Oil, Gas and Petrochemical Internal Audit College

Session 1: Setting the scene - internal auditing today

• Understanding the importance of enterprise risk management
• Understand the importance of prioritizing audit results and aligning them with corporate and enterprise risk
• Leading edge trends and top priorities for internal audit
• Class discussion: issues and challenges for IA and for the sector
• Managing the 360 degree perspective of risks & opportunities (reputation, health, safety, environmental, social and ethical risks)

Session 2: Understanding risk management and risk based auditing

• Risk management terminology and the key system components
• An introduction to the principles of risk based internal auditing
• IIA guidance and direction
• The risk maturity framework
• The fundamentals of operational auditing
• Understanding the differences between operational and traditional auditing
• The 6 E's – efficiency, effectiveness, economics, environment, equity and ethics

Session 3: Auditing the Procurement Function

• Procurement strategy
• Identification of the core purchasing activities and control objectives
• Vender selection/pre-qualification
• Tender boards and processes
• Call-off orders
• Segregation of duties controls
• Vendor Vetting
• Weighted Scale Selection Criteria
• Procurement Team Make-up
• What does a kickback look back and what are the effects on various legislation.
• Case study: Sustainable development principles and procurement policy for an oil company.

Session 4: Auditing inventory management

• Setting out the key risks
• The primary audit objectives of existence, title, accuracy and realisable value
• Keys to effective inventory management
• Policies, procedures and management performance
• Using analytical procedures to test inventory
• The importance of the stock count
• Estimating Intangible inventory
• Use of Specialty Vendors to measure inventory

Session 5: Auditing major contracts

• Understanding the different types of contract and audits required
• Differentiating between the various key stages of
• Contract life cycle
• Reviewing generic contract management risks
• Recognising the key areas for fraudulent activity
• Identifying the best time to be involved
• Identifying on how and when to report issues on long term projects

Session 6: Auditing turnaround (shutdown) contracts

• Vender audits
• Emergent work and accruals
• Shutdown maintenance contracts
• Key areas for fraud

Session 7: Auditing governance and ethics

• The importance of the “tone at the top”
• Identifying the ethics & governance framework and Key risks
• IIA guidance on auditing organisational governance
• Ethics, conflicts of interest and corruption
• Illegal information brokers
• Measuring ethical behaviors
• Importance of a fraud hotline
• How far should a fraud hotline be rolled out.
• Managing the fraud hotline

Session 8: Auditing Health, Safety and Environmental Management Systems

• Confirming internal audit's role
• Getting buy-in from the specialists
• Health, safety and environmental strategies
• Adding value: audit's role and sustainability reporting

Session 9: Audit Report Writing

• Thinking about your report from the beginning of fieldwork
• Understanding who your stakeholder's are and what they want from Internal Audit
• Structuring your report
• Structuring audit findings and getting the messages across
• Timing of audit reports and the use of interim reports
• Successful audit findings and management action plans

Session 10: Auditing projects

• What constitutes a project?
• Recognising the differences in roles between the consultant & the auditor
• Determining the key stakeholders, project governance framework and key performance indicators
• Assessing project management, monitoring & control
• Identifying the key risks & opportunities
• Identifying vendor risk and identifying key vendors
• Fraud hot spots and management/correction actions when errors or fraud are detected
• Auditing for Conflicts of Interest

Session 11: Auditing joint ventures

• Understanding the different types of joint ventures agreements and types of audit that may be required
• Establishing communications channels
• Determining the specific contractual arrangements and the extent of audit rights/ defining the boundaries
• Audit clauses for JV agreements
• Identifying sources of information and any potential JV & audit sensitivities
• Reliance of JV audits and information's and the related correlations to internal audit work
• Disclosure of reliance on outside information

Session 12: Auditing Outsourced operations

• The broadening scope of outsourced activities
• The decision to outsource and strategic implications
• The importance of contractual arrangements and performance measurements
• The implications of Sarbanes Oxley & SAS 70s
• Evaluating the key risks
• Managing the audit protocols and any sensitivities