Risk Based Internal Auditing (RBIA) is a audit methodology that links an organisation's overall risk management framework and allows internal audit function to provide assurance to the board that risk management processes effectively, in line with risk appetite define by the Bank.
The Basel Core Principle for Effective Banking Supervision, and Basel/OECD Corporate Governance Principles of Banks requires the internal audit function to conduct the RBIA.
Principle 26: Internal control and audit of Basel Core Principle for Effective Banking Supervision requires the supervisor to determine that the banks have adequate internal control frameworks establish and maintain a properly controlled operating environment for the conduct of the business taking into account their risk profile into account.
Principle 10: Internal Audit of Basel Corporate Governance Principles of Banks states that the internal audit functions should provide independent assurance (on the quality and effectiveness of a bank’s internal control, risk management and governance system and processes) to the board and should support board and senior management in promoting an effective governance process and the long term soundness of the bank.
The responsibility of the Board section of G20/OECD Principles of Corporate Governance requires the Board of Directors to ensure the integrity of the corporation’s accounting and financial reporting systems, including the independent audit and that appropriate systems of control are in place, in particular, systems for risk management, financial and operational control, and compliance with the law and relevant standards.
Risk Management Guidelines issued by Nepal Rastra Bank states that a sound risk management system should have a Comprehensive Internal Controls and an effective risk management framework should have a mechanism to ensure an ongoing review of systems, policies and procedures for risk management and procedure to adopt changes.
Further, Nepal Rastra Bank has developed Risk Based Supervision Manual and moved towards conducting risk based supervision of commercial banks from this fiscal year.
Notably, transaction based audit approach in BFI’s is based in practice than RBIA which takes process compliance into account rather than risks assessment and its possible impacts.
Therefore, this one day training has been designed in such a way that following jobs could be done in line with RBIA:
* Planning of Audit
* Execution of Audit Plan
* Submission of Audit results
* Execution of Audit Recommendation