This course provides participants with a practical and integrated understanding of governance, risk management and control (GRC) frameworks and how they collectively support organisational purpose, performance and accountability. This course strengthens participants’ ability to critically assess organisational systems, frameworks and behaviours, and apply this knowledge directly to internal audit planning, fieldwork and reporting.
Participants will explore the principles underpinning GRC frameworks, examine leading global standards, and deepen their capability to evaluate the design, implementation and effectiveness of organisational controls and assurance systems.
Topics covered:
Organisational Purpose
Governance
- Definition and principles of good governance in the corporate environment
- Components of governance frameworks
- Global reference frameworks (e.g., OECD, ASX Corporate Governance Principles, COSO)
- How governance influences risk management, control and assurance
Risk Management
- Definition and purpose of risk management
- Relationship between governance, risk and control
- Reference frameworks (e.g. ISO 31000, COSO ERM)
- Underlying risk management principles
- Assessing risk maturity and organisational risk culture
Control
- Relationship of control to risk response
- Control reference frameworks (e.g. COSO Internal Control Framework)
- Understanding management systems and their components
Assurance and the Role of Internal Audit
- Internal audit’s responsibilities in evaluating governance, risk and control
- Assessing system design, implementation and monitoring
- Applying GRC frameworks to audit planning and engagement execution
Learning Outcomes
By the end of this course, participants will be able to:
- Explain the concepts of governance, risk management and control and how they interrelate
- Identify and interpret leading governance, risk and control frameworks
- Critically reflect on organisational governance and risk maturity
- Assess control frameworks, including design, implementation and operational effectiveness
- Evaluate management systems and their alignment with organisational purpose
- Apply GRC principles to internal audit engagements
- Strengthen assurance planning and reporting through effective use of GRC frameworks
CPE Points: 7
Knowledge Level: All levels
Delivery Format: Facilitator-led training via Zoom (Note: This training program will be delivered in two 4 hour lessons, over two days using Zoom. Registrations will be strictly limited to 15 participants to allow maximum interaction in the online environment.)
IIA-Australia Member: $660.00 AUD
IIA-Australia Non-Member: $795.00 AUD
Teresa Riccio-Goodwin brings a sharp, disciplined lens to Internal Audit and Risk Management. Her career is defined by an ability to look under the hood of an organisation, identify the gears that are grinding, and design the audit and risk programs needed to keep the engine humming. She has spent years ensuring that "best practice" isn't just a buzzword, but a lived reality for the teams she works with.
As a founding Director of Oxford and James, Teresa has over 20 years of experience advising boards and executives on how to achieve strategic objectives by using risk management and internal audit as powerful business tools. Her experience spans the public and private sectors across Australia, Europe, and the United Kingdom.