How to Assess Risks and Evaluate Controls

Jonnie T. Keith CIA, CFE, CGAP, CICA

Starting at


Buy Now

Learning Objectives

The objective of this webinar is to provide an understanding of:

·Risk and control related definitions

·Relationship between risks and controls

·Control loop

·Broad risk categories

·Types of controls

·Control limitations

·Management responsibility as it relates to risks and controls

·Internal audit as it relates to risks and controls

o   Develop a risk-based annual audit plan

o   Conduct preliminary survey

o   Determine audit objectives

o   Determine audit scope

o   Conduct field work

o   Communicate the results

·  Related IIA Standards

·  Exercises to strengthen knowledge

·  Case Study



One of the primary objectives of every auditor is to assess organizational risks and evaluate the effectiveness of the controls established by management to mitigate those risks. The Institute of Internal Auditors has set forth the standards for auditors to use in accomplishing that objective 


Every organization is set up to accomplish its primary business objective. Whether it is a “for-profit” organization or a “not-for-profit” organization, there is always a primary business objective.  And whenever there is an objective, there is always the risk that the objective will not be achieved. 


Management has the responsibility to assess risks and establish controls to ensure that business objectives are achieved.  Internal Audit has the responsibility to evaluate those controls to determine if they are adequate and effective. 


For the auditor, the process starts with the development of a risk-based annual audit plan to identify the various risk areas.  The risk areas are prioritized and subject to audit based on the high-level risk assessment.  Each area is further subject to a more detailed review of their particular risks and controls.


There are certain Institute of Internal Auditors (IIA) standards that are required in the evaluation and communication of the risk and control assessment.  There are also other resources available to auditors to assist them in their evaluation of risks and controls.


Why You Should Attend

This class is designed to give you the basics for assessing risks and evaluating controls.  We will discuss the responsibilities of management and internal audit as it relates to risks and controls.  We will do a case study to follow the process from beginning to end.  We will also do some exercises to further strengthen your knowledge.


Who Will Benefit:

·Chief Audit Executives

·Audit Directors

·Audit Supervisors

·Audit Managers

·Staff Auditors

·Government Auditors

·Compliance Auditors

·Internal Control Specialists

·Public Accountants

·Accounting Analysts

·Business Analysts

Webinar Events
Live -Coming soon!

Training CD-DVD

Physical CD-DVD of recorded session will be despatched after 72 hrs on completion of payment

Recorded video

Recorded video session

Speaker: Jonnie T. Keith CIA, CFE, CGAP, CICA,

Jonnie Keith has been in auditing over 40 years. He retired in 2012 as the Assistant General Manager (AGM) of Internal Audit with the Metropolitan Atlanta Rapid Transit Authority (MARTA) in Atlanta, Ga. He served in that capacity for over 10 years and was responsible for administering the overall audit activities including: Providing the Board of Directors, the General Manager/CEO (GM/CEO), MARTA Management and appropriate government entities with independent analysis, appraisals, and recommendations concerning operational, information technology, and contract compliance audits; Directing the day-to-day activities for three audit branches: Operational Audit, Information Technology Audit, and Contract Compliance Audit; Developing an annual risk-based audit program consistent with MARTA’s goals and objectives and strategic plan; Deploying audit resources to implement the annual audit plan efficiently and effectively; Reviewing and approving all audit programs for Operational, Information Technology, and Contract Compliance audit activities At this position, he was also responsible for the review and approval of all Internal Audit correspondence including audit reports, executive summaries, internal and external correspondence, etc. Prior to that, he worked at MARTA as the Operational Audit Manager and Senior Contract Compliance Auditor. He also worked at Norfolk Southern Railway (formally Southern Railway) as a senior operational auditor and started his career at the Federal Reserve Bank of Atlanta as a bank examiner. Jonnie Keith received a BA degree in Economics from Clark Atlanta University (formerly Clark College). Certifications include: Certified Internal Auditor (CIA) Certified Fraud Examiner (CFE) Certified Government Auditing Professional (CGAP) Certified Internal Control Auditor (CICA) He has been a volunteer seminar instructor for the National Office of the Institute of Internal Auditors for several years and has taught numerous classes including: Beginning Audit Tools and Techniques Audit Report Writing Communication Skills for Auditors Operational Auditing: Advanced Operational Auditing: Introduction Leadership Skills for Auditors Audit Project Management CIA Review Course He has been married for over 42 years and has two adult daughters and two grandchildren. He and his wife authored the book: Tied Together – The Marriage Trinity.

Follow us

24x7 Direct Number
(315) 632-0735,
(315) 750-4379

Toll Free