Chief Internal Auditor Programme for Banking & Financial Services

5 days 3-7 Dec 2018, London UK £4,995.00 + VAT* Download brochure Add to basket

* Claim back your VAT
Find out more

Request a different date or location for this course (we regularly add courses following requests).


* Claim back your VAT
Find out more


“A very interactive course where ideas are shared by all participants, simply great learning” Head of Internal Audit, Ecobank

“The trainer is highly experienced, with a diverse background” – Chief Internal Auditor, Habib Bank Limited


In recent years, the corporate spotlight has focused increasingly on Chief Internal Auditors and on the impact and influence they and their teams can have. Their personal and professional relationships with their key stakeholders are vital to the reputation of the internal audit function and the support it receives within the organisation. This course will provide the Chief Internal Auditor with practical guidance aimed at enhancing their position and profile within their organisation, as well as the reputation and performance of their team.

The course will enable the Chief Internal Auditor to understand and develop attributes that demonstrate world-class performance, with particular emphasis on teamwork, relationships, innovation and the drive for continuous improvement.

The Chief Internal Auditor and his or her team are seen as key parts of the governance, risk and assurance framework and this course will also help the Chief Internal Auditor leverage the work of other assurance functions so as to present a more coordinated role in reporting to the relevant Board level committees (usually Audit and Risk) on strategic change and its impact on this framework.

The course will also enable Chief Internal Auditors to better deliver against increasingly demanding objectives set by their own management and Audit Committees, and frequently influenced by a wider range of stakeholders such as regulators and professional bodies. The recent guidance from the CIIA to internal audit functions in financial services and the public sector, as well as the newly updated corporate governance code from the Financial Reporting Council are evidence of this.
In particular, the new CIIA Financial Services Code supplements guidance already readily available via the International Standards for Professional Internal Auditing and has implications for Chief Internal Auditors across all industries. Its role in further formalising the authority, positioning and influence of the Chief Internal Auditor, will be explored with a view to optimising its use.

Learning Objectives:

  • Understand how to create the most effective reporting lines and to build efficient channels of communication, both inside and outside the Boardroom
  • Develop and build powerful relationships with all key stakeholders, understanding the levers and buttons which help build maximum impact and credibility within an environment of growing regulation and accountability.
  • Learn how the Chief Internal Auditor (and their team) can leverage the principles of the CIIA code to work effectively across all organisations.
    Hear about and exchange “war stories” from a variety of Audit Committee and executive environments.
  • Develop an approach to reflect the objectives, values and culture of the organisation.
    Understand the skills and resources required to deliver a challenging plan and what does this mean for the shape of the team.
  • Learn how to get the most out of a co-source relationship, recognising the value that Audit Committee chairs now believe this can bring to all internal audit functions.
  • Develop approaches to plan and audit more complex areas such as governance, culture and strategy.

Benefits of attending:

  • You will improve your performance, profile and reputation as a Chief Internal Auditor.
  • You will understand the challenges that new Chief Internal Auditors should expect and you will get practical guidance and real life examples of how to meet them head on.
  • You will develop your skills to communicate better in the Boardroom or in key executive committee meetings, both verbally and through improved reports.
  • You will learn to build a more receptive culture for internal audit.
  • You will learn best practices for enhancing the performance, impact and credibility of your internal audit team.



We work with a series of expert instructors, please select the course location of interest to review the credentials of who will be delivering the programme.

David Alexander

The course instructor is a respected Head of Internal Audit with over thirty years’ experience in internal audit and risk management, gained from executive assurance and consulting roles with a range of major organisations.  David has worked as Head of Internal Audit for several large financial services firms, including HSBC, Kleinwort Benson, Coutts, Benfield and Catlin. He has also led a series of co-sourcing and quality assessment assignments during his time at PwC, and held a Senior Management position at Deloitte earlier on in his career.

David has experience having led large and small audit teams; from over 100 staff based in multiple locations around the world, to creating audit and risk teams from scratch.  He has most recently undertaken a series of interim Head of Internal Audit roles; hitting the ground running in situations that needed immediate care and attention.

David currently works as a consultant and trainer on various aspects of assurance.  This includes external quality assessments of internal audit functions and advice on governance and regulatory issues, particularly in financial services.  He is an experienced trainer and presenter on many topical aspects of internal audit, such as integrated assurance, regulation and the relationships with the Audit Committee and the Board.  David is a Chartered Accountant and has worked closely with all the major and mid-tier consulting firms, as well as the Chartered Institute of Internal Auditors, and holds regular dialogue with regulators such as the PRA, the FCA and Lloyd’s of London.


Malcolm Himsworth

Guest speaker to the course:
Malcolm Himsworth is a very experienced former Head of Internal Audit with a background that has also covered Compliance and Anti Money Laundering. Malcolm’s impressive range of Head of IA roles have included British Arab Commercial Bank, Royal Bank of Scotland, NatWest, Barclays, Derbyshire Building Society and National Australia Bank.
He was also Group Director, Anti Money Laundering for Barclays and Compliance Director for Willis, the global insurance broker.
Malcolm also undertakes interim and consulting assignments and his clients have included Abbey National, Norwich Union, Resolution plc and Barclaycard. Malcolm is now extending his career path to include NED roles and is currently a member of the Audit Committee for CAF Bank.



Central London Hotel Venue

All courses are held at four or five star venues in Central London, Zone 1. We strive to provide you with a training environment of the highest quality, to ensure that the whole learning experience exceeds your expectations.

Your training venue will be confirmed by one of our course administrators approximately 3-4 weeks before the course start date. If you need help booking accommodation for your visit to our training courses, please contact and one of our partners will help you get the best rate possible.

Related Courses



Do you have five or more people interested in attending this course? Do you want to tailor it to meet your company's exact requirements? If you'd like to do either of these, we can bring this course to your company's office. You could even save up to 50% on the cost of sending delegates to a public course.

To find out more about running this course in-house:

Our Tailored Learning Offering

If you want to run this course at a location convenient to you or if you want a completely customised learning solution, we can help.

We produce learning solutions that are completely unique to your business. We'll guide you through the whole process, from the initial consultancy to evaluating the success of the full learning experience. Our learning specialists ensure you get the maximum return on your training investment.


We can offer any of our public courses delivered at your office or we can devise completely tailored solutions:

Read more about our offering or complete a call back request to speak to a learning specialist.



Day 1

Course outline, format of the various days and session, timetable and administration.

Class Discussion and Ice-Breaker:  Introduce the course instructor and the delegates and their backgrounds. Share challenges and experiences as Chief Internal Auditors.

Outline course programme.  Agree and prioritise the course objectives.

The role and position of the Chief Internal Auditor (Part 1)

  • The role of the Chief Internal Auditor and how this is perceived across a range of organisations.   Example Role Profiles
  • The CIA and access to the Executive Committee, the Audit Committee and the Board.  What challenges does a separate Board Risk Committee introduce?

Class Exercise: List and prioritise all key stakeholder relationships and go through examples of how (or whether) the Chief Internal Auditor should report in each case.  

Reporting Lines for the Chief Internal Auditor and how to maintain independence.

Class Discussion:  Discuss typical FS corporate structures and where does internal audit feature and report.  For key executive committees, should Chief Internal Auditors attend or just receive (or present) papers?

The Chief Internal Auditor’s role in meeting Professional Standards documentation: Key documentation a Chief Internal Auditor must be familiar with and have at your fingertips?

  • Authority – the role of the IA charter and the Audit Committee charter.
  • Planning – the role of the audit universe, the annual audit plan and the importance of reflecting alignment with the organisation’s own risk framework.
  • Fieldwork – the methodology and principles behind sample selection and testing.

Example IA Charters (IA lines) and Audit Committee Terms of Reference (IA focus)

Group Discussion: To consider the administration requirements and how to ensure they are a help and not a hindrance or a burden.

Audit Planning, the Audit Universe and other Critical information?  What is the CIA role in audit planning and what management information (MI) should the Chief Internal Auditor and his/her team receive and what do you do with it?

Class Exercise: Analyse examples of the MI which is likely to be essential to the effective delivery of the audit plan.

  • Important/”Nice to have”/On request?
  • What do you see at your organisations?
  • Consider internal and external/industry sources of MI 

Day 2

Recap Day 1 – Roles, Position, Stakeholders, Critical MI, Sound bites

The role and position of the Chief Internal Auditor (Part 2)

  • Independence and Building Relationships:
  • Non-Executive Directors (NEDs), Executives, Senior Management
  • Visibility at the “top table” and the relationship with the Audit & Risk Committees
  • Operating within the traditional three lines of defence model
  • Other lines of defence – e.g. How to build on the role of the 1½ line?  Should external auditors and regulators be seen in 4th and 5th line roles?
  • Co-source partners, professional bodies and peers

Class Discussion: Relationship building – tips and tricks.  Examples of success stories + failures.

Class Discussion:  With an enhanced relationship with the Audit Committee, how does the Chief Internal Auditor avoid being seen as too close to the NEDs?

The IPPF and the Standards
The relevance of the Standards and the changes in July 2015 and October 2016 and what they mean for CIAs.

The CIIA Financial Services Code (2013 and the 2017 update)
In the UK, how has the “FS Code” affected Chief Internal Auditors and their key stakeholders?

  • Is it guidance or is it required practice?
  • How can the code really improve your role as Chief Internal Auditor?
  • What impact has it had on executive and non-executive directors?

Class Discussion:  Discussion on “the Code”.  How has it changed the role of the Chief Internal Auditor? How valuable is the code outside the UK? Fit with IPPF/Standards?
Case Study: Looking at real life examples of Chief Internal Auditors’ experiences with the code

The Changing shapes of Internal Audit functions
How can the Chief Internal Auditor build the most effective team structure with access to the required breadth and depth of skills and experience – and at the right price?

Class Discussion: Consider the pros and cons of different structures – centralised v decentralised; aligned by geography or line of business; in-house skills or co-source?

  • Substantial growth in co-source arrangements, way beyond traditional IT audit space
  • Increased range of co-source providers and their skills base.
  • Increased expectations by Audit Committees as to how to access & use specialist skills.
  • The pros and cons of guest auditors and secondments.
  • Understanding the relative costs to your internal audit budget.

Group Discussion: IA function staffing and skills requirements to best serve your organisation.
Case Study: How can CIAs best use co-source arrangements? Consider the selection process, performance assessment, team integration and how to get the “best bang for your buck”.

Day 3

Recap Day 2
Attributes of a World Class Internal Audit function

  • Definition of “world class” and how it can be applied to internal audit
  • Examples of applying “guidance” from experts; e.g. Kobayashi, Drennan & Pennington
  • Views of IIA/Firms/IA evangelists
  • Understanding the key capabilities that distinguish world class internal audit
  • Performance; particularly process productivity, stakeholder satisfaction, strategic alignment and reporting for impact
  • Use of balanced scorecards and other KPIs to measure performance

Group Discussion: Covering a range of examples of measures/KPIs and their relative advantages and disadvantages.

Case Study  to review and critique a sample internal audit MI pack.

Class discussion: Where are you on the maturity scale?  Examples of good practice. Best opportunities for early quick wins?

External Quality Assessments (EQAs)
EQAs are becoming more popular, particularly as standards require them to be performed every 5 years and regulators are looking for them to be done more frequently (in Financial Services). Audit Committees are looking to support their sign off on effectiveness under the Corporate Governance code.  As a Chief Internal Auditor, what should you look out for and how can you influence them?

Case Study: Undertaking an External Quality Assessment – Who does them, how are they structured and learning from the most common findings.

How a CIA should set up and maintain an effective internal audit Quality Assurance & Improvement programme?

  • How to assess your own team’s effectiveness – and your own effectiveness.
  • The benefits and pitfalls of feedback forms and (internal) peer reviews.

State of the internal audit profession in 2016

  • Understanding what the major global consulting firms are saying/predicting
  • Sources of guidance from within your industry
  • Use guidance from other professional bodies (CIIA, COSO, IRM, ISACA, ICAEW)

Global hot spots for internal audit in 2017

  • Including key areas such as Culture, Conduct and Cyber

Audit Committee priorities
Guest Speaker – Malcolm Himsworth, formerly HIA at British Arab Commercial Bank and the Derbyshire Building Society and Audit Committee member for CAF Bank.

Day 4

Recap Day 3
Audit Reporting
Writing for Impact – tips and tricks for quicker and more impactful reporting.
How best to identify themes and present them at exec and Audit Committee level.
How to build and present opinions – and how to balance exec and Board’s expectations.

Case Study: How the Audit Report can (at times) “be the greatest barrier to getting things fixed” – review and discuss a sample of real audit reports and Committee papers.

Group Discussion: To consider the relative merits of what to report, where to report it and who should receive full reports, executive summaries, etc.

Action Tracking – follow-up and tracking of issues, actions and, most importantly, outcomes

Grading audit reports and issues - High/Medium/Low? Red/Amber/Green? – join the debate to discuss the pros and cons and how the Chief Internal Auditor must take the lead

Group discussion: Looking at diverse examples of definitions at issue and report level

How to audit complex areas, such as governance, culture and strategy?
All audits conducted should include aspects of governance and risk and control culture within their scope.  In addition, there may be opportunities to carry out overarching organisation-wide reviews of governance and/or culture.

Group Discussion: Key principles of how to perform these types of reviews and what guidance is readily available.

Case Study: How to approach the audit of governance.

The updated UK FRC Corporate Governance code – What does it mean for the CIA?
In the UK, the latest relevant updates (Sept 2014 and April 2016) by the Financial Reporting Council (FRC) put pressure on boards to enhance disclosure in their annual report and focuses on two areas of particular interest for CIAs:

  • Companies should robustly assess principal risks and how they are being mitigated
  • Companies should monitor their risk management and internal control systems and, at least annually, carry out a review of their effectiveness, and report on that review.

Group Discussion: Understanding the enhanced impact that the code has had on the scope and nature of reporting by the Chief Internal Auditor to the Audit Committee and the Board as a result of the updated code.  Early feedback/examples and assess the impact outside the UK.

Day 5

Recap Day 4

Auditing Change Projects

  • An insight to the world of change management and the challenge of auditing change projects in-flight.
  • Understanding the CIA’s critical role in major projects and initiatives that are key to organisation’s objectives.
  • Understanding project language and how to use the project infrastructure to challenge, report and escalate issues. Benefits and pitfalls of being involved early. Avoiding being asked to “sign off”. The role of post mortems & how to go about them.

Case Study: Using a real life example of a major systems implementation, some typical issues and challenges and an innovative reporting approach which can fit multiple projects.

Building a more effective and efficient internal audit function
Management and the Board frequently look for more and ideally without increasing long term costs. There are an increasing range of tried and tested techniques and systems in place to help deliver these efficiencies. These are not new but are still not common and include:

  • Continuous auditing
  • Data Analytics
  • Combined Assurance and the use of Assurance Maps
  • Control Risk Self-Assessment
  • Risk & Control workshops

Group Discussion: Each of these techniques and systems can be the subject of more extensive courses. The Group discussion will therefore focus on a selection of relevant examples and the extent to which these are operating or could be introduced within the delegates’ own firms.
We will also look at the key sources of guidance and how to keep up to date with developments in these important initiatives.

Case Study: To review, critique and help redesign an assurance map


  • Summary of main areas covered throughout the programme
  • Review course objectives
  • Questions and aspects for further discussion
  • Next steps
  • Course Evaluation by participants and close.
Why us

We have a combined experience of over 60 years providing learning solutions to the world’s major organisations and are privileged to have contributed to their success. We view our clients as partners and focus on understanding the needs of each organisation we work with to tailor learning solutions to specific requirements.

We are proud of our record of customer satisfaction. Here is why you should choose us to help you achieve your goals and accelerate your career:

  • Quality – our clients consistently rate our performance ‘excellent’ or ‘outstanding’. Our average overall score awarded to us by our clients is nine out of ten.
  • Track record – we have delivered training solutions for 95% of worlds’ top 100 banks and have trained over 250,000 professionals.
  • Knowledge – our 150 strong team of industry specialist trainers are world leading financial leaders and commentators, ensuring our knowledge base is second to none.
  • Reliability – if we promise it, we deliver it. We have delivered over 20,000 events both in person and online, using simultaneous translation to delegates from over 180 countries.
  • Recognition – we are accredited by the British Accreditation Council and the CPD Certification Service. In an independent review by Feefo we scored 96% on service and 95% on product