Risk Based Internal Audit

by Jason Mefford

In this best-selling book about risk-based internal audit you will learn …

  • What risk-based internal auditing is and what its not.
  • The Risk-Based Internal Audit Model – only available in this book.
  • Risk management basics.
  • How to transform your internal audit activity to a truly risk-based function.
  • How to develop a risk-based internal audit plan.

More detailed information about the book is included below.

Get Your Whole Team Trained
on Risk-Based Internal Auditing

There are multiple options for bringing this training to your organization, including an option to get each of your auditors certified as Certified Risk Based Internal Auditors (cRBIA), issued by cRisk Academy and accredited by the International Certifications Organization, based on Jason Mefford’s book.

This training shows you how to audit using the Risk-Based Internal Audit Model(TM), developed by Jason Mefford, and only available through his trainings. You will learn how to refine your internal audit approach and help your organization reliably achieve its objectives, the basis for risk-based internal auditing.

Or fill out the in-house training request form, to request an in-house session of the training taught by Mefford Associates.

About The Book

Internal auditors are told they need to develop a risk-based audit plan, but many internal audit activities simply risk rank their audit universe and believe that is risk-based auditing. Another common mistake is to identify risks to audit without ever determining if they are relevant to the organization’s objectives.

Risk-based internal auditing is really about aligning the annual audit plan, and corresponding audit projects and efforts, with the objectives of the organization. This book takes a unique approach to risk-based auditing by incorporating risk management and internal audit concepts to create a new Risk-Based Internal Audit Framework, while still being consistent with internal auditing standards.

The risk-based internal auditing framework shows how internal audit activities can consider the key objectives of their organizations, the strategies utilized to meet those objectives, and what major threats, and corresponding risks, cause uncertainty about whether the organization can meet those objectives. This is the basis of risk-based internal auditing.

The risk-based internal auditing framework includes eight related components: Understand, Identify, Assess, Plan, Perform, Report, Information and Monitor. The main focus of this book is to explain how to approach the Understand, Identify and Assess components of the framework in an innovative way, improving the overall value internal audit can provide to its organization, instead of testing the same internal controls over and over again.

The principles outlined in this book are applicable to all internal audit activities, regardless of geographic location, industry, or type of organization. They can be used in the private or public sector, for profit or non-profit, large or small organizations. The concepts in this book can be used to improve the audit quality in any organization and ensure the internal audit activity is adding value by focusing on helping the organization meet its objectives, not just adding and testing internal controls. It helps the internal audit activity provide much better assurance on what the governance group and management is really concerned about – meeting the organization’s objectives.

This book provides answers and practical how-to information to help internal audit activities take that next step in the evolution of the internal audit profession. It is a must read for any internal auditor.

About The Author

Jason Mefford is a Rock Star in internal audit, risk and complince. He is an internationally acclaimed speaker, trainer and executive coach and is considered the world’s leading expert on risk-based internal auditing. His unique perspective on blending risk management and internal audit concepts has lead to the development of the Risk-Based Internal Audit ModelTM discussed in this book.

Learn more about Jason Mefford at: