Internal Audit (IA) functions in the Gulf Cooperation Council (GCC) continue to bring value to their organizations by delivering consulting and assurance activities to address essential risks.

With the backdrop of the broader economic and social challenges presented by the global pandemic, the expectations of the IA function continue to grow. For the function to adapt to a changing risk landscape, it needs to be agile in all aspects of the audit approach. The audit plan needs to be flexible at times, and the methodology and audit approach adapted to a remote working environment.

A practical and sound risk-based IA plan is one of the most critical components for determining IA’s success as a value-adding and strategic business partner. According to the Institute of Internal Auditors (IIA) Standard 2010 – Planning, the chief audit executive (CAE) must establish a riskbased plan to determine the priorities of the IA activity, consistent with the organization’s goals.

This publication aims at assisting CAEs during their annual audit planning process. It should help your IA function consider a broad range of emerging key risks that may impact your organization in 2022.

To allow for a comprehensive strategic assessment, it is vital to profoundly understand the underlying risk drivers and the potential consequences or impact on the organization.

Once critical risks have been established, this report provides further insight on how the IA should tackle them, how it can help the organization during an audit, and what the required crucial skillsets and expertise are to ensure an effective, efficient, and value-adding outcome by your IA team.

We hope it will provoke thought and facilitate discussion. If you would like to explore further the topics covered within this report, please contact us.

Contact us