Chief Internal Auditor Programme for Banking & Financial Services

5 days 24-28 Jul 2017, London UK £4,895.00 + VAT* Download brochure Add to basket
5 days 4-8 Dec 2017, London UK £4,895.00 + VAT* Download brochure Add to basket

* Claim back your VAT
Find out more

Request a different date or location for this course (we regularly add courses following requests).


* Claim back your VAT
Find out more


In recent years, the corporate spotlight has focused increasingly on Chief Internal Auditors and on the impact and influence they and their teams can have. Their personal and professional relationships with their key stakeholders are vital to the reputation of the internal audit function and the support it receives within the organisation. This course will provide the Chief Internal Auditor with practical guidance aimed at enhancing their position and profile within their organisation, as well as the reputation and performance of their team.

The course will enable the Chief Internal Auditor to understand and develop attributes that demonstrate world-class performance, with particular emphasis on teamwork, relationships, innovation and the drive for continuous improvement.

The Chief Internal Auditor and his or her team are seen as key parts of the governance, risk and assurance framework and this course will also help the Chief Internal Auditor leverage the work of other assurance functions so as to present a more coordinated role in reporting to the relevant Board level committees (usually Audit and Risk) on strategic change and its impact on this framework.

The course will also enable Chief Internal Auditors to better deliver against increasingly demanding objectives set by their own management and Audit Committees, and frequently influenced by a wider range of stakeholders such as regulators and professional bodies. The recent guidance from the CIIA to internal audit functions in financial services and the public sector, as well as the newly updated corporate governance code from the Financial Reporting Council are evidence of this.
In particular, the new CIIA Financial Services Code supplements guidance already readily available via the International Standards for Professional Internal Auditing and has implications for Chief Internal Auditors across all industries. Its role in further formalising the authority, positioning and influence of the Chief Internal Auditor, will be explored with a view to optimising its use.

Learning Objectives:

  • Understand how to create the most effective reporting lines and to build efficient channels of communication, both inside and outside the Boardroom
  • Develop and build powerful relationships with all key stakeholders, understanding the levers and buttons which help build maximum impact and credibility within an environment of growing regulation and accountability.
  • Learn how the Chief Internal Auditor (and their team) can leverage the principles of the CIIA code to work effectively across all organisations.
    Hear about and exchange “war stories” from a variety of Audit Committee and executive environments.
  • Develop an approach to reflect the objectives, values and culture of the organisation.
    Understand the skills and resources required to deliver a challenging plan and what does this mean for the shape of the team.
  • Learn how to get the most out of a co-source relationship, recognising the value that Audit Committee chairs now believe this can bring to all internal audit functions.
  • Develop approaches to plan and audit more complex areas such as governance, culture and strategy.

Benefits of attending:

  • You will improve your performance, profile and reputation as a Chief Internal Auditor.
  • You will understand the challenges that new Chief Internal Auditors should expect and you will get practical guidance and real life examples of how to meet them head on.
  • You will develop your skills to communicate better in the Boardroom or in key executive committee meetings, both verbally and through improved reports.
  • You will learn to build a more receptive culture for internal audit.
  • You will learn best practices for enhancing the performance, impact and credibility of your internal audit team.


Who should attend

  • Chief Internal Auditors
  • Heads of Internal Audit
  • Incoming Chief Internal Auditors
  • Future or Aspiring Chief Internal Auditors
  • Risk Management and Compliance Officers


We work with a series of expert instructors, please select the course location of interest to review the credentials of who will be delivering the programme.

David Alexander

The course instructor is a respected Head of Internal Audit with over thirty years’ experience in internal audit and risk management, gained from executive assurance and consulting roles with a range of major organisations.  David has worked as Head of Internal Audit for several large financial services firms, including HSBC, Kleinwort Benson, Coutts, Benfield and Catlin. He has also led a series of co-sourcing and quality assessment assignments during his time at PwC, and held a Senior Management position at Deloitte earlier on in his career.

David has experience having led large and small audit teams; from over 100 staff based in multiple locations around the world, to creating audit and risk teams from scratch.  He has most recently undertaken a series of interim Head of Internal Audit roles; hitting the ground running in situations that needed immediate care and attention.

David currently works as a consultant and trainer on various aspects of assurance.  This includes external quality assessments of internal audit functions and advice on governance and regulatory issues, particularly in financial services.  He is an experienced trainer and presenter on many topical aspects of internal audit, such as integrated assurance, regulation and the relationships with the Audit Committee and the Board.  David is a Chartered Accountant and has worked closely with all the major and mid-tier consulting firms, as well as the Chartered Institute of Internal Auditors, and holds regular dialogue with regulators such as the PRA, the FCA and Lloyd’s of London.


Chief Internal Auditor Programme guest speakers
The first guest speaker – Malcolm Zack has operated in the risk, audit and governance arena for close to 30 years, and was formerly Head of Internal Audit at the Post Office.
A chartered accountant, Malcolm initially trained with large international accounting firms in Toronto and London before embarking on an internal audit and risk management career. He has operated in major UK retail giants including The Burton Group (now Arcadia), Kingfisher plc and Sainsbury’s plc.
He has built and led audit and risk teams in the UK and internationally in technology, distribution, retail, manufacturing, and financial services. Malcolm set up and developed the Operational Review function for Visa Europe, was Group Audit Director with responsibility for audit and risk management for the Brakes Group, Europe’s leading foodservice company and latterly was the Post Office’s first Head of Internal Audit after its separation from Royal Mail.
Malcolm is a Non-Executive Director of East Thames Group, a housing association based in London and Essex, a Fellow of the Institute of Chartered Accountants in England and Wales, and member of the Chartered Institute of Internal Auditors, and a member of its Audit Committee. Malcolm is a past member of the risk advisory board of the Economist Intelligence Unit and of the UK Fraud Advisory Panel.
He holds an MBA from Henley Business School and a BCom from the University of Birmingham.

The second guest speaker – Nicola Rimmer is Past President of the Chartered Institute of Internal Auditors, having held office for two years to November 2014. She is currently a Director at Barclays, responsible for assisting the Managing Director in running the Audit Team and taking a lead role in the strategic direction of the team. She started her internal audit career in 1998 and has worked for various organisations (predominantly in financial services) including Aviva, HBOS, the Medical Defence Union and Friends Life.
She also worked for the Financial Services Authority and spent some time at a professional services firm specialising in governance, risk and control. Nicola attained the MIIA in 2000, and an MSc in Audit Management and Consultancy in 2001. She is currently studying for a PhD at Oxford Brookes Business School focusing on the role and purpose of internal audit, comparing financial and non-financial services. 



Central London Hotel Venue

All courses are held at four or five star venues in Central London, Zone 1. We strive to provide you with a training environment of the highest quality, to ensure that the whole learning experience exceeds your expectations.

Your training venue will be confirmed by one of our course administrators approximately 3-4 weeks before the course start date.

Related Courses



Do you have five or more people interested in attending this course? Do you want to tailor it to meet your company's exact requirements? If you'd like to do either of these, we can bring this course to your company's office. You could even save up to 50% on the cost of sending delegates to a public course.

To find out more about running this course in-house:

Our Tailored Learning Offering

If you want to run this course at a location convenient to you or if you want a completely customised learning solution, we can help.

We produce learning solutions that are completely unique to your business. We'll guide you through the whole process, from the initial consultancy to evaluating the success of the full learning experience. Our learning specialists ensure you get the maximum return on your training investment.

We can offer any of our public courses delivered at your office or we can devise completely tailored solutions:

Read more about our offering or complete a call back request to speak to a learning specialist.



Day 1


Course outline, format of the various days and session, timetable and administration.

Class Discussion and Ice-Breaker:  Introduce the course instructor and the delegates and their backgrounds. Share challenges and experiences as Chief Internal Auditors. Agree and prioritise the course objectives.

The role and position of the Chief Internal Auditor (Part 1)

  • The role of the Chief Internal Auditor and how this is perceived across a range of organisations.
  • The Chief Internal Auditor and access to the Executive Committee, the Audit Committee and the Board.  What challenges does a separate Board Risk Committee introduce?

Class Exercise: List and prioritise all key stakeholder relationships and go through examples of how the Chief Internal Auditor should report in each case.

  • Reporting Lines for the Chief Internal Auditor and how to maintain independence.
    Class Discussion:  Discuss typical corporate structures and where does internal audit feature and report.  For key executive committees, should Chief Internal Auditors be members or attend or just receive papers?
  • Critical information flows?  What management information should the Chief Internal Auditor and his/her team receive and what do you do with it?

Class Exercise: Analyse examples of the management information which is likely to be essential to the effective delivery of the audit plan.

Day 2

The role and position of the Chief Internal Auditor (Part 2)

Independence and Building Relationships:

  • Non-Exec Directors, Executives, Senior Management
  • Visibility at the “top table”
  • Operating within the traditional three lines of defence model:

                   - The first line – senior and executive management
                   - Second Line – Chief Risk Officer (CRO), Compliance, other assurance functions

  • External – external auditors, regulators, co-source partners, professional bodies and peers

Class Discussion: Relationship building – tips and tricks.  Examples of success stories.

Class Discussion:  With an enhanced relationship with the Audit Committee, how does the Chief Internal Auditor avoid being seen as too close to the NEDs?

The CIIA Financial Services Code

The Code concluded that much of the guidance was relevant outside Financial Services.  How has the code affected Chief Internal Auditors and their key stakeholders?

  • Is it guidance or is it required practice?
  • How can the code really improve your role as Chief Internal Auditor?
  • What impact has it had on executive and non-executive directors?

Class Discussion:  Discussion on “the Code”.  How has it changed the role of the Chief Internal Auditor? How valuable is the code outside financial services? How does “the Code” fit with the International Standards?

Case Study: Looking at real life examples of Chief Internal Auditors’ experiences

The Changing shapes of Internal Audit functions

How can the Chief Internal Auditor build the most effective team structure with access to the required breadth and depth of skills and experience – and at the right price?

Class Discussion: Consider the pros and cons of different structures – centralised v decentralised; aligned by geography or line of business; in-house skills or co-source?

  • The substantial growth in co-source arrangements, way beyond the traditional IT audit space
  • Increased range of co-source providers and their skills base.
  • Increased expectations by Audit Committees as to how specialist skills should be accessed.
  • The pros and cons of guest auditors and secondments.
  • Understanding the relative costs to your internal audit budget.

Group Discussion: Internal Audit function staffing and skills requirements to best serve your organisation. 

Case Study:
How does a Chief Internal Auditor best use co-source arrangements?  This will consider the selection process, performance assessment, how well they integrate and how to get the “best bang for your buck”.

Day 3

The Chief Internal Auditor’s role in meeting Professional Standards documentation

This will look at a selection of the key documentation a Chief Internal Auditor must be familiar with and have at your fingertips?

  • Authority – the role of the Internal Audit charter and the Audit Committee charter.
  • Planning – the role of the audit universe, the annual audit plan and the importance of reflecting alignment with the organisation’s risk framework.
  • Fieldwork – the methodology and principles behind sample selection and testing.

Group Discussion: To consider the administration requirements and how to ensure they are a help and not a hindrance or a burden.

  • Reporting – how individual reports and executive and Audit Committee summaries fit together

Group Discussion: To consider the relative merits of what to report, where to report it and who should receive full reports, executive summaries, etc.

  • Follow-up and tracking issues and actions

Grading audit reports and issues

High/Medium/Low? Red/Amber/Green? – join the debate to discuss the pros and cons and how the Chief Internal Auditor must take the lead

Group discussion: Looking at diverse examples of definitions at issue and report level

External Quality Assessments (EQAs)

EQAs are becoming more popular, particularly as regulators are looking for them to be done more frequently (in Financial Services) and as Audit Committees are looking to support their sign off on effectiveness under the Corporate Governance code.  As a Chief Internal Auditor, what should you look out for and how can you influence them?

Case Study: Undertaking an External Quality Assessment – Who does them, how are they structured and what are the most common findings?

How to set up and maintain an effective internal audit Quality Assurance programme

  • How to assess your own team’s effectiveness – and your own effectiveness.
  • The benefits and pitfalls of feedback forms and peer reviews.

State of the internal audit profession in 2015

  • Understanding what the major global consulting firms are saying/predicting
  • Sources of guidance from within your industry
  • Use guidance from other professional bodies (CIIA, COSO, IRM, ISACA, ICAEW)

Global hot spots for internal audit in 2015/2016

Audit Committee priorities

Guest Speaker Presentation by Malcolm Zack, formerly Head of Internal Audit at the Post Office

Malcolm Zack has operated in the risk, audit and governance arena for close to 30 years. Malcolm set up and developed the Operational Review function for Visa Europe, was Group Audit Director with responsibility for audit and risk management for the Brakes Group, Europe’s leading foodservice company and latterly was the Post Office’s first Head of Internal Audit after its separation from Royal Mail.

Day 4

How to audit complex areas, such as governance, culture and strategy?

All audits conducted should include aspects of governance and risk and control culture within their scope.  In addition, there may be an opportunity to carry out overarching organisation-wide reviews of governance and/or culture. 

Group Discussion: Key principles of how to perform these types of reviews and what guidance is readily available.

Case Study: The audit of governance.

Attributes of a World Class Internal Audit function

  • Definition of “world class” and how it can be applied to internal audit
  • Examples of applying guidance from the experts; e.g. Kobayashi, Drennan & Pennington
  • Understanding the key capabilities that distinguish world class internal audit
  • Performance; particularly strategic service, process productivity, stakeholder satisfaction, strategic alignment and reporting for impact
  • “World class” vs “best in class” – Where should internal audit aim?
  • Use of balanced scorecards and other key performance indicators (KPIs) to measure performance

Group Discussion: Covering a range of examples of measures and KPIs and their relative advantages and disadvantages. Includes a Case Study to review and critique a sample internal audit MI pack.

Guest Speaker Presentation by Nicola Rimmer, Internal Audit Director at Barclays and a past President of the Chartered Institute of Internal Auditors

Nicola Rimmer is Past President of the Chartered Institute of Internal Auditors, having held office for two years to November 2014. She is currently a Director at Barclays, responsible for assisting the Managing Director in running the Audit Team and taking a lead role in the strategic direction of the team.

The updated FRC Corporate Governance code – What does it mean for the Chief Internal Auditor?

The latest update (September 2014) by the Financial Reporting Council (FRC) puts pressure on boards to enhance disclosure in their annual report and focuses on two areas of particular interest for Chief Internal Auditors:

  • Companies should robustly assess their principal risks and explain how they are being managed or mitigated
  • Companies should monitor their risk management and internal control systems and, at least annually, carry out a review of their effectiveness, and report on that review in the annual report.

Group Discussion: Understanding the enhanced impact that the code is having on the scope and nature of reporting by the Chief Internal Auditor to the Audit Committee and the Board as a result of the updated code.

Thematic Audit Reporting

Building on the Group Discussion on Day 3, this session covers how to best identify themes and how to best present them at individual audit level and to the Audit Committee and the Board.

Writing for Impact – tips and tricks for quicker and more impactful reporting

Case Study: Understanding how “the Audit Report can be the greatest barrier to getting things fixed”

Day 5

Managing the internal audit function across multiple locations

  • Managing the challenges of teams or individuals based overseas or elsewhere in the UK
  • Aligning with the organisation’s matrix reporting where possible; by geography, by line of business or by legal entity
  • Strategies to deal with different languages, cultures and jurisdictional regulations

Auditing Projects

  • An insight to the world of project management and the challenge of auditing projects in-flight.
  • Understanding the Chief Internal Auditor’s critical role in major projects and initiatives that are key to organisation’s objectives.
  • Understanding project language and how to use the project infrastructure to challenge, report and escalate issues.  Benefits and pitfalls of being involved early.  Avoiding being asked to “sign off”.  The role of post mortems and how to go about them.

Case Study: Using a real life example of a major systems implementation, some typical issues and challenges and an innovative reporting template which can fit multiple projects.

Building a more efficient internal audit function

Management and the Board frequently look for more and ideally without increasing long term costs. There are an increasing range of tried and tested techniques and systems in place to help deliver these efficiencies. These include:

  • Continuous auditing
  • Data Analytics
  • Integrated Assurance and the use of Assurance Maps
  • Internal Audit administrative and working paper systems
  • Control Risk Self-Assessment
  • Risk & Control workshops

Group Discussion: Each of these techniques and systems are often the subject of a full day course. The Group discussion will therefore focus on examples and the extent to which these are operating within the delegates’ own organisations.

Case Study: To review, critique and redesign an assurance map


Summary of main areas covered throughout the programme
Questions and aspects for further discussion
Course Evaluation by participants and close

Why us

We have a combined experience of over 60 years providing learning solutions to the world’s major organisations and are privileged to have contributed to their success. We view our clients as partners and focus on understanding the needs of each organisation we work with to tailor learning solutions to specific requirements.

We are proud of our record of customer satisfaction. Here is why you should choose us to help you achieve your goals and accelerate your career:

  • Quality – our clients consistently rate our performance ‘excellent’ or ‘outstanding’. Our average overall score awarded to us by our clients is nine out of ten.
  • Track record – we have delivered training solutions for 95% of worlds’ top 100 banks and have trained over 250,000 professionals.
  • Knowledge – our 150 strong team of industry specialist trainers are world leading financial leaders and commentators, ensuring our knowledge base is second to none.
  • Reliability – if we promise it, we deliver it. We have delivered over 20,000 events both in person and online, using simultaneous translation to delegates from over 180 countries.
  • Recognition – we are accredited by the British Accreditation Council and the CPD Certification Service. In an independent review by Feefo we scored 96% on service and 95% on product