2350112 - Engaging in the Audit Process
Course Description
Risk mitigation and management is central to organizational success. A Privacy and Information Management audit is a strategic tool for identifying risk and potential risk. Because of this, privacy and information audits are increasingly recognized as a vital process and effective auditing as a valuable skill set. In this course you will hone your understanding of the audit process and your role within it, including learning and practicing critical skills that will equip you for an audit process.
You will examine internal and external audits, distinguishing between their purposes, and learning the process steps used for a privacy and information audit. You will also learn how to conduct a Strategic Risk Assessment (SRA) and participate in components of a Strategic Enterprise Risk Management (SERM) process.
As well as the mechanics of a privacy and information audit process, the course focuses on how to embrace an audit process as a dynamic tool for engaging organizations in a process of identifying and closing gaps and enhancing operations.
While more broadly applicable, examples from education (e.g., school boards, higher education) and municipalities are utilized. Regardless of your background, you are invited to bring your knowledge and experience to the learning environment.
Learning Outcomes
On successful completion of this course, you will be able to:
1. Explain the similarities, differences, intent, purpose, and value of an internal and external privacy and information audit.
2. Outline the steps involved with a privacy and information audit process.
3. Plan and prepare for a privacy and information audit.
4. Conduct a Strategic Risk Assessment (SRA) to identify risks.
5. Prepare and/or interpret Strategic and Enterprise Risk Management (SERM).
6. Identify what is involved with responding to an information request.
7. Considering the audit findings, develop an action plan to respond to the findings.
8. Maintaining evidence that the necessary controls are in place and operating effectively.
9. Engender authentic engagement in the privacy and information audit process.
10. Demonstrate leadership skills and abilities that support and advance people and work in in the field.
Course Topics
- Audit history
- Internal and external audit similarities, differences, intent, purpose, and values
- Strategic Risk Assessment (SRA): Identifying inherent and residual risks
- Strategic & Enterprise Risk Management (SERM)
- Developing and understanding a risk universe
- Examining risk tolerance
- Planning and preparing for an audit
- Responding to audit information requests
- Audit process
- Roles within an audit
- Audit tips and tools (i.e., approach, questions, wording)
- Audit process flow and workflow
- Audit nonconformances
- Responding to audit findings
- Developing a SMART audit action plan
- Audit report writing
- Maintaining evidence
- Engender authentic engagement in the audit process
- Leadership in an audit process
Applies Towards the Following Certificates
Technical Requirements
You are responsible for ensuring that your computer system meets the necessary system requirements. Use the browser check tool to ensure your browser settings are compatible and up to date (results will be displayed in a new browser window).
*Course details are subject to change.