. How concerned should your organisation be about the dangers of third-party risk today? In short - very concerned.
Third-party risk is the likelihood that your organisation will experience an adverse event (e.g., data breach, operational disruption, reputational damage) when you choose to outsource certain services, contract others to work with you to deliver your services, or use software built by third parties to accomplish certain tasks. Third parties ultimately include any separate business or individual providing software, physical goods, or supplies or services to your organisation.
Third-party risk should be a top-of-mind concern for all organisations today - from global giants to micro-organisations in the private, public and third sectors. If your organisation engages supply-chain partners or outsources anything, third-party risk should certainly be on your internal audit radar. Third-party regular features as a key area of concern in the IIA’s annual Risk in Focus surveys and has recently featured as a new IIA Topical Requirement in its own right.
This course will help you consider how to provide effective, professional insight and internal audit assurance over this increasingly important area, thereby enhancing your organisation’s governance, risk management and control effectiveness and resilience.
Who should attend?
This course has been designed to be relevant to internal auditors, audit managers and chief audit executives from any organisation, and for delegates with varying levels of practical experience. It is of most relevance to those about to embark upon an internal audit of third-party or outsourced partnerships, procurement, contract management and the associated risks, for those who manage audits in this area or for those wishing to stay up to date more generally with topical developments and emerging areas of internal audit interest.
Course program
A blend of theoretical, technical, discursive and practical approaches covering:
- Third-party risk and its strategic relevance to organisations
- The objectives of third-party management and governance
- Audit objectives, risk and controls relating to third parties
- Performance and contract management
- Key internal audit areas of focus and questions
- Challenges and opportunities when auditing third parties
- Links to additional resources
The course includes facilitator input, topical examples, short practical discussions and exercises to reinforce the learning and build upon your existing knowledge.
IIA-Australia Member: $660.00 AUD
IIA-Australia Non-Member: $795.00 AUD
Knowledge level: Intermediate
CPE: 7
Delivery Format: Facilitator-led training via Zoom (Note: This training program will be delivered in two 4- hour lessons, over two days using Zoom. Registrations will be strictly limited to 12 participants to allow maximum interaction in the online environment.)
Facilitator: Mr John Chesshire, CFIIA, QIAL, CRMA, CIA, CISA,
John has over 26 years’ experience working in the internal audit, risk management, business improvement and governance fields. John is a Fellow of the Chartered Institute of Internal Auditors (CIIA) in the UK, an Independent Internal Audit Committee Chair, a member of three other Audit Committees in the international charity, defence and local government sectors, He was Chief Assurance Officer for the States of Guernsey until the start of 2021. John continues to be a practising internal auditor and currently works in a part time capacity as the Chief Audit Executive for a bedpoke international credit ratings agency. Amongst his many other roles.
He has delivered numerous well-received courses for the CIIA, as well as to many other global Institutes of Internal Auditors. His other recent clients include FTSE listed companies, multinationals, financial services, central and local government, law enforcement, charities, professional services companies, and international organisations such as NATO, the OECD, the ACCA, and UN Agencies. He is the Chief Examiner, Chief Chartered by Experience Assessor and EQA reviewer for the CIIA and has been a visiting lecturer in the Governance and Assurance Hub at Birmingham City University.
John loves internal audit, is an enthusiastic advocate for the internal audit profession, and particularly enjoys working in new and emerging areas of assurance interest.