Black Friday Offer till Nov 30th ! Unlimited Continuing Education only @$199 ! CLICK HERE to view.

How to Assess Risks and Evaluate Controls

You need to register for the webinar to watch the video.

Click Here to Register

Before starting this self study program, please go through the instructional document.


  • Risk and control related definition
    6 mins
  • The relationship between risk and controls
    16 mins
  • Management's responsibilities as it relates to risks and controls
    35 mins
  • Conduct a preliminary survey of the selected area
    52 mins
  • Examples of audit objectives vs audit program step
    63 mins

Course Description

One of the primary objectives of every auditor is to assess organizational risks and evaluate the effectiveness of the controls established by management to mitigate those risks. The Institute of Internal Auditors has set forth the standards for auditors to use in accomplishing that objective

Every organization is set up to accomplish its primary business objective. Whether it is a “for-profit” organization or a “not-for-profit” organization, there is always a primary business objective.  And whenever there is an objective, there is always the risk that the objective will not be achieved.  

Management has the responsibility to assess risks and establish controls to give reasonable assurance that business objectives are achieved. Internal Audit has the responsibility to evaluate those controls to determine if they are adequate and effective.  

For the auditor, the process starts with the development of a risk-based annual audit plan to identify the various risk areas.  The risk areas are prioritized and subject to audit based on the high-level risk assessment. Each area is further subject to a more detailed review of their particular risks and controls.

There are certain Institute of Internal Auditors (IIA) standards that are required in the evaluation and communication of the risk and control assessment. There are also other resources available to auditors to assist them in their evaluation of risks and controls.

Major topics covered in this audit CPE webinar:

  • Risk and control related definitions
  • Relationship between risks and controls
  • Control loop
  • Broad risk categories
  • Types of controls
  • Control limitations
  • Management responsibility as it relates to risks and controls
  • Internal audit as it relates to risks and controls
  • Related IIA Standards
  • Exercises to strengthen knowledge
  • Case Study

Learning Objectives

  • To discuss the components to develop a risk-based annual audit plan.
  • To determine the preliminary survey process.
  • To determine the audit objectives based on the most significant risks.
  • To evaluate how to determine audit scope.
  • To review how to conduct the fieldwork.
  • To discuss the best practices to communicate the results to management.

Who Should Attend?

  • Auditors
  • Business Owner
  • CEO
  • Certified Management Accountant
  • Certified Public Accountant
  • CPA (Industry)
  • CPA - Mid Size Firm
  • CPA - Small Firm
  • Young CPA